2019-08-06

08:00

• Windows Breakout and Privilege Escalation

• Knowing the Unknown: Using PCAP to Break Down Application-Layer Protocols

• Reverse Engineering Android Apps

• Malware Traffic Analysis Workshop

09:00

• Professionalization - Possibilities and Potholes

09:30

• Opening Remarks

• Board Communications

10:00

• Keynote with Bob Lord

• Reverse Engineering the Cyber Policy API

11:00

• Zero Trust

11:30

• Beginners Session: Lock Picking

• BEEMKA / Electron Post-Exploitation When The Land Is Dry

• DLP Sucks and Why You Should Use It

• SSO Wars: The Token Menace

• Applying Information Security Paradigms to Misinformation Campaigns: A Multidisciplinary Approach

• Now that you hacked the plane, what are you going to do about your career?

• I Am The Cavalry Track Welcome and Overview

• Bestsellers in the Underground Economy - Measuring Malware Popularity by Forum

• Duck and (Re)Cover - The missing link in the security evolution

12:00

• Addressing non-linear InfoSec career paths

• Can the CAN bus fly ­Risks of CAN bus networks within avionics systems

• Examining DES-based Cipher Suite Support within the TLS Ecosystem

13:00

• Supply Chain Security

14:00

• Unpacking pkgs: A look inside macOS Installer packages and common security flaws

• Where in the world are Carmen's $adjective cyber attacks: The game show that wonders why things aren't worse

• My quest for (privileged) identity to own your domain

• Building an enterprise security knowledge graph to fuel better decisions, faster

• Discovering Your Passion in Cyber Security

• Coordinated Disclosure of ICS Products: Who's got time for that?

• Satellite Vulnerabilities 101

• What's Next in Coordinating Vulnerability Disclosures

• Active Directory security: 8 (very) low hanging fruits and how to smash those attack paths

• Hands-on: How to Use CALDERA's Chain Mode

• Reverse Engineering Mobile Apps: Never Pay for Transit Again

14:30

• AppSec/SDLC/DevSecOps

• Hack (Apart) Your Career - How to Fund Doing What You Love

• AIs Wide Open - Making Bots Safer Than Completely $#%cking Unsafe

• Analyzing user decision making on phishing sites - using mouse data and keyboard dynamics

15:00

• Using Machines to exploit Machines - harnessing AI to accelerate exploitation

• The Contemplator Approach: Data Enrichment Through Elastic Stack

• Enterprise Overflow: How Breached Credentials Impact Us All

• Grapl - A Graph Platform for Detection and Response

• The Case for Software Bill of Materials

• Broken Arrow: applying InfoSec and Forensic practices to escape domestic abuse

• Giving Credit Where It's Not Due: Visualizing Joker's Stash

15:30

• Crisis Communication & Brand Monitoring

• The Human API: Evolving End Users From Authorized Adversaries Into Our Best Defense.

16:00

• HSC^2 Hacker Summer Camp Hacker Standup Comedy

• Lock Picking Contest

• AIs Wide Open - Making Bots Safer Than Completely #$%cking Unsafe

16:30

• CISO Unconference

17:00

• Meltdown's Aftermath: Leveraging KVA Shadow To Bypass Security Protections

• Mind the Diversity Gap - A Panel Discussion

• Give the dog a bone - Exploring OSINT capabilities of pen-testing tools

• Profiling User Risk: Borrowing from Business Intelligence to Understand the Security of Your Userbase

• How to Fail Well (In Order to be Successful) - From IT to Infosec & More

• Automatic Security Analysis of IoT Firmware

• Burpsuite Team Server - Collaborative Web Pwnage

• China as a New Russia? Analyzing Similarities and Differences of Chinese Threat Actors from their Russian Counterparts

17:30

• Closing Remarks

• Behind the Recruiting Curtain: What Do Recruiters Really Say and Do

• The Resilient Hacker: Growth Mindset, Health Hacks & Powerful Help to Navigate Personal Challenges

18:00

• Neurosecurity: where Infosec meets Brain-machine Interface

• Meet the CISO

• Why FIDO Security Keys & WebAuthn are Awesome

• Reducing Inactionable Alerts via Policy Layer

• I Just Want to Help Make Flying More Secure...not Work with the Government or How I Learned to Love a Govvie

• So you think you can CHMOD

• Ask the EFF

18:30

• Trying (Unsuccessfully) to Make Meterpreter into an Adversarial Example

• Building the badge- How you can make small, cheap and custom hardware for function or fashion

19:00

• Security BSides Organizers Meet-Up

• Evaluating Code Embeddings

• Salesforce Data Governance What dark secrets lurk in your instance??

20:00

• Queercon BSides Poolside Mixer

• Friends of Bill W

21:30

• The New Hacker Pyramid