BSidesVancouver 2019 March 18, 2019 to March 19, 2019, Vancouver, Canada

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote: Security Operations as a Video Game Rob Fry The interesting and sometimes ironic parallels between the challenges of daily security operations and strategy ...
Sandwiches or Pizza? Incident Response Isn’t Just Technical… Shelly Giesbrecht Your organization has layers of security platforms protecting it, an Incident Response (IR) plan and ...
A Safer Way To Pay: Comparing The Security And Integrity Of 21st Century Payment Systems Chester Wisniewski Continuing on from my BSides 2014 talk on credit card thieving malware, payment card systems ...
Male Allies: To Be, Or Not To Be: That Is The Question! Duha Younes , Heidi King The misrepresentation of women in tech was a hot topic of discussion in 2018. Books, ...
The 3rd Face Of Insider Threat Carl Willis-ford While many Insider Threat assessments only include two categories (malicious and unintentional), there exists a ...
Are You Ready For A Cloud Pen Test? Teri Radichel What exactly is a cloud pen test? This presentation will talk about different aspects of ...
FIN7: A Case Study On Shim Database Persistence Benjamin Wiley If an attacker clearly had backdoor access to a system yet no malware can be ...
Missing The Forest For The Trees: When Server Hardening Isn’t Enough Hudson Bush Performing intensive server hardening without considering the other possible exploit paths can end up being ...
Breaking Blockchain Greg Foss With cryptocurrencies becoming more widely adopted as a form of payment, identity management, and accountability, ...
Windows 10 AMSI Script Behavior Instrumentation With Machine Learning To Block Malicious Attacks Geoff Mcdonald New features were introduced in Windows 10 and O365 where the commonly-abused scripting engine components ...
How To Secure Serverless Matt Carolan Have you heard about Serverless computing? It's the holly grail!No more operating systems to worry ...
Building An Enterprise Threat Hunting Program Tim Sahota We all understand the importance that an incident response (IR) program brings to defending the ...
Swarm Intelligence And Human Systems Pongolyn What can the blue team learn from a colony of army ants? Swarm intelligence, a ...
Policing Cyber In BC Maleena Singh Norton Cyber Security Insights Report (2016) states that in 2015 $1.9B (USD) was lost to ...
Mobile Application Hacking Wesley Wineberg Mobile applications are often treated like a modern black box: Everyone uses them, but no ...
Cryptography 101 Brodie Mcrae This is a demystifying talk for new enthusiasts, and a solid refresher for the experienced. ...
Hacking Hardware Through Side-Channel Kevin2600 If you love to breaking embedded devices. Then side-channel attack is one of desirable skillset ...
Information Security In The Health/Academic Research Context Scott Baker Attempting to conduct important research securely on a shoestring budget, under unrealistic deadlines, with widely ...
How To Survive A SOC 2 Audit (And Why You Ought To Try) George Pajari A SOC 2 information security audit report is considered by many (especially many customers of ...
Website Switcheroo: Links Opening In Tabs Are Dangerous Boris Reitman Undoubtedly you know that any link on the web can be opened in a new ...
How To Put The Sec In DevOps Matt Rose Automation and DevOps have changed the way organizations deliver products. The shift towards DevOps made ...
2019 Cyber Threat Landscape & People-Centric Security Chris Richmond Despite tens of billions of dollars spent on security technology globally each year, attacks continue ...
Intelligent Threat Hunting Dhruv Majumdar Continuous threat hunting is a proactive approach to identifying threats within the environment while adopting ...
AI Vs Malware - Machine Learning Cage Match Aamir Lakhani Due to the wide range of readily-available resources for creating malicious payloads, such as coders ...
Using Threat Research To Take Back The Internet Peter Scheffler Utilitizing data from a Decade of Data Breaches (https://www.f5.com/labs/articles/threat-intelligence/lessons-learned-from-a-decade-of-data-breaches-29035) we will dig into some of ...
Keynote: Security Is Everybody's Job... Literally. Tanya Janca In DevOps everyone performs security work, whether they like it or not. With a ratio ...
Your Internet Is Down? It’s Cyber Warfare, Stupid Shira Shamban So you have a firewall, an anti-virus, a sandbox, a super-sophisticated SIEM, but you still ...
How Online Dating Made Me Better At Threat Modeling Isaiah Sarju Isaiah has used online dating sites such as Tinder and OkCupid. At times this seems ...
Security Is A Mission Not An Intermission David Balcar Turn off your mobile phone, put down your tables and hear about real world data ...
Architecting For Security In The Cloud Josh Sokol The best part about creating new products and services in the cloud is the agility ...
Protecting The Protector - Hardening Machine Learning Defenses Against Adversarial Attacks Jugal In today's threat landscape, it's not unusual for attackers to circumvent traditional machine learning based ...
Tracing Ransomware Payments In The Bitcoin Ecosystem Masarah Paquet-clouston Ransomware can prevent a user from accessing a device and its files until a ransom ...
The Emperor's Old Clothes : Visualizing Ssdeep Joe Kirwin I was excited to review and potentially implement ssdeep for some "fuzzy-hashing" in a project ...
High-Value Approaches To ML In Computer Security Deepali Arora You’ve likely seen cybersecurity companies tossing around buzzwords related to machine learning, artificial intelligence, and ...
Tangling With Malware Adversaries: A Few Short War Stories Geoff Mcdonald The anti-malware industry is a game of cat and mouse between the attackers who are ...
The Journey From Flat To Bumpy: Network Segmentation While Business Applications Live Their Normal Life Golnaz Elahi In flat network architecture, any computer in the organization can communicate with any other node, ...
To Patch Or Not To Patch Julius Musseau The Equifax Struts disaster happened because someone failed to patch. But the recent Event-Stream NPM ...
Threat Hunting OpSec Oleksiy Gayda In recent years, increased attacker sophistication and security alert fatigue have propelled threat hunting to ...
An Apple A Day Keeps The Cybercriminals Away? Taking Lessons From Medicine To Motivate Good Cyberhealth Habits Tierney Wisniewski Cybercriminals almost always pick the lowest hanging fruit, and consequently, as tools and technologies for ...
SSH Keys: Security Asset Or Liability? Michael Thelander Generating SSH keys is free, but poor SSH key practices expose businesses to costly risk. ...
The Importance Of SOC Automation Tools Dan Ward Dan talks to hundreds of SOCs every year and will review some of the common ...
Threat Hunting Demystified Ian Redden This session will explore a practical approach for enabling Threat Hunting as a practice within ...
End-To-End Security Analytics With The Elastic Stack Matteo Rebeschini Interested in staying ahead of the adversary in a shifting security landscape? Learn how to ...
Improving The Speed And Quality Of Your Investigations Through Security Orchestration Stan Engelbrecht Security teams are overworked and overwhelmed by today's threat landscape, and they need help to ...
Windows User Enumeration, Living Off The Land Dale Hobbs One of your users has fallen for a phishing attack! His computer has been compromised ...
OSInt, Shoe Laces And Bubble Gum: How To Use OSInt With Limited Time And Budget To Better Understand How Attackers See Your Organization Jamie Mcmurray Jamie McMurray, Security Operations Manager for Kobalt will discuss and demonstrate how to use open ...
Why Are My Users Visiting A Russian Domain Served From Nigeria...OR...Leveraging DNS As A Layer Of Defense And A Lens On The Threat Landscape. Rob Williamson A DNS firewall works outside the organization to block queries at the DNS level to ...
Vibing Your Way Through Enterprise: How Attackers are Becoming More Sneaky Matt Eidelberg N/A
When You Are The Target Of Attacks, What’s Your Response? Dan Wolff Instead of analyzing old malware sitting in your network, teams are deploying breach detection and ...
Security Architecture 101 George Pajari This is a fast-paced review of the main topics in information security architecture by the ...
Step By Step Walkthrough Of Forensic Analysis Of Amazon Linux On EC2 For Incident Responders Kenneth G. Hartman This workshop will be a step-by-step walkthrough of techniques that can be used to perform ...