bsidesok.com Open in urlscan Pro
35.208.5.190  Public Scan

Form analysis
0 forms found in the DOM

Text Content

Oklahoma’s Premiere Information Security Conference


APRIL 7-8, 2022

BSides Oklahoma is a free information security conference focused on practical,
hands-on training for improving security.

Training: April 7, 2022
Conference: April 8, 2022

041

Day(s)

:

10

Hour(s)

:

26

Minute(s)

:

58

Second(s)


CALL FOR PAPERS

Submit your talk for consideration! Click the button below and complete the form
to be considered.

Submit to Speak


REGISTRATION

Registration is free and includes lunch and a t-shirt! Walk-ins are welcome, but
lunch and shirts are reserved for registered attendees first. Link coming soon!

STAY UPDATED

Stay in the know on BSidesOK by following us on Twitter. Get updates on the
event there such as CFP dates, speaker announcements, swag updates, and more!

Follow us On Twitter


SPONSORS

BSidesOK is a community run event. We depend on your support and sponsors to
bring you this event each each. Be sure to check out these sponsors that helped
bring 2021’s conference together!

Sponsors FAQ


LOCATION

Located at the Glenpool Conference Center in Glenpool, OK – just southwest of
Tulsa.

Glenpool Conference Center
12205 S Yukon Avenue
Glenpool, OK 74033



WATCH THE 2021 TALKS

Whether you missed a talk or just want to watch one over and over again, we’ve
got you covered. Click the button below to watch the 2021 BSidesOK
presentations.

2021 Replay

CODE OF CONDUCT

Everyone deserves to attend a learning event, community or professional, with a
reasonable expectation of good behavior. The BSidesOK Team expects that while
attending this conference you treat everyone with the love and respect you wish
to receive. This applies to all attendees, speakers, volunteers, vendors, and
anyone in between. We feel that if you do that, then this conference will once
again run smoothly and we will all have a good time.

Don’t be an ass!



Kris Wall


PROXYLOGON – THE VULNERABILITY THAT SHOOK THE WORLD: WHY APPSEC MATTERS


ProxyLogon was and still is a devastating vulnerability affecting thousands of
Exchange servers around the world. The vulnerability was so devastating that we
even saw the return of the ChinaChopper webshell. Join us as we discuss:

 * what ProxyLogon is and what happened
 * how ProxyLogon works
 * and a demo of working payloads

 

Kris Wall is a technology and community leader with a passionate focus on
penetration testing and application security with 15 years of experience working
at a network and security consultant and is currently finishing his Master’s in
Cyber Security and Information Assurance. Kris is passionate about application
security and regularly gives offensive and defensive talks at information
security conferences, including BSidesOK and the Federal Bureau of
Investigation’s annual Information Warfare Summit. Kris is also a community
organizer for the local information security groups in Oklahoma City.

Throughout his career, Kris has performed many roles including: Penetration
Testing Manager, Penetration Tester, Application Security Assessor, Software and
Web Developer, Forensic Analyst, Security Analyst, IT Administrator, and IT
Auditor. His former responsibilities include performing security testing,
vulnerability and risk assessments, segmentation testing, policy writing,
incident response and digital forensics, and secure software development.

Kris frequently provides training to classes on information security,
penetration testing, and secure application development.

LinkedIn

Close
Steven Marshall


WAYS TO MAKE CYBERSECURITY TRAINING MORE ENGADGING

End-user training is an important part of any organizations training programs.
Many users find cybersecurity training to be boring. In this presentation, we
will discuss ways to make cyber-security training more engaging to get the best
results.
I’m Steven Marshall, Systems and Security Administrator for the College of Arts
and Sciences at the University of Oklahoma. I have worked in the IT industry
since 2005 with various roles and titles.

LinkedIn

Close
Karthikeyan Govindaraj


GOLANG APP BUILD VERSION IN CONTAINERS & HEALTHCHECKS IN GRPC CONTAINERS FOR
KUBERNETES

In this session we will solve two different problems with GoLang and Containers.
i) Logs are trivial in the world of a developer when it comes to debug. With the
container logs, the version is a life saver as it denotes the tag that has been
cut from the source code and containerized. We will see how to inject this
version dynamically into container image. ii) Health Checks in Kubernetes are
important in determining the container’s readiness. With gRPC, its little bit
tricky to do that as k8s supports only HTTP and exec formats. We will see how to
do that in gRPC containers.
Karthikeyan Govindaraj is a Vice President at BlackRock, where he works on
building tools to make apps easier to run on Kubernetes. He contributes to the
Kubernetes community as a community member. Karthik is passionate about cloud
and cloud-native infrastructure, developer tools & experience, open-source. He
has a Bachelor of Engineering degree in Computer Science.

Medium

Close
Nick Harris


DON’T BLAME THE INTERN

Recent comments by current and former CEO’s of SolarWinds have seemingly
attributed their massive breach (SolarWinds Orion/Sunburst) to a weak password
set by an intern. Even if this was indeed the source of the compromise the fact
that a single compromised intern-controlled account could lead to such a
wide-scale breach indicates a massive failure in enterprise information security
governance and policy, as well as a lack of oversight and accountability on
behalf of SolarWinds management and executive staff. Nothing can be completely
secure, but without accountability and commitment from an organizations
leadership, the security posture of the organization will greatly suffer.
Currently employed as a senior Security Analyst/Architect with the Oklahoma
Turnpike Authority. I’ve worked for the House Committee on homeland security in
Washington D.C. and did a stint living in the Russian Federation. I have formal
experience in offensive security & information security policy.

LinkedIn

Close
Samuel Kimmons


LOOK AT ME, I’M THE ADVERSARY NOW: INTRODUCTION TO ADVERSARY EMULATION AND ITS
PLACE IN SECURITY OPERATIONS

Adversary Emulation is quickly becoming a hot topic in information security, and
there is a good reason for it. Security analysts, threat hunters, and incident
responders are constantly facing an onslaught of old and new threats. How can
defenders properly prepare for the ever changing threat landscape, improve their
skill set, and improve the security posture of their organization? In this
presentation I’ll answer those questions by covering: The various forms of
Adversary Emulation, where/how it fits into Security Operations, the benefits of
using it as a Blue Team training tool, and how to get started!
Samuel Kimmons is the Adversary Emulation Lead at Recon InfoSec. He is
responsible for researching, planning, and developing full scope Adversary
Emulation Scenarios for Recon’s Network Defense Range Training and the OpenSOC
CTF. Samuel got is start in Information Security during his time in the United
States Air Force.

LinkedIn

Close
Geoff Wilson


PROTECT YOUR BUSINESS BY ADOPTING A SECURITY FRAMEWORK


 


 

In this talk, Geoff Wilson will detail recent data breaches that his company, Go
Security Pro, has been involved in remediating. Geoff will highlight the
critical weaknesses that led to these data breaches and how adopting a
cybersecurity framework can keep you out of the data breach headlines. Geoff
will discuss the pros and cons of security frameworks such as ISO 27001/27002
and the NIST Cybersecurity Framework.

Geoff Wilson is an innovative cybersecurity thought leader with deep experience
in defensive cybersecurity strategies. Having studied at Carnegie Mellon
University and trained at the National Security Agency, Geoff brings 17 years of
cybersecurity experience to your organization.

In his many cybersecurity roles, Geoff has been an IT Auditor, Penetration
Tester, Risk Assessor, Forensic Analyst, SOC Engineer, Information Security
Officer, Software Developer, Author, University Professor, and Consultant.

Geoff is a business leader having founded Go Security Pro in early 2019 with his
co-founder Susan Wilson. Geoff regularly speaks at conferences, presents to
executive leadership and boards, and can get in the technical weeds with IT
professionals.

LinkedIn

Close
Joe Sullivan


DATA GOVERNANCE PROGRAMS


 


 

Data Governance programs are important for ensuring the proper handling of your
organization’s data. In this presentation I will cover the following topics:
What data governance programs entail The challenges of implementing a data
governance program Utilizing the NIST Privacy Framework in a data governance
program How to get executive and organizational buy in for your data governance
program How to keep the stakeholders engaged with the data governance program

Joe Sullivan has over 20 years of experience in information security and works
as a consultant for Rural Sourcing in Oklahoma City.

In addition to being a SANS instructor, Joe is active in the Oklahoma City
information security community as the chapter leader of the Oklahoma City Open
Web Application Security Project (OWASP) and is a Cyber Patriot mentor, a GIAC
Advisory Board member, and an InfraGard board member. Throughout his career, Joe
has acquired numerous certifications including: GSTRT, GSLC, GPEN, GCIH, GCFE,
CISSP, CNSSI 4012, CNSSI 4013, CNSSI 4014, NSTISSI 4011, NSTISSI 4015. .

LinkedIn

Close
Gordon Rudd


SCALABLE, SUSTAINABLE CYBERSECURITY FOR ANY SIZE ORGANIZATION


 


 

This session will focus on how corporate size and growth rate actually dictate
cybersecurity methodology, strategy and operations. Setup and maintenance of
CyberOps is very different for these companies. IT and Cybersecurity operate in
hybrid models, focused on five areas. Successful information security teams must
understand each of these areas and their operation to succeed.

Securing fast-growing companies, is difficult to do. Very difficult to do well.
This session will give attendees key performance indicators to describe the
relationship between each area of excellence and the scalability, sustainability
and flexibility required in a cybersecurity program/department.

Gordon Rudd is the CEO of Stone Creek Coaching. Gordon has over 40 years of
experience in the IT and cybersecurity in oil & gas, health care and financial
services. He is a recognized expert in cybersecurity, ERM, GRC, IT risk
management, and compliance program development. Gordon works with the coaching
team at Stone Creek helping technical personnel map their careers and achieve
their personal objectives. He also serves as our subject matter expert in
residence.

Gordon joined Stone Creek Coaching after being the VP, CISO for RCB Bank. Gordon
implemented and managed both their cybersecurity program and enterprise risk
management program, which included managing internal and external audits and
regulatory examinations, creating the vendor management office and implementing
a successful continuous process improvement program. Today, Gordon uses his
proven ability to energize any department or organization using Stone Creek’s
innovative people, process, and technical solutions.

Gordon founded the CISO Mentoring Project 12 years ago and is still an engaged
mentor for many aspiring and active CISOs around the world. Gordon is a regular
presenter with (ISC)2 an international, nonprofit association for information
security leaders, to create and lead educational events, videos and content for
their members.

LinkedIn

Close
Richard Cascarino


CISA EXAMINATION PREPARATION


 

Corporations are becoming more and more aware of the risks facing them in the
expanded Environment of Business now facing them. Increasingly management is
taking a risk management role and IT management is being called to assist at
corporate and strategic risk management levels and IT Audit are being required
to provide professional opinions and recommendations on IT risk areas.

Richard Cascarino, CRMA, CIA, CISM, CFE is a consultant and lecturer with over
30 years of experience in Large scale, Project Management, Risk, Audit,
Governance, Forensic, Internal and IT auditing education and author of the books
Internal Auditing-an Integrated Approach and Auditor’s Guide to IT Auditing and
Corporate Fraud and Internal Control: A Framework for Prevention published by
Wiley in 2013. Data Analytics for Internal Auditors published in 2017 He is also
a contributing author to the Governance section of all 4 editions of QFinance:
The Ultimate Resource and is a frequent speaker at IIA, ACFE and ISACA workshops
and conferences. His latest book, Complete Guide for CISA Exam Preparation came
out in October 2020. He has assisted in the implementation and audit of IT and
Operational systems as well as the training of Internal Auditors in the USA, UK,
and Middle East and throughout Africa. He is a Past President of the IIA – South
Africa and founded the African Region of the IIA Inc. He has also served as a
member of the Board of Regents for Higher Education of the Association of
Certified Fraud Examiners. He developed the BComm Internal Audit for the
University of the Witwatersrand in Johannesburg and the Honors program in
Governance and Risk at the same university.

LinkedIn

Close
Phillip Wylie


INSIDE THE MIND OF A THREAT ACTOR: BEYOND PENTESTING


 

Red team is a commonly misunderstood offensive security discipline. Red team has
been used as a general term for all areas of offensive security just as blue
team for defensive security. True red teaming goes Beyond Pentesting and into
more adversarial emulation. While there are overlapping skills, there are
differences that will be discussed as Phillip shares his experience of going
from a pentester to a red teamer. In this talk, you will learn about the
different areas that make up red team operations, common tools, and the path to
becoming a red teamer. In this presentation, you will learn about resources
helpful for a path into red teaming.

Phillip Wylie is an Offensive Security Instructor at INE, Adjunct Instructor at
Dallas College, and The Pwn School Project founder. Phillip has over 23 years of
experience with the last 9 years spent as a pentester. Phillip has a passion for
mentoring and education. His passion motivated him to start teaching and
founding The Pwn School Project. The Pwn School Project is a monthly educational
meetup focusing on ethical hacking. Phillip teaches Ethical Hacking and Web
Application Pentesting at Dallas College in Dallas, TX. Phillip holds the
following certifications; CISSP, NSA-IAM, OSCP, GWAPT.

LinkedIn

Close
Vincent Scott


CMMC: A COMPLIANCE JOURNEY


 

CMMC is the new DoD framework for cyber defense, the Cybersecurity Maturity
Model Certification, and it will shortly be mandated across the DoD supply
chain. Not only mandated but it will require an independent third-party audit to
confirm that compliance, a massive change from the current world of
self-attestation, and corrective plans. By design, this is going to drive a much
higher level of cyber compliance across the Defense Industrial Base (DIB), and
that means not just some, but a vast majority of companies will have to make
significant changes and investments to meet these requirements. It also appears
this will not be limited to DoD. There is already discussion and some action to
mandate CMMC compliance and audits in other areas of Federal government
contracting. This talk will discuss the compliance and security journey of one
company.

Vince Scott is a retired US Navy Cryptologist and Information Warfare Officer
and currently serves in several roles. As the founder of Defense Cybersecurity
Group he is building a new cyber audit company focused on the DoD’s
Cybersecurity Maturity Model Certification (CMMC). After a diverse military
career, Vince has served as a Director for Oklahoma State Universities
Multispectral Laboratory, led the Procter and Gamble cyber incident response and
threat intel organization, assisted a broad range of Fortune 500 clients as a
Director with PwC Cybersecurity and Privacy, and served as the founding
Executive Director of SENTIR Research Laboratories.
Vince earned his bachelor’s in computer science from the US Naval Academy, has
completed DoD Acquisition Level II qualification, earned his MS in Management
Information Systems from the University of Maryland/Bowie State while residing
in the UK, and has earned a graduate certificate in Information Security from
the University of Fairfax. He is a 2012 graduate of the Oklahoma State
University Veteran Entrepreneurship Program, is a graduate of the Air Command
and Staff College for joint planning, and the Joint Forces Staff College senior
officer program for strategic and operational planning. He previously served as
a member of the Editorial Board for the Journal of Law and Cyber Warfare. He is
US Navy certified subject matter expert in Information Warfare and Cryptology, a
DoD/CNSS certified Information Systems Security Professional (ISSP), Incident
Handler Engineer (IHE), and certified Senior Systems Manager (SSM).

LinkedIn

Close
Sourya Biswas


SECURITY ON A BUDGET: BUILDING SECURITY FROM SCRATCH


 

In my career, I’ve had the opportunity to help build the security program for a
startup which suddenly became successful enough to become a target. Also, more
number of transactions brought it into the ambit of Level 2 PCI compliance, with
Level 1 projected in near future. Joining as the second hire to the Tech
Security & Compliance team after the CISO, I helped roll out multiple products
and services, right from evaluation to managing the implementation projects.
Getting buy-in and budgetary approvals from the Board and Executive Leadership
required us to develop a staggered, results-driven approach shaped by the
concept of Defense in Depth. This presentation will combine lessons learned
during my time at the startup with knowledge gleaned from my consulting career
advising startup clients on their security postures.

I’m a Principal Security Consultant in the Risk Management & Governance (RM&G)
practice at NCC Group, a security consulting firm headquartered and listed in
the UK with a major and growing US subsidiary. I have 14 years of experience in
Information Risk and Security, and hold an undergrad degree in Information
Technology from IIIT Calcutta and an MBA from the University of Notre Dame. I
have several articles on cloud computing available online and served as
technical editor for an authoritative textbook on the subject. I’m a certified
CISSP, CCSP, CISA, CISM, CRISC, CGEIT, PMP and also have several ITIL
Intermediate certifications.

That’s all about my second job. My first job is being a father to two adorable
and naughty munchkins, 4 and 3 years old.

LinkedIn

Close
Julio Tirado


MACHINE LEARNING FOR AUDITORS


 

The talk will involve defining various concepts, such as machine learning (ML)
vs deep learning (DL), and supervised learning vs unsupervised learning, to
provide attendees a basic understanding of the domain. Attendees will also
dedicate 5-10 minutes doing some basic python programming (e.g., creating
comments, variables, and a function), and dedicate 10-15 minutes writing code
using Jupyter Notebooks to build a simple machine learning application using the
Scikit-Learn framework. The session will end with some recommendations to
further continue learning about AI, ML, and DL and will reference some audit
resources via IIA and ISACA to help IT Auditors better prepare for tackling the
expected increased adoption of AI technologies.

Julio is an admitted information addict with a passion for learning. His 14-year
career in Internal Audit has been dedicated to the Banking industry during which
he’s developed an obsessive focus on cybersecurity risk management and finding
creative ways to upskill in all things tech. He is a member of the IIA, ISACA,
ISSA, ACFE, and Infragard professional organizations. Julio currently volunteers
with the Tulsa IIA, ISACA, and ISSA Chapters as the facilitator of the
Cybersecurity Roundtable, and serves as the Secretary and Board member of the
ISSA Chapter. Prior to his audit career, Julio served in the United States Air
Force as an aircrew member aboard an AWACS aircraft in the 964th Airborne Air
Control Squadron. When not spending time with his family or obsessing about
learning new things, Julio enjoys choking out white belts in Brazilian Jiu-Jitsu
for maximum stress relief.

LinkedIn

Close
Donovan Farrow


PRETESTING THE LOW HANGING FRUIT

This presentation will provided details of a true “hacker”. A true hacker knows
technology and how it works. Yes, code is great but if you do not know a server,
computer, network works it will be tuff to take it to the next level. During the
presentation I will teach the group on what tools I use and how to take
advantage of the computer network. The group will not only understand what
hacking really is but know how to better protect their company environment going
forward.

Donovan Farrow CEO, Founder – Alias Forensics Donovan founded Alias Forensics
Inc. in 2010. Born and raised in Oklahoma, Donovan’s vision has always been to
create a community that grows and supports a fresh aptitude in Information
Security. In the past, he gained over 19 years of experience working for
Schlumberger Oilfield Services, Loves Travel Stops, Chesapeake Energy and NTT
Security in the fields of Information Technology, Information Security, Digital
Forensics, and Incident Response. Donovan currently serves as CEO of Alias
Forensics, has provided digital forensic analysis in over 2,000 court cases, 160
Incident Response engagements, 280 penetration tests, Appointed Special Master
by the Court, sits on the OCCC Advisory Board, and he is ACE, PCE, CCE and GCFA
certified. Donovan was awarded “2020 Most Influential Young Professional”, the
“Young Entrepreneur of the Year” Award at the Tulsa Small Business Summit and
Awards Ceremony in 2018. Some of the other titles Donovan holds are Expert
Witness, Public Speaker, Social Engineer, and Info Sec Trainer. In his spare
time, he enjoys clay shooting, travelling, and spending time with his wife and
kids.

LinkedIn

Close
Anthony Hendricks


I HATE LAWYERS! WORKING WITH ATTORNEYS DURING BREACHES TO MAINTAIN PRIVILEGE AND
YOUR SANITY

Last year there were almost 4,000 publicly disclosed data breaches and numerous
others that did not make headlines. Despite all the tabletop exercises and
updates to the company’s breach response plans, data breaches and cyber
incidents can be stressful. One added layer to the stress is that CTO, IT
professionals, and internal response team members have to work with outsides
lawyers with different priorities. This presentation will explore the role that
lawyers play in investigating and responding to data breaches, how lawyers and
internal technology professionals can work together, and the benefits for
companies when everyone pushes in the same direction. This presentation will
also define attorney-client privilege and explain its importance, along with
some examples of when companies have failed to maintain privilege during their
investigations. The discussion will also explore how working with lawyers can
save companies money by cutting off or limiting regulatory investigations and
preparing them for potential lawsuits.

Anthony Hendricks is a legal problem solver and litigator at Crowe & Dunlevy.
Hendricks guides clients facing sensitive criminal, cybersecurity, banking, and
environmental compliance issues. He also advises clients on privacy and data
protection laws, coaches clients on developing data breach response plans, and
represents clients facing enforcement actions related to cyber laws. Hendricks’
research interests include the enhancement of diversity in the field of
cybersecurity, the future of data privacy, and the development of cybersecurity
policy in midsize cities and rural states. He is a graduate of Howard
University, holds two Masters from the London School of Economics, where he was
a British Marshall Scholar, and a Juris Doctorate from Harvard Law School.

LinkedIn

Close
Antonio Cobo


IMPOSTOR SYNDROME IN THE IT WORLD FROM A CONFERENCE SPEAKER’S PERSPECTIVE

Have you ever compared yourself with other team members and felt like a fraud?
Have you ever felt unworthy of your job promotion? Have you ever doubted of your
successes? Do you know someone who could have answered “Yes” to any of those
questions?

These are symptoms of Impostor Syndrome; it affects most of the people working
in IT. It affects conference speakers as well. I will share with you my
struggles public speaking and how I fight impostor syndrome on every conference.
Hopefully this talk will help you to fight impostor syndrome on your day job and
help others who might be suffering in your area of influence.

Antonio is an Agile enthusiast with more than 20 years experience in the IT
industry and specialises in Agile methodologies. He comes from a technical
background, starting his career as a Java Developer in Spain in 2000, moving to
different roles within IT in three different countries. Antonio is passionate
about creating and implementing the best solution while continually seeking to
improve work methodologies. He is convinced that most of the problems in IT are
due to lack of communication! Antonio usually speaks about Agile, DevOps,
Project Management and Team management at conferences across Europe and US, such
as DevOps Days, JAX and Voxxed Days.

Close
Trent Russell


ANALYTICS ANYONE CAN DO

Theory is great (apparently there’s this one on relativity that’s a pretty big
deal), but we’re practitioners and need the application. In this session we’ll
apply a few hands-on analytics techniques that are applicable regardless of your
profession or role on your team. By the end of the session every attendee will
have the ability to complete an analysis in only four steps. We’ll also go
through a list of tools (free tools!) that everyone can use to analyze their
data as well as “The Cadillac” of fraud analytics.

Trent Russell is the Founder of Greenskies Analytics. He graduated from the
University of Alabama with an MIS degree before joining Ernst & Youngs’ IT Risk
Assurance practice where he served multiple industries. He later joined the
Financial Service Office at EY and facilitated the development of data analytics
procedures for financial statement audits. At Greenskies he develops data
analysis and hands-free monitoring solutions for forward-thinking internal audit
teams.

LinkedIn

Close
Filipi Pires


THREAT HUNTING | PRACTICAL PROVING IN CREATIVE WAY LIKE A DETECTION AND
EFFICIENCY TEST IN SECURITY SENSORS

During this presentation we’ll show our tests performed in three different
solution endpoint security (CrowdStrike,Sophos and Cybereason Solution), where
we simulate targeted attacks using many strategies of attacks to obtain a
panoramic view of the resilience presented by the solutions, with regard to the
efficiency in its detection by signatures, NGAV and Machine Learning, running
scripts, such as: Download many malwares within the victim machine, moving all
those malware to other folder(expectation of detection without execution), and
as well as, an idea in to download these artifacts directly on the victim’s
machine using malwares from The Zoo Repository and furthermore, we’ll running
scripts with PowerShell downloading daily malwares batches, provide by
MalwareBazaar by request using API access. And the end of this presentation, the
front responsible for the product will have an instrument capable of guiding a
process of mitigation and / or correction, as well as optimized improvement,
based on the criticality of risks.

I’ve been working Principal Security Engineer and Security Researcher at Zup
Innovation and Global Research Manager at Hacker Security, Staff of DEFCON Group
São Paulo-Brazil, I have talked in Security events in US, Germany, Poland,
Hungary, Czech Republic, Brazil and others countries, served as University
Professor in graduation and MBA courses at Brazilian Colleges as FIAP /
Mackenzie / UNIBTA and UNICIV, in addition, I’m Founder and Instructor of the
Course – Malware Analysis – Fundamentals (HackerSec Company – Online Course).

LinkedIn

Close
Rob Richardson


SECURING DOCKER CONTAINERS: KUBERNETES JUST HANDLES THAT, RIGHT?

Securing a container is like securing a virtual or physical machine. You need to
understand what’s installed, ensure it’s patched, and reduce the attack surface.
But unlike traditional servers, this is done at build time for containers.
Journey with us as we build a comprehensive strategy for securing your digital
assets that run in Docker, and leave with concrete steps you can apply to your
DevOps pipeline today.

Rob Richardson is a software craftsman building web properties in ASP.NET and
Node, React and Vue. He’s a Microsoft MVP, published author, frequent speaker at
conferences, user groups, and community events, and a diligent teacher and
student of high quality software development. You can find this and other talks
on his blog at https://robrich.org/presentations and follow him on twitter at
@rob_rich.

LinkedIn

Close
Jason Rohlf


BEST LAID AUDIT PLANS

The information technology ecosystem serves as the nervous system of your
organization. For those who bear the responsibility for evaluating the health of
IT programs and systems, one of the most daunting challenges they will face is
determining where and how to focus their precious and finite resources. If the
goal is to provide the maximum level of assurance that the organization is doing
the right things with those limited resources, it is imperative that attention
is placed on the areas that are most critical to achieving that end. This
session will explore the various approaches and options for performing risk
assessment activities that drive a focused and meaningful IT Audit Plan. We will
review concepts and approaches related to defining this crucial audit space,
including top-down vs. bottom-up evaluations, the various data and criteria that
can be leveraged to drive assessment results, and how to carry out holistic
assessments for all key IT areas, including security, operations, consumer
interaction, finance, regulatory compliance and risk management.

After graduating from Illinois University, Jason Rohlf began working in public
accounting and auditing. He eventually moved into the technology world, building
and deploying software solutions to help auditors and compliance professionals.
He now serves as VP of Solutions at Onspring, a GRC and business process
automation platform.

Close
Andrew Lemon


B&E FROM A-Z


 

Ever used airbags to open a door? From the old tried and true B&E techniques to
the stuff you’ve never heard of—learn the tools and methods of the trade. Peek
inside the kit of a red teamer as we cover the ways we broke into your data
center even during lockdowns.

Andrew Lemon is currently a Principal Security Engineer at Alias where he serves
as the expert on network and security architecture. He is the lead engineer over
penetration testing, IT auditing, incident response, security consulting, social
engineering, and security awareness training.

LinkedIn

Close
Rob Richardson


CONTINUOUS SECURITY BY DESIGN

Have you struggled to get security baked into your DevOps process or have your
security needs taken a back seat to “run fast and break things”? Just because
we’re moving fast doesn’t mean we can’t be secure. Join us for this deep dive
into adding container scanning to a DevOps pipeline. We’ll enumerate the
security tool categories, and give you tips for adding these tools to your
development workflow, build pipeline, and production monitoring setup. You can
achieve a robust security posture and still release continuously.

Rob Richardson is a software craftsman building web properties in ASP.NET and
Node, React and Vue. He’s a Microsoft MVP, published author, frequent speaker at
conferences, user groups, and community events, and a diligent teacher and
student of high quality software development. You can find this and other talks
on his blog at https://robrich.org/presentations and follow him on twitter at
@rob_rich.

LinkedIn

Close
Logan Evans


BUILD YOUR FIRST SECURITY APP IN THE CLOUD

~ Building a Serverless Security Toolkit ~

Blue Team: Build applications to analyze threats and manage risk without having
to set up a bunch of VMs

Red Team: Hack faster and smarter with tools that are available anywhere, with
infinite storage and scalability

The possibilities are endless!

Founder @ Sugar Security (https://sugarsecurity.com) – Oklahoma cybersecurity
software in the cloud – The World’s Sweetest Hackers!

LinkedIn

Close
Michael Gough


INCIDENT RESPONSE FAILS – WHAT WE SEE WITH OUR CLIENTS, AND THEIR FAILS,
PREPARATION WILL SAVE YOU A TON OF $$$, HEARTACHE, MAYBE YOUR SANITY AND JOB

As an Incident Response Principal, we respond to our clients’ incidents and we
see a pattern. I have done many a presentation from a Blue Team perspective
recommending you do some things, so let’s take a look at what we regularly see
that our clients fail at, that either caused the event, made it worse, or why it
went undetected. This is a teaching moment that I want to share with you to take
back to your organization to prepare for an inevitable event. I talk about the 3
Cs’ Configuration, Coverage, and Completeness and this helps us to understand
what kind of process that is needed to address the whole of the problem and how
these map to your security program and why organizations suffer so badly during
a security event. How is your logging? Is it enabled? Configured to some best
practice? (hopefully better than an industry standard that is seriously
lacking). Have you enabled some critical logs that by default are NOT enabled?
Do you have a way to run a command, script, or a favorite tool across one or all
your systems and retrieve the results? What is that we Incident Responders need
and use to investigate an incident and what are the typical recommendations we
make to all our clients that they fail to do? Sadly a lot of what we need, you
already have and is free, nothing to buy, just process and procedural
improvements. This talk will describe these things and how to prepare, and be
PREPARED to do incident Response, or if you hire an outside firm, what they want
and need too. The attendee can take the information from this talk and
immediately start improving their environment to prepare for the inevitable, an
incident.

Michael is a Malware Archaeologist, Blue Team defender, Incident Responder and
logoholic for NCC Group. Michael developed several Windows logging cheat sheets
to help the security industry understand Windows logging, where to start and
what to look for. Michael presents at many security and technology conferences
helping to educate on security that attendees can go back to work and actually
do. Michael is a primary contributor to the Open Source project ARTHIR. Michael
is also co-developer of LOG-MD, a free and premium tool that audits the
settings, harvests and reports on malicious Windows log data and malicious
system artifacts. Michael is co-host of “THE Incident Response Podcast”. In
addition Michael also ran BSides Texas entity (Austin, San Antonio, Dallas and
Houston) for six years and lead for the Austin Conference.

LinkedIn

Log-MD.com

Close
Aaron Crawford


EXPLORING THE HACKER MENTALITY FOR POSITIVE SOLUTIONS

Hacking is often perceived in a negative light by the world in general. In this
talk Aaron Crawford demonstrates how he crafted a community solution to help
prepare for active shooting scenarios by embracing the hacker mentality and
applying it to the issue. Learn a step-by-step process to take your existing
skillsets and commit righteous hacks for the benefit of the world around you.
This is the one talk on hacking that will help others and cannot be placed in a
negative light. This talk will help to elevate your existing possibilities and
arm you with the ability to hack to help.

Aaron Crawford is a security professional and prolific author with over
twenty-six years of experience in the industry. You can find him on a regular
basis helping others to learn about security and on his podcast Social
Engineering Tips.

Close
Filipi Pires


DISCOVERING C&C IN MALICIOUS PDF WITH OBFUSCATION, ENCODING AND OTHER TECHNIQUES

Demonstrate different kind of structures in the binaries as a PDF(header/
body/cross-reference table/trailer), explaining how each session works within a
binary, what are the techniques used such as packers, obfuscation with
JavaScript (PDF) and more, explaining too about some anti-disassembly
techniques, demonstrating as a is the action of these malware’s and where it
would be possible to “include” a malicious code. By the end of this “talk” it
will be clear to everyone, differences in binaries structures, how can the
researcher should conduct each of these kind of analyzes, besides of course, it
should seek more basic knowledge, with file structures, software architecture
and programming language.

I’ve been working Principal Security Engineer and Security Researcher at Zup
Innovation and Global Research Manager at Hacker Security, Staff of DEFCON Group
São Paulo-Brazil, I have talked in Security events in US, Germany, Poland,
Hungary, Czech Republic, Brazil and others countries, served as University
Professor in graduation and MBA courses at Brazilian Colleges as FIAP /
Mackenzie / UNIBTA and UNICIV, in addition, I’m Founder and Instructor of the
Course – Malware Analysis – Fundamentals (HackerSec Company – Online Course).

LinkedIn

Close
Ochaun Marshall


A SHOCK TO THE SYSTEM: STATIC ANALYSIS FOR REAL APPSEC

Static analysis (SA) is one of the few techniques that provides a low-level
examination of source code. When SA is combined with DevOps automation and
traditional pentesting, it can offer valuable insights that help with
implementation and remediation efforts. Ineffective use, however, overwhelms
development teams with false positives and causes dysfunctional communications
with security teams. This talk goes over several toolkits for static analysis
based on language and tech stack. After that, we will talk about how to use
automation to create workflows for developers and application security
engineers. We will conclude with cultural transformations needed to make
effective use of these tools and techniques.

Ochaun (pronounced O-shawn) Marshall is a developer and security consultant with
a background in education and machine learning. He has taught courses on
computer science and software development. In his roles at Secure Ideas, he
works on ongoing development projects utilizing Amazon Web Services and breaks
other people’s web applications. He is passionate about secure cloud development
and blasts Two Steps from Hell while hacking, blogging and coding.

By the way, do you know of any good D&D sessions going on in the Charlotte area?
I’ve got a Lizardfolk Forge Cleric already rolled up and I’m looking for a game.

LinkedIn

Close