John Strand makes a few opening remarks and announcements to welcome conference attendees and get the conference rolling.
The ever-evolving landscape of cybersecurity threats demands a constant flow of new ideas, collaboration, and knowledge sharing. Professionals should consider the pivotal role that networking communities and mentorship play in fostering a resilient cybersecurity ecosystem.
Join this presentation for a comprehensive overview of modern cybersecurity threats and how breaches occur. We will highlight the various methods used by cybercriminals, including phishing, social engineering, and ransomware attacks, and emphasize the importance of identifying and addressing vulnerabilities before they can be exploited. There are a lot of vulnerabilities in the wild, and IT administrators and security professionals often focus on the wrong issues because they are easier to monitor or measure. By the end of the presentation, you will have gained valuable insights into the latest cybersecurity threats and how to protect against them.
This presentation describes some of the challenges of malware development for Red Team initial access operations, and how continuous integration/continuous development (CICD) pipelines can be employed to assist in solving the challenges. The presentation will start by introducing some of the known techniques employed by modern endpoint defense software, and then describe how a CICD approach can be used to enable unique malware artifact production for bypass and initial access operational success. It is hoped that this presentation will stimulate ideas and discussion surrounding both source code obfuscation and related dynamically triggered child pipeline utilization.
Incident Response teams need to be more capable in responding to attacks than ever before. Threat actors are continually updating their TTPs and their ability to rapidly traverse target networks. A significant challenge IR teams face is the lack of opportunities to leverage their tools and processes on a routine basis. Annual technical training or the organization-wide Tabletop Exercise (TTX) is insufficient in preparing IR teams to address the challenges. What is needed is actual practice against a live threat actor.
Introducing FalconHound, a toolkit that integrates with Microsoft Sentinel, Defender for Endpoint, the Azure Graph API, Neo4j and the BloodHound API to get the most out of your data. Some of its features allow it to track sessions, changes to the environment, alerts, and incidents on your entities and much, much more. All in near-real time!
This presentation will provide an overview of LLMs, including their strengths and limitations, and discuss how they are being used in disinformation campaigns. Additionally, the presentation will examine the potential impact of LLMs on the future of work, particularly in the field of computer security, and highlight the need for new strategies to deal with the increasing sophistication of LLM-generated attacks. The talk will conclude by discussing the ethical and social implications of LLMs, particularly in relation to job displacement and data privacy.
Endpoint protections are getting better every day. Attackers are having to change their tactics more and more to achieve execution which, in turn, makes it harder for red teams to emulate their attacks. In this talk, Corey Overstreet will be covering initial common methods used to get payloads around AV/EDR and application allow-listing.
Why does it seem that DevOps and Security are always at odds with each other? Why does Security have such a bad reputation among developers? In this talk, "Six Things DevOps Wants from InfoSec", you'll learn that developers actually WANT to work with Security - they care about writing secure code! But we as security professionals need to understand that developers don't want another "Big Brother" telling them what to do - they need an active and supportive partner in the delivery process. This talk will showcase six things that every DevOps teams want from their InfoSec teams. Everyone is on the same team, after all. Let's help DevOps accomplish their goal to release the best - and most secure - code possible.
The current model for traditional penetration testing is broken. The typical scan and exploit model doesn’t reflect how real attackers operate after establishing a foothold. Many organizations aren’t mature enough to need or benefit from a proper red team assessment. Organizations are often unsure how to approach a Purple Team
This talk reveals the five ways outside attackers gain internal access and outlines defenders' three core objectives: reducing initial access, lowering detection and response time, and slowing down attackers. Through live demonstrations, real-world examples, and even a unique Mario Kart analogy, this talk provides actionable insights into detective controls and slowing down attackers.
Running two large sized companies that both focus on breaking into companies as well as defending them has helped put things into perspectives on both successes and failures from a defense perspective. This talk will dive into some of the most common methods attackers go after organizations, but focus on non traditional ways of defending the network against them. We'll be diving into prevention, detection, deception, AI (or lack thereof and marketing fluff), and much more. Let's cut right down to it, and walk away with six things you can do today to better defend and identify attacks earlier in the attack cycle.
The cybersecurity landscape can broadly be broken down into dividing between the “haves” vs the “have-nots.” The security recommendations offered by so many of “just deploy X” fall on deaf ears to the *vast majority* of organizations who fall into the latter category of “have-nots.” Until the security gap for the “have-nots” of the world is closed, we’re doomed to continue failing at security overall (/screams in “software supply chain”).
Take an exhilarating journey back in time to the 80s, 90s, and 00s as this father and son duo reveal what it was like to get started in an untamed security landscape populated by ruthless hackers. Join us for a captivating presentation as we delve into the intriguing world of the lost underground scene, revealing the stories, techniques, and culture that defined this rebellious era.