Past Events



Sesssions


- Schedule Not Yet Finalized '

Unblockable Chains – Is Blockchain the ultimate malicious infrastructure?

In this principal research, we investigate the possibilities blockchain technologies pose as an infrastructure for malicious operations. We will demonstrate a POC of a fully functional C&C infrastructure on top of the Ethereum network – the second largest public blockchain which also acts as a distributed computing platform featuring a smart contract functionality. As Blockchain technologies gain more traction in recent […]

Tech
Omer Zohar
- Schedule Not Yet Finalized '

Why Memory Attacks are on the Rise and How to Stop Them

Memory-based, fileless, or living-off-the-land attacks were one of the most prevalent types of attacks in 2017 and are only growing. But how do they happen and why are they on the rise? The short answer is that they work because they are less detectable by traditional and many next gen antivirus solutions. For example, Word […]

Tech
Josh Fu
- Schedule Not Yet Finalized '

Deep Learning – Classifying malicious websites with image recognition models

During this presentation I will demonstrate how convolutional neural network (CNN) models used for image recognition can also be used to classify malicious websites. I will go over how a CNN trained on images of botnet C2 panels and phishing websites can accurately predict and label, if a given image of a malicious website is […]

Tech
Akbar Qureshi
- Schedule Not Yet Finalized '

Why can’t we build secure software?

A lot is expected of software developers these days; they are expected to be experts in everything despite very little training. Throw in the IT security team (often with little-to-no knowledge of how to build software) telling developers what to do and how to do it, and the situation becomes strained. This silo-filled, tension-laced situation, coupled with short deadlines and […]

Management
Tanya Janca
- Schedule Not Yet Finalized '

How identity management is transforming modern business

Identity innovations like zero-trust networks, zero login, and one identity initiatives are transforming today’s most successful organizations from within. Trust boundaries are changing. Find out the technical details behind these innovations and take home a game plan to start transforming your organization today, this week, and in the long run.

Management
Sarah Squire
- Schedule Not Yet Finalized '

Exploiting hardware wallet’s secure element

Hardware wallets, as well as other kinds of secure devices, must be designed to stay secure even when they are running in a hostile environment, including when they are in full control of an attacker. In order to ensure they stay secure in such conditions, physical attack resistant hardware is required but not sufficient for […]

Tech
Sergei Volokitin
- Schedule Not Yet Finalized '

Crowd Sourced Security – Applying the Wisdom of the Crowd to Cyber Defences

Taking advantage of user provided intelligence improves your organization’s ability to recognize, report and respond to active phishing threats and keeps you ‘Left of Breach’ on the cyber kill chain. Through development of anti-phishing program best practices, the use of active threat intelligence and trend analysis, this presentation will show you how to improve your […]

Sponsor Track
John “Lex” Robinson
- Schedule Not Yet Finalized '

Malboxes: Make Malware Analysis More Accessible

Malware is everywhere. Every organization has been infected by malware to some extent. Yet, most don’t have the expertise on staff to know if they are being targeted or if they are hit with mass-spreading malware. Knowing the difference is vital for a proper response plan. This is where Malboxes comes in. It is a […]

Tools
Olivier Bilodeau
- Schedule Not Yet Finalized '

Elytron: Next-generation security for Java servers

Elytron is a set of Java APIs and SPIs for application server security. Although it was developed to unify security across the WildFly application server, Elytron is an open-source, standalone library that can theoretically be used in other Java server environments. Within WildFly, Elytron has replaced the combination of PicketBox and the Java Authentication and […]

Tools
Farah Juma
- Schedule Not Yet Finalized '

25 Techniques to Gather Threat Intel and Track Actors

In recent years, we have delivered many talks detailing threat actors, their operations, and their tools. How did we conduct such research and gather such intel? In this talk, we share 25 techniques for gathering threat intel and tracking actors (for example: crimeware (undisclosed) vulnerabilities, C&C misconfig, and underground marketplaces). We explain our use of […]

SECurity FUNdamentals
Sun Huang
Wayne Huang
- Schedule Not Yet Finalized '

HomeBrew: Developing your own (threat) intel

We see “threat feeds” discussed online quite often, but what are these really and how do we employ them? When these “threat feeds” are lists of IP addresses, domains, and file hashes, how do we then make use of these within our own infrastructure or organization? It turns out that if you’re a security analyst as […]

Tech
Chris Brewer
Harlan Carvey
- Schedule Not Yet Finalized '

Keynote Bruce Potter – Title TBA

Keynote abstract TBA.

Keynote
Bruce Potter
- Schedule Not Yet Finalized '

Pragmatic Cloud Security: The future is now.

Cloud is a new frontier that requires new architectures, higher velocity processes and crisper business-level metrics—none which are really strengths of security programs and practitioners. Given that everything cloud is automated and API-enabled, security teams now have a big opportunity to build and embed security into the cloud technology stack. From continuous guardrails to automated workflows and […]

SECurity FUNdamentals
Mike Rothman
- Schedule Not Yet Finalized '

Building Bespoke Threat Intelligence Enrichment Platforms

The aggregation, normalization, enrichment, and contextualization of threat data and intelligence en masse necessitates a robust mix of innovation, automation, and flexibility. The Threat Analyst Workbench should provide mechanisms for extracting data from internal and external sources and building catalogues of intelligence. It should facilitate the analyst to characterize threats, identify outcomes, develop courses of […]

SECurity FUNdamentals
Sean Tierney
- Schedule Not Yet Finalized '

How to Spot a Fake: Improve your Security Operations with Real-world AI

AI and machine learning are increasingly popular buzzwords cybersecurity, but not all AI techniques deliver the same value for every use case. Security professionals need to understand the different applications of AI and machine learning and how they can best be applied to address an organization’s specific needs. The potential of data science, artificial intelligence […]

Tech
Stephan Jou
- Schedule Not Yet Finalized '

The Hunt is On! Advanced Memory Forensics meets NextGen Actionable Threat Intelligence

Cyber attacks continue to increase in severity and sophistication.  A new era of attacks have become more ubiquitous and dangerous in nature.  Malware has become much better at hiding its presence on the host machine.  However, one place it cannot hide for long is in the volatile memory of the computer system. The purpose of this […]

Tech
Solomon Sonya

Sponsors


Check Point

Gold

Cisco

Gold

Forcepoint

Gold

Fortinet

Gold

HP Inc.

Gold

IBM

Gold

Lyrical Security

Gold

Optiv

Gold

Qualys

Gold Networking Reception

Rapid7

Gold Networking Reception

Scalar

Gold

Uzado

Gold

Bell

Silver

Certified Security Solutions (CSS)

Silver

Cofense

Silver

Cylance

Silver

Echoworx

Silver

Gurucul

Silver

Mimecast

Silver

Onx

Silver

Sophos

Silver

Symantec

Silver

(ISC)2

Bronze

3M

Bronze

Akamai

Bronze

Anomali

Bronze

BackBox

Bronze

BlackBerry

Bronze

Bluecat

Bronze

Bomgar

Bronze

BSI Group Canada

Bronze

CA Veracode

Bronze

Calian

Bronze

Carbon Black

Bronze

Checkmarx

Bronze

CIRA

Bronze

Comodo CA

Bronze

CrowdStrike

Bronze

CyberArk Software Inc.

Bronze

Dell Technologies

Bronze

esentire

Bronze

ESET

Bronze

exabeam

Bronze

Fidelis

Bronze

Gemalto

Bronze

GlassHouse Systems Inc.

Bronze

GoSecure

Bronze

IMSM – ISO Standards Specialists

Bronze

Infoblox

Bronze

ixia

Bronze

Speakers


Omer Zohar

Omer Zohar


A security researcher for over a decade, Omer is currently exploring the opportunities emerging technologies such as blockchain and AI might create for the bad guys to improve their infrastructure and how to mitigate them. Omer has been conducting multidisciplinary research on malware behavior and detection methods, including on his last position as Head of Research for "TopSpin Security", where he investigated malware C&C infrastructure and protocols to create a behavior based detection engine that correlates over a time series network and reputation data along with a deception overlay. He authored 'Deceive and [...]

Josh Fu

Josh Fu

CISM, CISSP


Josh Fu is a Minneapolis-based Principal Security Engineer at Cylance, an artificial intelligence company focused on cybersecurity. He has experience in cloud infrastructure and in cybersecurity. Josh founded the west coast chapter of the International Consortium of Cybersecurity Professionals while he was living in San Francisco. He has presented in front of industry audiences across the country and for groups such as ISACA, ISC2, MGTA, SANS, and RSA. Josh is also a published author in Information Security magazine. You can connect with him on Twitter @jfusecurity.

Akbar Qureshi

Akbar Qureshi

Independent Consultant


Akbar Qureshi has over 15 years of information security experience with a background in ICS/SCADA security, Threat Intelligence, Cyber Network Defense and Exploit Research. He has turned in security flaws to various bug bounty programs as well to private organizations. His current research focuses on innovative ways of using artificial intelligence and data mining technologies to proactively hunt down cyber threats. He also has extensive experience in cyber offense and defense attack vectors.

Tanya Janca

Tanya Janca


Tanya Janca is a senior cloud advocate for Microsoft, specializing in application security; evangelizing software security and advocating for developers through public speaking, her open source project OWASP DevSlop, and various forms of teaching via workshops, blogs and community events. As an ethical hacker, OWASP Project and Chapter Leader, software developer, effective altruist and professional computer geek of 20+ years, she is a person who is truly fascinated by the ‘science’ of computer science.

Sarah Squire

Sarah Squire


Sarah Squire is a Senior Technical Architect at Ping Identity. She is a co-author of NIST Special Publication 800-63C Digital Identity Guidelines, which outlines federated authentication standards for all US federal agencies. She co-founded and serves as Vice President of IDPro - a nonprofit professional organization for identity practitioners. She serves on the Board of Directors for the OpenID Foundation. She has been named one of the top 100 influencers in identity. Sarah holds a Bachelor of Science in Physics and a Master of Science in Information Management from the [...]

Sergei Volokitin

Sergei Volokitin


Sergei Volokitin is a Security Analyst at Riscure in the Netherlands. His work is mostly focused on security evaluation of embedded systems and security testing of smart card platforms and TEE based solutions. He has several publications on Java Card platform attacks and conference presentations on hardware security.

John “Lex” Robinson

John “Lex” Robinson


John “Lex” Robinson has over 25 years’ experience in information technology with a strong focus on strategic planning and program delivery. In addition, he has consulted and managed product and service delivery teams for both small businesses and global Fortune 20 organizations in fields ranging from Security Awareness and Risk Management (Disaster and Business Continuity) to Infrastructure Development and Service Delivery Process Improvements. At Cofense, Lex interfaces with multiple Cofense teams, as well as Clients and is responsible for creating and implementing a cohesive strategy and tactics for successful implementation [...]

Olivier Bilodeau

Olivier Bilodeau

Cybersecurity Research, GoSecure


Olivier Bilodeau currently leads the Cybersecurity Research team at GoSecure. With more than 10 years of infosec experience, Olivier has managed large networks and server farms, wrote open source network access control software and recently worked as a Malware Researcher. A passionate communicator, he has spoken at several conferences such as Defcon, Botconf, SecTor, and Derbycon. Invested in his community, Olivier co-organizes MontréHack—a monthly workshop focused on applied information security through capture-the-flag challenges. He is also in charge of NorthSec’s training sessions and is hosting NorthSec’s Hacker Jeopardy. His primary research interests include reverse-engineering tools, [...]

Farah Juma

Farah Juma


Farah Juma is a Senior Software Engineer at Red Hat working on the WildFly project. She has been focusing on application server security for the past few years.

Sun Huang

Sun Huang

Senior Threat Researcher, Proofpoint


Sun Huang is a Senior Threat Researcher at Proofpoint. He has more than nine years of experience in information security. Sun has discovered many Web application 0days, including those of CMS and C2 Panel. Sun has participated in many security contests and was one of the top 10 researchers in Paypal's 2013 Bug Bounty Wall of Fame. He placed third at the AT&T bug reporter in 2013. Sun currently holds CCNA, ECSS, CEH, and PMP certifications. Sun has presented at RSA '15 '16, SteelCon '16, Troopers '16, AusCERT '16, Black [...]

Wayne Huang

Wayne Huang

VP Engineering, Proofpoint


Wayne Huang was Founder and CEO of Armorize Technologies and is now VP Engineering at Proofpoint. Huang is a frequent speaker at security conferences, including Black Hat '17 '10, DEF CON '10, RSA '07 '10 '15 '16, SteelCon '16, Troopers '16, AusCERT '16, SyScan '08, '09, OWASP '08, '09, Hacks in Taiwan '06 '07, WWW '03 '04, PHP '07 and DSN '04. Interested in security since 7th grade, he has led teams to develop security products ranging from source code analysis, web application firewall, vulnerability assessment, exploit & malware detection, [...]

Chris Brewer

Chris Brewer


Chris Brewer has more than 16 years’ professional IT experience, including five years dedicated to information security. He has investigated many data breaches involving state-sponsored attacks and zero-day exploits. Chris has also worked as a systems administrator for Linux, Unix, and Windows systems, and as a security analyst.

Harlan Carvey

Harlan Carvey


Harlan Carvey has over 2 decades of cyber security experience, with a focus on digital forensic analysis, incident response, and targeted threat hunting and response. Harlan is an accomplished public speaker, has written several open source tools, and is a prolific published author.

Mike Rothman

Mike Rothman

President, Securosis


Mike Rothman is a 25-year security veteran. He specializes in the sexy aspects of security, like protecting networks and endpoints, security management, compliance, and helping clients navigate a secure evolution to the cloud. He’s a busy guy, serving both as President of DisruptOPS, as well as Analyst & President of Securosis. This is a good thing since Mike gets into trouble when he’s not busy enough.

Sean Tierney

Sean Tierney


Sean Tierney is the Director of Cyber Intelligence for Infoblox. In his role, Sean leads the efforts to develop and refine threat data; delivered to customers as machine readable, actionable intelligence. Before joining Infoblox, Sean served as the VP of Threat Intelligence at IID (acquired by Infoblox in 2016), was the Global Head of Computer Emergency Response at Morgan Stanley and served as the Director of Cyber Intelligence for UBS and JPMorgan Chase.

Stephan Jou

Stephan Jou

CTO Interset


Stephan Jou is the chief technology officer at Interset, an In-Q-Tel-backed security analytics company. He leads the development of advanced analytics and mathematical modeling for unsupervised machine learning to detect how corporate intellectual property is being attacked, moved, shared, and utilized. Prior to Interset, Jou served as a technical architect at IBM’s Business Analytics Office of the CTO—a role in which he architected the development of more than ten Cognos and IBM products in the areas of cloud-computing, mobile, visualization, semantic search, data-mining, and neural networks. Stephan has also published [...]

Solomon Sonya

Solomon Sonya

Asst. Prof. of Computer Science, USAF Academy


Solomon Sonya (@Carpenter1010) is an Assistant Professor of Computer Science at the United States Air Force Academy. He has a background in software development, malware analysis, covert channels, steganography, distributed computing, computer hacking, information protection paradigms, and cyber warfare. He received his Undergraduate Degree in Computer Science and has Master’s degrees in Computer Science and Information System Engineering. Solomon’s current research includes computer system exploitation, cyber threat intelligence, digital forensics, and data protection. Previous conferences Solomon has spoken at include: SecTor Canada, Hack in Paris, France, HackCon Norway, BlackHat USA, [...]