Masshackers is proud to announce our list of accepted speakers for Beacon 2015. Here's the current list of talks.
This schedule is loose... We'll try our best. If a speaker runs short or long, we'll deal...
11:00 - Get there set up...
11:15 - Welcome to BeaCon 2015 - pdogg/Masshackers
11:30 - Building (Simple) Fuzzing Scripts from Wireshark Dissectors - @_will_is_
12:00 - Trojaned Gems: You Can't Tell If You're Using One - @claudijd
13:00 - So you wanna' be an Incident Responder? - @innismir
14:00 - Online Jihad 2001-2015: A history of Jihobbyism - @kryp3ia
15:00 - The Blame Starts with Computer Science Curricula - @wr0 @0xmchow
16:00 - Break - Drink Eat and Final Sign up for.....
16:30 - STOOPCON - 3 slides, 30 seconds, and your worst 0day ever - @stoopcon
17:00 - Thanks and closing remarks - pdogg/Masshackers
----
So you wanna' be an Incident Responder?
Ben Jackson
Some people think "Incident Responder" and "SOC Analyst"
both stem from the ancient Sumerian phrase for "One who cannot do
penetration testing" -- However, the job is far more complicated than
watching IDS alerts and firewall deny events fly by. In this talk, I
will discuss what exactly the roles defenders play (or should play) in
a modern organization, skill sets that are needed, and why playing
defense is, sometimes, just fun.
----
Building (Simple) Fuzzing Scripts from Wireshark Dissectors
Willis Vandevanter
In this talk we will discuss building some simple fuzzing scripts
based on packet captures. I will also introduce a tool to automate
parts of the work.
----
Online Jihad 2001-2015: A history of Jihobbyism
Kryp3ia
I will cover the online jihad that has been carried out by
AQ/AQAP/Taliban/Daesh since 2001 post 9/11 to today. Their methods of
operation and history from popping poorly secured sites to upload hidden
jihadi manuals to today's Jihobbyist movement. With the advent of Daesh
much more overt activity has been taking place but it is not what you
might consider to be a clear and present danger.
----
Trojaned Gems: You Can't Tell If You're Using One
Jonathan Claudius
Dependence on software libraries and frameworks continue to grow in
popularity. More scrutiny is being placed on reviewing the source code
of these dependencies for security vulnerabilities, but little
attention is being placed on software dependencies while in transit.
In this talk, we will expose weaknesses in software delivery
mechanisms and show how malicious software can be added/injected into
popular software libraries during transit. We will also demonstrate
the impact of these weaknesses using a newly developed tool and
provide advice and guidance on defending against these attacks.
----
The Blame Starts with Computer Science Curricula
Roy W. & Ming Chow
We are still facing the same security vulnerabilities from over a
decade ago. The problems are not going away anytime soon. An
underrated source of blame is Computer Science curricula that are
churning out students who are clueless about security. This talk will
address the lack of emphasis on information security in Computer Science curricula,
how to gradually fix the problem, and success stories..
Comments (0)
You don't have permission to comment on this page.