Active Directory security: 8 (very) low hanging fruits and how to smash those attack paths
Addressing non-linear InfoSec career paths
AIs Wide Open - Making Bots Safer Than Completely $#%cking Unsafe
AIs Wide Open - Making Bots Safer Than Completely #$%cking Unsafe
All that glitters isn't Chrome: Hunting for suspicious browser extensions
Analyzing user decision making on phishing sites - using mouse data and keyboard dynamics
An investigation of the security of passwords derived from African languages
Applying Information Security Paradigms to Misinformation Campaigns: A Multidisciplinary Approach
AppSec/SDLC/DevSecOps
Ask the EFF
ATT&CKing Your Adversaries -- Operationalizing cyber intelligence in your own environment for better sleep and a safer tomorrow.
At Your Service - Abusing the Service Workers Web API
Automatic Security Analysis of IoT Firmware
Baited Canaries - Monitoring attackers with active beacons
BEEMKA / Electron Post-Exploitation When The Land Is Dry
Beginners Session: Lock Picking
Behind the Recruiting Curtain: What Do Recruiters Really Say and Do
Bestsellers in the Underground Economy - Measuring Malware Popularity by Forum
Birthday Hunting
Board Communications
Breaking Smart [Bank] Statement
Breaking the Bodyguards
Broken Arrow: applying InfoSec and Forensic practices to escape domestic abuse
BSidesLV Pool Party
Building an enterprise security knowledge graph to fuel better decisions, faster
Building the badge- How you can make small, cheap and custom hardware for function or fashion
Burpsuite Team Server - Collaborative Web Pwnage
Can the CAN bus fly Risks of CAN bus networks within avionics systems
Certification and Labeling for IoT
Certification and Labeling in IoT
China as a New Russia? Analyzing Similarities and Differences of Chinese Threat Actors from their Russian Counterparts
CISO Unconference
Closing Ceremonies
Closing Remarks
CloudSec Rules Everything Around Me (C.R.E.A.M.)
Coordinated Disclosure of ICS Products: Who's got time for that?
Cover Your A**
Crisis Communication & Brand Monitoring
CTFs for Fun and Profit: Playing Games to Build your Skills
Cyber Deception after Detection: Safe observation environment using Software Defined Networking
Cyber Threat Intel & APTs 101
Deepfakes, Deep Trouble: Addressing Potential Market Manipulation Caused by Deepfakes
Discovering Your Passion in Cyber Security
DLP Sucks and Why You Should Use It
Duck and (Re)Cover - The missing link in the security evolution
Enterprise Overflow: How Breached Credentials Impact Us All
Escape the Questionnaire Quagmire: A thoughtful approach to addressing security inquiries from customers and prospects
Evaluating Code Embeddings
Examining DES-based Cipher Suite Support within the TLS Ecosystem
Excuse Me, Your Sword Is In My Eye: Responding to Red Teams and Intrusions in 2019 and Beyond
Exploiting Windows Group Policy for Reconnaissance and Attack
Finding Evil with Mitre ATT&CK and the Elastic Stack
Free and Fair Elections in an Internet Era
Friends of Bill W
Friends of Bill W (Sat.)
From EK to DEK: An Analysis of Modern Document Exploit Kits
From email address to phone number
Getting CVSS, NVD, and CVEs to Work for You: Standardizing and Scaling Your Vulnerability Risk Analysis
Give the dog a bone - Exploring OSINT capabilities of pen-testing tools
Giving Credit Where It's Not Due: Visualizing Joker's Stash
Grapl - A Graph Platform for Detection and Response
Hack (Apart) Your Career - How to Fund Doing What You Love
"Hackers of the world - unite?"
Hacking from Above: A Brief Guide for Transitioning to Leadership
Hacking the Pentagon: How a Rebel Alliance Shifts Culture to Protect National Security
Hacking the STORM
HAM License Exams
Hands on Hacking The OWASP TOP 10 and beyond
Hands-on: How to Use CALDERA's Chain Mode
Have You Distributed Randomness?
Hidden Networks Pivoting: Redefining DNS Rebinding Attack
How to Fail Well (In Order to be Successful) - From IT to Infosec & More
How to Treat Your Hacker (and Responsible Vulnerability Disclosure)
HSC^2 Hacker Summer Camp Hacker Standup Comedy
Human Honeypots or: How I Learned to Stop Worrying and Love the Implant
I Am The Cavalry Track Welcome and Overview
I Just Want to Help Make Flying More Secure...not Work with the Government or How I Learned to Love a Govvie
I’m a hunter! But what does that mean?
(Im)proper Database Authentication
Introduction to Cryptographic Attacks
Is This Magikarp a Gyarados?: Using Machine Learning for Phishing Detection
Keynote with Bob Lord
Knowing the Unknown: Using PCAP to Break Down Application-Layer Protocols
Let's hear from the Hackers: What should DOJ do next?
Linux Hardening - The Easy Way
Lock Picking Contest
Loki: Add a little chaos to your USB drive
Low & Slow - Techniques for DNS Data Exfiltration
Making your website vulnerable for fun and security awareness
Malware Traffic Analysis Workshop
Meet the CISO
Meet the Nation This Week on Sunday: A Special Vulnerability Edition
Meltdown's Aftermath: Leveraging KVA Shadow To Bypass Security Protections
Mind the Diversity Gap - A Panel Discussion
Musings of an Accidental CISO
My quest for (privileged) identity to own your domain
Neurosecurity: where Infosec meets Brain-machine Interface
No IOUs with IOT
Noobs: Training the Next Generation of Security Engineers
Now that you hacked the plane, what are you going to do about your career?
Old things are new again: efficient automatic signature generation for malware classification
Opening Remarks
Pentesting ICS 102
Please inject me, a x64 code injection
Prisoner Number Six
Professionalization - Possibilities and Potholes
Profiling User Risk: Borrowing from Business Intelligence to Understand the Security of Your Userbase
Queercon BSides Poolside Mixer
Real World Security in a Clinical Healthcare Environment: Hacking a Hospital
Reduce, Reuse and Recycle ML models - and the security powers is yours
Reducing Inactionable Alerts via Policy Layer
Reverse Engineering Android Apps
Reverse Engineering Mobile Apps: Never Pay for Transit Again
Reverse Engineering the Cyber Policy API
ROP with a 2nd Stack, or This Exploit is a Recursive Fibonacci Sequence Generator
Salesforce Data Governance What dark secrets lurk in your instance??
Satellite Vulnerabilities 101
Scheming with Machines: Using ML to Support Offensive Teams
Scratching the Surface of Risk
Securing Fast (and Furious) DevOps pipelines
Security BSides Organizers Meet-Up
Security data science -- Getting the fundamentals right
So you think you can CHMOD
SSO Wars: The Token Menace
Startup Security Leadership: Lessons to Level Up from Fortune 100 to Tech Startup
State of DNS Rebinding - Attack & Prevention Techniques and the Singularity of Origin
Supply Chain Security
The Case for Software Bill of Materials
The Contemplator Approach: Data Enrichment Through Elastic Stack
The drunk colonel and the flipped stone: Game Theory for a Defensive Strategic Advantage
The Human API: Evolving End Users From Authorized Adversaries Into Our Best Defense.
The Importance of Culture in Security
The New Hacker Pyramid
The Resilient Hacker: Growth Mindset, Health Hacks & Powerful Help to Navigate Personal Challenges
The Road to Hell is Paved with Bad Passwords
The SOC Counter ATT&CK
The struggles of teaching automation
Tournament: The Ultimate Secure Coding Throw Down
Trying (Unsuccessfully) to Make Meterpreter into an Adversarial Example
Unpacking pkgs: A look inside macOS Installer packages and common security flaws
Using Machines to exploit Machines - harnessing AI to accelerate exploitation
Using Wireshark for Incident Response and Threat Hunting
Virtual Breakpoints for x86_64
We the People: Providing for a 'common defence' with CVD
What's Next in Coordinating Vulnerability Disclosures
Where in the world are Carmen's $adjective cyber attacks: The game show that wonders why things aren't worse
Who dis? The Right Way To Authenticate
Why can't we be friends? (Ask a Fed & the EFF.)
Why FIDO Security Keys & WebAuthn are Awesome
Why journalists and hackers need each other (a panel discussion with infosec reporters)
Why we need a Cyber Peace Institute
Windows 10 DFIR Challenges
Windows Breakout and Privilege Escalation
Zero Trust