SecTor 2014 Oct. 20, 2014 to Oct. 22, 2014, toronto,canada

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
$#!T My Industry Says. . . Kellman Meghu The Security Industry says a lot of ‘stuff’ about a lot of things, and most ...
New Era Risk Management: Using Information to Predict, Understand and Mitigate Organizational Threats Ray Boisvert Risk is unavoidable, whether your organization is operating domestically or is interconnected globally. Which threats—from ...
The Connected Car: Security Throwback Chris Valasek What, the car got hacked - how? We all take for granted technology we use ...
The Extinction of Trust Felix 'fx' Lindner Nation State Actors in the so-called "cyber domain" are nothing new. But what a little ...
ALL YOUR MACS ARE BELONG TO US Christopher Elisan Attackers have already set their sights on Mac. They have been thinking of and finding ...
Attrition Forensics, Digital Forensics For When the Going Gets Tough and the Stakes Are High Troy Larson Investigating a suspected computer compromise or intrusion can be difficult. In a sense, that is ...
Corporation in The Middle Lee Brotherston My ISP was deliberately MiTM'd my connection. This talk discusses how they did it, how ...
Cybercrime 101 Christopher E. Pogue Cybercrime continues to rise. While many businesses are improving their overall security posture using GRC ...
Demystifying the mobile network Chuck Mcauley We all have smart phones in our pockets these days allowing high speed network access ...
Document Tracking for Fun, Insight, and Profit Roy Firestein Microsoft Office documents are ubiquitous in the corporate environment. We have found that being able ...
Elevator Hacking: From the Pit to the Penthouse Deviant Ollam , Howard Payne Throughout the history of hacker culture, elevators have played a key role. From the mystique ...
Hide it with encryption, display it with performance Brandon Niemczyk , Prasad Rao A network protocol has performance requirements. In order to address these requirements, many implementations will ...
How'd That End Up On Pastebin? Ryan Linn Defenders are at a huge disadvantage, often investigating compromise with educated guesses based on theoretical ...
Hunting Malware on Linux Production Servers: The Windigo Backstory Olivier Bilodeau Operation Windigo is a large server-side malware campaign that targets Unix systems (BSD, Linux, etc.). ...
KickaaS Security with DevOps and Cloud Rich Mogull Think DevOps and cloud reduce your security? Think again. In this session we will dive ... IncludeThinkstScapes
Mobile Fail: Cracking Open “Secure” Android Containers Chris john Riley We've known for some time that physical access to a device means game over. In ...
Pentesting in SDN - Owning the controllers Roberto Soares SDN (Software Defined Network) has attracted the attention of many technology giants from various segments ...
Play Flappy Bird while you pentest Android in style Chris Liu , Matthew Lionetti Doesn’t it bother you that you have to give up all your mobility when penetration ...
POS Malware Evolved Josh Grunzweig Over the past decade, point of sale (PoS) systems have been plagued by both attacks ...
Predictions Panel Bruce Cowper Ever wonder what the next big information security threat will be? So do we… and ...
Reverse Engineering a Web Application - For Fun, Behavior & WAF Development Rodrigo Montoro , Daniel Cid Screening HTTP traffic can be something really tricky and attacks to applications are becoming increasingly ...
Stay Out of the Kitchen: A DLP Security Bake-off Zach Lanier Despite a plethora of data security and protection standards and certifications, companies and their systems ... IncludeThinkstScapes
The Internet of Fails: Where IoT Has Gone Wrong and How We're Making It Right Zach Lanier , Mark Stanislav This presentation will dive into research, outcomes, and recommendations regarding information security for the "Internet ...
The Latest Changes to SAP Security Landscape Alexander mikhailovich Polyakov The world of SAP deployments continues to evolve and certainly one of the big additions ...
Unmasking Careto through Memory Analysis Andrew Case In early 2014 Kaspersky Labs reported on an extremely advanced malware sample that was used ...
Asymmetry in Network Attack and Defense William Peteroy William will dive in to the fundamental tools and resources needed by network attackers and ...
FAIL Panel Again! Third time’s the charm James Arlen , Ben Sapiro , Dave Lewis The ugly bastard child of the ugly bastard child of FAIL Panel, in its 3rd ...
Human Metrics - Measuring Behavior Lance Spitzner The human element is one of the weakest links, as a result your employees are ...
Quantitative Risk Analysis and Information Security: An OpenFair Case Study from BMO Laura Payne Risk analysis – nobody wants to do it, but everybody wants the answer when it’s ...
Re-Thinking Security Operations Mike Lecky , Dave Millier Do your security solutions deliver effective coverage against the challenging new threat environment? The threat ...
Scaling Security in Agile Scrum Chris Eng Agile Scrum is here to stay, and security teams aren’t adapting quickly enough. “Best-practice” Agile ...
Security Awareness Has Failed: A Suggested New Approach! Francois Van Heerden For over 30 years, the security community mantra has been to deliver annual or regular ...
Covering my IaaS: Security and Extending the Datacenter Brian Bourne , Tadd Axon It might still be “early days”, but cloud based infrastructure-as-a-service (IaaS) offerings are maturing fast ...
Identity in the Age of the Cloud Madhu Mahadevan Organizations have traditionally enforced access to various services, applications, resources by establishing a person's identity. ...
Pulling back the covers on credit card fraud: A detailed look at financial fraudware. Chester Wisniewski Credit card theft has dominated the information security headlines recently and for good reason. This ...
So, you want to be a pentester? Heather Pilkington This presentation is designed to provide practical career advice to aspiring penetration testers, or those ...
Stupid is as Stupid Does - The Good, The Bad and The Idiots Chris Pogue , Grayson Lenik How Hackers get caught Everyone sees the daily stories about hackers stealing personal data and ...
The Things You See (and Application Scanners Won’t) Chuck Ben-tzur Application scanners are a very common tool often used by security professionals to identify vulnerabilities ...
What's Behind "Big Data" and "Behavioral Analytics" Stephan Jou “Big Data” and “Behavioral Analytics” are the latest hot terms in threat detection, but what ...
4 Undeniable Truths about Advanced Threat Protection Patrick Vandenberg Are you prepared for the next attack targeting your organization? Multi-faceted, persistent threats continue to ...
A New Way to Look at Endpoint Security - IT’s Job in a Connected World Claudio Damaso , Alex Binotto Session 1: The Evolving Adversary Calls for a New Way to Look at Endpoint Security ...
Anatomy of a Credit Card Stealing POS Malware Amol Sarwate Credit card payment processing and point-of-sale (POS) systems are like a black box for most ...
Casting Light on a Dark Web Aamir Lakhani We cannot afford to wait for the adversary to make their move first, nor can ...
Check Point Compliance Software Solutions “Your Second Set of Eyes” Scott Tripp No one in the Security Industry wants to talk compliance and most of us think ...
CYDBA: Protecting Your Applications’ Rear End Josh Shaul Businesses have a long way to go in protecting their applications but even farther to ...
Data protection and Identity Management at cloud scale Jasbir Gill Security of corporate resources has never been as important as it is in todays mobile ...
Fighting Next-Generation Adversaries with Shared Threat Intelligence Brian Hein Adversaries today are technically advanced, structured around an underground governed by market forces, and using ...
Getting Into Mobile Without Getting Into Trouble, A Guide for the Stodgy Old Enterprise Greg Kliewer Mobile platforms have taken the world by storm. Smart phones and tablets, connected watches, thermostats, ...
How Scalar is Providing Information Security Services to the TO2015 Pan Am and Parapan American Games Frederic Dorré Scalar Decisions was recently awarded the bid to become the Official Supplier of Information Security ...
Introducing Recog, an open source project utilizing Sonar data for asset and service identification Ryan Poppa , Ross Barrett Project Sonar is a community effort to improve security through the active analysis of public ...
Next Generation SOC: Building a Learning Security Ecosystem Using HP ArcSight Technology Matt Anthony The concept of defense in depth has attracted a lot of attention over the past ...
OS Legacy Systems Alexander Rau Legacy operating systems in an unsecure world. Many organizations are still running applications on legacy ...
Phishers are Boring Party Guests: The Value of Analyzing Stale, Recycled Phishing Content Aaron Higbee As security organizations have come to value the impact of programs designed to change employee ...
Security for the People: End-User Authentication Security on the Internet Mark Stanislav Despite the continued success by attackers to brute-force accounts, phish credentials, and otherwise impact the ...
SilverBlight Craig Williams The web continues to be a constant threat for most users. The security industry has ...
The Rise of Threat Detection and Response Lucas Zaichkowsky It seems like it was only yesterday that security was focused almost exclusively on preventative ...