CircleCityCon 2015 June 12, 2015 to June 14, 2015, Indianna,USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Wireless Intrusion Detection System with Raspberry Pi Chris Jenks This talk covers a distributed Wireless Intrusion Detection System using multiple Raspberry Pi boards. While ...
Digital Supply Chain Security: The Exposed Flank Dave Lewis This talk will speak to the issues pertaining to supply chain security as is relates ...
From Parking Lot to Pwnage - Hack-free Network Pwnage Tim Roberts , Brent White Pretending to be an employee is one thing, but owning layers of identities is what ...
PlagueScanner: An Open Source Multiple AV Scanner Framework Robert Simmons PlagueScanner is an open source framework for organizing any number of AV scanners into one ...
Turn Your Head And Cough: Why Architecture Risk Assessments Are Like Being A General Physician Nathaniel Husted While vulnerability assessments and penetration tests are all the rage for the modern information security ...
Data Loss Prevention: Where do I start? Jason Samide Companies want Data Loss Prevention. However, most are unsure what DLP is and how to ...
Surfing the Sea and Drowning in Tabs: An Introduction to Cross-Site Request Forgery Barry Schatz With more web applications using persistent logins and users keeping more applications open in browser ...
Clean Computing: Changing Cultural Perceptions Emily Peed Computing's environmental impact as it continues to globalize will gain in awareness as the disproportional ...
I Amateur Radio (And So Can You) Kat Sweet Ham radio: it's the 100 year-old technology that refuses to die. Whether you're a wireless ...
Lessons Learned from Implementing Software Security Programs Todd Grotenhuis A common approach to securing software is to try to break software after it has ...
Hacking IIS and .NET Kevin Miller Even in the most secure Windows environments the communication between development and infrastructure causes issues ...
Departmentalizing Your SecOps Tom Gorup Security Operations Centers tend to encompass a 'Jack of all trades, Master none' type of ...
OBAMAS CYBER SECURITY PLAN DISSECTED Jonathan Thompson President Obama released his legislative updates to existing law in the WH's effort to improve ...
ZitMo NoM - Clientless Android Malware Control David healwhans Schwartzberg A world without malware is ideal but unlikely. Many of us would prefer *not* to ...
Square Peg, Round Hole: Developing a Security Culture Within an Enterprise Jeff Pergal , Stuart Mcintosh How do you develop a high performing integrated security team within a restrictive enterprise environment? ...
Do We Still Need Pen Testing? Jeff Man "How to Give the Best Pen Test of Your Life" left me hanging. I wanted ...
Does anyone remember Enterprise Security Architecture? Rockie Brockway The concept of Enterprise Security Architecture (ESA) is not new (Gartner 2006), yet the numbers ...
Building a Comprehensive Incident Management Program Owen Creger This presentation will introduce a framework to build a comprehensive incident management program. The program ...
Running Away from Security: Web App Vulnerabilities and OSINT Collide Micah Hoffman An Open Source Intelligence (OSINT) look into the world of health and fitness-tracking sites. Lately ...
Simulating Cyber Operations: “Do you want to play a game? Bryan k. Fite It’s not polite to hack your neighbor but how else can a national-CSIRT and critical ...
The Hacker Community is Dead! Long Live the Hacker Community! Bruce Potter The hacker community as we know it is dead. Gone are the days of massive ...
Smuggling Plums - Using Active Defnse techniques to hide your web apps from your attackers and their scanners John Stauffacher Its not everyday that you come across a LAMP machine that is running WordPress, Joomla!, ...
"Stupid Pentester Tricks - OR - Great Sysadmin Tips!" - Done in style of Rocky and Bullwinkle Alex Fernandez-gatti , Matt Andreko , Brad Ammerman A good pentester knows how to interact with most systems like a boss. A vast ...
Deploying Honeypots To Gather Actionable Threat Intelligence James Taliento Threat Intelligence seems to be all the rage. There are tons of security vendors selling ...
Clear as FUD: A look at how confusing jargon and technology can create fear, uncertainty, and doubt Chris Maddalena Our technology is becoming easier to use and friendlier towards users who would struggle to ...
How not to infosec Dan Tentler There are many organizations that conduct penetration testing and red team consulting engagements. Concurrently, there ...
Actionable Threat Intelligence, ISIS, and the SuperBall Ian Amit When adding a new threat intelligence feed into your threat model and security practice, one ...
Operationalizing YARA Chad Robertson A system within your network is confirmed to be infected with malware. How can you ...
Reducing Your Organization's Social Engineering Attack Surface Jen Fox This case study is a journey through the presenter's experience compromising Fortune-50 companies at the ...
Using Evernote as an Threat Intelligence Management Platform Le Grecs Most people are already familiar with Evernote. It’s easy to just throw all our miscellaneous ...
An Inconvenient Truth: Security Monitoring vs. Privacy in the Workplace Awa Ka , Ana Orozco Surveillance technologies have been in use in our society since the late 18th century. The ...
Shooting Phish in a Barrel and Other Terrible Fish Related Puns Amanda Berlin Repetition is a proven successful way to bridge the gap of compliance, teaching our users ...
Security Culture in Development Wolfgang Goerlich The majority of security vulnerabilities come from flaws in software code. While the rate in ...
User Awareness, We're Doing It Wrong Arlie Hartman User awareness is a part of most Information Security programs either out of good sense ...
Configure your assets, save your butt Caspian Kilkelly This talk will discuss the very dry subject of asset management and configuration standards as ...
How to Budget for IDS Brian Heitzman IDS Systems are the bane of all IT budgets. They spit enough information out that ...
(Still) Exploiting TCP Timestamps Veit Hailperin Buried deep in one of the most widely used protocols in the internet - the ...
Findings to date. Cameron Maerz Using the tap/tun interface offensively discovering a captive portal bypass technique, network traversal, and who ...
The Answer is 42 - InfoSec Data Visualization (Making Metric Magic & Business Decisions) Edward Mccabe We're drowning in 'Big Data', but Don't Panic Where is the value in visualizing infosec ...
Reverse Engineering Windows AFD.sys Steven Vittitoe What happens when you make a socket() call in Windows? This presentation will briefly walk ...
1993 B.C. (Before Cellphones) Johnny Xmas Remember 1993? No? Well then this talk is for you. Come listen to [Name Redacted] ...
Making Android's Bootable Recovery Work For You Drew Suarez Android bootable recovery mode is a self-contained alternative boot mode that loads a tiny Linux ...
Building a sturdy foundation - a program-based approach to IT Operations, Application Development, and Information Security in business Steven Legg Businesses today face challenges of many types: technical, strategic, interpersonal, the list could go on ...
Nepenthes: Netpens With Less Pain Andy Schmitz Network penetration tests can be difficult, particularly at scale. This talk introduces Nepenthes, an open-source ...
Malware Armor Tyler Halfpop The purpose of this talk is to provide an overview of malware defenses that attempt ...
Ruby - Not just for hipsters Carl Sampson The purpose of this session is to highlight many reasons why Ruby is a good ...
Hacking the Jolla: An Intro to Assessing A Mobile Device Vitaly Mclain , Drew Suarez In February of 2011, Nokia cancelled all of its Linux-based phone projects in favor Windows ...
Rethinking the Trust Chain: Auditing OpenSSL and Beyond Kenneth White In the aftermath of HeartBleed, the Linux Foundation commissioned the Open Crypto Audit Project to ...