2018 SESSIONS At A Glance

SecTor Management and the Advisory Committee look forward to once again bringing the world’s best speakers in the field of IT Security to Toronto.

Some of your feedback requested a simple list of sessions where you could scan what’s happening at a glance, like the format in years past. Below you will find just that.

Please visit the schedule page for a complete breakdown of when each session will occur, along with a more comprehensive filtering feature.

Please note Expo Attendees are limited to the Sponsor, Tools and Career tracks. Find out more at our Expo Page.

Full Conference Pass Expo Conference Pass

A Hacker’s Perspective on Your Infrastructure and How to Keep Them Out of Your Life - Paula Januszkiewicz
Tech for Good, Maybe - Tracy Ann Kosa
A DECEPTICON and AUTOBOT Walk into a Bar: Python for Enhanced OPSEC - Joe Gray
Common Flaws in Public and Private ICS Network Protocols - Mars Cheng, Selmon Yang
Defending Containers Like a Ninja: A Walk through the Advanced Security Features of Docker & Kubernetes - Sheila Berta
Demystifying Modern Windows Rootkits - Bill Demirkapi
Detecting Access Token Manipulation - William Burgess
Detection Mastery – War Stories from the Hunters Side! - Ilya Kolmanovich, Felix Kurmish
Escaping Virtualized Containers - Yuval Avrahami
Getting Rid of Passwords with FIDO2 and W3C WebAuthn - Michael Grafnetter
Heroku Abuse Operations: Hunting Wolves in Sheep’s Clothing - Allan Stojanovic, Spencer Cureton
How to Store Sensitive Information in 2020 - Mansi Sheth
Lamphone: Real-Time Passive Reconstruction of Speech Using Light Emitted from Lamps - Ben Nassi
Lateral Movement and Privilege Escalation in GCP; Compromise any Organization without Dropping an Implant - Dylan Ayrey, Allison Donovan
My Cloud is APT’s Cloud: Investigating and Defending Office 365 - Doug Bienstock, Josh Madeley
One Malicious Message to Rule Them All - Omer Tsarfati
Policy Implications of Faulty Cyber Risk Models and How to Fix Them - Wade Baker, David Severski
Practical Defenses Against Adversarial Machine Learning - Ariel Herbert-Voss
Security Metrics That Matter - Tanya Janca
Submarines in Pirate Waters: Cloud Attack Strategies - Moses Frost
The fast and the FAIL 8 - James Arlen, Dave Lewis, Nick Johnston, Laura Payne
The Paramedic’s Guide to Surviving Cybersecurity - Rich Mogull
Are You Doing It Wrong? Highlights into Cybersecurity Quandaries - Masarah Paquet-Clouston, Laurent Desaulniers
Can’t Stop This Train – Top Cases in Privacy Litigation - Stanislav Bodrov
Crown Jewels Lifecycle Management - Akshat Saxena
DevSecOps: The Right Solution to The Wrong Problem - Mark Nunnikhoven
I Promise It’s Not a Computer: Power Grids, Online Voting, and the Lies We Tell - Mark Dillon
Only After Disaster Can We Be Resurrected: Field Lessons in Cyber Incidents - Mark Sangster
Solving Security’s People Problem by Expanding the Talent Pool - Ning Wang
SECurity FUNdamentals
Active Directory Database Security - Michael Grafnetter
An Introduction to Automotive Security in 2020 - Eric Evenchick
Compliant Yet Vulnerable: Critical Risks of Measuring Instruments in Production Line - Philippe Lin, Shin Li
Drinking Coffee, Unicorns & Demystifying Zero Trust - Dave Lewis
PKI Well Revised: Common Mistakes Which Lead to Huge Compromise of Identity - Mike Jankowski-Lorek, Paula Januszkiewicz
Ransomware Attacks: Do’s & Don’ts - Julian Pileggi
The Great Hotel Hack: Adventures in Attacking the Hospitality Industry - Etizaz Mohsin
Sponsor Track
A Brave New World – Attacks in the Age of COVID - Aamir Lakhani
A Decade After Stuxnet’s Printer Vulnerability: Printing Is Still the Stairway to Heaven - Tomer Bar, Peleg Hadar
A Hackers Dream: Unmanaged Privileges - Christopher Hills
A New Security Reality: Data IS the Perimeter - Gina Scinta
A Savvy Approach to Leveraging MITRE ATT&CK - Travis Smith
AD Security vs Modern Attacks - Bryan Patton
Building a Threat Intelligence Team From Scratch on a Budget - Lilly Chalupowski
Cloud First It for Dynamic Work - Sami Laine
Could Your Business Survive a Ransomware Attack? - Dinah Davis, Jonathan Walsh
CryCryptor, the Fake COVID-19 Tracing App That Targeted Canadians - Alexis Dorais-Joncas
Cyber Threat Intelligence and Today’s Complicated Cyber Security Environments - Chris Davis
Dissecting Pandemic-Themed Malware and Threat Tactics - Shyam Sundar Ramaswami
Don’t Be Afraid to Upgrade: Lessons of Speed and Security From High Performance Open Source Development - Bryan Whyte
Evolving Your Security Culture - Rodney Buike
From Security Operations to COVID-19: Security AI State of the Nation, 2020 - Stephan Jou
How an XDR Approach Helps Speed Response & Improve MITRE ATT&CK Coverage - Peter Cresswell
How to Automate Security Validation and Reduce Enterprise Security Risk - Aviv Cohen
How to Talk to the Board About Cybersecurity - Jeff Costlow
Identifying and Defending the Perimeter With Attack Surface Management - Geoffrey Roote
Intelligent Network Security: A Paradigm Shift in Cybersecurity! - Victor Tavares
Knowing Is Half the battle: Shared Responsibility and Secure Configuration in the Cloud - David Lu
Level Up Your SOC: Meet CyBot, Our Open Source Threat Intel Chat Bot - Tony Lee
Measuring Risk in 2020 – The Enterprise of Things Security Report - Shane Coleman
Mitigate Organizational Risk With Integrated Cyber Resilience - Thom Bailey
Priority Intelligence Requirements (PIR) Are Not Just for Threat Intel Analysts - Jody Caldwell
SASE Success Behind-The-Scenes - Nicolas (Nico) Fischbach
Security Transformed - Avi Rembaum
SOC Automation: Faster Decision Making and Response - Andy Skrei
Sophistication Advancements in Ransomware - Josh Burgess
The Hunt is On! - Matthew Balcer
The Impact of Digital Transformation in the Face of Today’s Threats - Nathan Smolenski
The Need for Speed: Collaborative Strategies for Accelerating Security Outcomes - Justin Pagano
Threat Hunting Intelligently - Ryan Cobb
Trends in IOT/OT/mIOT - Sean Tufts
Understanding the Threat Landscape - Gary Sockrider
Using Automation to Secure Your Remote Workforce - Karl Klaessig
Using Threat Metrics for Better Information Security Program Efficacy – Leveraging MITRE ATT&CK - Brian Brown
Zero Trust Security Starts With Identity - Baber Amin
Achieving PyRDP 1.0 – The Remote Desktop Pwnage MITM and Library - Alexandre Beaulieu, Olivier Bilodeau
Automating Intuition: Digging for Gold in Network Data with Machine Learning - Serge-Olivier Paquette
BHPD: BlueHound Path Destroyer - Mathieu Saulnier
Detecting AWS Control Plane Abuse in an Actionable Way Using Det{R}ails - Felipe Espósito, Rodrigo Montoro
PE Tree: How Covid19 Spurred a New Malware Reverse Engineering Tool - Tom Bonner
Recon – The Road Less Traveled - Rohan Aggarwal
What’s in Your Pipeline? Ups and Downs of Container Image Scanners - Shay Berkovich