Presenter Title Description Time
Monta Elkins The Most Important Cyber Security Field That You’ve Never Heard Of What is the most important cybersecurity field to maintain civilization as we know it? What cybersecurity field faces the most sophisticated, well-financed cyberattackers? What parts of modern civilization could you live without? What parts could you literally not live without? Come learn about the most important cybersecurity field that you’ve probably never even heard of, and how and why you should get involved. 50 minutes
Nick Roy OSINT and the Hermit Kingdom. Leveraging online sources to learn more about the worlds’ most secret nation OSINT tools provide security analysts with a powerful set of tools and data that can be leveraged to discover accounts, infrastructure, and long forgotten services that are still running. Using these sources we can research specific companies or users, find easy targets for bug bounties, and begin reconnaissance efforts against our own systems. Learn more about different techniques to gather information while examining North Korea’s public facing infrastructure and their state sponsored operating system. 50 minutes
Mark Manning Command and KubeCTL: Real-World Pentesting of Kubernetes Environments Kubernetes is a security challenge that many organizations need to take on and we as pentesters, developers, security practitioners, and the technically curious need to adapt to these challenges. In this talk we will look at tactics, techniques, and tools to assess and exploit Kubernetes clusters. We will demonstrate how to intercept service mesh traffic, evade runtime syscall filters, exploit custom sidecars, and chain attacks that go from compromising a build environment, to exploiting production applications. We’ll cover real world attack paths, provide practical advice, and guidance using the experience of conducting hundreds of reviews of containerized environments while running NCC Group’s container research group. 50 minutes
Ravi Devineni Automating Security Compliance at Scale Information security and compliance are becoming critical to businesses, especially after the Equifax breach. Financial services companies are no longer willing to compromise on security, especially when deploying services onto the cloud. In this talk, you’ll learn a few techniques which we’ve implemented to automate compliance and use fast feedback loops to implement security as a part of software delivery process. 20 minutes
Qasim Ijaz Hacking Healthcare Healthcare industry has seen a drastic increase in ransomware attacks, insider threat, and advanced persistent threats over past decade. From 37.5 million records being stolen at Anthem to our local hospitals being taken down by ransomware, we are seeing healthcare IT vulnerabilities come to light. In this talk, I present a methodology for identifying and exploiting healthcare IT vulnerabilities. I will talk about common areas of concern I continue to come across during our penetration tests, provide a checklist for 10-minute domain admin, and share insights on how the industry is innovating to combat cybersecurity threats. 50 minutes
Tom Cappetta [email protected] - CyberRange: An Open-Source Offensive/Defensive Security Lab in AWS This CyberRange project represents the first open-source Cyber Range blueprint in the world. This project provides a bootstrap framework for a complete offensive, defensive, reverse engineering, and security intelligence tooling in a private research lab using the AWS Cloud. This project contains vulnerable systems, open-source tools. It simply provides a researcher with a disposable offensive/defensive AWS-based environment in less than 10 minutes. 50 minutes
Zach Bevilacqua Malware Analysis in Real Life A look into what analyzing malware, maldocs, and overall anything suspicious is like in actual response scenarios. You don’t need to be fluent in assembly to derive techniques and generate IOC’s for your organization. We will work out what that type of analysis looks like and some best practices and techniques when handling malicious content.Hopefully, you’ll be pleasantly surprised at how little it takes to setup a space to safely do this and how quickly you’ll be able to generate indicators and intelligence proactively. 50 minutes
Greg Stachura Forensics – not just for the wealthy The complexity of attack’s continues to grow and understanding root-cause can be critical to keeping out attackers. Forensics can be key in root-cause analysis, but tools like Encase and FTK typically cause sticker shock to personal users, and small to medium businesses. This talk will explore building a forensic program using free and open source tools. Whether you just bought a used Xbox drive off ebay, or you have a laptop riddle with malware, you can grab your go bag and get some answers. 50 minutes
Nick Regelman Red Teaming without Red Teaming When you mention the term Red Team some organizations get scared, some get confused. This talk goes over the journey of starting simple phishing campaigns and formulating the benefits to conducting Red Team exercises without technically being a Red Team while highlighting the benefits of forming and maintaining good relationships with key individuals in your organization that often lead to them asking for more. 50 minutes
Matthew Gracie Throwing Tomatoes At Yourself: Purple Teaming With Free Tools Every blue team knows what their job is: to preserve the confidentiality, integrity, and availability of the data under their care. But fewer of them know exactly what they are defending that data from or how to test their defenses against that threat. This can lead to gaps in a security infrastructure that aren’t noticed until it’s too late. This talk will cover tools and techniques built around MITRE’s ATT&CK Matrix for defining threats, testing defenses, and recording results to remediate those gaps and protect the data. 50 minutes
Brian Callahan The education of hacking: A year of teaching all the things Cybersecurity majors are being increasingly offered at colleges and universities across the United States. This is in addition to the many informal and corporate-sponsored routes towards cybersecurity education. This talk explores two formal cybersecurity courses offered at Rensselaer Polytechnic Institute: the flagship Information Systems Security course as well as a new course named Modern Binary Exploitation. These two courses provide us a tale of two approaches: one formally designed by a professor and the other originally developed and taught by students. We will examine what worked, what didn’t, future plans for these two courses and the potential for future courses and cybersecurity activities at RPI. We will conclude with strategies for students and teachers to get the most out of their cybersecurity education, regardless of its source. 50 minutes
Matt Arnold OpenBSD Server Side An Introduction the OpenBSD Web Server environment, including frontend technologies such httpd(8), relayd(8), acme-client(1), . And how these technologies use OpenBSD’s proactive security features like pledge,, unveil and others, to stop or mitigate common exploits. 50 minutes
Joe Gray A DECEPTICON and AUTOBOT walk into a bar: A NEW Python tool for enhanced OPSEC In this presentation, which goes further than the previous DECEPTICON presentation, we address topics that I have frequently spoken about in past years is disinformation, deception, OSINT, and OPSEC. When working through learning NLP and ML in Python, it dawned on me: marry these technologies with DECEPTICON for good. Enter the DECEPTICON bot. The DECEPTICON bot is a python* based tool that connects to social media via APIs to read posts/tweets to determine patterns of posting intervals and content then takes over to autonomously post for the user. What is the application you ask: people who are trying to enhance their OPSEC and abandon social media accounts that have been targeted without setting off alarms to their adversaries. Use case scenarios include public figures, executives, and, most importantly – domestic violence and trafficking victims.