2019 SESSIONS At A Glance

SecTor Management and the Advisory Committee look forward to once again bringing the world’s best speakers in the field of IT Security to Toronto.

Some of your feedback requested a simple list of sessions where you could scan what’s happening at a glance, like the format in years past. Below you will find just that.

Please visit the schedule page for a complete breakdown of when each session will occur, along with a more comprehensive filtering feature.

Full Conference Pass Expo Conference Pass

Infosec Halloween 2021: Unmasking the Scary Characters - Wendy Nather
The Evolution of Hacking - Jeff Moss
Behavioral Biometrics – Attack of the Humanoid - Justin Macorin, Iain Paterson
BioHackers: The Invisible Threat - Len Noe
Breaking the Laws of Robotics: Attacking Automated Manufacturing Systems - Stefano Zanero
Common NGINX Misconfigurations That Leave Your Web Server Open to Attack - Spencer Pearlman
Detecting Illicit Drone Filming - Ben Nassi
Explore Adventures in the Underland: Forensic Techniques Against Hackers - Paula Januszkiewicz
FAIL – Notorious* Number 9 - James Arlen
Full Circle Detection: From Hunting to Actionable Detection - Mathieu Saulnier
Ghost Misdetection Attacks Against Tesla Model X & Mobileye 630 PRO - Ben Nassi
Hacking & Securing Clinical Technology - Jeremy Richards
hAFL1: Our Journey of Fuzzing Hyper-V and Discovering a 0-Day - Peleg Hadar, Ophir Harpaz
How We Automated Ourselves Out of On-Call Burnout … and You Can Too! - Prima Virani
JavaScript Obfuscation – It’s All About the Packers - Or Katz
Large-Scale Security Analysis of IoT Firmware - Daniel Nussko
Many Stunts, One Design: A Crash Course in Dissecting Native IIS Malware - Zuzana Hromcová
MFA-ing the Un-MFA-ble: Protecting Auth Systems’ Core Secrets - Tal Be’ery, Matan Hamilis
Secure and Scalable Development with Microsoft 365 and Azure AD - Peter Carson
Siamese Neural Networks for Detecting Brand Impersonation - Yuchao Dai, Nitin Kumar Goel, Justin Grana, Jugal Parikh
The Call Is Coming from Inside the House-The Truth About Linux and Cloud Security - Ell Marquez
The Story of Ghost One - Tim Dafoe, Patrick von Sychowski
Towards Developing the Human Risk Assessment Platform - Maria Bada
Building Security Champions - Tanya Janca
Epic journey of an enterprise cloud transformation - Helen Oakley
Harder, Better, Faster, Stronger – Privacy Laws and the Anatomy of a Breach Response - Stanislav Bodrov
Maturing your toolkit with mental models - Fernando Montenegro
Redefining Threat Modeling: Security Team Goes on Vacation - Jeevan Singh
The Cross-Disciplinary Challenges of Data Governance Policies - Alexander Rasin
The Quantum Threat: Where Are We Today? - Michele Mosca
SECurity FUNdamentals
Adventures in Underland: What Your System Stores on the Disk Without Telling You - Paula Januszkiewicz
An Anatomy of a DevOps Tool Chain Attack - Alex Dow
Attacker Techniques: Data Exfiltration - Julian Pileggi
Bot Shops and Info Stealers – Exploring the Dark Web’s Newest Frontier - Bryan Oliver
Broken Brokers in Boxes: Fuzzing Breaks Everything, Even Erlang - Jonathan Knudsen
Cloudy with a Chance of APT: Novel Microsoft 365 Attacks in the Wild - Doug Bienstock, Josh Madeley
Software Composition Analysis 101: Knowing What’s Inside Your Apps - Magno Logan
Sponsor Track
3 Essentials for Automating Security Across Hybrid Cloud - Sattwik Gavli
A Technical Deep Dive Into: Supply Chain Based Triple Extortion Ransomware with DDoS and Scrambled Voice Phone Blackmail and A Review of Successful Prevention Tactics and Strategies - Pete Nicoletti
A Unified Approach to Discover, Protect and Control Your Sensitive Data - Stephen Kingston
Adopting a Zero Trust Approach to Cybersecurity - Marc Kneppers
An Introduction to Risk-Based Vulnerability Management - Jerry Gamblin
Best practices for Open-Source Management - Pete Chestna
Best Practices: PAM Security & Data Privacy - Christopher Hills
Breaking Down Silos Between Security and Infrastructure - Chad Reaney
Building a Response Strategy to Advanced Threats - Jeff Costlow
Building an Active Defence Program – Why a Traditional SOC Alerting Service Isn’t Good Enough - Bill Dunnion
Coverage: How to Get Results from Threat Detection and Response Solutions - Augusto Barros
Data-First SASE Using Behavior Intelligence and Risk Analytics - Benoît H. Dicaire
Deconstructing a Ransomware Attack: A Case Study in Privileged Account Misuse - Daniel Conrad, Bryan Patton
Defending Against Ransomware – Building a Future-Proof Architecture - Brian Brown
Detection at Scale – Realize Cyber Resilience Using Intelligence-Driven XDR - Mark Alba
Exposing Ransomware-As-a-Service and Where It’s Going Next - Jamison Utter
Faster and Smarter Response to Cyber Threats in a Hybrid Cloud Environment - Dan Jezerinac
For the Greater Good: Challenging the Vulnerability Disclosure Status-Quo - Laurent Desaulniers, Olivier Bilodeau
Get it Right, Get It Savvy – Remote Workforce Enablement - Diana John
Getting Started With SASE: Connect, Control and Converge with Confidence - Najib Hatahet
Global Privacy: Keeping Up and Staying Ahead - Liam McLaughlin
Hindsight Security: Things Breach Victims Wish They Had Done - Matthew Hickey
How to Maximize ROI with Frictionless Zero Trust - Stephane Asselin
Intelligence-Driven SOAR - Chris Adams
Is Your Defensive Stack Ready for a Targeted Attack? - Nelson Santos
Opening XDR to More Insight - Peter Cresswell
Poking Around at Scale: One Year of Scanning the Internet - Marc-Etienne Léveillé
Reducing Ransomware at Scale: Exploring the Ransomware Task Force’s Recommendations - Jen Ellis
Responsible and Ethical AI for Cyber: Why It’s Important, Why It’s Hard, How to Do It - Stephan Jou
Security for Mortals: Think like a Hacker and Protect Your Assets - Laura Payne, Raheel Qureshi
Security Operations and the End of Cyber Risk - Matthew Trushinski
SOARing to New Heights with TheHive and Cortex - Geoffrey Roote
Tackling Developer Security Training - Rey Bango
The Prestige - Aamir Lakhani
Transforming Cloud Security with SASE - Jay Reddy
Triple Extortion Attacks on the Rise from Ransomware Gangs - Gary Sockrider
Walking the Cybersecurity Data Tightrope - Travis Smith
What Elon Musk and SpaceX Can Teach Us About Ransomware and Cybersecurity - Morgan Wright
Where is Cybercrime Really Coming From? - Luis Carvajal Kim
Why an Integrated Approach to Cybersecurity Is No Longer a Choice - Andrew Williams
Why the Future of DevOps Needs Hackers - Will Kapcio
XDR and SIEM on a Collision Course: What Remains When the Dust Settles? - Corey Still
Automating Threat Detection and Response with Azure Sentinel - Kurtis Armour, Matthew Blacklock
Introducing a New Construct for Advanced Interactive Volatile Memory Analysis - Solomon Sonya
Knocking on Clouds Door: Threat Hunting in Azure AD with Azula - Mangatas Tondang
Moving Upstream, Securing the GitOps Workflow - Yoni Leitersdorf
Sandboxing in Linux with Zero Lines of Code - Ignat Korchagin
Speeding Up AWS IAM Least Privileges with CloudSplaining & Elastic Stack - Rodrigo Montoro
Zero-Code Data Validation - Bernardo Sanchez