Skip to main content

BSides San Francisco 2019



rss RSS

65
RESULTS


Show sorted alphabetically

Show sorted alphabetically

SHOW DETAILS
up-solid down-solid
eye
Title
Date Reviewed
Creator
BSides San Francisco 2019
movies

eye 9

favorite 0

comment 0

In this talk, we will examine key research findings and technological innovations in the past 20 years that have led to the accepted practice of collecting all of the data. We show a difference between tangible (e.g. PII) and non-tangible data and show how seemingly harmless data can still be used to derive behavior (with examples!). We also examine how privacy perspective can change depending on your role or background and propose a perspective shift if we are to try to maintain digital...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 29

favorite 0

comment 0

Recent Deep Learning-based Natural Language Processing (NLP) systems rely heavily on Word Embeddings, a.k.a. Word Vectors, a method of converting words into meaningful vectors of numbers. However, the process of gathering data, training word embeddings, and incorporating them into an NLP system has received little scrutiny from a security perspective. In this talk we demonstrate that we can influence such systems by manipulating training data and how we can inject them into real-world systems....
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 57

favorite 0

comment 0

Women make up just 11 percent and minorities are slightly less than 12 percent of the cybersecurity workforce. Coming from a nonprofit background, which is an industry with a high diversity, to one where it is so unbalanced—it's disheartening and disappointing. I've connected with persons who are underrepresented in the field, and many after spending years in cybersecurity are leaving the field. From their shared experiences as well as my own, it is clear that the cybersecurity space needs to...
Topics: Youtube, video, Education
BSides San Francisco 2019
- Security BSides San Francisco
movies

eye 27

favorite 1

comment 0

The underlying desire with any technology is to push beyond its limits. In the 80s, we had the PC turbo button. In the 00s, everyone got all saas-y with software as a service. In the 2010s, we have the cloud (or as some of us know it, just someone else's computer). Jokes aside, leveraging the cloud allows teams to deliver content more rapidly compared to a local/on-prem solution. This sounds great until you remember nothing in life is free—cloud security is no exception. While this talk is...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 18

favorite 0

comment 0

In this talk, Brandon will cover Android enterprise security and how to use the features provided by the platform in your organization to protect your users. Unfortunately, Blade Runner was a few years off, and Androids aren't self-aware enough yet to protect themselves. Though Android itself has huge uptake in the enterprise, its management features are not as widely deployed, despite potentially providing a lot of enterprise security functionality. In this talk, you'll learn how Android...
Topics: Youtube, video, Education
Developers are now building, configuring, and deploying their own services on Kubernetes and Docker. Yikes! All three offer lots of built-in security tactics. Let's explore how to automate and determine configurations like: Read-only filesystem, Linux capabilities and seccomp profiles, Limiting cross-container communications, Using Kubernetes metadata and syscall data, we can systematically configure our services as opposed to simply turning these features on and hoping that we haven't broken...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 38

favorite 0

comment 0

How do you implement effective, scalable, 24/7 monitoring and response without 24/7 staff? The challenge posed by this question is one that the Twilio Security Operations team has been tackling since its inception 3+ years ago. In tackling this challenge, the team has gained insights into the problem and developed a methodology and a serverless automation framework to address it. In this presentation, Ubani will talk through the motivations, challenges, and solutions the Twilio Security...
Topics: Youtube, video, Education
AppSec is often very heavily focused on pre-exploitation. Frameworks like BeEF break this norm a little and can be used as tools to move laterally from the browser, to implant malware on adjacent machines. Unfortunately, performing network reconnaissance with JavaScript becomes tricky if the victim doesn't keep the tab open for long. This presentation will discuss relatively new techniques and features of JavaScript that have made it easier for sophisticated threat actors to craft JavaScript...
Topics: Youtube, video, Education
Hypervisor memory introspection is a security solution isolated from the protected virtual machine's operating system by leveraging hardware virtualization technologies. It relies on the second-level address translation (SLAT) mechanism, in order to enforce restrictions on certain memory areas of the protected VM. In some scenarios this can have a high performance impact, especially due to accesses inside the guest paging structures done by the CPU page walker or the OS memory manager. Most of...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 18

favorite 0

comment 0

Do you need to start or revamp your application security program? I have spent the majority of my 20-year career helping government agencies, public companies and now a startup build out application security programs. In this discussion, I will talk about what has worked for me, what has not worked and things you should absolutely *never* do. Source: https://www.youtube.com/watch?v=l82X_-o_eZA Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
Microsoft NTLM is an authentication protocol used on networks that includes systems running the Windows operating system and stand-alone systems. Despite Microsoft's implementation of Kerberos, NTLM is still in use in order to support older systems. Many exploits in the past targeted Microsoft Office and Windows OS internal functions in order to cause the leaking of Windows users' NTLM hashes, which can then be cracked and disclose the original passwords. Are those the only products vulnerable...
Topics: Youtube, video, Education
This talk presents a piece of malware that had previously gone unnoticed and that seems to have been operational since at least 2015. Among the remarkable traits of RadRAT are its remote access capabilities, which include unfettered control of the compromised computer, lateral movement across the organization, and rootkit-like detection-evasion mechanisms. Powered by a vast array of features, this RAT can be used in targeted attacks aimed at exfiltrating information or monitoring victims in...
Topics: Youtube, video, Education
Assume breach helps incident responders prepare for the next major cyber security incident. Ask yourself—What would you do if an attacker were inside your systems? In this interactive presentation, the speaker will present a hypothetical security incident and guide you through a simulated timeline of events. She will engage with the audience and ask questions like, "What would you do next?" Source: https://www.youtube.com/watch?v=uYVOtQZIrEY Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
Get the latest information about how the law is racing to catch up with technological change from staffers at the Electronic Frontier Foundation, the nation's premiere digital civil liberties group fighting for freedom and privacy in the computer age. This session will include updates on current EFF issues such as surveillance online, encryption (and backdoors), and fighting efforts to use intellectual property claims to shut down free speech and halt innovation. The panel will also include a...
Topics: Youtube, video, Education
BSides San Francisco 2019
- Security BSides San Francisco
movies

eye 21

favorite 0

comment 0

Nowadays cyber-attacks are growing in complexity as threat actors divide payloads in multiple modules with highly specialized uses to achieve a target's compromise. The past few years have seen high-profile cyber-attacks that shifted from damaging the targets' digital infrastructures to stealing highly sensitive data, silently monitoring the victim, and constantly laying the ground for a new wave of attacks. This is also the case of a custom-built piece of malware that we have been monitoring...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 34

favorite 0

comment 0

This talk advocates adding detection-oriented file analysis systems to the modern threat detection technology stack by taking an in-depth look at Strelka, Target's recently released static file analysis system. Strelka's project lead will cover an overview of these systems, review Strelka's features and design, and show how data produced by these systems can be used to find malicious files in the enterprise. Source: https://www.youtube.com/watch?v=j-wjXUs8k1M Uploader: Security BSides San...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 19

favorite 0

comment 0

Panel: Zach Powers • Rachel Black • Chris Dorros • Daed Latrope • Kyle Tobener • Xiaoran Wang Have you been considering management for your next career move in security? Our group of panelists took that leap and are ready to tell you everything. Come hear these ex-engineers discuss their transformations into managers, along with their struggles and overcome challenges. You'll learn things they wish they knew from the beginning, as well as their tips on how to prepare for such a jump...
Topics: Youtube, video, Education
Apache Kafka is a widely adopted pub/sub messaging platform that can scale to handle huge volumes of data. It’s a powerful technology but notoriously difficult to configure, especially when it comes to Transport Layer Security (TLS). In this session, we’ll cover TLS best practices that yield a secure and compliant system, as well as critical techniques to maximize performance. Source: https://www.youtube.com/watch?v=mUgLP725Rw0 Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 24

favorite 0

comment 0

In this talk, Maya and Dan will cover what changes in your patch management story if you use containers instead of virtual machines in production. Containers are meant to be immutable and short-lived—so they're frequently redeployed. Rather than pushing individual code changes, you rebuild and redeploy the whole container image. Processes that take place passively, like patching, can be going on constantly, with the latest images kept in your image registry. As a result, the new container...
Topics: Youtube, video, Education
Fully comprising an embedded device isn't always as easy as sending a GET request with admin=true. Sometimes, owning an embedded device takes multiple different vulnerabilities, creativity, and a little finesse. In this live demo, we show how we were able to chain multiple vulnerabilities in the Lenovo ix4-300d network attached storage (NAS) device into a remote exploit that can be executed with little user interaction. As a result, an adversary can provide the victim with a link to a malicious...
Topics: Youtube, video, Education
Every red and blue teamer needs a dedicated workstation when engaging a network via a pen test or even if you want to test your security skills. While some companies charge up to $749 for this exact system, Dale will show you what he reverse engineered (Are you surprised he hacked it?) using $250 in parts from Amazon and open source software to build the BatPi, a complete mobile security workstation. The BatPi is powerful enough to run Kali Linux or the Parrot Project, both of which contain...
Topics: Youtube, video, Education
When many people join the professional workforce and are asked, "What do you want to do?" or the dreaded "What's your 5-year plan?" they answer, "I want to be a manager," without any real clue on why or what a (good) manager does. This is long before they reached the nervous stage of being a manager, see their tech skills disappear, and fear they'll be forever irrelevant. :) Security conferences have always had talks on "red team," and more recently...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 22

favorite 0

comment 0

Hands-on incident response roles such as those found within a SOC or CIRT are difficult to staff. Even when these roles are filled, analysts often find themselves faced with unfamiliar tasks. Certification and higher education programs provide a decent foundation, but they do not produce strong responders. For that matter, analyst skills are often weakened by the onslaught of repetitive tasks, such as fielding phishing ticket after phishing ticket. Ask yourself: Do all analysts on your team...
Topics: Youtube, video, Education
As Volvo realized when developing the three-point seatbelt, security needs to be simple and work in a simple gesture, or users won’t adopt it. Volvo also knew that in order to scale to every car and user, their invention needed to be an open standard. Eventually, all countries made the seatbelt a legal requirement, and it has since then saved millions of lives. The future of strong online identities is following the same path and must be simple to use across all computers and mobile devices....
Topics: Youtube, video, Education
In 2018 there were quite a few local privilege escalation and remote code execution CVEs related to abusing the functionality exposed by WCF services in .NET programs. These were found in products such as VPN clients, commercial network monitoring tools, and antivirus software. In some cases, these services accidentally exposed stronger capabilities than intended (for example, the ability to run arbitrary code). In other cases, sensitive features have been locked down, but the security...
Topics: Youtube, video, Education
Internet scammers move pretty fast. If you don't stop and look around once in a while, you could miss it. Just as Ferris Bueller always had another trick up his sleeve to dupe Principal Rooney, attackers are employing homoglyphs, subdomain attacks, typo-squats, bit-squats, and similar attacks to trick internet denizens with fraudulent websites. Adversaries may register domains permutations in order to commit fraud, distribute malware, redirect traffic, steal credentials, or for corporate...
Topics: Youtube, video, Education
Lyft Security Intelligence team mission is to "Empower the company to make informed and automated security decisions." To achieve our mission, we invested in our cartography capabilities that aim at keeping track of our assets but most importantly, the relationship and interaction between them. The talk provides insight on an intelligence service solution implemented by Lyft Security Intelligence team to tackle knowledge consolidation and improve decision making. Attendees of this...
Topics: Youtube, video, Education
There are a number of audits related to business operations in the event of a catastrophic disaster, and they can be dull to prepare. How can an organization make preparation of these artifacts more tolerable and increase the participation of operations, engineering, and security teams? Gamify it! This talk will combine research demonstrating the long-lasting positive effects of arcade games (perception, attention, memory, and decision-making) and experience organizing these events at a company...
Topics: Youtube, video, Education
BSides San Francisco 2019
- Security BSides San Francisco
movies

eye 27

favorite 0

comment 0

We will be discussing the logistics and joys of organizing the event. Come hear how it all gets put together and who helps us out! Source: https://www.youtube.com/watch?v=hCDA0DIUx0Y Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
As threat hunting becomes a focus for more and more organizations, the abilities of the staff who are being asked to hunt vary greatly. One of the greatest challenges of threat hunting is biting off more than you can chew. Oftentimes, analysts want to "boil the ocean" and hunt without a specific purpose or plan. This talk is focused on using the MITRE ATT&CK framework as the catalyst to assist in building the hypothesis and plan to determine what we should hunt for and how we...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 50

favorite 0

comment 0

Moving to the cloud and deploying containers? In this talk I will discuss both the mindset shift and tech challenges, with some common mistakes made in real-life deployments with some real life (albeit redacted) examples. We'll also look at what happens to a container that's been left open to the Internet for the duration of the talk. Source: https://www.youtube.com/watch?v=fSj6_WgDATE Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 51

favorite 0

comment 0

JavaScript is the most popular language of the web. It is one of the fastest dynamic languages around; even though it is fast it still cannot compete with raw C/C++. WebAssembly or WASM, an evolution of asm.js, is a low level, portable binary format that aims to speed up apps on the order of 20x compared to JavaScript. Developers can compile their C/C++/Rust code to wasm modules which can be directly used in JavaScript code. Currently, WA is supported across all major browsers. The security...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 17

favorite 0

comment 0

The rising adoption of container orchestration tools, such as Kubernetes, has enabled developers to scale cloud applications quickly and efficiently. However with this adoption comes with a new set of security challenges, such as securing the APIs used to manage these ecosystems. We recently conducted a research study that uncovered more than 20,000 publicly accessible management nodes open to the Internet. In this talk we will discuss the implications of the findings and provide...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 16

favorite 0

comment 0

Since it was introduced twenty years ago, Active Directory has become a major security concern for the majority of enterprises. In spite of the enormous amounts of money spent on defense security products, it is very hard to efficiently protect large domain environments that span across multiple domains and forests. In this presentation we will offer an alternative view on Active Directory security with a strong focus on actionable steps security teams can take to improve their domain security....
Topics: Youtube, video, Education
Over the last decade the cybersecurity community has made significant progress on collecting and aggregating intelligence that describes threat actors and campaigns, their tactics and techniques, and technical IOCs leveraged by them. However, tracking this intelligence as part of cybersecurity operations or applying it to analytical systems is difficult because it is generally unstructured. Knowledge bases like MITRE's ATT&CK are an excellent example of how useful intelligence can be once...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 20

favorite 0

comment 0

Practice shows that even the most secure software written by the best engineers contains bugs. Malware is not an exception. In most cases their authors do not follow the best secure software development practices thereby introducing an interesting attack scenario which can be used to stop or slow-down malware spreading, defend against DDoS attacks, and take control over C&Cs and botnets. Several previous researches done by the security community have demonstrated that such bugs exist and...
Topics: Youtube, video, Education
Two-factor authentication (2FA) represents a second line of defense against account takeover, and all online services accepting passwords should provide 2FA as an option to their users, especially if they deal with sensitive data or money. When implementing 2FA, however, we are faced with several choices that directly impact the user experience, including which methods to support, how and when to introduce them, and more generally how to describe 2FA to users, perhaps with limited technical...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 28

favorite 0

comment 0

Mainstream IPS/IDS solutions including WAF, NGWAF, and RASPs produce so many false positives they are almost impossible to manage. The reason for that is that they rely on outdated detection mechanisms like signatures, human-defined rules, regexps, etc. In this talk we want to suggest a better method, based on neural network, provide an overview and comparison for several AI-based injection detection architectures, and release a specific architecture and implementation which has produced the...
Topics: Youtube, video, Education
For decades, passwords have been the common backbone (headache) of authentication and are well known to lack in security while being frustrating and difficult to use. As we continue to see daily data breaches, the reality of moving away from weak static credentials and killing the password is upon us. Join this session to learn how FIDO2 and WebAuthn open authentication standards, in conjunction with YubiKeys, are solving the elimination of passwords at scale. Hear how organizations like...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 21

favorite 0

comment 0

A career in security is part of a larger phenomenon called life. The work we do can be so all-encompassing that it can be easy to forget to take care of one's body and one's spirit. In my career I've traveled the world to speak at security conferences, published a popular textbook, and written the security policies that enabled a company to go public. On the outside it usually looks pretty sunny, but on the inside it's been a mixed bag. Life happens, and so does anxiety, depression, burn-out,...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 34

favorite 0

comment 0

If you are a bug bounty hunter or an application security analyst the ability to automate your web hunting tools is the best way to get paid. In this talk, we will discuss how we do this and share some of our favorite scripts. Source: https://www.youtube.com/watch?v=12gtkYbMGd4 Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 40

favorite 0

comment 0

Who's got time for any of this "culture" business? The security team has more trash fires than they can handle. No one is listening to their warnings! As it turns out, security culture plays a pivotal role in the health of your organization's security. In this talk I'll go over why I invest so heavily in creating a culture of security at my organization, 10–20 concrete examples of things I do that are easily replicable, my overarching strategy for changing culture, and what it means...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 28

favorite 0

comment 0

You've built login for your application—maybe you even have 2FA—but what happens when a customer calls the support number listed on your website or product? Security teams and app developers have thought a lot about online authentication, but we haven't applied the same rigor to designing systems for authenticating over the phone. At Twilio, product and engineering teams have spent the last year thinking about this problem and how to make the experience better for both the customer and the...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 20

favorite 0

comment 0

This talk will walk through reverse engineering Logitech's Harmony smart home hub from a blackbox perspective. The process of vulnerability hunting in the device will be outlined along with discussion of vulnerabilities found and post exploitation implications. Source: https://www.youtube.com/watch?v=Rcwm8ozVXio Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 25

favorite 0

comment 0

Introducing security testing tools to a QA or developer's workflow can be difficult when the tools aren't easy or intuitive to use. Even for security professionals, the friction of cumbersome security tooling can prevent them from getting the most from a tool or being effective with their time. The OWASP ZAP team is working to help enable developers, QA, and hackers alike with the ZAP Heads Up Display, a more user friendly way to engage with the security testing tool. The Heads Up Display...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 32

favorite 0

comment 0

Many companies have shared their lessons learned in scaling their security efforts, leading to hundreds of blog posts and conference talks. Sharing knowledge is fantastic, but when you're a busy AppSec engineer or manager struggling to keep up with day-to-day requirements, it can be difficult to stay on top of or even be aware of relevant research. This talk will summarize and distill the unique tips and tricks, lessons learned, and tools discussed in a vast number of blog posts and conference...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 20

favorite 0

comment 0

Netflix is a 100% cloud first company. The traditional corporate network security perimeter no longer meets our needs. In this talk, I will be covering the core building blocks comprising of identity, single sign-on using standards like SAML, OIDC and OAuth, multi-factor authentication, adaptive authentication, device health, and authorization we have invested in, to make identity as the new security perimeter. Source: https://www.youtube.com/watch?v=Y6PdEpWraos Uploader: Security BSides San...
Topics: Youtube, video, Education
Go is a programming language created at Google by Robert Griesemer, Rob Pike, and Ken Thompson. Their vision was a statically typed, productive, and readable language with good networking and multiprocessing support. By default, Go binaries are statically linked, and it is very easy to cross-compile binaries for different operating systems or CPU architectures. This makes it easy to produce an executable that can be copied to any machine and run without runtime errors due to missing libraries,...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 51

favorite 0

comment 0

Automated Teller Machine (ATM) attacks are more sophisticated than ever before. Criminals have upped their game, compromising and manipulating ATM networks, software, and other connected infrastructure. Between having a third-party manage these machines and ATMs deployed on low-bandwidth links, it's an inevitable wild-west environment. In this talk I will review three case studies of ATM attacks, showing how they have become more dangerous than ever before. In this session, I will discuss...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 30

favorite 0

comment 0

Blue teaming has not, up until this point, received the same applause and attention that red teaming has, but the tide is changing. The realization that the charge to ""protect all the things, all the time"" requires the collection and analysis of all the data is creating the conditions to ""bring the sexy"" to the blue team. This talk covers the application of different methods to collect, analyze, and correlate multiple types of data as well as the use...
Topics: Youtube, video, Education
Slack's developer platform has some powerful functionality that allows you to customize your org's workflow. But with great power comes great responsibility. While Slack has a robust security posture, do you suffer from insomnia pondering the security aspects of third-party apps? Are coworkers pleading with you to install Slack apps with scopes that frighten you? Join Kelly on a walk through the history of the Slack app directory, the unique security problems surrounding it, and what Slack's...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 23

favorite 0

comment 0

Muscle memory, incident responders will tell you, is crucial to acting quickly in a crisis. Cyber Threat Intelligence informs what we do, but practice ensures we do it well—executing effectively to eliminate the threat and protect the organization. This session provides an approach to developing security exercises and running practice drills. MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) forms the basis of this approach. We will cover the fundamentals of an...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 47

favorite 0

comment 0

Certificate Transparency (CT) logs are a new and incredibly useful tool for bringing auditability and accountability to the public web certificate ecosystem. CT logs aim to provide a verifiable, append-only history of all publicly trusted certificates on the web. With browsers like Chrome now enforcing that certificates belong to CT logs, CT logging has become a vital part of the web's ecosystem. But as with any new technology, it's our hacker duty to ask the question "How can this be...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 29

favorite 0

comment 0

As the number of blockchain assets and projects continues to increase, so too do the opportunities for attackers to exploit or trigger unstable asset behaviors, defined or otherwise. Given Coinbase's intention to support a large number of blockchain assets, Coinbase needs to take steps to ensure that all funds are properly safeguarded, regardless of any of malicious or disruptive activity on an asset network. Our initial efforts in this area have focused on Proof of Work blockchains and on...
Topics: Youtube, video, Education
Is this "real"? This is the story of how attackers today leverage a variety of tools and tricks to impact the influence landscape at scale. Many have heard of "fake news"" and know that those "friends," "matches," or "followers" might not all be real; the information we consume is inflated with likes and ratings generated by coordinated attackers utilizing anything from users' browsers to IoT devices. How are these fake accounts and likes...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 22

favorite 0

comment 0

Rod Soto • Joseph Zadeh • Xiodan Li Detecting compromise of privileged "VIP accounts" using real time analysis using Kafka streaming solution that scales on a per account basis and lets us build an evolving picture of individual risk in real time via a distributed streaming approach. Source: https://www.youtube.com/watch?v=E2npWFS-CGI Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 25

favorite 0

comment 0

Security automation can look a lot like magic, and many feel a strong temptation to go buy $HOT_SECURITY_ORCHESTRATION_PRODUCT, but it's really not hard to get started automating SecOps with the tools you already have, free and open source tools, and a little bit of code. In this talk I will give a high level view of how a SecOps or other IT group can use automation to save time and effort. I'll walk through an example, with screenshots and code, of how to automate an ops process. I want to...
Topics: Youtube, video, Education
For decades security awareness programs have been based on the assumption that employees don't know the correct course of action and with the right training, they will start performing more securely. However, this approach has not proven to be effective. A second dimension needs to be considered in security behavior change: motivation. This talk will explore how and when to motivate employees to security action. It will also discuss how to "surf" motivation generated by both...
Topics: Youtube, video, Education
BSides San Francisco 2019
- Security BSides San Francisco
movies

eye 14

favorite 0

comment 0

Source: https://www.youtube.com/watch?v=bnp_WexDM7A Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 26

favorite 0

comment 0

Penetration Testing Dropboxes are dismissed by many clients and infosec pros because they require internal access to corporate network. The reality is that dropboxes are a very valuable tool because they can lower costs and gain efficiency testing. Penetration Testing Dropboxes fit perfectly with the Assume Breach approach; as pentesters can launch internal attacks to simulate an attacker with access to the network to uncover gaps in the corporate security posture from the start of the...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 22

favorite 0

comment 0

A current trend among threat actors is the notion to Live Off the Land (LOL). LOL involves using binaries provided by the operating system to reduce the chances of being detected or to bypass application whitelisting. This presentation will look into the possibility of writing a remote access trojan (RAT) that does not handle any network connection on its own. The RAT instead uses TCP services, such as Whois and Finger, that are provided by the operating system to do the network connections to...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 30

favorite 0

comment 0

Panel: Justin Calmus • Rachel Black • Vivienne Pustell • Niru Ragupathy • Kyle Tobener • Wendy Zenone Every company big and small partners with external vendors for services. Examples can range from architects, caterers, painters, and law firms to content distribution, hosting, marketing insights, email, machine learning, and contingent labor. The exodus of information to these vendors and the need for their integration with internal resources can pose unique security challenges. In...
Topics: Youtube, video, Education
BSides San Francisco 2019
- Security BSides San Francisco
movies

eye 18

favorite 0

comment 0

Source: https://www.youtube.com/watch?v=e-c1elvTWNc Uploader: Security BSides San Francisco
Topics: Youtube, video, Education
Security headers are a history of digital scar tissue. Each one there because we discovered something terrible on the internet but couldn't shut it off without breaking things. They allow you to tap into a wealth of security controls built into modern browsers, but most are simply off by default. We'll start with a quick, high level overview of most of the major security headers and what best practice is for setting them.We'll finish with a deep dive into the content-security-policy header,...
Topics: Youtube, video, Education
BSides San Francisco 2019
movies

eye 34

favorite 0

comment 0

For some, the path to infosec starts in a lecture hall-- for Rachel it started in a glass booth hacking live in front of 400 people. Join Rachel as she walks through her nonlinear path to infosec from her background in neuroscience to the rat lab, through teaching to UX research, through live hacking to starting her own company in the field. You’ll hear tales from the glass booth, lessons she learned along the way, and insights from other non-traditional journeys to information security....
Topics: Youtube, video, Education