BSidesSanFrancisco 2015 April 19, 2015 to April 20, 2015, San Francisco,USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Stick a Pin in Certificate Pinning: How to Inspect Mobile Traffic and Stop Data Exfiltration Gopal Jayaraman With the rise of encrypted traffic, more and more companies are deploying SSL inspection platforms ...
Critical Infrastructure: The Cloud loves me, The Cloud loves me not. Bryan Owen Interdependency between public cloud services and critical infrastructure are both hard and soft. Will this ...
Ally Skills Workshop Leigh ( Hypatiadotca ) Honeywell Frustrated with sexism in our community but not sure what to do about it? The ...
OSXCollector: Forensic Collection and Automated Analysis for OS X Ivan Leichtling OSXCollector is an open source forensic evidence collection and analysis toolkit for OS X. It ...
F*ck These Guys: Practical Counter Surveillance Lisa Lorenzin We've all seen the steady stream of revelations about the NSA's unconstitutional, illegal mass surveillance. ...
DNS Spikes, Strikes, and The Like Thomas Mathew Analyzing traffic patterns for trends can be a rich source of information for investigating potential ...
No More Fudge Factors and Made-up Shit: Performance Numbers That Mean Something Russell Cameron Thomas This talk isn’t about security. It’s about how any security team can measure and improve ...
How to sell security without selling your soul Jack Daniel , Steven Mcgrath Many people who want to advance the state of information security have the nerve to ...
Ask the EFF Kurt Opsahl , Nate Cardozo , Andrew Crocker Get the latest information about how the law is racing to catch up with technological ...
Intrusion Detection in the clouds Josh Pyorre Shared hosting is awesome! ...sort of. On one hand, you pay almost nothing to get ...
Violent Python Sam Bowne Even if you have never programmed before, you can quickly and easily learn how to ...
Your Users Passwords Are Already Stolen Lucas Zaichkowsky Attackers have long exploited human weakness such as the lack of password complexity and vulnerability ...
Hacker or criminal? Repairing the reputation of the infosec community Melanie Ensign Recent legislation and media stories reflect an inaccurate, often criminal, if not confused picture of ...
Analyze This! Aaron Shelmire Many presentations about “Big Data” security analysis focus on where to store the data and ...
Student Surveillance: How Hackers Can Help Protect Student Privacy Jessy Irwin Since 2011, billions of dollars of venture capital investment have poured into public education through ...
Medical Device Security - From Detection To Compromise Scott Erven , Adam Brand There is no question that medical devices save countless lives, but is insecure design or ...
When Doing the Right Thing Goes Wrong - Impact of Certificates on Service Based Infrastructure Robert Lucero With the advent of micro service architecture securing inter-service communication has become more important than ...
How SecOps Can Convince DevOps To Believe In The Bogeyman Casey Ellis Bugcrowd co-founder and CEO, Casey Ellis, explores the inherent differences between the hacker and developer ...
How to Lie with Statistics, Information Security Edition Tony Martin-vegue Stiff statistics, prismatic pie charts, and stodgy survey results drown the Information Security space in ...
Network Forensics Fun: Packet Pillaging Done Right! Ryan J. Chapman In this talk, I will walk attendees through how Bechtel’s “Team DOFIR” took 1st place ...
Human Hunting Sean Gillespie Much of what appears to be happening in information security seems to be focused on ...
Ground Zero Financial Services: The Latest Targeted Attacks from the Darknet Brian Contos , Jonathan Curtis Within the Darknet, an area of the Internet that’s hidden from pedestrian use and commonly ...
Phighting Phishers Phake Phronts Kevin Bottomley This talk will take a look at modern phishing campaigns and how they have evolved ...
Securing the Hastily Formed Network: Infosec for Disaster Relief and Emergency Response Rakesh Bharania Effectively responding to modern disasters and humanitarian emergencies requires a substantial amount of connectivity. Whether ...
Corporate Governance For Fun and (Non)Profit Christie Dudley There has been a lot of push lately about organizing events and incorporating them. While ...
GitReview - All Git Commits are Reviewed Jon Debonis We needed to audit our github repository while maintaining developer flexibility to push whenever and ... IncludeThinkstScapes
Introduction to Reverse Engineering Android Applications Training Tony Ucedavelez , Benjamin Watson This training will be an introduction into reverse engineering Android applications. If you have troubles ...
HIPAA 2015: Wrath of the Audits W. Hudson Harris Since 2009, 122 million people have had their protected health information compromised. Enforcement efforts and ...
Probing Patches: Beyond Microsoft’s ANS Bill Finlayson Patch analysis is the process of examining the difference in vendor supplied binaries incrementally across ...
Lessons Learned from Building and Running MHN, the World's Largest Crowd-sourced Honeynet Jason Trost Honeypots are really useful for collecting security data for research, especially around botnets, scanning hosts, ...
*Blink*: The Network Perimeter is Gone Rick Farina In the past, network device awareness (SANS Critical Security Control #1) was achieved through asset ...
PenTesters Vs Attackers Stephan Chenette In the late 1960s the term penetration testing was coined to describe the action of ...