GrrCon 2019 Oct. 24, 2019 to Oct. 25, 2019, Grand Rapids, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote Amanda ‘infosystir’ Berlin , Rachel G N/A
Baselining Behavior Tradecraft through Simulations Dave Kennedy With the adoption of endpoint detection and response tools as well as a higher focus ...
PSD2, SCA, WTF?! Kelley Robinson The Payment Services Directive (PSD2) hit European financial institutions in 2018. As part of the ...
Nerding out with machine data Nick Maier No matter if the data is being used at a personal or professional level, for ...
The Spider Economy: Emotet, Dridex, and TrickBot, Oh My Adam Hogan It’s not just malware; it’s an economy. Learn how the webs of eCrime threat actors ...
Cloudy with a chance of SecOps Ricardo Speakman This session will focus on the ever-changing Security Operations landscape…which changes every damn second. A ...
I PWN thee, I PWN thee not! Jayson E Street Attackers love it when defenses fail. Implementing defenses without properly understanding the risks and threats ...
Breaking NBAD and UEBA Detection Charles Herring Network Behavior Anomaly Detection (NBAD) and User and Entity Behavior Analytics (UEBA) are heralded as ...
Destroy Everything Tom Somerville The magic of sassy pants.
Surfing and Security – Ride the wave Chris Burrows Our world has changed but with the right plan and good balance – you can ...
Automating Phishing Analysis Kyle Eaton Phishing remains a big problem for organizations bit and small. In this talk we’ll set ...
The Past, Present & Future of Cyber Threats Chris Russell Join us to discuss new strategies today’s enterprises can employ to protect endpoints against ransomware, ...
The Importance of Relevant, Timely, and Qualitative Intelligence Analysis Aamil Ak Every day, researchers and analysts are bombarded with new sets of data and information pertaining ...
Black Hats & White Collars : Bitcoin, Dark Nets and Insider Trading Ken Westin We know criminal hacking is big business, over the past decade, we have seen criminal ...
Symbolically executing a fuzzy tyrant Stefab 'lojikil' Edwards Code reviewers and penetration testers are familiar with the normal dynamic and static application security ...
From Idea to Badge: Getting Started & Finished with badge making Dave Schwartzberg Hacker and maker conference badges have evolved beyond the laser printout of a name on ...
Ssshhhh Atlas Of Doom N/A
A Theme of Fear – Hacking the Paradigm Catherine Ullman The InfoSec industry was born out of fear. Initially it was fear from virus infections ...
CyberCrime Trends of 2019: A Look Into Cybercrime, Nation State and Ransomware Monetization Activities Jared Phipps A look into the blurred lines of Nation State and Cybercrime actors and how the ...
*Topic Pending Legal Disclosure* Nathan Dragun Come find out
Q&A on our industry and other things that are top of mind Chris Roberts N/A
Using Next Generation Fuzzing Tools: Fixing Bugs and Writing Memory Corruption Exploits Dr. Stigerwalt The process of fuzzing has changed, from multation, to frameworks, to the constraint solving (CS) ...
Reverse Engineering Malware for N00bs Gregb33f/james The goal is to not talk over people’s heads with advanced concepts. We’re not ninjas. ...
How to Make a Honeypot Stickier (SSH*) Jose Hernandez One of the primary data sources we use on the Splunk Security Research Team is ...
What Are We Doing Here? Rethinking Security Jeff Man Have you ever noticed that much of the mission of cyber- and information security professionals ...
Host-Hunting on a Budget Cybergoatpsyops First 100 days, I wanted to make a positive impact on the organization. I get ...
Data Access Rights Exploits under New Privacy Laws Amber Welch New privacy laws such as the GDPR and CCPA have been great advances for personal ...
How Hackers Evade Your AI-enabled Endpoint Detection Tools Dan Allen In this session, Robert Wiggenhorn, Sr Director of Professional Services, will talk about how modern ...
Data Security: How to avoid an embarrassing breach Matt “mattrix” Hoy A history of Data Security, how we got to where we are now and insights ...
Hillbilly Storytime – Pentest Fails Adam Len Compton Whether or not you are just starting in InfoSec, it is always important to remember ...
Cons & Careers Sciaticnerd Demonstrate the possibilities of career enhancement by making use of the wide variety of conferences, ...
MSSPs are great…and other lies I tell myself Scott Thomas Many orgs must deal with a MSSP at some point. They can be used for ...
Want to Play a Game.. John Deryke Digital Security is not the same as Information Technology. We know it, but no one ...
Atomic Threat Coverage: operationalized ATT&CK Mikhail Aksenov We will present our project — Atomic Threat Coverage framework (https://github.com/krakow2600/atomic-threat-coverage), which allows to automatically ...
Devaluing Cloud Breaches while Gaining Safe Harbor Eric Wolff The drumbeat of and cloud breaches continues unabated. This session will first review the leading ...
The Hacker Hippocampus: Meet your brain on games Chloé Messdaghi Always on the edge of your seat when it comes to new exploits and tricks. ...
Good Cyber Hygiene and using analytics to drive the need for it on Print David Rose Cyber hygiene is an organizational challenge in which the threat landscape changes daily, and new ...
Hacking the Boardroom: How to communicate effectively to get your budget Ryan Wisniewski As information security professionals, we are often put into highly technical situations that only we ...
Varna: Custom, robust AWS monitoring for cents a day using EQL Adam Ringwood Varna is a lambda based tool for monitoring Amazon Web Services (AWS) CloudTrail using Event ...
Departing Employees = Departing Data Todd Thorsen Last year, 40 million people changed jobs and 60% of them admitted to taking data ...
A Day in the Life of a Security Operations Center: What do you get when you partner with cybersecurity experts? Milan Patel Cybersecurity threats are increasing, becoming more sophisticated, and creating more damage. Every week a typical ...
Beginner’s Guide to Mobile Applications Penetration Testing Whitney Phillips In this talk, I introduce how to test mobile applications from an attacker perspective. I ...
Malicious Cryptomining is Exploding: Are you at risk? John Fatten With a 200x increase in crypto-related traffic in 2019, there’s never been a better time ...
Understanding how public places introduce additional risks to business travelers & how the tools used by hackers continue to evolve Len Noe The key to a successful attack is having the right tools for the job. In ...
Hashes; Smothered and Scattered: Modern Password Cracking as a Methodology Lee Platz With the explosion of GPU enabled processing power password cracking has long grown beyond the ...
Threat Hunting Like a Gutter Punk Trey Underwood Do you feel like your security program is always broke? Is it messy, belligerent, and ...
Million Dollar Malware: Using the Viper Framework to Investigate and Track Ryuk’s Success Colin Cowie Ever since it was first discovered in 2018, Ryuk ransomware has been extremely profitable and ...
The Importance of IT Asset Visibility Brian Berk Every day, researchers and analysts are bombarded with new sets of data and information pertaining ...
Inhumane: Making Security Hard on Criminals, Easy on Everyone Else J wolfgang Goerlich Security happens where man meets machine. Or, fails to happen, as we see all too ...
The Economic’s of Cyber Security Todd White This presentation will review what was provided to the National Association of Corporate Directors- Master ...
Deepfakes: If anything can be real then nothing is real April C Wright “I didn’t say that!” …The world will be forever changed by Deepfakes. A portmanteau of ...
Big Plane, Little Plane: How common aviation attacks affect airlines and general aviation Phil Polstra There have been several aviation attacks discussed in recent years. In this talk we will ...
Dance, Fancybear, Dance: a study in macOS Cat Self N/A
Network exploitation of IoT ecosystems Fotios (ithilgore) Chantzis Internet of Things (IoT) ecosystems are comprised of a large variety of connected devices that ...
Arron ‘finux’ Finnon None