Home-sliceGimme Yo' Talk!When does Kaminsky talk?The Fun StuffParking for PollutersRTFM!Wasn't me!Sponsors not Vendors
BayThreat 4 is over for 2013. Until next year, stay tuned to @BayThreat.

The recordings from this year's conference are available here.


In order to keep the ticket cost low, we rely on a few key sponsors to support us. Thanks to our sponsors:





Cloud Passage










Errata Security


Threat Stream

Bishop Fox

Risk I/O


Rift Recon

Hacker Dojo


2013 BayThreat Speakers

Randy Ivener & Joe Karpenko - "Beware of Network: Unleash Your Network on Threats and Adversaries"
Frank Denis - "This Domain Name Will Self-destruct Tomorrow"
Jessica Solper - "Managing Vulnerability: or, why letting outside researchers handle testing and tracking is not in your best interest"

Anthony Kasza- "Network Forensics with Bro(s)"
Monika Morrow - "So You Want to Build A Burp Plugin?"
Flee & Lisa Hall - "If You Build It Devs Will Come"

Alex Kouzemtchenko - "Bypassing Content-Security-Policy"
Nathan McCauley- "On Building Widely Deployed Cryptographic Devices"
Eric Michaud & Ryan Lackey - "Thwarting Evil Maid Attacks: Physically Unclonable Functions for Hardware Tamper Detection"

Ping Yan & Thibault Reuille - "The Ripple Effect (3D) - Containing Cryptolocker" & "Visualizing Knowledge"
Laksh Raghavan - "Tales from the Trenches: Rollout of Static Analysis Tools for Large Enterprises"
Anton Chuvakin- "Big Data For Security Is 99% Hype? What's the 1%?!"

Zach Lanier & Ben Nell - "No Apology Required: Deconstructing BB10"
Michael Carlson - "Hacking Minecraft: All your blocks are belong to us"
Bob Harris- "For relaxing times, make it Suntory time."

Ryan Huber - "Running at 99%: Surviving an Application DoS"
Big Davi Ottenheimer - "Baby Got Risk: I like Big Data and I Can Not Lie"
Sarbanes 0xBA115 & Soldier of Fortran - "Hacking Mainframes Like a Boss"

Zachary Cutlip - "BT Wireless Routers: Adventures in Reversing and Exploiting"
Allison Miller - "Operating * By the Numbers"
Alexandre Pinto - "Applying Machine Learning to Network Security Monitoring"

Jason Craig - "That Kill Chain Thing: Let's Make the Academic Practical"
Collin Greene - "Wacky Bugs and Running a Bug Bounty"
Wartortell and FuzzyNop - "Targeted Malware Final Form (APTrololol)"

Scott J Roberts - "Using Robots to Fight Bad Guys"
Nick Sullivan - "Building white box cryptography - what do you do when they’re in your house?"
Nitesh Dhanjani - "Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts"
Boris Sverdlik - "Bob's Adventures in Chemo"


Randy Ivener & Joe Karpenko - "Beware of Network: Unleash Your Network on Threats and Adversaries"

Synopsis: Today's threat landscape is a complex battlefield rife with passionate hacktivists, profiteering criminals, insidious bad-actors, industrial espionage, and powerful nations. These threat actors are exploiting the security weaknesses of specifically targeted organizations for their own gain. Whether the motivation is monetary, publicity for a cause, theft of trade secrets, intellectual property, customer information, or increased competitive advantage, the proliferating presence of threats in the cyber landscape thriving.

Building on the six phases of Incident Response and inherent network instrumentation features such as NetFlow and DNS telemetry, we will discuss recommendations for protecting your network infrastructure, proprietary and customer information, servers, clients, and users.
* These recommendations should be deployed as part of the Preparation phase of Incident Response.
* Practical and effective use of these recommendations provide critical insight and awareness into threats in-progress or post compromise.
* These recommendations have been battle tested and helped organizations respond to on-going attacks.

Bio: Randy Ivener, CCIE No. 10722 Emeritus, is a Security Manager with Cisco's Security Research and Operations Group. Randy has spent many years as a network security specialist helping companies secure their networks. Randy has presented security topics at industry events such as Blackhat and Cisco Live. Before becoming immersed in information security, he served in the Navy and spent time in software development and as a training instructor.

Joseph Karpenko is a Senior Security Engineer in Cisco's Security Research and Operations Group. Joseph is a 12-year veteran of technology with expertise in networking, security, data center, and the systems administration fields. Currently Joseph is responsible for developing security solutions that deter, detect, and prevent existing, current, and emerging threats and attacks. Joseph has also been a speaker at multiple conferences presenting on security topics. During his career, Joseph has worked with customers on the design and implementation of large-scale enterprise and data center network and security architectures. Prior to joining Cisco, Joseph worked as a system administrator and senior escalation engineer handling and troubleshooting complex security and network incidents.

Frank Denis - "This Domain Name Will Self-destruct Tomorrow"

Synopsis: Predictive models naturally complement signature-based and behavior-based security. They tremendously help researchers know where to look in order to discover new samples, and they help end-users being protected against unknown threats. These models typically rely on a number of indicators, and the amount of malware previously observed on a given IP is usually among the most important ones. This talk will shed some light on common methods to assign a reputation to an IP address, as well as introduce Dorothy, an IP reputation system dedicated to spotting malware using DNS data. We will describe how this system works and what it uncovered.

Bio: Frank is a security researcher at OpenDNS, an OSS contributor, and a long-time security zealot. When he is not writing malware detection models based on DNS data, he enjoys experimenting with obscure programming languages.

Jessica Solper - "Managing Vulnerability: or, why letting outside researchers handle testing and tracking is not in your best interest"

Anthony Kasza- "Network Forensics with Bro(s)"

Synopsis: This talk will present a methodology for analyzing large network trace files, then demonstrate how Bro, an open source NSM framework, can make analysis quick and thorough. Audience members wishing to follow along should show up with Bro installed and be ready to tear apart some pcap.

Bio: No popped collar, but he'll tell you everything you ever wanted to know about Bro. That's pretty much all he'll tell you though, because he's paranoid.

Monika Morrow - "So You Want to Build A Burp Plugin?"

Synopsis: Want to write a Burp plugin? Think it's too complicated? Don't know why anyone would ever want to? See how easy it can be to create a Burp plugin to augment your web application security assessment workflow or create a workaround for a quirky application.

Bio: Monika Morrow is a Senior Security Consultant at AppSec Consulting where she spends the majority of her time performing web and mobile application security assessments. As a former software developer, who has an interest in software automation, she is always looking for opportunities to streamline tedious tasks with smart coding.

Flee & Lisa Hall - "If You Build It Devs Will Come"


Bio: Flee is Twilio's Lead Security Engineer. When not working on making more resilient systems and software, Flee enjoys candlelit dinners, long walks on the beach, and sarcasm.

Lisa is Twilio’s Senior Information Security Analyst. She has over 8 years experience in Information Security, Governance, Risk Management, and Compliance. Prior to joining Twilio, Lisa was a Manager for the Advisory Services practice at Ernst & Young.

Alex Kouzemtchenko - "Bypassing Content-Security-Policy"

Synopsis: Content-Security-Policy is gaining more traction as a way to mitigate XSS with major websites with sites such as Twitter, GitHub and Yandex implementing blocking policies and other sites such as Facebook implementing report-only policies.

This talk will examine how to write exploits for XSS bugs in the presence of a variety of CSP policies by taking advantage of loose CSP policies, application-specific weaknesses, javascript frameworks and browser oddities.

Bio: Alex has been finding webapp vulnerabilities and giving talks much like this one about the results for the better part of a decade. His interest in XSS once earned him a nomination for "Most narrowly directed researcher" from the prestigious internet publication zf04.

He is currently a Security Researcher at Coverity where he helps make static analysis find vulnerabilities in real software.

Nathan McCauley- "On Building Widely Deployed Cryptographic Devices"

Synopsis: This talk describes the creation of a mass produced encrypted credit card reader from design to deployment. The talk covers the design goals of such a system and the numerous implementation tradeoffs that were considered. Secure manufacturing, individualization, and key provisioning in overseas factories will be discussed. Crypto design will be considered including algorithm selection, key generation, and modes of operation. Finally, a number of server side decryption controls are discussed in depth, with particular attention given to key storage and multi-datacenter complexities.

Bio: Nathan McCauley is a Security Engineer at Square.

Eric Michaud & Ryan Lackey - "Thwarting Evil Maid Attacks: Physically Unclonable Functions for Hardware Tamper Detection"

Synopsis: Increasingly, users and their computing hardware are exposed a range of software and hardware attacks, ranging from disk imaging to hardware keylogger installation and beyond. Existing methods are inadequate to fully protect users, particularly from covert physical hardware modifications in the “evil maid” scenario, and yet are very inconvenient. Victims include governments and corporations traveling internationally (e.g. China), anti-government activists in places like Syria, and anyone who is a target of a motivated attacker who can gain physical access.

Physically Unclonable Functions, combined with a trusted mobile device and a network service, can be used to mitigate these risks. We present a novel open-source mobile client and network service which can protect arbitrary hardware from many forms of covert modification and attack, and which when integrated with software, firmware, and policy defenses, can provide greater protection to users and limit potential attack surface.

Bio: ABOUT ERIC MICHAUD - Founder and CEO of Rift Recon and Director of Hardware Curation at ExploitHub, Michaud has advised on physical security, lockpicking, and hackerspaces for over a decade. He is a professional physical security advisor; an R&D, test and analysis expert; and specializes in forecast and strategy. Michaud started HacDC and Pumping Station: One, is the author of the How To Start A Hackerspace Series, and advises hackerspaces - bringing the movement to over 900 locations worldwide. His skill opening impossible-to-pick locks earned him a place in locksport history with the "Michaud Attack." He co-founded and served on the Board of Directors for TOOOL US and is referenced widely in academic papers, talks and books including Open In Thirty Seconds.

ABOUT RYAN LACKEY - Ryan Lackey is an entrepreneur and computer security professional. He was a co-founder of HavenCo, the world’s first data haven. He also speaks at numerous conferences and trade shows, including DEF CON, RSA Data Security Conference, on various topics in the computer security field, and has appeared on the cover of Wired Magazine, in numerous television, radio, and print articles on HavenCo and Sealand. Lackey operated BlueIraq, a VSAT communications and IT company serving the DoD and domestic markets in Iraq and Afghanistan during the US conflicts.

Ping Yan & Thibault Reuille - "The Ripple Effect (3D) - Containing Cryptolocker" & "Visualizing Knowledge"

Synopsis: "The Ripple Effect (3D) - Containing Cryptolocker" - In this talk, we will showcase how data science and computer graphical design methodologies make security analytics fun and successful. We will introduce an innovative algorithm relying on passive DNS systems for data-driven threat detection and containment. The algorithm correlates domains based on the oc-occurring patterns by observing and generalizing the DNS traffic we service at OpenDNS, which is roughly at a scale of 50 billion entries daily, from 50 million+ users worldwide. Simply put, co-occurrence of two domains is built on the frequency that two domains were requested by a statistical significant number of users at a very short time window. We will showcase this technology with the recent Crypto locker attack. We discovered 3000+ DGA domains without knowing the DGA algorithm itself. At the end, we will show a 3D demo of the Crypto locker investigation process.

Introduction to graph and knowledge base 3D visualization applied to computer security (OpenDNS's Security Graph, Syrian Electronic Army attack, Computer Network monitoring, Cryptolocker botnet visualization etc.) We will go over a couple of fundamentals about Graphs, Semantics, Ontology and then talk about various ways to draw graphs. The focus will eventually shift towards the requirements of dynamic layouts in order to monitor modern realtime systems dealing with a large amount of data. The presentation will demo a house developed 3D engine with interesting datasets and a visual approach on machine learning and pattern detection.

Bio: Ping Yan is a research scientist at OpenDNS security research lab, building game-changing cloud-based security solutions using big data, machine learning and pattern discovery techniques.

Thibault Reuille is on the Security Research Team at OpenDNS; 3D Graphics and big data visualization specialist.

Laksh Raghavan - "Tales from the Trenches: Rollout of Static Analysis Tools for Large Enterprises"

Synopsis: Static analysis tools play a critical role in secure software development. Come hear the tale of lessons learned while rolling out static analysis tools across the various product development teams of PayPal. Every organization comes with its own set of challenges when introducing a static analysis program. But, most are not unique: how can one build and achieve adoption of a process for multiple programming languages, different technology frameworks, use of third-party developers, cross-border development teams and so forth; what will motivate engineers and executives to accept an additional activity in the development process; what strategy to apply for fixing legacy vs. newly introduced bugs? This talk will provide answers to these questions and many questions like these in the presentation. Come hear what worked, what proved challenging, and learn actionable rollout tips for security practitioners.

Bio: Laksh Raghavan, CISM, CRISC works at PayPal Inc. as Senior Security Strategist in the Information Risk Management area, specializing in application security. Laksh has more than twelve years of experience in the areas of information security and information risk management and has provided consulting services to Fortune 500 companies and financial services companies around the world. He holds a bachelor’s degree in electronics and telecommunication engineering from the University of Madras, India. He is also the co-author of two books titled “Secure and Resilient Software Development” and “Secure and Resilience Software Requirements, Test Cases, and Testing Methods”, both from Auerbach Publications.

Anton Chuvakin- "Big Data For Security Is 99% Hype? What's the 1%?!"

Synopsis: One of the mysteries I am exploring in my current research research is using big data approaches for security: why so many surveys and media reports seem to show that 20%-40% of organizations utilize big data approaches for security today, while in reality this is not the case – by a long shot. This presentation will reveal some prelim results of my study of using big data approaches and tools for security - and what actually works in the real world.

Bio: Dr. Anton Chuvakin is a Research Director at Gartner's Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is an author of books "Security Warrior", "Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management" and ""PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance"" (book website) and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and others. Anton has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS, security management. His blog "Security Warrior" is one of the most popular in the industry. In addition, Anton teaches classes and presents at many security conferences across the world; he recently addressed audiences in United States, UK, Singapore, Spain, Russia and other countries. He works on emerging security standards and serves on advisory boards of several security start-ups. Most recently, Anton was running his own security consulting practice, focusing on logging, SIEM and PCI DSS compliance for security vendors and Fortune 500 organizations. Dr. Anton Chuvakin was formerly a Director of PCI Compliance Solutions at Qualys. Previously, Anton worked at LogLogic as a Chief Logging Evangelist, tasked with educating the world about the importance of logging for security, compliance and operations. Before LogLogic, Anton was employed by a security vendor in a strategic product management role. Anton earned his Ph.D. degree from Stony Brook University.

Zach Lanier & Ben Nell - "No Apology Required: Deconstructing BB10"

Synopsis: BB10, BlackBerry's next generation mobile operating system, is a stark departure from the traditional BlackBerry OS. Like its cousin, TabletOS on the PlayBook, it's based on QNX and supports numerous frameworks and runtimes (including support for Android), as well as native code -- a first for BlackBerry devices. Incidentally, it's also chock full of peculiar design decisions and strange bits of hackish glue, many of which give rise to vulnerabilities.

In this talk, we will present our objective security analysis of BB10, focusing on the methodology used in assessing this black box system. We will discuss processes used to gain low level access to the system, analyze system internals and firmware, and instrument processes. We will also explore network and application attack surfaces, documented and observed security controls, and findings from our assessment.

Bio: Zach Lanier is a Senior Research Scientist with Accuvant Labs, where he performs software, network and binary analysis, with a focus on mobile and embedded platforms. Zach has presented at industry conferences such as Black Hat USA, DEFCON, and INFILTRATE; and internal conferences such as Intel and Amazon, on subjects like mobile application and platform security.

Ben Nell is a security consultant with Accuvant Labs' Application Security practice, specializing in application penetration testing and security analysis. Ben's technical background also includes embedded and mobile device security research, application reverse engineering, network penetration testing, incident response, and security infrastructure work for both federal, health care, and enterprise customers.

Michael Carlson - "Hacking Minecraft: All Your Blocks are Belong to Us"

Synopsis: Minecraft failed to do appropriate validation on authentication and various in-game actions. During this talk, I will discuss the process I went through to test and discover these issues.

Bio: Michael Carlson is a Testing Manager at Workday, Inc. BayThreat 4 is Michael's first security talk.

Bob Harris- "For relaxing times, make it Suntory time."

Synopsis: In a very broad and complex world, things can easily get lost in translation. And the Uber complex world of infosec is no different at all when it comes to this. Multi-language support is something that has been present in IT for many years now, in all kinds of different products. ¿Qué!!? You're telling me that Infosec and some of the security solutions have some sort of issues in regards to international languages? Yes I do. No mega l33t attacks, zero-days or crazy bypasses will be shown, but you might still be shocked by some of the results.

Bio: Bob Harris is an aging movie star who was going through midlife crisis and making quite good amounts of money in Suntory whisky ads. During one of his trips to Tokyo, while suffering from loneliness, insomnia, existential ennui, and bad karaoke sessions Harris gets bored and starts using some information security tools against some basic web applications just to see what's up and to possibly consider a career change. What he finds doesn't really gets him to switch careers but definitely inspires him to speak at BayThreat 4.

Ryan Huber - "Running at 99%: Surviving an Application DoS"

Synopsis: Application-Level Denial of Service (DoS) attacks are a threat to nearly everyone hosting content on the Internet. DoS attacks are simple to launch, but can be difficult to defend against. Modern websites are a diverse set of moving parts, and a malicious actor only needs to find the point at which any one of these systems is overwhelmed to bring your website to a halt.

Organizations may approach this problem by increasing capacity, perhaps leveraging the cloud to expand horizontally. This can be a successful short term mitigation strategy, but a combined historic and real-time view of who is accessing your website (and why) gives you the chance to actively defend as opposed to simply absorbing the traffic. Trending this data over time allows your response time to decrease while keeping your front door open. In this talk I will present a new open source project, written primarily in Node.js, that can be used as a defense framework for mitigating these attacks.

Bio: Ryan is an engineer at Risk I/O, a security Software-as-a-Service company. Prior to Risk I/O he spent the majority of his career at Orbitz.com, where his varied roles included: management of the flight search farm, leader of EU information security at sister site eBookers.com, and finally architect on the security team where he explored the defensive side of security.

Big Davi Ottenheimer - "Baby Got Risk: I like Big Data and I Can Not Lie"

Synopsis: This session explains how best to handle the looming Big Data risk in any environment. Better predictions and more intelligent decisions are expected but machines continue to make amusing and sometimes tragic mistakes. What can infosec do to help avoid disaster? And what have we done about emerging vulnerabilities and threats to Hadoop as we leave traditional data paradigms behind? This presentation, based on the upcoming book "Big Data Security," takes the audience through an overview of the problem areas and into specific solutions and challenges here today.

Bio: Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. Davi is co-author of the book "Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and formerly was responsible for security at Barclays Global Investors (BGI), the world's largest investment fund manager (now BlackRock). Prior to BGI Davi was a "dedicated paranoid" at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.

George "Sarbanes 0xBA115" Polivka & Philip "Soldier of Fortran" Young - "Hacking Mainframes Like a Boss"

Synopsis: Mainframes, the bastion of the enterprise world. Supporting your military, banking, insurance and travel needs since 1960. This platform has been around for decades and yet there's only a handful of CVEs out there. We'd like to put a stop to that. This talk is broken up in to three parts: What is a mainframe, how you can you run one at home and 'living your cyberpunk dreams' (a.k.a. using metasploit to hack it!). Since Phil presented this topic at BlackHat 2013, there's been lots of work on a private metasploit fork to add z/OS as an attack architecture and we'd like to introduce it to the audience with a demo at BayThreat. If you thought this platform was impervious to attack or if you know someone who drank the IBM kool-aid, then this talk is for you! By the end of the talk you'll understand common z/OS weaknesses, where to find the metasploit code and how you can help build Metasploit modules

Bio: George "Sarbanes 0xBA115" Polivka has had the good(?) fortune of convincing Soldier of Fortran that he could be of great assistance in the development of mainframe security tools on the Metasploit framework; basically being a Toki to his Skwisgaar. After a few online tutorials for Ruby and getting some helpful tips from Egyp7 on how to navigate the Msf; SoB went down the rabbit hole of adding an exploit, based off the MainTP python tool, to the elaborate and highly modular scripting tool that is Metasploit. The catch, you may ask? Having to reverse engineer and re-create all the back-end components needed, from constants to encoders, to allow the design of exploits targeting z/Architecture systems. My pain is your gain!

Philip "Soldier of Fortran" Young is a mainframe security hobbyist and a 'Celebrity Hacker' in Sweden. As an IT security specialist he has worked on and with mainframes for over 10 years and had finally had enough with the security industry. Recognizing the gap between IT security and z/OS security he has made efforts to educate people about this platform and has attempted to demystify it from the legacy box no one is allowed to touch to the platform that people should be looking at. During the past two years Philip has given talks about mainframe security at BSidesLV, BSidesAustin, Shmoocon, Thotcon and BlackHat. Being the only person asking, and discussing, z/OS mainframe security meant he was also under investigation for the Logica breach (a z/OS breach in Sweden).

Zachary Cutlip - "BT Wireless Routers: Adventures in Reversing and Exploiting"

Synopsis: In this talk I'll describe the process by which I reverse engineered the firmware for the BT HomeHub 3.0b and developed a network-based exploit that yields root access. The BT HomeHub 3.0b was fairly challenging to reverse engineer and exploit compared to many SOHO routers on the market today. The talk will describe several strategies (some successful, most not) I pursued in search of an exploitable 0-day. I'll describe techniques that include static analysis, binary patching, debugging, and emulation.

Live demos and root prompts are the funnest part of any good security talk, and this one will not disappoint. I'll demonstrate the exploit and pop root on a HomeHub 3.0b in front of the live audience. Then I'll demonstrate how to upload tools to the device for instrumentation and attack. If all goes well, I'll up the ante by popping multiple root shells with a single, malicious packet.

Bio: Zachary Cutlip is a Senior Vulnerability Researcher with Tactical Network Solutions, LLC. At TNS, Zach develops exploitation techniques targeting embedded systems and network infrastructure in addition to helping develop TNS's Embedded Device Exploitation courses. He has presented at Blackhat USA and DEF CON, and the UK's 44CON. Zach also created the Bowcaster exploit development framework. Before hacking the planet, he spent six years in the US Air Force, parting ways at the rank of Captain. Zach has a bachelor’s degree from Texas A&M University and a master’s degree from Johns Hopkins University.

Allison Miller - "Operating * By the Numbers"

Synopsis: As organizations seek to build and maintain increasingly complex (scaled-up, heterogenous, customer-facing) technology environments -- when it comes to managing operations, the stakes are high. Many disciplines seek to leverage data analytics and automation to support stable, scalable, and profitable operations - and security is no exception. However, while the power of modern Big Data and machine learning have created new capabilities, the approach to evaluating and optimizing performance isn’t new. In fact, forecasting, automation, and optimization are core concepts in operations everywhere from marketing to the military. In this session we’ll review how these aspects of operations management/decision science are put to work to address specific issues, providing some examples and practical tips to help close the gap between theory and application. We will look at a few different tools used in managing business operations, specifically we’ll examine how real-time risk decisioning works and the analytic processes that support successful implementation. We’ll also discuss how these concepts are applied to different problem spaces, and identify opportunities to “beg, borrow, and steal” basic concepts from decision science that the audience may be able to apply to their own operating environment.

Bio: Allison Miller (@selenakyle) is Senior Director of Operations at Electronic Arts, where she oversees the business operations of EA’s cross-company digital platform.Allison has over 10 years of experience in designing, building and deploying real-time threat detection and prevention systems. Miller is active in the security community and presents research on fraud prevention and account security issues regularly to both industry and government audiences, including the ITWeb Security Summit, Black Hat Briefings, SOURCE Conferences (Boston, Barcelona, Seattle, Dublin), Nordic Security Conference, BruCon, USENIX/Metricon, and RSA. Prior to joining EA, Miller led Tagged’s Security & Risk Management team, managed PayPal’s Account Risk & Security team and was Director of Product / Technology Risk at Visa International.

Alexandre Pinto - "Applying Machine Learning to Network Security Monitoring"

Synopsis: Big Data Security Analytics, Data Science and Machine Learning are a few of the new buzzwords that have invaded out industry of late. Most of what we hear are promises of an unicorn-laden, silver-bullet panacea by heavy-handed marketing folks, evoking an expected pushback from the most enlightened members of our community.

This talk will help parse what we as a community need to know and understand about these concepts and help understand where the technical details and actual capabilities of those concepts and also where they fail and how they can be exploited and fooled by an attacker.

The talk will also share results of the author's current ongoing research (on MLSec Project) of applying machine learning techniques to information secuirty monitoring.

Bio: Alexandre Pinto (or just Alex) has over 13 years dedicated to information security solutions architecture, strategic advisory and monitoring. He has experience with a great range of security products, and has managed SOCs and SIEM implementations for 7 years. Alex currently holds the CISSP-ISSAP, CISA, CISM, CREST CCT APP and PMP certifications, mainly for contracting requirements. He was also a PCI QSA for almost 6 years, but is almost fully recovered.

He has been researching and exploring the applications of Machine Learning and Predictive Analytics into Information Security Data, specially in supporting the challenges that we currently face in trying to make sense of day to day usage of SIEM solutions as a whole. He launched MLSec Project in 2013 to provide a platform for people interested in the usage of machine learning algorithms to support the information security monitoring practice.

Jason Craig - "That Kill Chain Thing: Let's Make the Academic Practical"

Synopsis: "Cyber" kill chain is all the rage these days. All the cool kids are talking about it. Let's go beyond the buzz words and talk about application of this methodology with some concrete examples.

Bio: Jason has spent the last ten years as a professional rant collector in organizations and companies that most people have heard of. He likes beer, late apexes and situational awareness.

Collin Greene - "Wacky Bugs and Running a Bug Bounty"

Synopsis: Bug bounty programs show you all the security bugs you missed. This talk is about the security bugs we missed at facebook, the lessons we can learn from them and the process of starting and running a successful bug bounty program.

Bio: Collin works on the product security team at facebook.

Wartortell and FuzzyNop - "Targeted Malware Final Form(APTrololol)"

Synopsis: Targeted malware is constantly evolving in an attempt to outsmart and outwit incident responders and reverse engineers. However, many pieces of malware currently being used in the field by targeted threat actors are easily reversed and understood with little to no effort. This talk presents our process creating a more advanced "advanced persistent threat". Leveraging our experience in incident response and malware analysis, we created our own malware that attempts to thwart response efforts at every step of the process.

Bio: Wartortell: Phd. in CS that makes malware go backwards for Mandiant. Worked in binary rewriting, x86 disassembly, and binary transparency analysis. Also real good at casting Ice Punch and going hard in the paint.

FuzzyNop: FuzzyNop is a computer who knows how to computer. As a child his computers always told him he should do computers. At his day job he’s a penetration tester, reverse engineer, and incident responder, but above all else… computer.

Scott J Roberts - "Using Robots to Fight Bad Guys"

Synopsis: While Terminators, Cylons, and Wall-E may eventually control the world with humanity destroyed or their pets we can still get a lot of use out of them until then. Hubot is an open source multi-service chat bot built for finding cat pictures and deploying servers as a part of GitHub's DevOps workflow.

This workflow is meant to enable fast response, collaboration, and use of cutting edge techniques in operations, but he can also help with incident response, reverse engineering, OSINT, and other computer network defense tasks. For this we created Hubot Variable Threat Response to let us use Hubot to collaborate on security operations. You'll learn how to use Hubot for devops and security, how to build commands with CoffeeScript, and basically how to build your own personal robot for fighting bad guys.

Bio: Scott J Roberts works for GitHub and makes up his title every time he's asked, so we'll say he's the Director of Bad Guy Catching. He has worked for 900lbs security gorillas, government security giants & boutiques, and financial services security firms and done his best to track down bad guys at all these places. He's released and contributed to multiple tools for threat intelligence and malware analysis. Scott is also really good at speaking in the 3rd person.

And finding cat pictures. Man is he good at cat pictures.

Nick Sullivan - "Building white box cryptography - what do you do when they’re in your house?"

Synopsis: In this talk, we discuss white box cryptography, a technique used to protect cryptographic keys from a local attacker. In keeping with the theme of building and breaking security, we will discuss the challenges involved in building a white-box crypto system.

Bio: Nick Sullivan worked for six years at Apple on many of its most important cryptography efforts before recently joining CloudFlare, where he is a systems engineer. He has a degree in mathematics from the University of Waterloo and a Masters in computer science with a concentration in cryptography from the University of Calgary.

Nitesh Dhanjani - "Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts"

Synopsis: Homes and offices inspired by concept of Internet of Things (IoT) are here and so are the related high impact attack vectors. Your next door lock, sprinkler system, lightbulb, pet feeder, door sensor, thermostat, and baby monitor are likely to be vulnerable to attack. Remotely. In this talk, we will break open emerging home automation products to build a solid threat model and see actual examples of vulnerabilities: from how an attacker can remotely cause blackout at your home (or your high-rise condo or office) and exploit various physical sensors that you will come to depend on. These aren't vulnerabilities you can just patch with a software update.

This talk will cover demonstration of vulnerabilities that can cause a sustained blackout by malicious malware, design issues that can lead to spying from baby monitors, and the remote shut off of electronic devices in the home. We know the implications of critical infrastructure vulnerabilities that are based on traditional protocols. It is time to talk about next-generation infrastructure that is destined to empower our future and our safety.

Bio: Nitesh Dhanjani is a well known information security researcher and speaker. Dhanjani is the author of "Hacking:The Next Generation" (O'Reilly), "Network Security Tools:Writing, Hacking, and Modifying Security Tools" (O'Reilly), and "HackNotes:Linux and Unix Security" (Osborne McGraw-Hill). He is also a contributing author to "Hacking Exposed 4" (Osborne McGraw-Hill) and "HackNotes:Network Security" (Osborne McGraw-Hill).

Dhanjani is Executive Director at a large consulting firm where he is responsible for helping some of the largest corporations establish enterprise wide information security programs and solutions. Nitesh is also responsible for evangelizing brand new technology service lines around emerging technologies and trends such as threat intelligence, mobile security, cloud computing, social media, and IoT (Internet of Things).

Previously, Dhanjani was Senior Director of Application Security and Assessments at Equifax where he spearheaded security efforts into enhancing the enterprise SDLC, created a process for performing source code security reviews & threat modeling, and managed the attack & penetration team. Before Equifax, Dhanjani was Senior Advisor at Foundstone's Professional Services group where, in addition to performing security assessments, he contributed to and taught Foundstone's Ultimate Hacking security courses.

Dhanjani holds both a Bachelor's and Master's degree in Computer Science from Purdue University.

Boris Sverdlik - "Bob's Adventures in Chemo"

Synopsis: This talk will essentially nullify all the beliefs that one might have on HIPAA protecting their personal and healthcare information. It will demonstrate examples of poorly implemented controls that would suffice compliance but in no way protect your personal data.

My friend Bob is undergoing Chemo and his wife asked him to get a copy of his medical records for a second opinion. Bob being an obedient husband had to jump through hoops to get copies of HIS records thanks to the monotony that we know as HIPAA.

So one day while Bob is waiting for his treatment he notices that the facility has several blatant physical security issues which could allow someone of a more shady nature to obtain his health records without jumping through hoops. Follow Bob in his adventures...

Bio: Security guy...