Tuesday
No Sessions
Wednesday
No Sessions
Thursday
Automating Almost All Application Security Things with CI/CD -- Even Honeypots!
Presented by: Mick Douglas
Time: Thursday 8:00 AM - 9:00 AMApplication Security is hard... if you do it wrong. IT Departments are doing a woefully poor job at application security based on...checks news headlines...all the data. Improving your organization’s application security posture can seem like a daunting and expensive project that must compete...
Room: ZambeziTrack: SecurityFormat: General SessionLevel: Introductory and overviewSecure Application Design and Development With Threat Modeling
Presented by: Joe Kuemerle
Time: Thursday 10:30 AM - 11:30 AMIn this session you will get an overview of threat modeling techniques that help you to build the most secure application possible. By building a threat model describing the various components of your application and how data flows through it, you will be better prepared to defend your application...
Room: CypressTrack: SecurityFormat: General SessionLevel: IntermediateBinary Analysis for noobs - An Intro to Reverse Engineering
Presented by: Jason Slagle
Time: Thursday 3:30 PM - 4:30 PMDo you often find yourself wondering how security researchers discover bugs in systems? How do they earn bug bounties by examining existing software? Are you struggling in CTF challenges whenever you are fed a binary? If so this session is for you! In this session, the attendees will look at an...
Room: CypressTrack: SecurityFormat: General SessionLevel: Introductory and overviewWhat you need to know about SBOM
Presented by: Charles Yost
Time: Thursday 4:45 PM - 5:45 PMSBOM (or Software Bill of Materials) might be a familiar acronym, or it might not be one you have heard of before. Either way, this session will have something for you. It will include background on what an SBOM is, why they matter, how to generate one, and how to leverage them for continuous risk...
Room: Salon HTrack: SecurityFormat: General SessionLevel: Introductory and overviewFriday
How to work with Security and have it not suck
Presented by: Jamie Dicken
Time: Friday 9:45 AM - 10:45 AMLet’s face it: working with security teams can suck. Whether they’re trying to prioritize security work in the backlog, raising a show-stopping security concern hours before go-live, jamming more steps into the SDLC or tools into the pipeline, or blocking use of third-party libraries, there are...
Room: ZambeziTrack: SecurityFormat: General SessionLevel: IntermediateGetting the Most out of Sysmon
Presented by: Amanda Berlin
Time: Friday 11:00 AM - 12:00 PMThe default logging capabilities from Microsoft are only helpful to a certain extent. This session will discuss how to utilize the Sysinternals tool Sysmon for threat hunting, testing detections and more. The session will explain use cases and look at real examples of Sysmon successfully detecting...
Room: Salon HTrack: SecurityFormat: General SessionLevel: Advanced