Session List

Session List2019-10-02T20:07:53-05:00

Automating Almost All Application Security Things with CI/CD -- Even Honeypots!

Presented by: Mick Douglas

Application Security is hard... if you do it wrong. IT Departments are doing a woefully poor job at application security based on...checks news headlines...all the data. Improving your organization’s application security posture can seem like a daunting and expensive project that must compete...

Tags: Security, DevOpsFormat: General SessionLevel: Introductory and overview

Binary Analysis for noobs - An Intro to Reverse Engineering

Presented by: Jason Slagle

Do you often find yourself wondering how security researchers discover bugs in systems? How do they earn bug bounties by examining existing software? Are you struggling in CTF challenges whenever you are fed a binary? If so this session is for you! ...

Tags: Security, C#Format: General SessionLevel: Introductory and overview

Developing and Deploying a Static Web App with Blazor and Azure Functions

Presented by: Matthias Koch

Blazor brings C# to the browser. Azure Functions lets your back-end scale. But how do you get started creating an Azure Static Web App using these two and how do you implement a rock-solid CI/CD pipeline for it? ...

Tags: .NET, Cloud, Security, Testing, C#, DevOpsFormat: General SessionLevel: Introductory and overview

Don’t let user authentication stop you from building your web app!

Presented by: Kyle Whitaker

Authentication is no trivial task; it is also an essential building block for most web applications. Building a robust user authentication flow for the first time can stop even a great developer dead in their tracks. Authentication can drown you in a sea of architectural complexity, and all you want...

Tags: Cloud, Javascript, Security, TestingFormat: General SessionLevel: Introductory and overview

Getting the Most out of Sysmon

Presented by: Amanda Berlin

The default logging capabilities from Microsoft are only helpful to a certain extent. This session will discuss how to utilize the Sysinternals tool Sysmon for threat hunting, testing detections and more. The session will explain use cases and look at real examples of Sysmon successfully detecting...

Tags: Security, Career DevelopmentFormat: General SessionLevel: Advanced

How to work with Security and have it not suck

Presented by: Jamie Dicken

Let’s face it: working with security teams can suck. Whether they’re trying to prioritize security work in the backlog, raising a show-stopping security concern hours before go-live, jamming more steps into the SDLC or tools into the pipeline, or blocking use of third-party libraries, there are...

Tags: Security, Soft Skills/BusinessFormat: General SessionLevel: Intermediate

IR Workshop

Presented by: Nathan Case

This is a 3 hour work shop cashing an attacker through a multi cloud infrastructure. Spanning AWS and Azure, a number of services and a Siem. This teacher attendees an intro to IR and threat hunting.

Tags: SecurityFormat: General SessionLevel: Introductory and overview

Secure Application Design and Development With Threat Modeling

Presented by: Joe Kuemerle

In this session you will get an overview of threat modeling techniques that help you to build the most secure application possible. ...

Tags: SecurityFormat: General SessionLevel: Intermediate

What you need to know about SBOM

Presented by: Charles Yost

SBOM (or Software Bill of Materials) might be a familiar acronym, or it might not be one you have heard of before. Either way, this session will have something for you. It will include background on what an SBOM is, why they matter, how to generate one, and how to leverage them for continuous risk...

Tags: SecurityFormat: General SessionLevel: Introductory and overview