2018 SESSIONS At A Glance

SecTor Management and the Advisory Committee look forward to once again bringing the world’s best speakers in the field of IT Security to Toronto.

Some of your feedback requested a simple list of sessions where you could scan what’s happening at a glance, like the format in years past. Below you will find just that.

Please visit the schedule page for a complete breakdown of when each session will occur, along with a more comprehensive filtering feature.

Please note Expo Attendees are limited to the Sponsor, Tools and Career tracks. Find out more at our Expo Page.

Legend:
Full Conference Pass Expo Conference Pass

Keynote
Planning for Sunny Days - James Arlen
The Future of Cryptography - Dr. Whitfield Diffie
Tech
10th Anniversary FAILtacular! - James Arlen
A Diamond is an Analyst’s Best Friend: The Diamond Model for Influence Operations Analysis - Charity Wright
A Hermit Out of Its Shell - Christoph Hebeisen, Paul Shunk
Adventures in the Underland: Uncommon Hacker’s Persistency Methods and Countermeasures - Paula Januszkiewicz
Anti-Abuse Operations and the Abuse Bestiary - Allan Stojanovic
Defrauding Merchants like it’s Y2K - Craig Barretto, Yuk Fai Chan
Food Production is Critical Infrastructure - Seth Hardy
GitHub Actions: Vulnerabilities, Attacks, and Counter-measures - Magno Logan
New Memory Forensics Techniques to Defeat Device Monitoring Malware - Andrew Case
New Minimum Cybersecurity Requirements for Cyber Insurance - Danny Pehar
Purple RDP: Red and Blue Tradecraft Around Remote Desktop Protocol - Olivier Bilodeau
The COW (Container On Windows) Who Escaped the Silo - Eran Segal
The Development of a Completely Unsupervised Machine Learning Pipeline for Security Analytics – from Ingestion to Analytics - Jeff Schwartzentruber
The Evolution of Ransomware - Fernando Montenegro
Tokenizing the Dark Web: Applying NLP in the Context of Cyber Threat Intelligence - Olivier Michaud, Francois Masson
Under the Hood of Wslink’s Multilayered Virtual Machine - Vladislav Hrčka
Understanding, Abusing and Monitoring AWS AppStream 2.0 - Rodrigo Montoro
What is Linux Kernel Keystore and Why You Should Use It in Your Next Application - Ignat Korchagin
Zhadnost – Finding and Tracking a GRU-controlled Botnet - Ryan Slaney
Management
“What do you Mean Moose Meat?” Advancing Resilience Through Preparing for the Unexpected. - Kevin Sandschafer
A Transformation Blueprint for Developer-First Security - Larry Maccherone
FAIR STRIDE – Building Business Relevant Threat Models for AppSec - Arthur Loris
Innovation and Evolution – How Medical Device and IoT Profiles Have Evolved – But So is Your Attack Surface - Mohammad Waqas
OPSEC is Not a Buzzword - Tim Dafoe
The Vastaamo Data Breach - Antti Kurittu
Vulnerability Management: Try Fixing Less to Reduce More Risk - Mitch Dollin
SECurity FUNdamentals
Advanced Bot Landscape - Yohann Sillam
AI in a Minefield: Learning from Poisoned Data - Johnathan Azaria
Azure AD and Microsoft 365 Security Fundamentals - Peter Carson
Build More Secure Apps by Harnessing the Power of OWASP SKF & ASVS on Kubernetes - Farshad Abasi-Jahromi, Kurt Hundeck
De-Escalate the Overly-Permissive Cloud IAMs - Jay Chen
Evasive Manoeuvres: Analysing the Past to Predict the Future of Malware Evasion Techniques - Stefano Zanero
Security Architecture Review for Cloud-based Applications – Where to Start and How to Shift Left? - Bernardo Wernesback
Trust or Dare: Supply Chain Risks in Aviation - Manon Gaudet
Sponsor Track
A Data Product Approach to Reducing Security Debt - Carson Pickens
BlackBerry XDR: Even the Odds - Anthony Toric
Calculating Risk in the Era of Obscurity: Reading Between the Lines of Security Advisories - Dustin Childs
Correctly Configure All the Clouds - Steve Riley
Cybersecurity Insurance: Where to Start & How to Qualify - Christopher Hills
Decision Making in Uncertain Times: Key teachings from Executive Exchanges - Rafi Wanounou
Defending Ukraine: Early Lessons from the Cyber War - John Hewie
Effective Response in the Face of Zero Day Threats and Vulnerabilities - Karl Klaessig
From the Field – Stories of Successfully Detecting Cyber Attacks - Stephan Jou, Paul Reid
How 2FA is Circumvented - Ahmad Alsabagh
How AI Can Think Like an Attacker - David Masson
How Safe is Your Cloud? Deciphering Cloud Threats and Security Models - James Spiteri
Impact of the Russia – Ukraine Conflict on Your Cybersecurity - David Poellhuber
Indicators Everywhere! How SOCs Can Maintain Efficiency Against Any Attack - Andrew Mundell
Into the Abyss: Cybersecurity Tool Selection, Rationalization, and Decommissioning - Jeff Schmidt
Is Your Defensive Stack Ready for a Targeted Attack? - Stephen Tutterow
Leave No Stone Unturned: The Elements of Security Visibility - Christopher Fielder
Master of Audits – Vulnerability and Risk Management in 2022 - Ajay Sood
Mobile Security – The Hackers Next Frontier - Robert Falzon
Navigating Enterprise Security in a Post-Compromise Reality - Kanen Clement
Neither Pointless nor Boring: Pop it and Lock it Down with CIS Controls - Matt Jerzewski
Preparing SRM Leaders to Communicate the Relationship Between the Cyber Risks and Physical and Human Systems - David Ortega
Protecting Your Critical Data and Enhancing Cyber Recovery - Jessica Hetrick
Ransomware IR Playbook to Remember & an Art of Building Resilience - Raheel Qureshi
Report: Protecting Customer Identity and Access Management (CIAM) Services Against Online Threats - Matt Duench
Researching Risk: The Qualys Approach to Identifying and Reducing Risk - Travis Smith
Scaling Security Operations: The Answer To The Challenge of Threat Inflation - Augusto Barros
Securing Your Operational Technologies - Gaétan Houle
Seize the Breach: Protect Your Organization With Behavior-based Security Intelligence - Steven Flowers
Smarter XDR Demands Email Security - Neil Clauson, Andrew Williams
Software Supply Chain Security: Knowing What You Don’t Know - Mallory Woods
State of Cloud Security in Canada: How Does Your Organization Measure Up? - Dave Senf
The (Hard) Key to Stop Phishing: How Cloudflare Stopped a Targeted Attack and You Can Too - John Engates
The Agent of Influence - Charity Wright
The Compelling Case for Zero Trust: Bridge the Gap Between Cybersecurity and Business - Ram Vaidyanathan
The Unsung Hero of Cybersecurity: Taking Your Vulnerability Management Program (VMP) from Good to Great - Kim Schreader
ThreatConnect & The Decisive Group Q&A - Lara Meadows, Devin Somppi
Time to Re-evaluate Your Security Layers - Elie Nasrallah
Top 10 Cyber Security Actions for Canada - Victor De Luca
Two Years of Accelerated Cybersecurity and the Demands Being Placed on Cyber Defenders - Tony Anscombe
What Log4Shell Taught Us About the Software Supply Chain, that Other Vulns Didn’t - Jobert Abma
Why Do We Accept Gaps in Our Data Protection Practices? - Terry Ray
Will Your Backups Help You Recover from Ransomware? - Nyron Samaroo
Tools
Deep Dive into SBOMs and Microsoft’s SBOM Tool - Adrian Diglio
DIY Tooling for Incident Responders - Peter Morin
Extend Falco with Plugins, Detect and React to Security Incidents from Any Stream of Events - Michele Zuccala
Java Crypto: Don’t Just Get it Working, Use it Securely - Mansi Sheth
Leverage AI in Threat Management - Ida Siahaan
The Power of the Pico: Replacing Expensive Toys with the Raspberry Pi Pico - Tyler Reguly
The State of Packet Capture in a Hybrid Infrastructure: The More You Know - Chris Boucek