BSidesAugusta 2019 Oct. 5, 2019 to Oct. 5, 2019, Augusta, USA
Tell us about missing data
Tell us about missing data
Title | Speakers | Summary | Topic Types |
---|---|---|---|
Keynote - Prepare Your Battlefield: Shape Your Environment for Better Cyber Defense | Ben Johnson | The idea that the information security team will sit back and wait and monitor is ... | |
Understanding Hardware Vulnerabilities | Jake Williams | In 2018, the world learned of Meltdown and Spectre. Before that, there was RowHammer and ... | |
Spotting Lateral Movement with Endpoint Data | Tony Lambert | Lateral movement is an integral part of adversary movement into and around networks. This functionality ... | |
Investigating Macs at the Speed of Compromise | Tim Crothers | During an incident, minutes count. While patterns for investigating Windows hosts quickly are well established ... | |
Encrypted Things - Network Detection and Response in an Encrypted World | Patrick Perry | There has been tremendous growth in the percentage of network traffic that is encrypted over ... | |
Gaining 20/20 vision during an incident with PowerShell | Fernando Tomlinson | There will come a point where every organization will likely be compromised. To be able ... | |
Illuminating Malware Adversaries with MalBeacon | Paul Burbage | It is far too easy for anyone to obtain a malware kit from the Internet ... | |
Mitigating Lateral Movement: Quick Wins | Robert Wilson | In this presentation we will examine several common lateral movement techniques using the MITRE ATT&CK ... | |
Medical Records and Default Passwords | Qasim Ijaz | As a penetration tester with focus on the healthcare industry, I’ve seen patient data in ... | |
Host-Hunting on a Budget | Leo Bastidas | Arrived at an organization where they had zero visibility and zero dollars on the endpoint. ... | |
Phoenix - The Open Source malware analysis appliance | Justin Olmstead | Phoenix is an Open Source malware analysis appliance. At the core, Phoenix is the marriage ... | |
for “better” in [training, research, operations]: do OpenStack orchestration | Sarah Rees | OpenStack. Do the words “brokenStack” or “complicated” come to mind for you? Even if you ... | |
Adversarial Emulation | Bryson Bort | Today’s red team isn’t enough. Because we want to move our defense and understanding beyond ... | |
Home Defense for an IoT Infested World | Dale Lakes | Why is your smart toaster trying to talk to your media server? Why is your ... | |
One Hundred Red Team Operations A Year | Ran O'horo | Our Red Team runs operations with a high frequency. This presentation lays out how we ... | |
Python Standard Library Gadgets for Upgrading Format String Exploits | Brian Welch | There exists a class of vulnerabilities within the Python programming language which involve injection of ... | |
Enriching Osquery with Actionable Context | Josh Brower | Osquery allows us to query an incredible amount of information from our endpoints, but sometimes ... | |
Vishing, Not just for Extroverts! | James Morris | Attackers use many different social engineering techniques to gain initial footholds into networks but when ... | |
The 2019 Data Breach Investigations Report. From a DBIR author. | Gabriel Bassett | Based on forensic evidence collected from our partner organizations as well as the Verizon caseload, ... | |
Hunting PowerShell Attacks on The Open Internet | Paul Melson | PowerShell has been steadily gaining in popularity with attackers of all capability levels and motivations ... | |
Augmenting the (Security) Onion: Facilitating Enhanced Detection and Response with Open Source Tools | Wes Lambert | As network defenders, we face evolving threats every day. We need to truly understand our ... | |
Weapons of Math Instruction: Using mathematics to draw usable operational insights from WiFi data. | Sean Guan | Ever wish you could grab all that WiFi telemetry the department stores and marketeers have ... | |
Breaking Into Banks Like A Boss 2.0 | Brice Self | Through social engineering and physical bypass techniques, I was 100% successfully able to break into ... | |
Building a securable architecture for interconnected ICS environments | Mackenize Morris | Industrial control systems have been airgapped disconnected systems that run inside facilities for decades without ... | |
Incident response and threat hunting using Bro/Zeek data | Alex Kirk | We'll cover a classic "clicked a bad link and got a drive-by exploit kit" scenario ... | |
Make the Dev Do Your Dirty Work | Brandon Helms | Working as a Red Teamer has challenged my thinking and helped build solutions to previously ... | |
Stealing the Network via Cisco Anyconnect VPNs | Mike Gonzalez | Multiple ways we were able to hijack Cisco VPNs, bypassing Multi-Factor Authentication, how to fix ... | |
Mobile App: Reversing Hooking and Swizzling | Akansha Kesharwani | In today's era as the use of smart devices takes a boom, number of mobile ... | |
Why Does It Takes So Long to Find a Job? Top Tips for Navigating Your Job Search Journey | Kathleen Smith | We’ve all heard the old adage that finding a job is a full time job, ... |