| 08:50 |
Bourne
|
Opening Remarks |
| 09:00 |
Lovejoy
|
IT Security Operations: Successful Transformation |
| 10:15 |
Rains
|
Exploitation Trends: From Potential Risk to Actual Risk |
Pinto
|
Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing |
|
Nather
|
Incoming Threats At the Speed of Retail |
|
Penrose
|
There’s no such thing as a coincidence - Discovering Novel Cyber Threats |
|
Alvarez
|
Peeling The Layers Of Vawtrak |
|
Sarwate
|
2015 State of Vulnerability Exploits |
|
| 11:30 |
Cofman,
Gill
|
Advanced Threat Analytics: Adapt as Fast as Your Enemies |
Read
|
Mitigating the Alert - Impact Prevention in a super active security battlefield |
|
Armour
|
Browser and Environment Hardening |
|
Beal
|
Taking back Endpoint Control! |
|
Poppa
|
Detecting the Bear in Camp: How to Find Your True Vulnerabilities |
|
Wysopal
|
The State of Software Security |
|
| 12:00 |
Brown
|
Globalization of Cybercrime |
| 13:25 |
McNamee
|
Malware Activity in Mobile Networks – An Insider View |
Westin
|
Confessions of a Professional Cyber Stalker |
|
Beaupré
|
Complete Application Ownage via Multi-POST XSRF |
|
Wysopal
|
CISO Survival Guide: How to thrive in the C-Suite and Boardroom |
|
Millier
|
Building an Effective Vulnerability & Remediation Management Program |
|
Penrose
|
Changing the Game of Threat Hunting |
|
| 14:40 |
Rothman
|
Automation is your Friend: Embracing SkyNet to Scale Cloud Security |
Elisan
|
UNMASKING MALWARE |
|
Bassegio,
Evenchick
|
Breaking Access Controls with BLEKey |
|
Ireland
|
Make Metrics Matter |
|
Hughes
|
Security for non-Unicorns |
|
Crosby
|
One Ring to Rule Them All - Hardware isolation and the future of virtualization security |
|
| 15:55 |
Benedict,
Dow
|
Stealth Attack From The Produce Aisle |
Chio
|
Making & Breaking Machine Learning Anomaly Detectors in Real Life |
|
Richards
|
Drug Pump and Medical Device Security |
|
Sacco,
Tu
|
What does it take to deliver the most technologically advanced Games ever? |
|
Kirshen
|
Run Faster, Continuously Harden - Embracing DevOps to Secure All The Things |
|
Wilson
|
Building Better Indicators: CrowdSourcing Malware IOCs |
| 08:50 |
Bourne
|
Opening Remarks, day 2 |
| 09:00 |
Cavoukian
|
Security is Essential to Privacy - But is not enough ... Enter Privacy by Design |
| 10:15 |
Meghu
|
DevOps For The Home |
Brotherston
|
Stealthier Attacks and Smarter Defending with TLS Fingerprinting |
|
Timzen
|
Hijacking Arbitrary .NET Application Control Flow |
|
Brown
|
Dolla Dolla Bill Y’all: Cybercrime Cashouts |
|
Pizzo
|
Ground Zero Financial Services: Targeted Attacks from the Darknet |
|
Kadiri
|
Advanced Threats: Eliminating the Blind Spot |
|
| 10:45 |
Hanlon
|
Ensuring the Success of Your IAM Project |
| 11:30 |
Lenik
|
Knowing what happened is only half the battle. |
Pettit,
Pold
|
SIEM and the Art of Log Management |
|
Millier
|
Effective Ways to Tackle Vulnerability Remediation |
|
Edun,
Redden
|
The Internet of Bad Things and Securing the Software Defined Data Center |
|
Yanovski
|
Certifi-gate: Has your Android device been Pwned? |
|
Earhard
|
Exposing Advanced Threats: How big data analytics is changing the way advanced threat defense is deployed, managed and measured |
|
| 12:00 |
Ford
|
Maturing InfoSec: Lessons from Aviation on Information Sharing |
| 13:25 |
Katalov
|
What Google knows about you and your devices, and how to get it |
VandenBrink
|
Software Defined Networking / Attacker Defined Networking |
|
Branca
|
Breaking and Fixing Python Applications |
|
Harnish
|
Bulletproofing Your Incident Response Plan: Effective Tabletops |
|
Arlen
|
Preventing Home Automation Security Disasters |
|
Byun
|
Insider Threat – The Soft Underbelly of CyberSecurity |
|
| 14:40 |
Firestein
|
Cymon - An Open Threat Intelligence System |
Arlen,
O’Connor
|
Xenophobia is Hard on Data: Forced Localization, Data Storage, and Business Realities |
|
Linn
|
Learning To Love Your Attackers |
|
DuCharme
|
The Effective Use of Cyber Ranges for Application Performance and Security Resilience – Train Like You Fight! |
|
Beggs
|
Agile Incident Management - Bringing the “Win” Back to Data and Privacy Breach Responses |
|
Antoniewicz,
Ghauri
|
Business Backed CVEs - The Major Vulnerabilities of the Past Year |
|
| 15:40 | Closing Remarks |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.