Tuesday
Hands On Threat Modeling Workshop
Presented by: Robert Hurlbut
Time: Tuesday 8:00 AM - 12:00 PMThreat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. When it comes to building software, some software shops either skip the important step of threat modeling in secure software...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: PreCompilerLevel: IntermediateKidzMash: Human 3D Printer: a social STEM learning experiment
Time: Tuesday 8:00 AM - 9:00 AMAfter a brief overview where we explain what the teams will do, we will be dividing into 3 teams. A CAD team, a SLICER team, and a 3D printer team. The teams will try to manually replicate with the team each piece of the 3D object development and replication process! The CAD team will model the...
Room: Guava / TamarindKidzMash: A Kid’s World of 3D printing
Time: Tuesday 9:00 AM - 10:00 AMThis session is targeted for children. All ages of children are welcome (with a responsible adult). We will tour the maker lab and talk about the exciting world of 3D printing. We will look at the printers as well as models made on them and pass around lots of things. We will also go over basics of...
Room: Guava / TamarindKidzMash: A Kid’s introduction to 3D Modeling
Time: Tuesday 10:00 AM - 12:00 PMThis second session we will work with a fully-featured CAD application called Rhino3d and walk through the process of building a basic model from geometric shapes. We will explain the XYZ coordinate system, and what the different views are for. We will also spend some time playing with the transform...
Room: Guava / TamarindKidzMash: Preschool Art Time
Time: Tuesday 11:00 AM - 12:00 PMSimple exploratory art projects that teach creative thinking for the littler attendees. Ages: 2-5 *Projects require some assistance from an adult!*
Room: IronwoodiOS Application Security Testing
Presented by: Hans Weisheimer
Time: Tuesday 1:00 PM - 5:00 PMThis hands-on session is aimed at mobile app developers, QA testers, aspiring security testers, and other suspicious persons. Modern mobile app development abstracts away most low-level interaction with the operating system. It is common to rely on third-party modules to handle sensitive data or...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: PreCompilerLevel: IntermediateFrom idea to physical series: A basic overview of the world of CAD and 3D printing
Time: Tuesday 1:00 PM - 2:00 PMThis session will talk about the exciting world of 3D printing with a bit of the history of the technology. We will look at the lab’s printers as well as models made on them. We’ll then cover choosing a CAD app and will briefly cover using curated 3D printer object libraries and different CAD...
Room: Guava / TamarindFrom idea to physical: A demo of how to make CAD models in Rhino3d
Time: Tuesday 2:00 PM - 4:00 PMThis lab is intended to be a fast-paced technology walk-through of the process of creating a 3D printed object. We will focus in on the process of using CAD to create our model with a NURBS modeler called Rhino3D and will walk through the UI and how Rhino uses basic curves and shapes to create more...
Room: Guava / TamarindFrom idea to physical series: Additional Castle project walk-through Rhino project
Time: Tuesday 4:00 PM - 5:00 PMCan’t get enough model building? Want to make something more advanced than your basic cups/keychains/challenge coins? We’ve noticed we have some repeat students each year on our kids track that just love to build models, and we’ve also run several years of our introductory track for adults. We...
Room: Guava / TamarindKidzMash: How to Train Your Dragon: The Hidden World
Time: Tuesday 7:30 PM - 9:30 PM1h 44m: PG
Room: AcaciaWednesday
Application Security, Basic, Intermediate, Advanced
Presented by: Bill Sempf
Time: Wednesday 8:00 AM - 12:00 PMBill will be joining us to teach a dynamic course to help us think like an attacker and give us all the coding tips we need to stop them cold in their tracks. Even the most experienced developers are sure to pick up some new tips and tricks. This hands-on half-day workshop will have something for...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: PreCompilerLevel: IntermediateKidzMash: Human 3D Printer: a social STEM learning experiment
Time: Wednesday 8:00 AM - 9:00 AMAfter a brief overview where we explain what the teams will do, we will be dividing into 3 teams. A CAD team, a SLICER team, and a 3D printer team. The teams will try to manually replicate with the team each piece of the 3D object development and replication process! The CAD team will model the...
Room: Guava / TamarindKidzMash: A Kid’s World of 3D printing
Time: Wednesday 9:00 AM - 10:00 AMThis session is targeted for children. All ages of children are welcome (with a responsible adult). We will tour the maker lab and talk about the exciting world of 3D printing. We will look at the printers as well as models made on them and pass around lots of things. We will also go over basics of...
Room: Guava / TamarindSuper-Secret Spy Club
Presented by: Matt Insko
Time: Wednesday 9:00 AM - 10:00 AMGet inducted into the first-ever KidzMash “Super-Secret Spy Club!” Learn the super-secret handshake and super-secret pledge before undergoing training in sending and receiving super-secret messages. This club meeting will cover basics about encryption and ciphers, including how to create and...
Room: AcaciaTrack: KidzMashFormat: KidzMash SessionzLevel: Introductory and overviewKidzMash: A Kid’s introduction to 3D Modeling
Time: Wednesday 10:00 AM - 12:00 PMThis second session we will work with a fully-featured CAD application called Rhino3d and walk through the process of building a basic model from geometric shapes. We will explain the XYZ coordinate system, and what the different views are for. We will also spend some time playing with the transform...
Room: Guava / TamarindKidzMash: Preschool Art Time
Time: Wednesday 12:00 PM - 1:00 PMSimple exploratory art projects that teach creative thinking for the littler attendees. Ages: 2-5 *Projects require some assistance from an adult!*
Room: IronwoodBuilding a DevSecOps Pipeline
Presented by: Gene Gotimer
Time: Wednesday 1:00 PM - 5:00 PMThe release date is a week away. Development is complete. The code works, and everything looks good. Marketing is ready with the media blitz. Our customers are waiting to get their hands on the new features and are sure to give us good feedback. The only step left is to get the security group to...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: PreCompilerLevel: IntermediateAnalysis and Defense of Automotive Networks
Presented by: Samuel Hollifield
Time: Wednesday 1:00 PM - 5:00 PMNote: This precompiler will require an additional ticket purchase in order to retain the Arduino hardware featured in the presentation. Modern vehicles are critically vulnerable. They rely on many electronic computers and sensors which communicate by broadcasting critical information over many...
Room: MangroveTrack: HardwareFormat: PreCompilerLevel: Introductory and overviewFrom idea to physical series: A basic overview of the world of CAD and 3D printing
Time: Wednesday 1:00 PM - 2:00 PMThis session will talk about the exciting world of 3D printing with a bit of the history of the technology. We will look at the lab’s printers as well as models made on them. We’ll then cover choosing a CAD app and will briefly cover using curated 3D printer object libraries and different CAD...
Room: Guava / TamarindFrom idea to physical: A demo of how to make CAD models in Rhino3d
Time: Wednesday 2:00 PM - 4:00 PMThis lab is intended to be a fast-paced technology walk-through of the process of creating a 3D printed object. We will focus in on the process of using CAD to create our model with a NURBS modeler called Rhino3D and will walk through the UI and how Rhino uses basic curves and shapes to create more...
Room: Guava / TamarindFrom idea to physical series: Additional Castle project walk-through Rhino project
Time: Wednesday 4:00 PM - 5:00 PMCan’t get enough model building? Want to make something more advanced than your basic cups/keychains/challenge coins? We’ve noticed we have some repeat students each year on our kids track that just love to build models, and we’ve also run several years of our introductory track for adults. We...
Room: Guava / Tamarind“How would you print that?” interactive panel
Time: Wednesday 5:00 PM - 6:00 PMWe have a wealth of different perspectives reflected with our 3D printing room staff- including tinkering hobbyists, hardcore makers, and even that of using multiple printer types repeatably in a small business setting. We thought it would be fun to share these various perspectives on how we...
Room: Guava / TamarindLightning Talks
Time: Wednesday 7:00 PM - 9:00 PMThese are a series of (usually) really interesting talks, all of which are only 6 minutes each!
Room: Suite 1 / Suite 6Welcome Reception
Time: Wednesday 8:00 PM - 10:30 PMThe Welcome Reception is in and around Marrakesh (the bar/restaurant area in the Convention Center). It will sprawl into the hallway as well
Room: Grand HallThursday
Threat Modeling on the Family Road Trip and Other Strategies for Delivering Secure Applications
Presented by: Angela Pinney
Time: Thursday 8:00 AM - 9:00 AMGene Spafford said: “The only truly secure system is one that is powered off...” Everyone wants secure applications, but creating them is hard, and we don't all have security certifications. How do you know where to start when "security" is not your full-time job? And how do you get the rest of...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: Introductory and overviewKidzMash: Human 3D Printer: a social STEM learning experiment
Time: Thursday 8:00 AM - 9:00 AMAfter a brief overview where we explain what the teams will do, we will be dividing into 3 teams. A CAD team, a SLICER team, and a 3D printer team. The teams will try to manually replicate with the team each piece of the 3D object development and replication process! The CAD team will model the...
Room: Guava / TamarindKidzMash: A Kid’s World of 3D printing
Time: Thursday 9:00 AM - 10:00 AMThis session is targeted for children. All ages of children are welcome (with a responsible adult). We will tour the maker lab and talk about the exciting world of 3D printing. We will look at the printers as well as models made on them and pass around lots of things. We will also go over basics of...
Room: Guava / TamarindKM: Alexa Scavenger Hunt
Time: Thursday 9:00 AM - 12:00 AMReady for a digital adventure? There is an Alexa Scavenger Hunt throughout the Kalahari that you can play using your phone or tablet, and your voice! The hunt starts at the giant bronze gorilla (at the entrance to the convention center). You can do it entirely at your own pace or schedule, and there...
Room: Giant Bronze GorillaCapture That Flag : How CTF Competitions Make You a Better Developer
Presented by: John Koerner
Time: Thursday 9:15 AM - 10:15 AMHave you ever been asked to "think like a hacker?" Do your eyes glaze over when you have to sit through a security audit of your application? Do you want to avoid having an incident like Target, Capital One, or Equifax? If any of these apply to you, consider participating in a Capture the Flag (CTF)...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: Introductory and overviewKidzMash: A Kid’s introduction to 3D Modeling
Time: Thursday 10:00 AM - 12:00 PMThis second session we will work with a fully-featured CAD application called Rhino3d and walk through the process of building a basic model from geometric shapes. We will explain the XYZ coordinate system, and what the different views are for. We will also spend some time playing with the transform...
Room: Guava / TamarindKM: Sponsor Scavenger Hunt
Time: Thursday 10:00 AM - 2:00 PMPick up a Scavenger Hunt Sheet In Hangoutz / Crown Palm and walk through the sponsor booths to find the answers. Remember this is not a race! Once completed return to check your answers. All of the answers are names of Sponsors. All of the Answer Sponsors who participated volunteered to be a part of...
Room: HangoutzPractical Cryptography for Developers
Presented by: Anthony Eden
Time: Thursday 10:30 AM - 11:30 AMUnderstanding the building blocks for cryptography is important for every software developer, especially as the quantity and value of data stored and sent over networks continues to grow. In this talk I will introduce you to the fundamentals of cryptography, demonstrating concepts such as symmetric...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: Introductory and overviewSecuring Your API Endpoints - A Practical Authentication Guide
Presented by: Seth Petry-Johnson
Time: Thursday 11:45 AM - 12:45 PMIt's never been easier to expose services over HTTP. It's also never been easier to inadvertently expose security holes via those same services. This session is designed for the average developer/architect that wants a brief overview of API security without getting into the weeds of cryptography...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: IntermediateTests Your Pipeline Might Be Missing
Presented by: Gene Gotimer
Time: Thursday 11:45 AM - 12:45 PMDeveloping a delivery pipeline means more than just adding automated deploys to the development cycle. It’s about gaining confidence that your builds are viable candidates for release or production. For development to be successful, tests of all types must be incorporated throughout the process to...
Room: MangroveTrack: Software QualityFormat: General SessionLevel: Introductory and overviewKidzMash: Preschool Art Time
Time: Thursday 12:00 PM - 1:00 PMSimple exploratory art projects that teach creative thinking for the littler attendees. Ages: 2-5 *Projects require some assistance from an adult!*
Room: IronwoodAPI Gateways and Microservices: 2 peas in a pod
Presented by: Santosh Hari
Time: Thursday 1:00 PM - 2:00 PMChances are you’ve already gone through the tedious process of decomposing your monolith into microservices, or at the very least, want to use microservices in the near future. Nowadays, microservices connect to various APIs. These APIs could differ in protocols (REST/SOAP), where they’re hosted...
Room: ZambeziTrack: ArchitectureFormat: General SessionLevel: Introductory and overviewWhat's in Your Docker? Open Source Security Vulnerabilities in Containers
Presented by: Matt Williams
Time: Thursday 1:00 PM - 2:00 PMSo you stay on top of operating system vulnerabilities and patch regularly, but did you ever consider that there may be vulnerabilities in your containers? In March of 2015, a report that over 30% of the "official" images in the Docker Hub contained high priority security vulnerabilities was issued...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: Introductory and overviewFrom idea to physical series: A basic overview of the world of CAD and 3D printing
Time: Thursday 1:00 PM - 2:00 PMThis session will talk about the exciting world of 3D printing with a bit of the history of the technology. We will look at the lab’s printers as well as models made on them. We’ll then cover choosing a CAD app and will briefly cover using curated 3D printer object libraries and different CAD...
Room: Guava / TamarindProtecting Yourself Online and IRL
Presented by: Steve Grunwell
Time: Thursday 1:00 PM - 2:00 PMThere's an old adage about fools and money being easily separated, but the same can be said for data. Every day, people are finding new and innovative ways to harvest information about you, whether it's for fame, fortune, or just for the lulz. You don't need to be a victim, though. Applying some...
Room: AcaciaTrack: SecurityFormat: KidzMash SessionzLevel: Introductory and overviewFrom idea to physical: A demo of how to make CAD models in Rhino3d
Time: Thursday 2:00 PM - 4:00 PMThis lab is intended to be a fast-paced technology walk-through of the process of creating a 3D printed object. We will focus in on the process of using CAD to create our model with a NURBS modeler called Rhino3D and will walk through the UI and how Rhino uses basic curves and shapes to create more...
Room: Guava / TamarindA Series of Unfortunate Events - What Happens When Your App is Hacked.
Presented by: Joe Kuemerle
Time: Thursday 3:30 PM - 4:30 PMMany of us know about the various security checklists and how we should write more secure code. In this session we will move beyond top 10 lists and dive into the world of how attackers compromise systems and how they use those compromises to exploit both individuals and companies. You will see...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: IntermediateFrom idea to physical series: Additional Castle project walk-through Rhino project.
Time: Thursday 4:00 PM - 5:00 PMCan’t get enough model building? Want to make something more advanced than your basic cups/keychains/challenge coins? We’ve noticed we have some repeat students each year on our kids track that just love to build models, and we’ve also run several years of our introductory track for adults. We...
Room: Guava / TamarindApp Deco - Applied Design Thinking for Secure Development
Presented by: Wolfgang Goerlich
Time: Thursday 4:45 PM - 5:45 PMUsability versus security is stupid. It forces us to choose one or the other. It excuses security breaches under the guise of usability. It automatically pits us against them, builders against breakers, developers against defenders. A better approach is to view security like usability: they happen...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: IntermediateBlockchain from the Firehose
Presented by: Jacob Coulter
Time: Thursday 4:45 PM - 5:45 PMTake an in-depth look at Bitcoin, the blockchain that started it all. This session will cover all the pieces required to build a trustless distributed ledger. Learn from the most fundamental building blocks like hashing algorithms, transactions, and blocks, to the more advanced concepts such as...
Room: MangroveTrack: ArchitectureFormat: General SessionLevel: Introductory and overview“How would you print that?” interactive panel
Time: Thursday 5:00 PM - 6:00 PMWe have a wealth of different perspectives reflected with our 3D printing room staff- including tinkering hobbyists, hardcore makers, and even that of using multiple printer types repeatably in a small business setting. We thought it would be fun to share these various perspectives on how we...
Room: Guava / TamarindSuper Smash Bros Ultimate Tournament
Time: Thursday 7:00 PM - 11:00 PMA tournament... where folks play Super Smash Bros
Room: IronwoodDessert Bar, Karaoke, and Photo Booth
Time: Thursday 8:00 PM - 11:00 PMDessert Bar is only until 9PM
Room: Grand HallWaterpark Party
Time: Thursday 10:00 PM - 1:00 AMIf you still have energy, come on down to the Waterpark Party! Swimming is optional. Having fun is mandatory. Sherwin-Williams is hosting a Waterpark Cabana, located near the wave pool! Late night snacks and drinks will be available while they last. Come by and grab a slice or two and meet some new...
Room: WaterparkFriday
KM: Alexa Scavenger Hunt
Time: Friday 7:00 AM - 1:00 PMReady for a digital adventure? There is an Alexa Scavenger Hunt throughout the Kalahari that you can play using your phone or tablet, and your voice! The hunt starts at the giant bronze gorilla (at the entrance to the convention center). You can do it entirely at your own pace or schedule, and there...
Room: Giant Bronze GorillaHack Your App - Intro to Mobile Security Testing
Presented by: Hans Weisheimer
Time: Friday 8:30 AM - 9:30 AMYour phone really doesn’t want you to see what’s going on under the hood - it’s a feature. Many of the introspection capabilities that exist for web development are absent by default on mobile platforms. This is particularly frustrating when you need to validate assumptions or security...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: Introductory and overviewSpeed, security and simplicity: Creating Container Images with Cloud Native Buildpacks
Presented by: Daniel Mikusa
Time: Friday 8:30 AM - 9:30 AMBuildpacks are a pluggable, modular, language-agnostic tool that takes application source code and in turn give you an OCI (Open Container Initiative) image which you can run using Docker, Kubernetes or your OCI Runtime of choice. Developers: You no longer need to worry about tedious tasks like...
Room: Salon HTrack: DevOpsFormat: General SessionLevel: Introductory and overviewKidzMash: A Kid’s World of 3D printing
Time: Friday 9:00 AM - 10:00 AMThis session is targeted for children. All ages of children are welcome (with a responsible adult). We will tour the maker lab and talk about the exciting world of 3D printing. We will look at the printers as well as models made on them and pass around lots of things. We will also go over basics of...
Room: Guava / TamarindContinuous Security
Presented by: Craig Hills
Time: Friday 9:45 AM - 10:45 AMA presentation on how to build security testing into your CI/CD pipeline. The primary goal is to think about what the appropriate level of testing is for your project, and determine how to make the most significant improvements to your security, while being cost effective.
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: Introductory and overviewKidzMash: A Kid’s introduction to 3D Modeling
Time: Friday 10:00 AM - 12:00 PMThis second session we will work with a fully-featured CAD application called Rhino3d and walk through the process of building a basic model from geometric shapes. We will explain the XYZ coordinate system, and what the different views are for. We will also spend some time playing with the transform...
Room: Guava / TamarindExplain it to me like I'm 5: Oauth2 & OpenID
Presented by: Daniel Mikusa
Time: Friday 11:00 AM - 12:00 PMOauth2 and OpenID are quickly becoming mainstays for application developers. Companies want integrated authentication to reduce security footprints and users expect the convenience of single sign-on. As an application developer, it's up to you to facilitate this in your applications. In this talk,...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: Introductory and overviewDDoS Attacks: Threat Landscape & Defensive Countermeasures
Presented by: Chris Holland
Time: Friday 12:15 PM - 1:15 PMOctober 2016’s attack on Dyn's DNS infrastructure was a gloomy wake-up call to the online community at-large, depriving us access to some of the online destinations and applications we use every day, thereby confronting us with the stark reality of an old and ever-growing threat with which the...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: IntermediateUnderstanding the identity business, and how to get out of it
Presented by: Jeff Putz
Time: Friday 12:15 PM - 1:15 PMKnowing who is using your software is super fundamental. It's less important than ever to have to manage those identities yourself, but you can't escape understanding the protocols and players. Let's talk about how things like OAuth2 actually work, and then decide if you can get out of the business...
Room: RosewoodTrack: SecurityFormat: General SessionLevel: IntermediateKidzMash: Preschool Art Time
Time: Friday 1:00 PM - 2:00 PMSimple exploratory art projects that teach creative thinking for the littler attendees. Ages: 2-5 *Projects require some assistance from an adult!*
Room: IronwoodHacking on a home server for fun and profit
Presented by: Leo Guinan
Time: Friday 2:45 PM - 3:45 PMDo you have a Raspberry Pi or similar just gathering dust at home? Or maybe various other computer components hanging around? If you do, come join Leo's journey down the road of system administration, beginning with an assortment of Raspberry Pis, and current in the form of a rack server. He will...
Room: Aloeswood / LeopardwoodTrack: SecurityFormat: General SessionLevel: Introductory and overviewKidzMash: Mad Science
Time: Friday 4:00 PM - 5:00 PMIt is always sad to come to the end. To ease our parting Mad Science is coming to the close and bringing Fire and Ice! One last scientific exploration into matter and pressure before we send you home until 2021
Room: Suite 1 / Suite 6