2021 Sessions | SecTor 2021

2021 SESSIONS At A Glance

SecTor Management and the Advisory Committee look forward to once again bringing the world’s best speakers in the field of IT Security to Toronto.

Some of your feedback requested a simple list of sessions where you could scan what’s happening at a glance, like the format in years past. Below you will find just that.

Please visit the schedule page for a complete breakdown of when each session will occur, along with a more comprehensive filtering feature.

Legend:

Full Conference Pass

Expo Conference Pass

Keynote

Infosec Halloween 2021: Unmasking the Scary Characters - Wendy Nather

The Evolution of Hacking - Jeff Moss

Tech

Behavioral Biometrics – Attack of the Humanoid - Justin Macorin, Iain Paterson

BioHackers: The Invisible Threat - Len Noe

Breaking the Laws of Robotics: Attacking Automated Manufacturing Systems - Stefano Zanero

Common NGINX Misconfigurations That Leave Your Web Server Open to Attack - Spencer Pearlman

Detecting Illicit Drone Filming - Ben Nassi

Explore Adventures in the Underland: Forensic Techniques Against Hackers - Paula Januszkiewicz

FAIL – Notorious* Number 9 - James Arlen

Full Circle Detection: From Hunting to Actionable Detection - Mathieu Saulnier

Ghost Misdetection Attacks Against Tesla Model X & Mobileye 630 PRO - Ben Nassi

Hacking & Securing Clinical Technology - Jeremy Richards

hAFL1: Our Journey of Fuzzing Hyper-V and Discovering a 0-Day - Peleg Hadar, Ophir Harpaz

How We Automated Ourselves Out of On-Call Burnout … and You Can Too! - Prima Virani

JavaScript Obfuscation – It’s All About the Packers - Or Katz

Large-Scale Security Analysis of IoT Firmware - Daniel Nussko

Many Stunts, One Design: A Crash Course in Dissecting Native IIS Malware - Zuzana Hromcová

MFA-ing the Un-MFA-ble: Protecting Auth Systems’ Core Secrets - Tal Be’ery, Matan Hamilis

Secure and Scalable Development with Microsoft 365 and Azure AD - Peter Carson

Siamese Neural Networks for Detecting Brand Impersonation - Yuchao Dai, Nitin Kumar Goel, Justin Grana, Jugal Parikh

The Call Is Coming from Inside the House-The Truth About Linux and Cloud Security - Ell Marquez

The Story of Ghost One - Tim Dafoe, Patrick von Sychowski

Towards Developing the Human Risk Assessment Platform - Maria Bada

Management

Building Security Champions - Tanya Janca

Epic journey of an enterprise cloud transformation - Helen Oakley

Harder, Better, Faster, Stronger – Privacy Laws and the Anatomy of a Breach Response - Stanislav Bodrov

Maturing your toolkit with mental models - Fernando Montenegro

Redefining Threat Modeling: Security Team Goes on Vacation - Jeevan Singh

The Cross-Disciplinary Challenges of Data Governance Policies - Alexander Rasin

The Quantum Threat: Where Are We Today? - Michele Mosca

SECurity FUNdamentals

Adventures in Underland: What Your System Stores on the Disk Without Telling You - Paula Januszkiewicz

An Anatomy of a DevOps Tool Chain Attack - Alex Dow

Attacker Techniques: Data Exfiltration - Julian Pileggi

Bot Shops and Info Stealers – Exploring the Dark Web’s Newest Frontier - Bryan Oliver

Broken Brokers in Boxes: Fuzzing Breaks Everything, Even Erlang - Jonathan Knudsen

Cloudy with a Chance of APT: Novel Microsoft 365 Attacks in the Wild - Doug Bienstock, Josh Madeley

Software Composition Analysis 101: Knowing What’s Inside Your Apps - Magno Logan

Sponsor Track

3 Essentials for Automating Security Across Hybrid Cloud - Sattwik Gavli

A Technical Deep Dive Into: Supply Chain Based Triple Extortion Ransomware with DDoS and Scrambled Voice Phone Blackmail and A Review of Successful Prevention Tactics and Strategies - Pete Nicoletti

A Unified Approach to Discover, Protect and Control Your Sensitive Data - Stephen Kingston

Adopting a Zero Trust Approach to Cybersecurity - Marc Kneppers

An Introduction to Risk-Based Vulnerability Management - Jerry Gamblin

Best practices for Open-Source Management - Pete Chestna

Best Practices: PAM Security & Data Privacy - Christopher Hills

Breaking Down Silos Between Security and Infrastructure - Chad Reaney

Building a Response Strategy to Advanced Threats - Jeff Costlow

Building an Active Defence Program – Why a Traditional SOC Alerting Service Isn’t Good Enough - Bill Dunnion

Coverage: How to Get Results from Threat Detection and Response Solutions - Augusto Barros

Data-First SASE Using Behavior Intelligence and Risk Analytics - Benoît H. Dicaire

Deconstructing a Ransomware Attack: A Case Study in Privileged Account Misuse - Daniel Conrad, Bryan Patton

Defending Against Ransomware – Building a Future-Proof Architecture - Brian Brown

Detection at Scale – Realize Cyber Resilience Using Intelligence-Driven XDR - Mark Alba

Exposing Ransomware-As-a-Service and Where It’s Going Next - Jamison Utter

Faster and Smarter Response to Cyber Threats in a Hybrid Cloud Environment - Dan Jezerinac

For the Greater Good: Challenging the Vulnerability Disclosure Status-Quo - Laurent Desaulniers, Olivier Bilodeau

Get it Right, Get It Savvy – Remote Workforce Enablement - Diana John

Getting Started With SASE: Connect, Control and Converge with Confidence - Najib Hatahet

Global Privacy: Keeping Up and Staying Ahead - Liam McLaughlin

Hindsight Security: Things Breach Victims Wish They Had Done - Matthew Hickey

How to Maximize ROI with Frictionless Zero Trust - Stephane Asselin

Intelligence-Driven SOAR - Chris Adams

Is Your Defensive Stack Ready for a Targeted Attack? - Nelson Santos

Opening XDR to More Insight - Peter Cresswell

Poking Around at Scale: One Year of Scanning the Internet - Marc-Etienne Léveillé

Reducing Ransomware at Scale: Exploring the Ransomware Task Force’s Recommendations - Jen Ellis

Responsible and Ethical AI for Cyber: Why It’s Important, Why It’s Hard, How to Do It - Stephan Jou

Security for Mortals: Think like a Hacker and Protect Your Assets - Laura Payne, Raheel Qureshi

Security Operations and the End of Cyber Risk - Matthew Trushinski

SOARing to New Heights with TheHive and Cortex - Geoffrey Roote

Tackling Developer Security Training - Rey Bango

The Prestige - Aamir Lakhani

Transforming Cloud Security with SASE - Jay Reddy

Triple Extortion Attacks on the Rise from Ransomware Gangs - Gary Sockrider

Walking the Cybersecurity Data Tightrope - Travis Smith

What Elon Musk and SpaceX Can Teach Us About Ransomware and Cybersecurity - Morgan Wright

Where is Cybercrime Really Coming From? - Luis Carvajal Kim

Why an Integrated Approach to Cybersecurity Is No Longer a Choice - Andrew Williams

Why the Future of DevOps Needs Hackers - Will Kapcio

XDR and SIEM on a Collision Course: What Remains When the Dust Settles? - Corey Still

Tools

Automating Threat Detection and Response with Azure Sentinel - Kurtis Armour, Matthew Blacklock

Introducing a New Construct for Advanced Interactive Volatile Memory Analysis - Solomon Sonya

Knocking on Clouds Door: Threat Hunting in Azure AD with Azula - Mangatas Tondang

Moving Upstream, Securing the GitOps Workflow - Yoni Leitersdorf

Sandboxing in Linux with Zero Lines of Code - Ignat Korchagin

Speeding Up AWS IAM Least Privileges with CloudSplaining & Elastic Stack - Rodrigo Montoro

Zero-Code Data Validation - Bernardo Sanchez