2017 SESSIONS At A Glance

SecTor Management and the Advisory Committee look forward to once again bringing the world’s best speakers in the field of IT Security to Toronto.

Some of your feedback requested a simple list of sessions where you could scan what’s happening at a glance, like the format in years past.  Below you will find just that.

Please visit the schedule page for a complete breakdown of when each session will occur, along with a more comprehensive filtering feature. The schedule is also available in timetable format.

The Expo Hall is open to attendees between the hours 8am to 5pm Tuesday, November 14, and 8am to 4pm Wednesday, November 15. Please note Expo Only Attendees are limited to the Sponsor, Tools and Career tracks. Find out more at our new Expo Page.

Legend:
Full Conference Pass Expo Conference Pass

Keynote
Planning for Sunny Days - James Arlen
The Future of Cryptography - Dr. Whitfield Diffie
Tech
10th Anniversary FAILtacular! - James Arlen
A Diamond is an Analyst’s Best Friend: The Diamond Model for Influence Operations Analysis - Charity Wright
A Hermit Out of Its Shell - Christoph Hebeisen, Paul Shunk
Adventures in the Underland: Uncommon Hacker’s Persistency Methods and Countermeasures - Paula Januszkiewicz
Anti-Abuse Operations and the Abuse Bestiary - Allan Stojanovic
Defrauding Merchants like it’s Y2K - Craig Barretto, Yuk Fai Chan
Food Production is Critical Infrastructure - Seth Hardy
GitHub Actions: Vulnerabilities, Attacks, and Counter-measures - Magno Logan
New Memory Forensics Techniques to Defeat Device Monitoring Malware - Andrew Case
New Minimum Cybersecurity Requirements for Cyber Insurance - Danny Pehar
Purple RDP: Red and Blue Tradecraft Around Remote Desktop Protocol - Olivier Bilodeau
The COW (Container On Windows) Who Escaped the Silo - Eran Segal
The Development of a Completely Unsupervised Machine Learning Pipeline for Security Analytics – from Ingestion to Analytics - Jeff Schwartzentruber
The Evolution of Ransomware - Fernando Montenegro
Tokenizing the Dark Web: Applying NLP in the Context of Cyber Threat Intelligence - Olivier Michaud, Francois Masson
Under the Hood of Wslink’s Multilayered Virtual Machine - Vladislav Hrčka
Understanding, Abusing and Monitoring AWS AppStream 2.0 - Rodrigo Montoro
What is Linux Kernel Keystore and Why You Should Use It in Your Next Application - Ignat Korchagin
Zhadnost – Finding and Tracking a GRU-controlled Botnet - Ryan Slaney
Management
“What do you Mean Moose Meat?” Advancing Resilience Through Preparing for the Unexpected. - Kevin Sandschafer
A Transformation Blueprint for Developer-First Security - Larry Maccherone
FAIR STRIDE – Building Business Relevant Threat Models for AppSec - Arthur Loris
Innovation and Evolution – How Medical Device and IoT Profiles Have Evolved – But So is Your Attack Surface - Mohammad Waqas
OPSEC is Not a Buzzword - Tim Dafoe
The Vastaamo Data Breach - Antti Kurittu
Vulnerability Management: Try Fixing Less to Reduce More Risk - Mitch Dollin
SECurity FUNdamentals
Advanced Bot Landscape - Yohann Sillam
AI in a Minefield: Learning from Poisoned Data - Johnathan Azaria
Azure AD and Microsoft 365 Security Fundamentals - Peter Carson
Build More Secure Apps by Harnessing the Power of OWASP SKF & ASVS on Kubernetes - Farshad Abasi-Jahromi, Kurt Hundeck
De-Escalate the Overly-Permissive Cloud IAMs - Jay Chen
Evasive Manoeuvres: Analysing the Past to Predict the Future of Malware Evasion Techniques - Stefano Zanero
Security Architecture Review for Cloud-based Applications – Where to Start and How to Shift Left? - Bernardo Wernesback
Trust or Dare: Supply Chain Risks in Aviation - Manon Gaudet
Sponsor Track
A Data Product Approach to Reducing Security Debt - Carson Pickens
BlackBerry XDR: Even the Odds - Anthony Toric
Calculating Risk in the Era of Obscurity: Reading Between the Lines of Security Advisories - Dustin Childs
Correctly Configure All the Clouds - Steve Riley
Cybersecurity Insurance: Where to Start & How to Qualify - Christopher Hills
Decision Making in Uncertain Times: Key teachings from Executive Exchanges - Rafi Wanounou
Defending Ukraine: Early Lessons from the Cyber War - John Hewie
Effective Response in the Face of Zero Day Threats and Vulnerabilities - Karl Klaessig
From the Field – Stories of Successfully Detecting Cyber Attacks - Stephan Jou, Paul Reid
How 2FA is Circumvented - Ahmad Alsabagh
How AI Can Think Like an Attacker - David Masson
How Safe is Your Cloud? Deciphering Cloud Threats and Security Models - James Spiteri
Impact of the Russia – Ukraine Conflict on Your Cybersecurity - David Poellhuber
Indicators Everywhere! How SOCs Can Maintain Efficiency Against Any Attack - Andrew Mundell
Into the Abyss: Cybersecurity Tool Selection, Rationalization, and Decommissioning - Jeff Schmidt
Is Your Defensive Stack Ready for a Targeted Attack? - Stephen Tutterow
Leave No Stone Unturned: The Elements of Security Visibility - Christopher Fielder
Master of Audits – Vulnerability and Risk Management in 2022 - Ajay Sood
Mobile Security – The Hackers Next Frontier - Robert Falzon
Navigating Enterprise Security in a Post-Compromise Reality - Kanen Clement
Neither Pointless nor Boring: Pop it and Lock it Down with CIS Controls - Matt Jerzewski
Preparing SRM Leaders to Communicate the Relationship Between the Cyber Risks and Physical and Human Systems - David Ortega
Protecting Your Critical Data and Enhancing Cyber Recovery - Jessica Hetrick
Ransomware IR Playbook to Remember & an Art of Building Resilience - Raheel Qureshi
Report: Protecting Customer Identity and Access Management (CIAM) Services Against Online Threats - Matt Duench
Researching Risk: The Qualys Approach to Identifying and Reducing Risk - Travis Smith
Scaling Security Operations: The Answer To The Challenge of Threat Inflation - Augusto Barros
Securing Your Operational Technologies - Gaétan Houle
Seize the Breach: Protect Your Organization With Behavior-based Security Intelligence - Steven Flowers
Smarter XDR Demands Email Security - Neil Clauson, Andrew Williams
Software Supply Chain Security: Knowing What You Don’t Know - Mallory Woods
State of Cloud Security in Canada: How Does Your Organization Measure Up? - Dave Senf
The (Hard) Key to Stop Phishing: How Cloudflare Stopped a Targeted Attack and You Can Too - John Engates
The Agent of Influence - Charity Wright
The Compelling Case for Zero Trust: Bridge the Gap Between Cybersecurity and Business - Ram Vaidyanathan
The Unsung Hero of Cybersecurity: Taking Your Vulnerability Management Program (VMP) from Good to Great - Kim Schreader
ThreatConnect & The Decisive Group Q&A - Lara Meadows, Devin Somppi
Time to Re-evaluate Your Security Layers - Elie Nasrallah
Top 10 Cyber Security Actions for Canada - Victor De Luca
Two Years of Accelerated Cybersecurity and the Demands Being Placed on Cyber Defenders - Tony Anscombe
What Log4Shell Taught Us About the Software Supply Chain, that Other Vulns Didn’t - Jobert Abma
Why Do We Accept Gaps in Our Data Protection Practices? - Terry Ray
Will Your Backups Help You Recover from Ransomware? - Nyron Samaroo
Tools
Deep Dive into SBOMs and Microsoft’s SBOM Tool - Adrian Diglio
DIY Tooling for Incident Responders - Peter Morin
Extend Falco with Plugins, Detect and React to Security Incidents from Any Stream of Events - Michele Zuccala
Java Crypto: Don’t Just Get it Working, Use it Securely - Mansi Sheth
Leverage AI in Threat Management - Ida Siahaan
The Power of the Pico: Replacing Expensive Toys with the Raspberry Pi Pico - Tyler Reguly
The State of Packet Capture in a Hybrid Infrastructure: The More You Know - Chris Boucek