2017 SESSIONS At A Glance

SecTor Management and the Advisory Committee look forward to once again bringing the world’s best speakers in the field of IT Security to Toronto.

Some of your feedback requested a simple list of sessions where you could scan what’s happening at a glance, like the format in years past.  Below you will find just that.

Please visit the schedule page for a complete breakdown of when each session will occur, along with a more comprehensive filtering feature. The schedule is also available in timetable format.

The Expo Hall is open to attendees between the hours 8am to 5pm Tuesday, November 14, and 8am to 4pm Wednesday, November 15. Please note Expo Only Attendees are limited to the Sponsor, Tools and Career tracks. Find out more at our new Expo Page.

Full Conference Pass Expo Conference Pass

A Hacker’s Perspective on Your Infrastructure and How to Keep Them Out of Your Life - Paula Januszkiewicz
Tech for Good, Maybe - Tracy Ann Kosa
A DECEPTICON and AUTOBOT Walk into a Bar: Python for Enhanced OPSEC - Joe Gray
Common Flaws in Public and Private ICS Network Protocols - Mars Cheng, Selmon Yang
Defending Containers Like a Ninja: A Walk through the Advanced Security Features of Docker & Kubernetes - Sheila Berta
Demystifying Modern Windows Rootkits - Bill Demirkapi
Detecting Access Token Manipulation - William Burgess
Detection Mastery – War Stories from the Hunters Side! - Ilya Kolmanovich, Felix Kurmish
Escaping Virtualized Containers - Yuval Avrahami
Getting Rid of Passwords with FIDO2 and W3C WebAuthn - Michael Grafnetter
Heroku Abuse Operations: Hunting Wolves in Sheep’s Clothing - Allan Stojanovic, Spencer Cureton
How to Store Sensitive Information in 2020 - Mansi Sheth
Lamphone: Real-Time Passive Reconstruction of Speech Using Light Emitted from Lamps - Ben Nassi
Lateral Movement and Privilege Escalation in GCP; Compromise any Organization without Dropping an Implant - Dylan Ayrey, Allison Donovan
My Cloud is APT’s Cloud: Investigating and Defending Office 365 - Doug Bienstock, Josh Madeley
One Malicious Message to Rule Them All - Omer Tsarfati
Policy Implications of Faulty Cyber Risk Models and How to Fix Them - Wade Baker, David Severski
Practical Defenses Against Adversarial Machine Learning - Ariel Herbert-Voss
Security Metrics That Matter - Tanya Janca
Submarines in Pirate Waters: Cloud Attack Strategies - Moses Frost
The fast and the FAIL 8 - James Arlen, Dave Lewis, Nick Johnston, Laura Payne
The Paramedic’s Guide to Surviving Cybersecurity - Rich Mogull
Are You Doing It Wrong? Highlights into Cybersecurity Quandaries - Masarah Paquet-Clouston, Laurent Desaulniers
Can’t Stop This Train – Top Cases in Privacy Litigation - Stanislav Bodrov
Crown Jewels Lifecycle Management - Akshat Saxena
DevSecOps: The Right Solution to The Wrong Problem - Mark Nunnikhoven
I Promise It’s Not a Computer: Power Grids, Online Voting, and the Lies We Tell - Mark Dillon
Only After Disaster Can We Be Resurrected: Field Lessons in Cyber Incidents - Mark Sangster
Solving Security’s People Problem by Expanding the Talent Pool - Ning Wang
SECurity FUNdamentals
Active Directory Database Security - Michael Grafnetter
An Introduction to Automotive Security in 2020 - Eric Evenchick
Compliant Yet Vulnerable: Critical Risks of Measuring Instruments in Production Line - Philippe Lin, Shin Li
Drinking Coffee, Unicorns & Demystifying Zero Trust - Dave Lewis
PKI Well Revised: Common Mistakes Which Lead to Huge Compromise of Identity - Mike Jankowski-Lorek, Paula Januszkiewicz
Ransomware Attacks: Do’s & Don’ts - Julian Pileggi
The Great Hotel Hack: Adventures in Attacking the Hospitality Industry - Etizaz Mohsin
Sponsor Track
A Brave New World – Attacks in the Age of COVID - Aamir Lakhani
A Decade After Stuxnet’s Printer Vulnerability: Printing Is Still the Stairway to Heaven - Tomer Bar, Peleg Hadar
A Hackers Dream: Unmanaged Privileges - Christopher Hills
A New Security Reality: Data IS the Perimeter - Gina Scinta
A Savvy Approach to Leveraging MITRE ATT&CK - Travis Smith
AD Security vs Modern Attacks - Bryan Patton
Building a Threat Intelligence Team From Scratch on a Budget - Lilly Chalupowski
Cloud First It for Dynamic Work - Sami Laine
Could Your Business Survive a Ransomware Attack? - Dinah Davis, Jonathan Walsh
CryCryptor, the Fake COVID-19 Tracing App That Targeted Canadians - Alexis Dorais-Joncas
Cyber Threat Intelligence and Today’s Complicated Cyber Security Environments - Chris Davis
Dissecting Pandemic-Themed Malware and Threat Tactics - Shyam Sundar Ramaswami
Don’t Be Afraid to Upgrade: Lessons of Speed and Security From High Performance Open Source Development - Bryan Whyte
Evolving Your Security Culture - Rodney Buike
From Security Operations to COVID-19: Security AI State of the Nation, 2020 - Stephan Jou
How an XDR Approach Helps Speed Response & Improve MITRE ATT&CK Coverage - Peter Cresswell
How to Automate Security Validation and Reduce Enterprise Security Risk - Aviv Cohen
How to Talk to the Board About Cybersecurity - Jeff Costlow
Identifying and Defending the Perimeter With Attack Surface Management - Geoffrey Roote
Intelligent Network Security: A Paradigm Shift in Cybersecurity! - Victor Tavares
Knowing Is Half the battle: Shared Responsibility and Secure Configuration in the Cloud - David Lu
Level Up Your SOC: Meet CyBot, Our Open Source Threat Intel Chat Bot - Tony Lee
Measuring Risk in 2020 – The Enterprise of Things Security Report - Shane Coleman
Mitigate Organizational Risk With Integrated Cyber Resilience - Thom Bailey
Priority Intelligence Requirements (PIR) Are Not Just for Threat Intel Analysts - Jody Caldwell
SASE Success Behind-The-Scenes - Nicolas (Nico) Fischbach
Security Transformed - Avi Rembaum
SOC Automation: Faster Decision Making and Response - Andy Skrei
Sophistication Advancements in Ransomware - Josh Burgess
The Hunt is On! - Matthew Balcer
The Impact of Digital Transformation in the Face of Today’s Threats - Nathan Smolenski
The Need for Speed: Collaborative Strategies for Accelerating Security Outcomes - Justin Pagano
Threat Hunting Intelligently - Ryan Cobb
Trends in IOT/OT/mIOT - Sean Tufts
Understanding the Threat Landscape - Gary Sockrider
Using Automation to Secure Your Remote Workforce - Karl Klaessig
Using Threat Metrics for Better Information Security Program Efficacy – Leveraging MITRE ATT&CK - Brian Brown
Zero Trust Security Starts With Identity - Baber Amin
Achieving PyRDP 1.0 – The Remote Desktop Pwnage MITM and Library - Alexandre Beaulieu, Olivier Bilodeau
Automating Intuition: Digging for Gold in Network Data with Machine Learning - Serge-Olivier Paquette
BHPD: BlueHound Path Destroyer - Mathieu Saulnier
Detecting AWS Control Plane Abuse in an Actionable Way Using Det{R}ails - Felipe Espósito, Rodrigo Montoro
PE Tree: How Covid19 Spurred a New Malware Reverse Engineering Tool - Tom Bonner
Recon – The Road Less Traveled - Rohan Aggarwal
What’s in Your Pipeline? Ups and Downs of Container Image Scanners - Shay Berkovich