BSidesLV 2015 has ended

Create Your Own Event

BSidesLV 2015

11:00 PDT

Speaking Metrics to Executives

Just as strong CIOs have moved from talking about processors and routers, leaders in information security are bridging discussions of business risk and competitive landscapes with understandable metrics. During this session, some model metrics will be discussed taking typical "geek numbers" into CxO presentations by appropriate transformation and interpretation. Participants are invited to discuss presenting additional executive metric models.

Speakers

Michael St. Vincent

Michael St. Vincent (@JustOnePing) is an InfoSec professional with over two decades of security and risk management experience. His work includes developing, implementing, and leading security programs in financial, defense industry, and ISP organizations. He currently serves the... Read More →

Tuesday August 4, 2015 11:00 - 11:25 PDT
Proving Ground Florentine E

11:30 PDT

Dropping hell0days: Business Interaction for Security Professionals - Or Anyone Else

This talk is focused on how to better interface with the business leaders of your organization. Having great technical skills will only carry you so far in your career, at some point you need to develop the skillset to work with the business and further your value and your opportunities.

Speakers

Elliot Johnson

IT professional with 16 years experience, the last 5 in Information Security. Outside of work I can talk about beer or professional wrestling for hours on end. Preferably while drinking a beer. Also enjoy homebrewing and watching the dreaded sportsball. Also while drinking a beer... Read More →

Tuesday August 4, 2015 11:30 - 11:55 PDT
Proving Ground Florentine E

12:00 PDT

Practice Safe Cyber: The Miseducation of American Students on Internet Safety

What students are told to watch out for online: sexual predators. What they should actually be watching out for online: basically everything else. Contemporary American education relies heavily on the notion of “technology is everywhere and kids are clever, so we don't need to teach them about technology!” To certain extents, this is true. But like any user, the average American kid is actually pretty clueless. This talk will discuss what isn't being in taught in classrooms, what is actively being incorrectly taught, and what you can do about it. Come because you fear what the next generation of users will do to your blood pressure and subsequent health insurance premiums, stay for the snark and weird slides.

Speakers

Vivienne Pustell

Vivienne Pustell is a graduate student at the Stanford University School of Education. A former high school teacher, she attempted to nurture the next generation of social engineers and infosec-savvy citizens, but would rather not incriminate herself with specifics.

Tuesday August 4, 2015 12:00 - 12:25 PDT
Proving Ground Florentine E

14:00 PDT

Check That Certificate

Why are developers frequently disabling certification validation in their software? Is it because they are lazy or just plain imbecile? We decided to find out by writing examples to demonstrate certificate checking in as many languages as possible. We found that it was difficult to do properly in the best of libraries, and had catastrophic failure in anything less. There are even a few instances of the libraries built in functions getting it horribly wrong.

Speakers

Jacob Jernigan

Jacob Jernigan works for DigitalOcean on the support team where he ensures customers have the best support experience possible. Previously, he worked as a system administrator at a small information security consultancy. Outside of work, you will find him researching information security... Read More →

Andrew Sorensen

Andrew lives in Seattle, WA and works as a Security Consultant at Leviathan Security Group. Andrew is the creator of WLNet and LocalCoast, under which he develops software. Andrew holds a Bachelor's of Science in Computer Science and is most interested in new methodologies for solving... Read More →

Tuesday August 4, 2015 14:00 - 14:25 PDT
Proving Ground Florentine E

14:30 PDT

The Journey To ICS

The goal of the talk is to provide a starting point for security professionals that want to migrate towards ICS Security.

Speakers

Larry Vandenaweele

Security Consultant

Larry works for a consulting firm in Belgium. He’s been active in the security industry for over five years. Until two years ago, he mainly performed penetration tests on IT environments, but has now made the shift toward OT environments. Before beginning his professional career... Read More →

Tuesday August 4, 2015 14:30 - 14:55 PDT
Proving Ground Florentine E

15:00 PDT

Catching Linux Post-Exploitation with Auditd

Many Linux administrators are required to deploy Auditd in order to meet government or industry security compliance requirements. In this talk we will dive into common Linux Audit configurations and determine their value when responding to successful attacks. Finally by examining real world attacks, we can create Auditd rules that can alert us following the successful exploitation of a service.

Speakers

Eric Gershman

Eric Gershman is currently working on the security team for a group that manages large systems that enable researchers to do "Big Science". Prior to working in security Eric pursued a bachelors degree in Information Technology at the University of Central Florida. During his time... Read More →

Tuesday August 4, 2015 15:00 - 15:25 PDT
Proving Ground Florentine E

15:30 PDT

Adding +10 Security to Your Scrum Agile Environment

Scrum agile development is one of the many methodologies in which software can be developed. The resulting metrics produced from a scrum agile team can help to provide accurate timelines associated with project completion. In many organizations security teams are separated from scrum agile development teams which until a security issue occurs, and then both teams come together. This separation can cause multiple issues that negatively impact both parties rippling across the organization thus affecting the business. If security issues arise and are not fixed in a proper manner, this can leave an organization vulnerable. Furthermore, taking development time to fix issues violates the rules of scrum agile and will further impact the project timeline. The problem exists because each team has its own priorities and agenda. The security team should be more closely integrated and have representation that actively participates as a functional member of an agile team, and not as the enemy. The result of their full integration could help to change a developer’s mentality towards security, begin to address security needs as they are happen with a legacy or active application, and help satisfy both teams’ timelines and agendas.

Speakers

Josh Louden

Taco Supreme, Taco Corp

Josh Louden started writing, decompiling, and modifying VB applications in middle school in his spare time. He has continued his curiosity through college, and immersed himself into the developer realm while diving into security with undergraduate research projects in cryptography... Read More →

Tuesday August 4, 2015 15:30 - 15:55 PDT
Proving Ground Florentine E

17:00 PDT

Fight back – raising awareness @infosec

Why do we need security awareness? Apps/tools/services are under constant research (read: hacking) every day. Researchers are looking for fascinating problems to be solved, which are created accidentally by developers. It’s hard to admit but researcher evolution, motivation and attitude is currently more up-to-date than your ability to fight back to prevent them.

There are real life examples about this matter. Current security breaches with eg. Target, Home Debot, Anthem has opened this area to the wide public, but there will be surely many more to come.

Knowledge increases pain, doesn’t it? Developers cut corners with their trendy “agile” processes or pressure from customers and don’t really know or understand the basics of information security. There are certain infosec areas that need to exist in to your daily work, which will remove you to be the weakest link in the chain. When researcher comes for a visit, maybe you cannot prevent the intrusion to your system, you CAN prevent the exit with stolen data.

Speakers

petri koivisto

Tuesday August 4, 2015 17:00 - 17:25 PDT
Proving Ground Florentine E

17:30 PDT

What the heck is this radio stuff, anyway?

This talk will give the basics of radio frequency communication, to provide a foundation upon which more complex RF topics can be built.

Speakers

Nick

Information security engineer

Semi-lapsed goth with a bad habit of collecting single-board computers and SDRs. Ham radio, electronics, RC aircraft, computers, PC gaming, and zombie apocalypse planning. He/him

Tuesday August 4, 2015 17:30 - 17:55 PDT
Proving Ground Florentine E

18:00 PDT

SIEMple technology

This talk will go through the steps that should be considered when implementing a solution to make that SIEM solution work in your business.

Speakers

Bill Davison

Bill has been in the IT/security industry for 9 years crawling his way up from call center to helpdesk, and now a security engineer.

Tuesday August 4, 2015 18:00 - 18:25 PDT
Proving Ground Florentine E

18:30 PDT

How I learnt hacking in highschool

One can not start attacking systems in the wild to try new hacking technique. Hacking is not a destination but a journey. How one can set up hacking labs with minimal infrastructure, online challenges and CTF competitions around the globe and how these competition help in learning techniques in real world. Finally I will show how one can get started with bug-bounty programs and make money while being student.

Speakers

Lokesh Pidawekar

Tuesday August 4, 2015 18:30 - 18:55 PDT
Proving Ground Florentine E

10:00 PDT

ZOMG It's OSINT Heaven!

Tazz, also once tagged as an “Internet Mall Cop” by a 16-year old know-it-all, will show you the background behind payment cards, and what they're really saying. She’ll also show examples of under-evolved humans who post other PII online, and how to use OSINT to find out more details about people. Finally she’ll briefly discuss the Python V3 work she is doing to “fill-in-the-blanks” and crawl the Internet for intelligence.

Speakers

Tazz Tazz

Tazz is a veteran whose technology interests began with Atari and she was amazed when a word processor had enough memory to hold multiple lines. She’s been involved with technology since 1997 starting her career in communications, after which she completed her degree. She’s had... Read More →

Wednesday August 5, 2015 10:00 - 10:25 PDT
Proving Ground Florentine E

10:30 PDT

Classic Misdirection: Social Engineering to Counter Surveillance

Good OPSEC is not enough, sometimes you're already being watched. Sometimes good OPSEC goes wrong and backfires. This talk will discuss how good OPSEC can backfire, show some history of real-world psychological operations, and how to social engineer and troll your way to being less conspicuous of a target, or at least give those watching you a show and bad intelligence. While you can't hide everything, you can shape the way you are viewed by those who are watching you.

Speakers

Peter Clemenko III

Peter Clemenko III is a recent graduate of Wilmington University with a passion for privacy and security. He is currently working on new privacy technologies involving Android and Linux.

Wednesday August 5, 2015 10:30 - 10:55 PDT
Proving Ground Florentine E

11:00 PDT

Phishing: Going from Recon to Credentials

This presentation will quickly explore some of the common phishing attack tools and techniques. Additionally, there will be a demo of a new tool which can assist penetration testers in quickly deploying phishing exercises in minimal time. The tool can automatically search for potential targets, deploy multiple phishing websites, craft/send phishing emails, record the results, and generate a basic report.

Speakers

Adam Compton

Principal Security Consultant, TrustedSec

Adam Compton has been a programmer, researcher, instructor, professional pentester, father, husband, and farmer. Adam has over 2 decades of programming, network security, incident response, security assessment, and penetration testing experience. Throughout Adam's career, he has worked... Read More →

Eric Gershman

Eric Gershman is currently working on the security team for a group that manages large systems that enable researchers to do "Big Science". Prior to working in security Eric pursued a bachelors degree in Information Technology at the University of Central Florida. During his time... Read More →

Wednesday August 5, 2015 11:00 - 11:25 PDT
Proving Ground Florentine E

11:30 PDT

Social Media in Incident Response Program

In an age of darkness, a world full of fear, we must have those that fight against it. When we are afraid, we turn to social media. When we are alone, we turn to social media. Wherever we may go, we use social media. Social media, is the key to improving incident response. The highly evolved InfoSec people can harness the power of social media to help fight against the mutants of the world.

Speakers

JoEtta LeSueur

Wednesday August 5, 2015 11:30 - 11:55 PDT
Proving Ground Florentine E

12:00 PDT

Cats and Mice - Ever evolving attackers and other game changers

After a couple years working in various tech-related industries Eric found himself in the Social Networking world for seven years. About 2/3rds of the way into this position he split out a side project.

This unique perspective gave him new insights into how to take some administrative duties and wrap them up into what became a semi-autonomous learning abuse mitigation system

The project was designed to do what admins regularly do (manual mitigation of bad actors/persona non-grata). But with enough accuracy and performance the goals were loftier.

Finding and acting on these elements before an admin even has to deal with them -- faster detection, and prevention, and mitigationtimes.

Much introspection ensued. The mind re-thought and further re-though what sensory input it was able to use to *know* which users look bad but are not. Likewise, how to reproduce an electronic 'gut instinct' on the bad users.

Attempts at solving this problem did not immediately proove easily.

Furthermore, as the system adapted, so did the attackers.

Speakers

Eric Kmetz

Eric Kmetz is a Software Engineer that has had a long-running interest in InfoSec. His hacking interests have spanned across BBSes, Phone Conferences, IRC, and TCP/IP vulnerabilities. More recently he has used his skills to work on software with the intent of creating software... Read More →

Cats and Mice Ever evolving attackers and other game changers pdf

Wednesday August 5, 2015 12:00 - 12:25 PDT
Proving Ground Florentine E

14:00 PDT

FAA, FTC, FCC - FU: How Three F'ing Agencies are Shaping Info Sec

A look at three "F'ing" government agencies whose recent oversight and regulatory actions are shaping the where and how of information security research.

Speakers

Elizabeth Wharton

Ms. Wharton, an attorney and co-founder of Policy Bytes, utilizes her first-hand legislative and information security business experience to advise clients on strategic messaging, policy impact analysis, and legislative initiative implementation for technology research, information... Read More →

Wednesday August 5, 2015 14:00 - 14:25 PDT
Proving Ground Florentine E

14:30 PDT

+10 Knowledge: Sharing What You Learn For the Benefit of the Everyman.

Does what we teach and share reach beyond our community and into the every-day life of the average Joe? Can someone seemingly far removed from security benefit from events like BSides? One year after attending my first BSides, I share how what I learned has filtered out and changed my personal and professional environments.

(Author note: My abstract could use work. I'm sorry.)

Speakers

Ashley Miller

Wednesday August 5, 2015 14:30 - 14:55 PDT
Proving Ground Florentine E

15:00 PDT

Maximizing Bro Detection

Bro is an open source traffic analysis tool mainly deployed in Universities. This talk will show a bit of how Bro can be utilized in a real-world corporate environment and merely touch on what is possible with it.

Speakers

John B. Althouse

John figures out ways to detect evil. He is also a track instructor and spends his free time calmly talking to people while they drive at 130mph toward a walls.

Wednesday August 5, 2015 15:00 - 15:25 PDT
Proving Ground Florentine E

15:30 PDT

Embedding Web Apps in MITMProxy Scripts

MITMProxy is a popular open source Python-based HTTP(S) interception proxy. The developers have recently added a web-based front-end to supplement the existing ncurses console GUI.
This talk will focus on work that I have done to bring a plugin architecture to the web front-end, allowing existing and new MITMProxy scripts to be configured and triggered through the browser.
Two types of plugins have been added: view-only transformations, and "action" transformations with options affecting the data traveling across the wire. This gives MITMProxy users more capabilities in terms of manipulating and visualizing intercepted HTTP(S) traffic, using application or domain-specific plugins.
I will show how this plugin architecture can be used in practice via an example of cheating at a popular mobile word puzzle game. There will also be a brief discussion of other interesting plugins and next steps.

Speakers

Chris Czub

Senior Security Engineer, Duo Security

Chris Czub is an information security engineer on Duo Security's Corporate Security team where he helps keep their employee endpoints and servers monitored and safe.

Wednesday August 5, 2015 15:30 - 15:55 PDT
Proving Ground Florentine E

17:00 PDT

What Lurks in the Shadow

What Lurks in the Shadow: Addressing the Growing Security Risk of Shadow IT & Shadow Data

Welcome to the Mordor of security, where the eye of BYOD reigns supreme, and the proliferation of easy-to-use devices is creating an unprecedented level of end user entitlement. A little knowledge has become a very dangerous thing by letting people “help themselves” to data and network access. This is the world of Shadow Data/Shadow IT, where rules are known but not observed; where risks are taken regardless of known consequences; and where “keep it secret” definitely does not keep IT safe. What happens when users or employees take it upon themselves to decide what tech they want to use and how they want to implement it? As the IoT proliferates, and human nature takes its course, we cannot out-engineer human failings and susceptibility. Because that device, and the freedom to use it as the user sees fit, override anything we currently put in place.

Speakers

Cheryl Biswas

Cheryl Biswas is Assistant Chief Security Officer and InfoSec analyst, researcher and writer with JIG Technologies in Toronto, Canada. She handles communications; researches and delivers InfoSec briefings; and advises on Disaster Recovery and security processes for clients. She loves... Read More →

Wednesday August 5, 2015 17:00 - 17:25 PDT
Proving Ground Florentine E

17:30 PDT

Out of Denial: A 12-Step Program for Recovering Admins

With massive data breaches being announced almost daily, the number of IT professionals moving into the security arena continues to grow. Some of these (like myself) come from systems and network admin backgrounds. Many of these “recovering admins” think they know security because they managed firewalls, established VPNs and created AD password policies. Most, however, are wrong - they don’t understand the enemy, his tactics or what’s at stake. To help with this learning process, we will work through a "12-step” program designed to help face the harsh reality, dispel many common misconceptions and provide some clear directions to move forward.

Speakers

Paul Lee

After over a decade as a systems and network administrator, Paul finally saw the light and decided there was more to life than patching systems and applying policy updates. Now as a security professional and “recovering admin” he hopes to take some of the lessons learned and pass... Read More →

Wednesday August 5, 2015 17:30 - 17:55 PDT
Proving Ground Florentine E

18:00 PDT

Why We Can't Have Nice Things: Original Research on Conflict Resolution Styles in Information Security & Risk Management

Conflict can be a good thing, really. Without it, we get groupthink and dumbass decisions. But how we approach and resolve conflicts can make the difference between healthy conflict and an unproductive, frustrating fight. Why do we have so much of the latter?

My graduate research on the conflict resolution style preferences of information security professionals sheds light on the “culture of no”: why infosec conflict so often results in fights, why we keep burning bridges to make a point, and why people can be unwilling to talk to us. More importantly, this research gives us ideas on how we can resolve conflicts without burning all the bridges – in other words, how we can begin to have nice things.

(No hackers or statistics were harmed in this research.)

Speakers

Rachael Lininger

Leviathan Security Group

Information security analyst, risk consultant, Cthulhu cultist. Lawful good. Opinions belong to her autocorrect, not her employer. @0xdaeda1a

Wednesday August 5, 2015 18:00 - 18:25 PDT
Proving Ground Florentine E

18:30 PDT

Serial Box - Primer for dealing with Serial and JTAG for basic hardware hacking

While serial interfaces and tools to easily make use of them are more widespread than ever. However, with the downfall of the serial modem as a common communication method and the omission of an RS232 serial port from most modern PC designs it is easy to have gotten into the tech industry without ever having touched a simple serial port. This talk is intended to be an intro to dealing with serial and JTAG and now it relates to hardware hacking.

Speakers

Matthew Jakubowski

Longtime con goer, first time speaker. Always took things apart as a kid to figure out how they worked and in some cases how to get Linux onto them. Been responsible in many different areas of infosec: datacenter tech, sysadmining, defending systems in a SOC, and now he gets to break... Read More →

Wednesday August 5, 2015 18:30 - 18:55 PDT
Proving Ground Florentine E