BSides Boston 2017: Full Schedule

1:00pm EDT

Training class: Being MEAN - Attacking the MEAN development stack

For years the LAMP (Linux, Apache, MySQL, PHP) stack was the de facto for a large portion of the web applications powering the internet. However, times change and it is being replaced by a new stack utilizing MongoDB, ExpressJS, AngularJS, and NodeJS (MEAN). The MEAN stack makes traditional vulnerabilities hard to exploit and even non-existent, but with new technology comes new vulnerabilities. In this workshop we look at various issues that affect these frameworks and how to test for them.

NOTE: In order to follow along with the Labs, attendees should come with a laptop and have BurpSuite (Free) installed.

Speakers

Casey Dunham

Casey Dunham has a varied career spanning software development in various industries as well as working in information security as a pentester. Throughout all the various job roles, he has always enjoyed helping others to learn and be successful. Casey holds a bachelor’s degree... Read More →

Friday April 14, 2017 1:00pm - 6:00pm EDT
110

Training

1:00pm EDT

Training class: Industrial Control System Network Analysis

Industrial Control Systems (ICS) are the silent machines that control the world all around us. ICS systems are used to control elevators, subways, building HVAC systems and the electricity we use. The convergence of information technology (IT) and operational technology (OT) in the ICS marketplace has been taking place over the last 20 years. This convergence, while increasing ICS operational efficiency, is also increasing cyber risk. In this course, you will learn about how to identify the protocols being used in OT networks, how to decode them and the tools and procedures to perform network assessments on these networks.

AGENDA:
1. Control System Defined
2. Control System Networks vs IT Networks (CIA vs AIC)
3. Overview of Control System vendors/protocols
4. What's available for ICS Systems in Wireshark and Kali Linux?
5. LAB: How to Decode Modbus
6. LAB: Sniffing and Assessing an ICS Network

REQUIREMENTS: Students should bring the a Llaptop with VM Workstation and Wireshark installed.

Speakers

Dennis Murphy

Dennis Murphy is focused on providing practical solutions to meet national critical infrastructure cyber security requirements. His main interest is in bridging the gap between the information technology (IT) and operational technology (OT) domains. Architecting process automation... Read More →

Friday April 14, 2017 1:00pm - 6:00pm EDT
309

Training

1:00pm EDT

Training class: Introduction to Hardware Hacking / HW Reverse Engineering

This training will introduce the audience to the field of reverse engineering electronics. Attendees will learn in a hands on environment how to identify areas of circuit boards to target and perform the extraction of firmware and data at rest, and interception of data in transit. The workshop will introduce and explain various ICs such as microcontrollers and radio transceivers, JTAG, common embedded flash storage solutions, and various types of communication buses. Registration cost includes some hardware hacking tools that may be kept by attendees. The target audience for this workshop has little to no experience in electronics.

Attendees will receive:
- GoodFET
- Target Hardware
- Hookup wire and EZ-hooks for connecting components to target hardware

Attendees should bring a laptop and have the ability to run the latest version of Kali Linux. It is best to be able to boot directly into Kali, such as off a USB stick, however most people have success running Kali inside a VM for this class if necessary.

Friday April 14, 2017 1:00pm - 6:00pm EDT
309A

Training

8:15am EDT

Registration

Saturday April 15, 2017 8:15am - 9:00am EDT
TBA

Misc

9:00am EDT

Keynote

Speakers

Dave Kennedy

David Kennedy is the Founder of TrustedSec, LLC and Co-Founder and CTO of Binary Defense Systems (BDS). David started both these companies with the belief in the betterment of the security industry and promoting the advancement of the industry through quality services. TrustedSec... Read More →

Saturday April 15, 2017 9:00am - 9:55am EDT
Hall B

Keynote

9:00am EDT

CTF

BSides Boston's own Capture the Flag (CTF) competition!

Saturday April 15, 2017 9:00am - 5:00pm EDT
110

Village

9:00am EDT

Lockpicking Village

Hang out with members of the local Toool chapters and learn how to pick locks.

Saturday April 15, 2017 9:00am - 5:00pm EDT
112

Village

10:00am EDT

Escaping Alcatraz: Breaking out of Application Sandboxed Environments

Application sandboxing has become extremely popular. This technology makes it easier to manage a network environment easily, allows an administrator to grant access to specific applications without giving an entire desktop, and gives users remote access to company resources. There is a false sense of security with this model though. This presentation will explore various ways of breaking out of these environments to gain a foothold into a network at various levels of security as well as discuss some mitigation strategies.

Speakers

Kirk Hayes

Kirk is a Security Consultant with Rapid7. Kirk has presented at DerbyCon, BSides Las Vegas, and BlackHat Tools arsenal. Kirk recently introduced his tool myBFF, a Brute Force Framework which aids penetration testers in password guessing against many common web applications and other... Read More →

Saturday April 15, 2017 10:00am - 10:55am EDT
Hall B

Track 1

10:00am EDT

Everything I Need To Know About Security I Learned From Watching Kung Fu Movies

Are you an aspiring or current security professional overwhelmed with how to get into and be successful in information security today? Kung Fu can help. Specifically, Kung Fu movies can help. Take it from me, a security professional and kung fu movie nerd, who is here to help. Whether you are a fan of Kung Fu movies or not, this will be an entertaining and informative look at various aspects of problems in computer security, and how the lessons learned from Kung Fu movies can help. We’ll discuss how to effectively learn about computer security, student and teacher dynamics, practical security tactics for defense and offense, and explore some of the political and social aspects of security. In the end, you’ll learn some tips and tricks to be more successful in breaking into the security field, being successful at your job as a defender, and better understand the politics of security. If that's not enough for you, this presentation requires audience interaction (no Kung Fu demonstrations will be performed, unless requested by the audience). (Insert signature “Whaaaaaaaaaaa” sound here) More detailed topics will include: Your teacher may be reluctant to teach you and how to overcome this challenge The consequences of taking shortcuts in your training There will always be adversaries more skilled than you and how to get over it The best defense is to have a good offense The “softer” skills will more likely than not lead you to victory Heroes don’t always start out as such (And that’s okay)

Moderators

Paul Asadoorian

Paul Asadoorian is the founder of Security Weekly and the CEO ofOffensive Countermeasures. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester... Read More →

Saturday April 15, 2017 10:00am - 10:55am EDT
Hall D

Track 2

10:00am EDT

Threat Intelligence in Numbers

Threat intelligence data is all about helping enterprises block or protect against the newest threats.However, threat intelligence datasets are growing steadily, which turns threat intel to a numbers challenge. How big data practices and data mining can help uncover models for threat actors, attacks, and cybersecurity trends.

Speakers

Nir Yosha

Nir Yosha is a Threat Intelligence Engineer working for ThreatQ, a threat intelligence platform. He started his career as a squad leader in the Israeli Intelligence Corps. He helped with gathering intelligence tracking the growth of terrorist organizations. He has over 10 years of... Read More →

Saturday April 15, 2017 10:00am - 10:55am EDT
Hall A

Track 3

10:00am EDT

Why Does the Industry Make Insecure Software? Game Theory Applied: Software Security is a Social Dilemma

The computer / information security business is now decades old and we're still growing negative metrics - CVEs and security flaws are are supernumerary; software security disasters are increasingly larger; "data breaches" and "cyber attacks" are front page news on a constant basis. We know that software security isn't getting done well, in many cases, and could be better. In order to understand the problem, we need to examine exactly why it is done poorly and the economic forces that create current outcomes. To understand this, we need to examine exactly how insecure software gets built, and why organizations choose to do this.

Speakers

Craig Chamberlain

Craig Chamberlain is a seasoned security leader with twenty years experience in security including seven years doing security in the "cloud"." He is a patent holder; published researcher; credited bug hunter and a veteran of five startups including two successful exits. A devotee... Read More →

Saturday April 15, 2017 10:00am - 11:00am EDT
Hall E

Track 4

11:00am EDT

I Mentor and Now You Can Too!

The hacker community has a reputation of a lust for knowledge and for sharing that knowledge with others. It is one of the reasons there are so many conferences and local meetups where we are all volunteering our time to educate and help others. While knowledge sharing at these events is great, it doesn't replace having someone that you can go to for those trickier questions about technology, practices, or career advice.

This is where having a Mentor comes in. Mentoring is a great way to help others find their path in the ever growing Information Security field. Regardless of what team you play for, you have knowledge and experience that can help others be successful.

To be a successful Mentor takes more than just knowledge. It takes patience, skill, organization, and a passion for learning and teaching. This presentation will walk through some of the challenges I've faced as a Mentor and what you can do to be a successful Mentor.

Speakers

Casey Dunham

Saturday April 15, 2017 11:00am - 11:55am EDT
Hall B

Track 1

11:00am EDT

From Rogue One to Rebel Alliance: Building Developers into Security Champions

There just aren’t enough security experts to go around. You have to support the multitude of Agile and DevOps teams that are making production software changes anywhere from once a month to several times a day? The lack of resources coupled with the ever increasing responsibilities can make you feel like a rouge warrior in the battle against cybercrime. What’s a security professional to do? Whether you are a team of one or five, there aren’t enough hours in the day and even if there was more budget, good luck finding someone to fill that security role. What if I told you that through careful selection and good training it is possible to build your own army from the very people who own the development process?

Speakers

Peter Chestna

As Director of Developer Engagement at Veracode, Pete Chestna provides customers with practical advice on how to successfully roll out developer-centric application security programs. Relying on more than 10 years of direct AppSec experience as both a developer and development leader... Read More →

Saturday April 15, 2017 11:00am - 11:55am EDT
Hall D

Track 2

11:00am EDT

Learn How to Speak Malware: A New Approach to Combat Attacks

In order for an attacker to steal from you, they need persistent access. This means ensuring their C2 is reliable and resilient to takedown. That’s the main reason why over 90% of malware uses DNS for command & control and exfiltration. The good news is that this persistence is something we can use against the attackers in order to find their accesses and then improve how we respond.

In this session geared toward security operators and incident responders, Todd O’Boyle of Percipient Networks will explain a new approach that goes beyond simply blocking and dropping malware C2. Attendees will learn how to “speak malware” in order to better respond when an attacker targets them.

Speakers

Todd O'Boyle

Todd O'Boyle is a co-founder and CTO at Percipient Networks, an Allied Minds company. Prior to Percipient, Todd spent 15 years at The MITRE Corporation, providing technical support to the combatant commands, NATO, DISA, and the intelligence community. He also served as principal investigator... Read More →

Saturday April 15, 2017 11:00am - 11:55am EDT
Hall A

Track 3

11:00am EDT

Does Dod Level Security Work in the Real World?

After spending nearly 13 years working for the Department of Defense, I ventured out into the private sector to consult and advise on matters of information security. On many occasions, after explaining some basic security concept to a customer and outlining what they need to do to be secure, I often heard the retort, “yeah, but we don’t need DoD level security.” Well, after twenty years in the private sector, and especially over the past 2-3 years with the proliferation of data breaches against major companies, I find myself wanting to reply, “yeah, you really DO need DoD level security!”

What does this mean? Probably not what you are thinking. This talk will start with an overview of the foundational nature of data security, highlight the major tenets or goals of data security, introduce the risk equation, discuss how and why so many companies so often fail at implementing the basics of data security, and explore some ways that a DoD-centric approach to data security might be implemented in the private sector. Brainstorming, discussion, dissension all welcome. Hint: This ain’t about Cyber!

Speakers

Jeff Man

Jeff Man is a respected Information Security expert, advisor, speaker, teacher, advocate, and curmudgeon. He has over 33 years of experience working in all aspects of computer, network, and information security, including risk management, vulnerability analysis, compliance assessment... Read More →

Saturday April 15, 2017 11:00am - 11:55am EDT
Hall E

Track 4

12:00pm EDT

Lunch Break

Not provided -- head over to Harvard Square for lots of options.

Saturday April 15, 2017 12:00pm - 1:30pm EDT
TBA

Misc

1:30pm EDT

Keynote

Speakers

Jack Daniel

Jack Daniel, Technical Product Manager for Tenable Network Security, has over 20 years’ experience in network and system administration and security, and has worked in a variety of practitioner and management positions. A technology community activist, Jack is a co-founder of the... Read More →

Saturday April 15, 2017 1:30pm - 2:25pm EDT
Hall B

Keynote

2:30pm EDT

Panel: Breaking Into InfoSec

Are you interested in Information Security, but you don't know where to start?Are you a professional in another field, wanting to switch into Information Security? Or maybe you're a Security Professional looking to make a move, andwant to know what hiring managers are looking for.

In this panel we will cover various topics for sheperding your career in Information Security from three different perspectives. The panelists - including an educator, a recent convert, and a hiring manager - will field a series of questions on topics including:

What skills are employers looking for?
What resources are students currently leveraging?
How can you get involved in Security (even if it's outside your current role)?... and any other questions you might have!

Moderators

Keith Hoodlet

Keith Hoodlet is an Engineer for the Customer Success team at Rapid7, and recently Co-Founded the InfoSec Mentors Project with Jimmy Vo (https://infosecmentors.net). He is passionate about helping people learn about – and find career opportunities in – Information Security. In... Read More →

Speakers

Ming Chow

Ming Chow is a Senior Lecturer at the Tufts University Department of Computer Science. His areas of work are in web and mobile security and web and mobile engineering. Ming has spoken at numerous organizations and conferences including the HTCIA, OWASP, InfoSec World, Design Automation... Read More →

Tracy Z Maleeff

Tracy Z. Maleeff left behind the glamorous world of law firm librarianship to seek out the white hot spotlight of the information security industry. She started an independent research business in early 2016 called Sherpa Intelligence, providing competitive intelligence, news monitoring... Read More →

Justin Pagano

Justin Pagano leads the Security Operations & Engineering team at Rapid7. He’s a tall guy who loves dogs. He's also very passionate about InfoSec, science, grammar, and Oxford commas.

Saturday April 15, 2017 2:30pm - 3:25pm EDT
Hall B

Track 1

2:30pm EDT

Heisenberg Cloud: At-Scale Cross-Cloud Adversary Analytics

We may not have Imperial Stormtoopers in our cloud "cyber-cities", but attackers regularly probe these environments for weaknesses, ready to exploit any opportunity for a foothold. In this session, all will be revealed from an in-depth, ground-breaking study across every region in six major cloud providers using longitudinal data collected from Rapid7's newly-released Heisenberg honeypot system. We'll also be showing specific attack and connection profiles for the Mirai botnet. So, come to this session for a deep dive into the frequency and flavor of attacks across every region in six major cloud providers as discovered by Rapid7's Heisenberg honeypot system.

Speakers

Bob Rudis

Bob Rudis has over 20 years of experience using data to help defend global Fortune 100 companies and is currently [Master] Chief Security Data Scientist at Rapid7. He was formerly a Security Data Scientist & Managing Principal at Verizon, overseeing the Data Breach Investigations... Read More →

Saturday April 15, 2017 2:30pm - 3:25pm EDT
Hall D

Track 2

2:30pm EDT

How to Defend Against Penetration Testers ... and Win

Do you believe you have what it takes to secure a network against a penetration test? Attend this talk to find out how you can be successful against penetration tests and real-world attackers. Most penetration tests are too EASILY successful; let's work together to change this!

Many believe that breaking into a company’s network requires custom exploits, nation-state level backdoors, and super powers. In fact, most of the time it's about guessing passwords and exploiting very well-known (and fixable) conditions in your network.

This talk will guide you through securing your network the smart way, focused on closing those tried and true holes commonly exploited, but often left open by defenders. These include:

Addressing authentication and authorization across all systems and applications
Setting very carefully placed traps and alarms for the attackers
Looking at a specific behavior on your network to uncover unauthorized access

Don’t think this will be easy. It's not. Attackers have a clear advantage and the defensive measures proposed require work more so than products. It may require you change things that impact culture and challenge notions such as “but, that’s the way we’ve always done it.” It's okay, we’ll coach you on some communications as well!

In the end, you’ll learn it's not about winning; it's about getting better. If you can learn from penetration testers, that knowledge is extremely valuable. However, this talk is going to tell you what most penetration testers have in common and how to fix your architecture, culture, and behavior, resulting in so much win.

Speakers

Paul Asadoorian

Saturday April 15, 2017 2:30pm - 3:25pm EDT
Hall A

Track 3

2:30pm EDT

Security in S, M, L, and XL

Security is not a one size fits all solution. Currently most small businesses are incapable of detecting or responding to a breach.

Learn about different approaches, product and solution stacks that small and medium businesses can implement from zero, to $10 to $100 per month and significantly increase their security.

Speakers

Pedro Marcano

Pedro has founded three information security consulting companies including Vernance where he currently works as Managing Director and CEO.

Vik Solem

Vik Solem has been hacking the digital and physical worlds since the1980's. He survived Stevens Tech, wrote code at BBN, and was withAtStake when they were acquired by Symantec. In 2007 he foundedMabuhay Enterprises Inc., now MEI Security, with the goal of providingcyber & physical... Read More →

Saturday April 15, 2017 2:30pm - 3:25pm EDT
Hall E

Track 4

3:30pm EDT

Panel: Roles in InfoSec That Don't Require You to be an Engineer

With an estimated shortage of 1.5 million people in cyber security by 2020 and terrible retention numbers, we need to widen the scope of our hiring more than ever before to protect our national, digital and physical security. The field of cyber security has dozens of roles and only a handful are technical.This panel of professionals from a variety of backgrounds across the various disciplines in cyber security will share their stories with the audience.

Moderators

Patrick Laverty

Security Consultant, Rapid7

Patrick is a Security Consultant working for Rapid7 doing penetration testing. Instead of talking something technical, he wanted to encourage others to also present at future conferences. He has presented at a number of Security BSides conferences including Boston, New York and Baltimore... Read More →

Speakers

Nick Castle

Nick Castle is a Client Director with Optiv, the largest Cyber Security Solutions Integrator in North America. In this role, Nick helps his clients reduce risk and decrease complexity while aligning to desired business outcomes. Through leveraging the vast network of technology, advisory... Read More →

Susan Kaufman

Susan Kaufman is a Principal Security Program Manager at Veracode, where she runs Third Party Application Security Testing Programs with their largest customers. In this role, she develops partnerships with enterprises in financial services, healthcare and technology to define and... Read More →

Jordan Larose

Technical Writer/Editor, Rapid7

Jordan LaRose is a Technical Writer and Editor at Rapid7. Jordan works to improve and polish customer deliverables, and instruct others on creating clearer and more focused documentation. Previously, Jordan was a technical writer at the General Dynamics Electric Boat submarine yard... Read More →

Rachel Spatz

Rachel Spatz has been working in cyber security for the past six years. She currently works as the demand generation manager at Cybereason, a security company known for its ability to detect and respond to complex cyber attacks in real-time. In this role, Rachel focuses on account... Read More →

Saturday April 15, 2017 3:30pm - 4:25pm EDT
Hall B

Track 1

3:30pm EDT

Murder Mystery - How Vulnerability Intelligence is Poisoning your Information Security Program

Integrating vulnerability scanning results into one’s security ecosystem involves a serious hidden challenge which results in heinous consequences, thereby killing your InfoSec program. This session shares clues on this challenge, step by step, in the form of a murder mystery game, and ultimately reveals the culprit as well as strategies to overcome it. Come participate, play, and interact! Try to guess “who-dunnit,” and learn how to avoid future similar InfoSec crimes.

Speakers

Gordon MacKay

Gordon MacKay, Software/Systems Guru with a dash of security hacking, serves as CTO for Digital Defense, Inc.Gordon has presented at many conferences including Bsides San Diego 2017, ISSA International Conference 2016, ISC2 Security Summit 2016, BSides DC 2016, Cyber Texas 2016, BSides... Read More →

Saturday April 15, 2017 3:30pm - 4:25pm EDT
Hall D

Track 2

3:30pm EDT

Ghost in the Droid

Ghost detection apps take many forms in the Google Play store, with an active social media community sharing screenshots, energy disturbance levels, and recorded audio and video for ethereal detection events. But what exactly do these apps do? How does an Android phone detect supernatural phenomena through EMF readings, ghost radar, visual observation, or ghost radio? Can it be explained, or do the answers lie beyond our realm of understanding? In this talk, I'll show you how I found these answers, demonstrating techniques for more efficient Android application analysis, and how you can get better at reverse engineering Android applications for security analysis.

Speakers

Josh Wright

Joshua Wright is a hacker, a public speaker, an educator, and an author. He publishes books (“Hacking Exposed: Wireless”), he writes hacking CTF's (Holiday Hack Challenge, www.holidayhackchallenge.com), he hacks for Counter Hack, and he teaches for the SANS Institute. More than these things though, Josh is committed to helping people develop hacking skills, and inspiring people to do amazing things... Read More →

Saturday April 15, 2017 3:30pm - 4:25pm EDT
Hall A

Track 3

4:30pm EDT

Coding in Scratch for Kids

Scratch is a coding language for kids created by MIT. Come and find out about Scratch, how to get your kids started and even create your own first program! It's super easy to do, a lot of fun and your kids will love it. What's even better, it's being presented to you by a kid!

Speakers

McKenna Laverty

McKenna Laverty is 11 years old and has been using Scratch for more than two years. She has more than 200 projects and many daily followers to her projects. She has dabbled a little in Python, but really likes the ease and flexibility of using Scratch. McKenna is an experienced presenter... Read More →

Saturday April 15, 2017 4:30pm - 4:55pm EDT
Hall B

Track 1

4:30pm EDT

Back to Basics: Our Journey of Building a Security Program at a Small Startup

Building a security program from scratch is hard enough, but it’s even harder for small security startup that is made up of a distributed workforce that is mostly remote. With a company full of people with security experience, everyone has an opinion on where the focus should be, but ultimately where does one start? And while the emergence of automation, orchestration, <insert buzzword here> tools are great for established security programs, they do very little for teams that are starting from the ground up. In this talk we will walk through our journey of how we are tackling the daunting task of building a security program from scratch at ThreatQuotient; what areas we focused on first, how we balanced security best practices with our company culture, and the challenges we faced with very limited resources.

Speakers

Julian DeFronzo

Julian DeFronzo is a Solutions Architect at ThreatQuotient where he is a member of the research and integrations team. He also participates in building ThreatQuotient’s internal security team. Julian has a broad background ranging from incident response, security automation, and... Read More →

Dan Erxleben

Dan Erxleben is a DevOps engineer but handles all things IT at ThreatQuotient. As the lead of the Security team he manages resources and keeps the executives informed but relies on a strong, security focused team to get the job done. Dan is a jack of all trades IT specialist but is... Read More →

Saturday April 15, 2017 4:30pm - 4:55pm EDT
Hall D

Track 2

4:30pm EDT

Scripting Social Engineering Attacks

Script all the things! Streamline phishing, vishing, and gaining physical access to restricted areas by using modular social engineering scripts and pretexts. Gaining physical or virtual footholds is a crucial first step in a successful exploit chain.

People are often times the weak-spot in company security so it only makes sense to start our attempts there. We'll focus on building up a playbook of various different characters, outfits, tools, and pretexts to use while exploiting self-interest, standard operating procedures, common corporate policy, social norms/taboos, and cognitive biases for maximum effect.

Characters can range from posing as support roles such as IT, HVAC, plumbing, electrical, and other contractors to a newly hired employee, corporate auditor, market researcher, vendor rep, or job recruiter depending on pretext and what your goals are.

Speakers

Dave Comstock

Dave Cornstock's a conference speaker, writer for Tripwire, lockpicker, and a system/network administrator for an east coast MSP. His interest in technology began in the days of ribbon cables and anti-static wristbands after being given an IBM XT 296 hand-me-down. This continued through... Read More →

Saturday April 15, 2017 4:30pm - 4:55pm EDT
Hall A

Track 3

4:30pm EDT

Web Scraping for Fun and Profit

Pastebin.com and other public ‘paste’ sites are rich sources of sensitive information. Hackers will often post their stolen ‘loot’ to websites like these for public consumption. These sources of information go largely unmonitored.

Pastebin is keenly aware of this fact, and offers users the ability to create a list of alert keywords. In the event that one of the keywords is found in a public paste, an email is sent to the user. They will also remove pastes that are found to contain personally identifiable information. However, we have shown that a well-designed scraper can capture this information before it is removed by the Pastebin team. These data can include:

Suite of stolen NSA tools published to Pastebin
NASA and other government sector breaches published to Pastebin
Daily onslaught of compromised website credentials, Netflix, proxies, and occasionally, credit card data and even SSNs.

Speakers

Nick DeLena

Nick DeLena, CISA, CRISC, is a Senior Manager at OCD Tech, the IT Audit & Security Division of O’Connor & Drew, P.C. Nick leads engagements across the division’s primary practice areas, including audit, security, and advisory services. He’s a 17-year veteran of IT and IT risk... Read More →

Scott Goodwin

Scott Goodwin is an Experienced IT Security Analyst. He graduated with a Bachelor of Science in Physics from the University of Massachusetts-Boston in May of 2015. His primary engagements are IT vulnerability assessments, NIST 800-53 and 800-171 assessments, and security advisory... Read More →

Saturday April 15, 2017 4:30pm - 4:55pm EDT
Hall E

Track 4

5:00pm EDT

Introduction to Modern Cryptography

Today we use cryptography in almost everywhere. From surfing the web over https, to working remotely over ssh. However, many of us do not appreciate the subtleties of crypto primitives, and the lack of correct and updated resources leads to design and development of vulnerable applications. In this talk, we cover the building block of modern crypto.

Speakers

Amirali Sanatinia

Amirali Sanatinia is a Computer Science PhD candidate at Northeastern and holds a Bachelors degree in CS from St Andrews University. His research focuses on cyber security and privacy, and was covered by venues such as MIT Technology Review, ACM Tech News, Ars Technica, Threatpost... Read More →

Saturday April 15, 2017 5:00pm - 5:25pm EDT
Hall D

Track 2

5:00pm EDT

Finding Haystacks in Your Needles: Threat Hunting Problems In Real World Data

Resources such as SANS's "Know Normal, Find Evil" and MITRE's ATT&CK framework are a great starting point when looking for malicious activity on a host ... but what happens when you actually start diving into the data? Is finding malware really as easy as just looking for network connections from Notepad? (Spoilers: It isn't.) This talk goes through a number of real scenarios where legitimate applications behave just like malware, and how to improve behavioral detection.

Speakers

Sarah Miller

Sarah Miller is currently employed at Carbon Black as a Threat Intel Analyst. Previously, she worked in a Security Operations team. She holds an MSIA from Northeastern University.

Saturday April 15, 2017 5:00pm - 5:25pm EDT
Hall A

Track 3

5:00pm EDT

Weaponizing Splunk: Using Blue Team Tools for Evil

Splunk has secured a large portion of the log aggregation and correlation market. In turn penetration testers find a lot of misconfigured implementations during engagements. This talk will be discussing creative abuses of the Splunk product to compromise the server and laterally move further into a target environment.

Speakers

Ryan Hayes

Ryan Hayes has 14 years of information technology experience. He currently is the Security Programs Director for TBG Security where he runs Red Team and Penetration Testing engagements for fortune 1000 organizations.

Saturday April 15, 2017 5:00pm - 5:25pm EDT
Hall E

Track 4

5:00pm EDT

Setup for Closing Ceremonies

Saturday April 15, 2017 5:00pm - 5:30pm EDT
Hall B

Misc

5:30pm EDT

Closing Ceremonies

Saturday April 15, 2017 5:30pm - 6:00pm EDT
Hall B

Misc

6:00pm EDT

Networking Event

Please join the BSides Boston organizing team and our Diamond Sponsor for light apps and drinks at John Harvard's, 33 Dunster Street, Cambridge, MA 02138.

Saturday April 15, 2017 6:00pm - 8:30pm EDT
TBA

Misc