Automated manufacturing systems (particularly within the paradigm of so-called Industry 4.0) are complex and critical cyber-physical systems. They use robots (highly sophisticated systems themselves, with multiple complex embedded controllers), several types of industrial controllers, and are often interconnected with other computers in the factory network, safety systems, and to the Internet for remote monitoring and […]
This talk highlights the security challenges of securing the clinical and IT infrastructure of healthcare delivery organizations. We’ll dive into two examples of FDA approved devices that connect to clinical equipment common in hospitals today and walk the audience through the development of full device compromise and the discovery of multiple CVEs.
As more businesses move to Azure for their cloud computing, there is a growing gap in visibility of the security of cloud resources. Azure Sentinel is the cloud native SIEM solution from Microsoft. Turning it on potentially means another location for piles of logs and noise. Attend this session to learn how to get the […]
NGINX is the web server powering one-third of all websites in the world. Detectify’s Security Research team analyzed almost 50,000 unique NGINX configuration files downloaded from GitHub with Google BigQuery and discovered common misconfigurations that, if left unchecked, leave your web site vulnerable to attack. This training will walk through the most common issues, including […]
Behind the scenes of a trio of recently disclosed vulnerabilities are two innovations. First, putting fuzzing targets in containers makes memory exhaustion much easier to observe. Second, widening our definition of failure makes it possible to locate vulnerabilities even in “safe” environments like Erlang. This presentation begins with a brief review of fuzzing, focusing on […]
In late 2020, the Canadian government proposed the Digital Charter Implementation Act, intending to modernize the framework for the protection of personal information in the private sector. Stemming from this Act, the Privacy Commissioner of Canada is set to receive more power to investigate privacy infractions and issue orders and fines. Simultaneously, Ontario is developing […]
A recent study suggests that cloud misconfiguration is the number one risk to cloud environments in 2021. As more developers deploy infrastructure across clouds using infrastructure-as-code, the security risk is only going to grow. To quote Albert Einstein: “Intellectuals solve problems, geniuses prevent them.” With IaC, we have an opportunity to scalably prevent security risks […]
Malware continues to advance in sophistication and prevalence. Well-engineered malware can obfuscate itself from the user, network, and even the operating system running host-based security applications. One place malware cannot easily hide itself is within volatile computer memory (RAM). Although an essential part of detection engineering and exploit development, memory analysis is not trivial to […]
In talking about Cloud Security, I believe that there are 3 main points to take care of: IAM Permissions, Control Plane Configuration (AWS API), and Cloudtrail for Control Plane Monitoring. When we are talking about Cloud Misconfiguration, Permissions, and Monitoring, we are mostly talking about second stage attacks (unless some configurations that make information public) […]
Cybercrime is a very lucrative business not just because of the potential financial return, but because it is quite easy to get away with it. Sometimes hackers get caught, but most of the time they still run free. When it comes to the operating system and after-attack traces, it is not that bad as all […]
Even though you are the only person using a computer, you are not the only one writing to your disk drive! Surprisingly, your disk drive contains a lot of juicy information that can reveal a lot of secrets and history about what you did in the past. There are also places where data can be […]
Data exfiltration, or data theft, is a common event that occurs during a breach. This talk will go into detail on specific tools and techniques that attackers have used to exfiltrate data from victim organizations and the ways that we can identify evidence of data access, data staging or data theft. By understanding how attackers […]
With security teams being vastly outnumbered many organizations have responded to this challenge with different program scaling methods, including building security champions programs. Which leads us to questions: How does a security champions program work? How do you select your champions? And once you have them, what do you DO with them? This session will […]
Ask anyone about “infosec tools” and the list will depend on red/blue perspective and experience but will usually include the likes of BloodHound, Metasploit, Burp, Mimikatz, Cobalt Strike, Nmap, and Netcat. These are all great but, too often we ignore that there is a separate side to infosec: there is a “non-technical” dimension we all […]
In this session, we present hAFL1 and provide the implementation bits required to write a Hyper-V fuzzer. We uncover a critical 0-day in Hyper-V vmswitch which was found using our fuzzer – an arbitrary read vulnerability. Finally, we show a live demo of exploiting this vulnerability, which until only a few weeks ago could take […]
How do you create new efficient, accurate, and resilient detection rules? There are a lot of steps to follow. This talk will take you through what I call Full Circle Detection. I’ll start with where to get hunting ideas and then to giving a turnkey alert for your Security Analysts using a real-world step by […]
Lessons learned over the course of a protracted global emergency that has fundamentally altered society and how we do business are not being well learned and are not yet reflected in how we manage and assess our work. Time to talk through the 9th round of fails with our panel of distinguished guest speakers!
Today, the number of IoT devices in both the private and corporate sectors are steadily increasing. IoT devices like IP cameras, routers, printers, and IP phones have become ubiquitous in our modern homes and enterprises. To evaluate the security of these devices, a security analysis must be performed for every single device. Since manual analysis […]
Many studies have discussed the implications of using a training process to develop artificial intelligence: the significant computing capabilities required, the energy wasted, the high cost, the time required for training, the size of the dataset needed. However, the fact that automated driving is considered safer than manual driving proves that the training process is […]
In an “open skies” era in which drones fly among us, a new question arises: how can we tell whether a passing drone is being used by its operator for a legitimate purpose (e.g., delivering pizza) or an illegitimate purpose (e.g., peeking at a person showering in his/her own house)? In this talk, I present […]
Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and cybersecurity in general. Besides teaching “Advanced Cybersecurity Topics” and “Digital Forensics and Cybercrime” at Politecnico, he has extensive speaking and training experience in Italy and abroad. He co-authored over 90 scientific papers and books. He is a Senior Member of the IEEE and sits on the Board of Governors of the IEEE Computer Society. [...]
Jeremy has spent the last two decades becoming an expert in both exploitation and detection and AI technologies. Most recently, he was a Principal Security Intelligence Engineer at Lookout, where he created the machine learning models behind Lookout’s PhishingAI and assisted in discovering APT threats on mobile globally. Previously, he was a senior security research engineer at Saint, Digital Defense, and nCircle. Jeremy is passionate about AI and machine learning, feature engineering for anti-malware, and anomaly detection.
Director of Product Management
I help architect and deploy solutions to prevent, detect and respond to security incidents. I work on the Field CTO Team at eSentire Inc.
Senior Security Strategist
Matthew is a Hybrid Cloud professional with experience ranging from Financial Institutions to Government Agencies. He’s focused on accelerating cloud adoption and implementing cloud architecture, security, and connectivity for the enterprise environment.
Spencer is a Security Researcher with Detectify. His past experience includes Security Analyst work with NBCUniversal, iOS engineering for an AR startup based in LA and he likes Bitcoin... like probably too much.
Technical Security Evangelist
Jonathan Knudsen is a technical security evangelist in the Synopsys Software Integrity Group, where he enjoys breaking software and teaching others how to make software better. Jonathan is the author of books about 2D graphics, cryptography, mobile application development, Lego robots, and has written more than one hundred articles on a wide range of technical subjects. He lives in Chapel Hill, North Carolina where he also teaches courses on secure software development at Duke University.
Stas is a civil litigator focusing on insurance-related disputes. He has a broad range of experience including commercial disputes, subrogation, cyber liability, and privacy law. Stas assists companies with their risk management efforts, advises them on their cyber security and privacy policies and procedures, and assists with managing data breaches and subsequent litigation.
CEO & Founder of Indeni
Yoni is the CEO & Founder of Indeni. Coding since age six, his enthusiasm for automation has strongly influenced his career. Before Indeni, he served at the world-renowned IDF 8200 unit, where he managed a team of programmers and won the esteemed Israeli Security Prize given by the president.
Asst. Prof. of Computer Science, USAF Academy
Solomon Sonya (@Carpenter1010) is an Assistant Professor of Computer Science at the United States Air Force Academy. He has a background in software development, malware analysis, covert channels, steganography, distributed computing, computer hacking, information protection paradigms, and cyber warfare. He received his Undergraduate Degree in Computer Science and has Master’s degrees in Computer Science and Information System Engineering. Solomon’s current research includes computer system exploitation, cyber threat intelligence, digital forensics, and data protection. Previous conferences Solomon has spoken at include: SecTor Canada, Hack in Paris, France, HackCon Norway, BlackHat USA, [...]
Rodrigo "Sp0oKeR'' Montoro has 20 years of experience deploying open-source security software (firewalls, IDS, IPS, HIDS, log management) and hardening systems. Currently, he is a Senior Researcher at Tempest Security. His prior experience includes Cloud Researcher at Tenchi Security, Head of Research and Development at Apura Cyber Intelligence, SOC/Researcher at Clavis, Senior Security Administrator at Sucuri, and Spiderlabs Researcher, where he focused on IDS/IPS Signatures, Modsecurity rules, and new detection research. He is the author of 2 patented technologies involving the discovery of malicious digital documents and analyzing malicious HTTP [...]
Paula Januszkiewicz is the CEO and Founder of CQURE Inc. and CQURE Academy. She is also a Cloud and Datacenter Management MVP, honorable Microsoft Regional Director for CEE and a world class cybersecurity expert, consulting customers all around the world. Paula established CQURE in 2008 and since then has continued to build the team’s professional image and cybersecurity skills, currently owning and managing CQURE departments in New York (US), Dubai (UAE) and Zug (Switzerland), and headquarters in Warsaw (Poland). In 2017, she graduated from Harvard Business School. Paula has 15 [...]
Technical Manager, Mandiant
Julian Pileggi is a Technical Manager at Mandiant, based in Toronto, Canada. His areas of expertise include enterprise incident response, digital forensics, threat hunting and security operations centre team development. Prior to his employment at Mandiant, Julian worked at a large financial institution within the security operations and incident response team.
Founder, She Hacks Purple
Tanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community, and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats: startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an [...]
Fernando Montenegro is a security technologist, currently an industry analyst in a F500 information services firm. He focuses on analyzing market trends and providing strategic advice on topics related to modern security markets: cloud security, endpoint security and others. His previous experience includes pre- and post-sales technical roles and consulting roles with vendors in enterprise security. He has worked with organizations in Canada, Latin America, and the US. His areas of interest include security economics (particularly behaviour economics), data science, including machine learning, and cybercrime. He holds a bachelor's degree [...]
Peleg Hadar (@peleghd) is a security researcher with over 9 years of unique experience in the security field. Currently, he is doing research @SafeBreach Labs after serving in various security positions @IDF. His experience involves security from many angles: starting with network research, and now mostly software and Hyper-V research. Peleg likes to investigate Microsoft Windows components. He’s presented his research at various conferences: Black Hat USA, DEF CON, SecTor and iSecCon. Peleg was part of the 2021 Forbes 30UNDER30 list.
Ophir Harpaz is a security researcher in Guardicore Labs. She enjoys reverse engineering, fighting with Cybercriminals and playing CTFs. As an active member in Baot (a community for women developers, researchers, and data scientists) she co-manages the tech-blogging program. Ophir has spoken at various security conferences including Botconf, SEC-T, HackFest and more. She’s taught a reverse-engineering workshop and published an online version of it at https://begin.re to share her enthusiasm for reversing. Ophir has entered Forbes' list of 30-under-30 and won the Rising Star category of SC Magazine's Reboot awards [...]
Mathieu Saulnier is a “Security Enthusiast” ©@h3xstream. He has held numerous positions as a consultant within several of Quebec’s largest institutions. Since 2011, he has been focused on putting in place SOC and has specialized in detection (Blue Team), content creation, and mentorship. He worked as a "Senior Security Architect" and acted as "Adversary Detection Team Lead" and "Threat Hunting Team Lead" for one of Canada’s largest carriers for more than a decade and he is now "Sr Manager Incident Response" at Syntax. He loves to give talks and had [...]
James Arlen is Aiven.io’s CISO bringing a mix of security and engineering background to DBaaS (database as a service). Over the past twenty plus years, James has been delivering information security solutions to Fortune 500, TSE 100, and major public-sector organizations. James is best described as: “Infosec geek, hacker, social activist, author, speaker, and parent.” His areas of interest include organizational change, social engineering, blinky lights and shiny things. In addition to his work at Aiven.io, James is a Contributing Analyst at the research firm Securosis, blogger/podcaster with Liquidmatrix Security [...]
Daniel Nussko is an independent security researcher and information security professional with years of progressive experience in the industry across a wide range of sectors. He holds a master's degree in IT Security. Prior to becoming a freelancer he worked for a German consulting company as a security professional and penetration tester. His special research interest is the security of IoT devices and reverse engineering of firmware.
PhD Student & Cyber Security Researcher
Ben Nassi is a Ph.D. Student at Ben-Gurion University of the Negev (BGU) and a former Google employee. His research interests are security and privacy of drones, advanced driving assistance systems, smart irrigation systems, wearable technology, and other IoT devices. His research has been presented at top academic conferences (S&P, CCS,) published in journals (TIFS), and covered by international media (Wired, ArsTechnica, Motherboard, The Washington Post, Bloomberg, Business Insider). Ben has spoken at prestigious venues including RSAC 21, BlackHat USA 20, CodeBlue 20, SecTor 20, RSAC 20, and CyberTech 19.