| 09:00 |
Snowden
|
Defense Against the Dark Arts: Examining, Fixing and Fighting for our Cyber Defenses |
| 10:15 |
Blaich
|
Securing Network Communications: An Investigation into Certificate Authorities on Mobile |
Sapiro
|
Introducing G.Tool – A batteries included framework for building awesome GRC tools without wasting money. |
|
Evenchick
|
CANtact: Open Source Automotive Tools |
|
Seymour
|
How to build a malware classifier [that doesn’t suck on real-world data] |
|
Bedard
|
All roads lead to domain admin, a part of a presentation series: From breach to C.D.E. Part I |
|
Alvarez
|
Understanding Ransomware: Clear and Present Danger |
|
| 11:30 |
Pogue
|
Eliminating the Automation and Integration Risks of the “Security Frankenstein” |
Antonakos
|
Held for Ransom: Defending your Data Against Ransomware |
|
Allor
|
The Emerging Era of Cognitive Security |
|
Miller
|
An Effective Approach to Automating Compliance Activities |
|
Pepper
|
When ‘Oops’ Isn’t An Acceptable Answer |
|
Germain
|
Network virtualization to enhance context, visibility and containment |
|
| 12:00 |
Hypponen
|
Securing Our Future |
| 13:25 |
Sonya
|
WiFi Exploitation: How passive interception leads to active exploitation |
Bassegio,
West
|
Getting Business Value from Penetration Testing |
|
Wilhoit
|
The State of SCADA on the Internet |
|
Zanero
|
Making sense of a million samples per day: Behavior-based Methods for Automated, Scalable Malware Analysis |
|
Earhard
|
Can massive data harvesting drive down the time to breach detection? |
|
Leonard
|
The Industry Need for Cloud Generation Security |
|
| 14:40 |
Brotherston
|
[Ab]using TLS for defensive wins |
Wysopal
|
Safety Should be the Security Paradigm |
|
Gommes
|
Jihadism and Cryptography, from internet to softwares |
|
Collins
|
Practical Static Analysis for Continuous Application Security |
|
Stojanovic
|
IPv6 for the InfoSec Pro on the Go |
|
Earhard
|
Exposing Ransomware: Intelligent cybersecurity for the real world. |
|
| 14:55 |
Beaupre,
Bourne,
Murray,
Payne
|
Developing your Career in IT Security |
| 15:55 |
Johansen
|
Crash Course in Kubernetes & Security |
O'Connor
|
Security by Consent, or Peel’s Principles of Security Operations |
|
Montoro
|
EventID Field Hunter (EFH) – Looking for malicious activities in your Windows events |
|
Braeken
|
Hack Microsoft by using Microsoft signed binaries |
|
Sethi-Reiner
|
The Security Problems of an Eleven Year Old and How To Solve Them |
|
Humble
|
Next-Gen Now, Outsmarting ransomware, exploits and zero-day attacks |
| 09:00 |
Blamire,
Lavi,
Leo,
Nemani,
Payne,
Stapley
|
It’s 2016: What can you do about gender balance in Information Security? |
| 10:15 |
Nunnikhoven
|
How To Secure Serverless Applications |
Grimes
|
Data-Driven Computer Security Defense |
|
Sistrunk
|
Control system security, are we living on luck? |
|
Case
|
Utilizing Memory and Network Forensics for Scalable Threat Detection and Response |
|
Bhargava,
Desfigies,
Shin
|
Lighting up the Canadian Darknet Financially |
|
Sarwate
|
Overwhelmed By Security Vulnerabilities? Learn How To Prioritize Remediation |
|
| 11:30 |
Blenkhorn
|
Why Technology is Not the Answer to Cybersecurity |
Wilson
|
The Cyber Security Readiness of Canadian Organizations |
|
Sun
|
Lessons from the Attack Chain: Bolster Your IR Program |
|
Read
|
Stopping the Attacker You Know |
|
Pickens
|
Rethinking Threat Intelligence |
|
Brantley
|
Global Encryption Usage is on the Rise! |
|
| 12:00 |
Pogue
|
Retaking surrendered ground: making better decisions to fight cybercrime |
| 13:25 |
Galloway
|
AirBnBeware: short-term rentals, long-term pwnage |
Mosca
|
Cybersecurity in an era with quantum computers: will we be ready? |
|
Greene
|
RTF Abuse: Exploitation, Evasion and Counter Measures |
|
Gates,
Johnson
|
Purple Teaming the Cyber Kill Chain: Practical Exercises for Management |
|
Maddalena
|
Expanding Your Toolkit the DIY Way |
|
Cresswell
|
Securing a Cloud-Based Data Center |
|
| 14:40 |
Bilodeau
|
Lessons Learned Hunting IoT Malware |
Biswas
|
How to Rob a Bank or The SWIFT and Easy Way to Grow Your Online Savings |
|
Smith
|
Hiding in Plain Sight – Taking Control of Windows Patches |
|
Simmons
|
Open Source Malware Lab |
|
Penney
|
The Power of DNS: Gaining Security Insight Through DNS Analytics |
|
Saurbaugh
|
Defending Against Phishing: Effective Phishing Incident Response Using Employees, Incident Responders, and Intelligence. |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.