2017 SESSIONS At A Glance

SecTor Management and the Advisory Committee look forward to once again bringing the world’s best speakers in the field of IT Security to Toronto.

Some of your feedback requested a simple list of sessions where you could scan what’s happening at a glance, like the format in years past.  Below you will find just that.

Please visit the schedule page for a complete breakdown of when each session will occur, along with a more comprehensive filtering feature. The schedule is also available in timetable format.

The Expo Hall is open to attendees between the hours 8am to 5pm Tuesday, November 14, and 8am to 4pm Wednesday, November 15. Please note Expo Only Attendees are limited to the Sponsor, Tools and Career tracks. Find out more at our new Expo Page.

Full Conference Pass Expo Conference Pass

Fighting Cyber(in)security - David Shrier
Prosperity and Security: A Renewed Approach to Cyber Security for Canada - Colleen Merchant
Security and Privacy in a Hyper-connected World - Bruce Schneier
Winning Defense - Allison Miller
“BlueBorne” Explained – New Attack Vector Exposing 5B+ Devices - Nadir Izrael
A Deep Dive into the Digital Weapons of Mysterious Cyber Army - Chi-en Shen (Ashley)
Attacking Modern SaaS Companies - Sean Cassidy
Botract – Abusing smart contracts and blockchain for botnet command and control - Majid Malaika
Breaking the Laws of Robotics: Attacking Industrial Robots - Stefano Zanero
Disrupting the Mirai Botnet - Chuck McAuley
FAIL Panel Version 5 – EquiFAIL! - James Arlen, Dave Lewis, Ben Sapiro, Rich Mogull
Gitting Betrayed: How agile practices can make you vulnerable - Clint Gibler, Noah Beddome
Improving Incident Response for ICS - Dean Parsons
Incident Response and Forensics in AWS - Jonathon Poling
Lies and Damn Lies: Getting Past the Hype Of Endpoint Security Solutions - Lidia Giuliano
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need to Adapt) - Chris Thompson
Pwning a Smart Home in Under 10 Minutes - Aditya Gupta
Reverse Engineering Automotive Diagnostics - Eric Evenchick
Rootkits vs Ransomware 2.0. Using evil to fight for good - Boris Rudakov
Securing Shopify’s PaaS on GKE - Jonathan Pulsifer
The Black Art of Wireless Post-Exploitation - Gabriel Ryan
The Cyberwar Playbook: Financial Services as Critical Infrastructure - Jennifer Fernick, Louise Dandonneau
The quantum threat: what really matters today? - Michele Mosca, Vlad Gheorghiu
Threat Hunting an Evolving Malware Campaign and the Actors Behind It - Jeremy Richards
When Two-Factor Authentication is a Foe: Breaking the iCloud Keychain - Vladimir Katalov
Best Practices to Secure Application Containers and Microservices - Anil Karmel
Does a BEAR Leak in the Woods? What the DNC breach, Guccifer and Russian APT’s have taught us about attribution analysis - Toni Gidwani
Establishing the CSIRT Team for The Rio 2016 Olympic Games - Rômulo Rocha
GDPR for Canadian Organisations – What you need to know! - Bruce Cowper
Leveraging Best Practices to Determine Your Cyber Insurance Needs - Dave Millier, Matthew Davies
Power Up/Level Up: Supercharging Your Security Program for Cloud and DevOps - Rich Mogull
Your Chance to Get It Right: 5 Keys to Building AppSec Into DevOps - Chris Wysopal
SECurity FUNdamentals
After the Incident: DIY Forensic Collection - Eugene Filipowicz
Barbarians At The Gate(way): An Examination Of The Attacker’s Tool Box - Dave Lewis
Breach Happens: Effectively Responding to a Data Breach - Iain Paterson
Building Your Own Open-source Android Penetration Testing Platform - Amadeus Konopko, Jean-Paul Mitri
Common Attacks Against Active Directory and How to Protect your Organization Against Them - Kevin McBride
Frugal Web Application Testing – Can in-house penetration testing achieve industry standard results while saving you money? - Harshal Chandorkar, Natalia Wadden
Top SIEM Use Cases You Should Implement Today - Julian Pileggi
Sponsor Track
Boosting Canada’s Cyber Immune System for Internet Health - Matt Broda
Building a Secure Foundation for the Internet of Things (IoT) - John Grimm
Building Your Own Automated Malware Analysis Lab for Insights on Active Threats. - Kurtis Armour
Cloud Security is Application Security – Securing the Cloud as a Team - John Turner
Cyber Crime and Financial Crime: different sides of the same coin - Tyson Macaulay
Decoding Cyberespionage from Insider Mistakes - Ken Bell
How to Ramp Up Security Operations to Stop Advanced Threats - David Millar
Hunting Ransomware: Automate protection to get ahead of the next global outbreak - Sean Earhard
Insider Threat Analytics & Anomalous Behaviors - Carl Miller
Moving Up the Security Maturity Curve – The Sisyphean Task - Jamie Hari
Prioritizing Vulnerability Remediation From an Attacker’s Perspective - Bharat Jogi
Privileged Access Security for Hybrid Cloud: Secure Amazon, Azure and Google Environments - Wade Tongen
Security Automation and Orchestration That Won’t Get You Fired - Syra Arif
Security consideration for Microservices using Container Technology - Ralph Janke
Skin​ ​in​ ​the​ ​Game:​ ​How​ ​Security​ ​Teams​ ​are​ ​Scaling​ ​Through​ ​IT​ ​Orchestration - Jen​ ​Andre
Take Best Practices to the Next Level - Ken Muir
The Future of Privacy - David Fewer
The Power Of Integration - Brian Read
The Spy in Your Pocket - Bobby Buggs
The State of the Phish and Response - Mike Saurbaugh
Threat hunting demystified – Strengthening risk management through proactive investigation and response - Michael Otto
Developing Your Career in IT Security (2017) - Dave Millier, Eric Belzile, Laura Payne, Nik Alleyne, Tim Wyatt
Chkrootkit: Eating APTs at Breakfast Since 1997 - Nelson Murilo
Extending BloodHound for Red Teamers - Tom Porter
Metasploit Community: Tips, Tricks and What’s New - Jeffrey Martin
NOAH: Uncover the Evil Within! Respond Immediately by Collecting All the Artifacts Agentlessly - Pierre-Alexandre Braeken
Security Training in a (Virtual) Box - Marcelle Lee, Joe Gray
TLS Tools for Blue Teams - Lee Brotherston
Weapons of a Pentester - Nick Aleks