Session Schedule

Session Schedule2019-01-07T06:25:51+00:00

Tuesday

No Sessions

Wednesday

9:00 AM

Super-Secret Spy Club

Presented by: Matt Insko
Time: Wednesday 9:00 AM - 10:00 AM

Get inducted into the first-ever KidzMash “Super-Secret Spy Club!” Learn the super-secret handshake and super-secret pledge before undergoing training in sending and receiving super-secret messages. This club meeting will cover basics about encryption and ciphers, including how to create and...

Room: AcaciaTrack: KidzMashTags: Hardware, Security, Soft Skills/BusinessFormat: KidzMash SessionzLevel: Introductory and overview
1:00 PM

Analysis and Defense of Automotive Networks

Presented by: Samuel Hollifield
Time: Wednesday 1:00 PM - 5:00 PM

Note: This precompiler will require an additional ticket purchase in order to retain the Arduino hardware featured in the presentation. Modern vehicles are critically vulnerable. They rely on many electronic computers and sensors which communicate by broadcasting critical information over many...

Room: MangroveTrack: HardwareTags: Hardware, Python, SecurityFormat: PreCompilerLevel: Introductory and overview

Thursday

8:00 AM

Threat Modeling on the Family Road Trip and Other Strategies for Delivering Secure Applications

Presented by: Angela Pinney
Time: Thursday 8:00 AM - 9:00 AM

Gene Spafford said: “The only truly secure system is one that is powered off...” Everyone wants secure applications, but creating them is hard, and we don't all have security certifications. How do you know where to start when "security" is not your full-time job? And how do you get the rest of...

Room: Aloeswood / LeopardwoodTrack: SecurityTags: Security, Soft Skills/Business, TestingFormat: General SessionLevel: Introductory and overview
9:15 AM

Capture That Flag : How CTF Competitions Make You a Better Developer

Presented by: John Koerner
Time: Thursday 9:15 AM - 10:15 AM

Have you ever been asked to "think like a hacker?" Do your eyes glaze over when you have to sit through a security audit of your application? Do you want to avoid having an incident like Target, Capital One, or Equifax? If any of these apply to you, consider participating in a Capture the Flag (CTF)...

Room: Aloeswood / LeopardwoodTrack: SecurityTags: SecurityFormat: General SessionLevel: Introductory and overview
10:30 AM

Practical Cryptography for Developers

Presented by: Anthony Eden
Time: Thursday 10:30 AM - 11:30 AM

Understanding the building blocks for cryptography is important for every software developer, especially as the quantity and value of data stored and sent over networks continues to grow. In this talk I will introduce you to the fundamentals of cryptography, demonstrating concepts such as symmetric...

Room: Aloeswood / LeopardwoodTrack: SecurityTags: SecurityFormat: General SessionLevel: Introductory and overview
11:45 AM

Tests Your Pipeline Might Be Missing

Presented by: Gene Gotimer
Time: Thursday 11:45 AM - 12:45 PM

Developing a delivery pipeline means more than just adding automated deploys to the development cycle. It’s about gaining confidence that your builds are viable candidates for release or production. For development to be successful, tests of all types must be incorporated throughout the process to...

Room: MangroveTrack: Software QualityTags: Security, TestingFormat: General SessionLevel: Introductory and overview
1:00 PM

API Gateways and Microservices: 2 peas in a pod

Presented by: Santosh Hari
Time: Thursday 1:00 PM - 2:00 PM

Chances are you’ve already gone through the tedious process of decomposing your monolith into microservices, or at the very least, want to use microservices in the near future. Nowadays, microservices connect to various APIs. These APIs could differ in protocols (REST/SOAP), where they’re hosted...

Room: ZambeziTrack: ArchitectureTags: Cloud, Other, SecurityFormat: General SessionLevel: Introductory and overview

What's in Your Docker? Open Source Security Vulnerabilities in Containers

Presented by: Matt Williams
Time: Thursday 1:00 PM - 2:00 PM

So you stay on top of operating system vulnerabilities and patch regularly, but did you ever consider that there may be vulnerabilities in your containers? In March of 2015, a report that over 30% of the "official" images in the Docker Hub contained high priority security vulnerabilities was issued...

Room: Aloeswood / LeopardwoodTrack: SecurityTags: Other, SecurityFormat: General SessionLevel: Introductory and overview

Protecting Yourself Online and IRL

Presented by: Steve Grunwell
Time: Thursday 1:00 PM - 2:00 PM

There's an old adage about fools and money being easily separated, but the same can be said for data. Every day, people are finding new and innovative ways to harvest information about you, whether it's for fame, fortune, or just for the lulz. You don't need to be a victim, though. Applying some...

Room: AcaciaTrack: SecurityTags: Security, Soft Skills/BusinessFormat: KidzMash SessionzLevel: Introductory and overview
4:45 PM

Blockchain from the Firehose

Presented by: Jacob Coulter
Time: Thursday 4:45 PM - 5:45 PM

Take an in-depth look at Bitcoin, the blockchain that started it all. This session will cover all the pieces required to build a trustless distributed ledger. Learn from the most fundamental building blocks like hashing algorithms, transactions, and blocks, to the more advanced concepts such as...

Room: MangroveTrack: ArchitectureTags: SecurityFormat: General SessionLevel: Introductory and overview

Friday

8:30 AM

Hack Your App - Intro to Mobile Security Testing

Presented by: Hans Weisheimer
Time: Friday 8:30 AM - 9:30 AM

Your phone really doesn’t want you to see what’s going on under the hood - it’s a feature. Many of the introspection capabilities that exist for web development are absent by default on mobile platforms. This is particularly frustrating when you need to validate assumptions or security...

Room: Aloeswood / LeopardwoodTrack: SecurityTags: Mobile, Security, TestingFormat: General SessionLevel: Introductory and overview

Speed, security and simplicity: Creating Container Images with Cloud Native Buildpacks

Presented by: Daniel Mikusa
Time: Friday 8:30 AM - 9:30 AM

Buildpacks are a pluggable, modular, language-agnostic tool that takes application source code and in turn give you an OCI (Open Container Initiative) image which you can run using Docker, Kubernetes or your OCI Runtime of choice. Developers: You no longer need to worry about tedious tasks like...

Room: Salon HTrack: DevOpsTags: .NET, Cloud, Java, Javascript, Ruby/Rails, Python, SecurityFormat: General SessionLevel: Introductory and overview
9:45 AM

Continuous Security

Presented by: Craig Hills
Time: Friday 9:45 AM - 10:45 AM

A presentation on how to build security testing into your CI/CD pipeline. The primary goal is to think about what the appropriate level of testing is for your project, and determine how to make the most significant improvements to your security, while being cost effective.

Room: Aloeswood / LeopardwoodTrack: SecurityTags: Ruby/Rails, Security, TestingFormat: General SessionLevel: Introductory and overview
11:00 AM

Explain it to me like I'm 5: Oauth2 & OpenID

Presented by: Daniel Mikusa
Time: Friday 11:00 AM - 12:00 PM

Oauth2 and OpenID are quickly becoming mainstays for application developers. Companies want integrated authentication to reduce security footprints and users expect the convenience of single sign-on. As an application developer, it's up to you to facilitate this in your applications. In this talk,...

Room: Aloeswood / LeopardwoodTrack: SecurityTags: .NET, Cloud, Java, Javascript, SecurityFormat: General SessionLevel: Introductory and overview
2:45 PM

Hacking on a home server for fun and profit

Presented by: Leo Guinan
Time: Friday 2:45 PM - 3:45 PM

Do you have a Raspberry Pi or similar just gathering dust at home? Or maybe various other computer components hanging around? If you do, come join Leo's journey down the road of system administration, beginning with an assortment of Raspberry Pis, and current in the form of a rack server. He will...

Room: Aloeswood / LeopardwoodTrack: SecurityTags: Hardware, Other, SecurityFormat: General SessionLevel: Introductory and overview