2017 SESSIONS At A Glance

SecTor Management and the Advisory Committee look forward to once again bringing the world’s best speakers in the field of IT Security to Toronto.

Some of your feedback requested a simple list of sessions where you could scan what’s happening at a glance, like the format in years past.  Below you will find just that.

Please visit the schedule page for a complete breakdown of when each session will occur, along with a more comprehensive filtering feature. The schedule is also available in timetable format.

The Expo Hall is open to attendees between the hours 8am to 5pm Tuesday, November 14, and 8am to 4pm Wednesday, November 15. Please note Expo Only Attendees are limited to the Sponsor, Tools and Career tracks. Find out more at our new Expo Page.

Legend:
Full Conference Pass Expo Conference Pass

Keynote
Infosec Halloween 2021: Unmasking the Scary Characters - Wendy Nather
The Evolution of Hacking - Jeff Moss
Tech
Behavioral Biometrics – Attack of the Humanoid - Justin Macorin, Iain Paterson
BioHackers: The Invisible Threat - Len Noe
Breaking the Laws of Robotics: Attacking Automated Manufacturing Systems - Stefano Zanero
Common NGINX Misconfigurations That Leave Your Web Server Open to Attack - Spencer Pearlman
Detecting Illicit Drone Filming - Ben Nassi
Explore Adventures in the Underland: Forensic Techniques Against Hackers - Paula Januszkiewicz
FAIL – Notorious* Number 9 - James Arlen
Full Circle Detection: From Hunting to Actionable Detection - Mathieu Saulnier
Ghost Misdetection Attacks Against Tesla Model X & Mobileye 630 PRO - Ben Nassi
Hacking & Securing Clinical Technology - Jeremy Richards
hAFL1: Our Journey of Fuzzing Hyper-V and Discovering a 0-Day - Peleg Hadar, Ophir Harpaz
How We Automated Ourselves Out of On-Call Burnout … and You Can Too! - Prima Virani
JavaScript Obfuscation – It’s All About the Packers - Or Katz
Large-Scale Security Analysis of IoT Firmware - Daniel Nussko
Many Stunts, One Design: A Crash Course in Dissecting Native IIS Malware - Zuzana Hromcová
MFA-ing the Un-MFA-ble: Protecting Auth Systems’ Core Secrets - Tal Be’ery, Matan Hamilis
Secure and Scalable Development with Microsoft 365 and Azure AD - Peter Carson
Siamese Neural Networks for Detecting Brand Impersonation - Yuchao Dai, Nitin Kumar Goel, Justin Grana, Jugal Parikh
The Call Is Coming from Inside the House-The Truth About Linux and Cloud Security - Ell Marquez
The Story of Ghost One - Tim Dafoe, Patrick von Sychowski
Towards Developing the Human Risk Assessment Platform - Maria Bada
Management
Building Security Champions - Tanya Janca
Epic journey of an enterprise cloud transformation - Helen Oakley
Harder, Better, Faster, Stronger – Privacy Laws and the Anatomy of a Breach Response - Stanislav Bodrov
Maturing your toolkit with mental models - Fernando Montenegro
Redefining Threat Modeling: Security Team Goes on Vacation - Jeevan Singh
The Cross-Disciplinary Challenges of Data Governance Policies - Alexander Rasin
The Quantum Threat: Where Are We Today? - Michele Mosca
SECurity FUNdamentals
Adventures in Underland: What Your System Stores on the Disk Without Telling You - Paula Januszkiewicz
An Anatomy of a DevOps Tool Chain Attack - Alex Dow
Attacker Techniques: Data Exfiltration - Julian Pileggi
Bot Shops and Info Stealers – Exploring the Dark Web’s Newest Frontier - Bryan Oliver
Broken Brokers in Boxes: Fuzzing Breaks Everything, Even Erlang - Jonathan Knudsen
Cloudy with a Chance of APT: Novel Microsoft 365 Attacks in the Wild - Doug Bienstock, Josh Madeley
Software Composition Analysis 101: Knowing What’s Inside Your Apps - Magno Logan
Sponsor Track
3 Essentials for Automating Security Across Hybrid Cloud - Sattwik Gavli
A Technical Deep Dive Into: Supply Chain Based Triple Extortion Ransomware with DDoS and Scrambled Voice Phone Blackmail and A Review of Successful Prevention Tactics and Strategies - Pete Nicoletti
A Unified Approach to Discover, Protect and Control Your Sensitive Data - Stephen Kingston
Adopting a Zero Trust Approach to Cybersecurity - Marc Kneppers
An Introduction to Risk-Based Vulnerability Management - Jerry Gamblin
Best practices for Open-Source Management - Pete Chestna
Best Practices: PAM Security & Data Privacy - Christopher Hills
Breaking Down Silos Between Security and Infrastructure - Chad Reaney
Building a Response Strategy to Advanced Threats - Jeff Costlow
Building an Active Defence Program – Why a Traditional SOC Alerting Service Isn’t Good Enough - Bill Dunnion
Coverage: How to Get Results from Threat Detection and Response Solutions - Augusto Barros
Data-First SASE Using Behavior Intelligence and Risk Analytics - Benoît H. Dicaire
Deconstructing a Ransomware Attack: A Case Study in Privileged Account Misuse - Daniel Conrad, Bryan Patton
Defending Against Ransomware – Building a Future-Proof Architecture - Brian Brown
Detection at Scale – Realize Cyber Resilience Using Intelligence-Driven XDR - Mark Alba
Exposing Ransomware-As-a-Service and Where It’s Going Next - Jamison Utter
Faster and Smarter Response to Cyber Threats in a Hybrid Cloud Environment - Dan Jezerinac
For the Greater Good: Challenging the Vulnerability Disclosure Status-Quo - Laurent Desaulniers, Olivier Bilodeau
Get it Right, Get It Savvy – Remote Workforce Enablement - Diana John
Getting Started With SASE: Connect, Control and Converge with Confidence - Najib Hatahet
Global Privacy: Keeping Up and Staying Ahead - Liam McLaughlin
Hindsight Security: Things Breach Victims Wish They Had Done - Matthew Hickey
How to Maximize ROI with Frictionless Zero Trust - Stephane Asselin
Intelligence-Driven SOAR - Chris Adams
Is Your Defensive Stack Ready for a Targeted Attack? - Nelson Santos
Opening XDR to More Insight - Peter Cresswell
Poking Around at Scale: One Year of Scanning the Internet - Marc-Etienne Léveillé
Reducing Ransomware at Scale: Exploring the Ransomware Task Force’s Recommendations - Jen Ellis
Responsible and Ethical AI for Cyber: Why It’s Important, Why It’s Hard, How to Do It - Stephan Jou
Security for Mortals: Think like a Hacker and Protect Your Assets - Laura Payne, Raheel Qureshi
Security Operations and the End of Cyber Risk - Matthew Trushinski
SOARing to New Heights with TheHive and Cortex - Geoffrey Roote
Tackling Developer Security Training - Rey Bango
The Prestige - Aamir Lakhani
Transforming Cloud Security with SASE - Jay Reddy
Triple Extortion Attacks on the Rise from Ransomware Gangs - Gary Sockrider
Walking the Cybersecurity Data Tightrope - Travis Smith
What Elon Musk and SpaceX Can Teach Us About Ransomware and Cybersecurity - Morgan Wright
Where is Cybercrime Really Coming From? - Luis Carvajal Kim
Why an Integrated Approach to Cybersecurity Is No Longer a Choice - Andrew Williams
Why the Future of DevOps Needs Hackers - Will Kapcio
XDR and SIEM on a Collision Course: What Remains When the Dust Settles? - Corey Still
Tools
Automating Threat Detection and Response with Azure Sentinel - Kurtis Armour, Matthew Blacklock
Introducing a New Construct for Advanced Interactive Volatile Memory Analysis - Solomon Sonya
Knocking on Clouds Door: Threat Hunting in Azure AD with Azula - Mangatas Tondang
Moving Upstream, Securing the GitOps Workflow - Yoni Leitersdorf
Sandboxing in Linux with Zero Lines of Code - Ignat Korchagin
Speeding Up AWS IAM Least Privileges with CloudSplaining & Elastic Stack - Rodrigo Montoro
Zero-Code Data Validation - Bernardo Sanchez