|
Five Keys to Building an Application Security Program in the Age of DevOps
|
Veracode
|
|
Hacker Jeopardy
|
|
|
Swimming Upstream: Regulation vs Security
|
|
|
Capture The Flag
|
Google Inc.
,
Synack
|
|
#securityselfie (size up your appsec program with new metrics)
|
Facebook
|
|
Should I Pay or Should I Go? Game Theory and Ransomware
|
|
|
Queercon Mixer
|
|
|
Spymaster Challenge
|
|
|
Make Alerts Great Again
|
|
|
Spymaster Challenge
|
|
|
Capture The Flag
|
Google Inc.
,
Synack
|
|
Linux Monitoring at Scale with eBPF
|
|
|
Look Ma, No Hands! - Decentralizing security for scale
|
|
|
Sunday Night Party
|
|
|
AtomBombing: Injecting Code Using Windows’ Atoms
|
Tal Liberman
,
Udi Yavo
,
enSilo Inc
|
|
Weathering the Storm: The Art of Crisis Communications
|
Rapid7
|
|
Better SSH management with ephemeral keys
|
|
|
When Bandit(s) Strike - Defend your Python Code
|
Netflix
|
|
Building an Effective Intrusion Detection Program
|
|
|
How Secure are your Docker Images?
|
Carnegie Mellon University
|
|
Access Control with Concierge: One Tool to Rule Them All
|
|
|
Reducing “Mixtape to Master Key” Scenarios: How to block the Dark Army from mayhem using API-driven access control
|
|
|
Dormant DOMination
|
|
|
Bypassing malware analysis sandboxes is easy, let’s discuss how they are doing it and why it works
|
|
|
Live Dissection: Anatomy of a Browser Based Botnet
|
Ilya Nesterov
,
Shape Security
|
|
How to Build a Security Team and Program
|
|
|
Lockpick Village
|
|
|
Hijacking .NET to Defend PowerShell
|
Amanda Rousseau
|
|
DNS attacks, a history and overview
|
|
|
Advanced Internet dataset combinations for #ThreatHunting & Attack Prediction
|
|
|
Exploiting Websites Hands-On
|
Instructor
|
|
Assessing the Embedded Devices On Your Network
|
Google Inc.
|
|
Fighting Email Phishing with a Custom Cloud IDS
|
Dan Borges
|
|
Illusion vs Reality: An FBI Agent’s take on how private sector realities are masked by government sector illusions of intelligence sharing, public-private partnerships and best practices
|
|
|
Opinionless Enforcement of Opinions on Operational Secrets
|
Autodesk
|
|
Hacker Happy Hour
|
HackerOne
|
|
Tired of Playing Exploit Kit Whack-A-Mole? Let's automate
|
|
|
Securing Kubernetes
|
Jesse Endahl
,
Fleetsmith
|
|
Exploiting Broken Webapps
|
Google Inc.
|
|
Security through Visibility: Organizational Communication Strategies for InfoSec Teams
|
|
|
The Underground Economy of Apple ID
|
Palo Alto Networks
|
|
The Cyber Insurance Emperor Has No Clothes
|
|
|
Does DoD Level Security Work in the Real World?
|
|
|
Witchcraft Compiler Collection : Towards programs self awareness
|
Jonathan Brossard
|
|
Lockpick Village
|
|
|
BeyondCorp: Beyond “fortress” security
|
Google Inc.
|