|
Beware the Cloudpocolypse: A Panel on Cloud Security from Cloud Providers
|
|
|
Evolution of Hackers and Reverse Incident Response
|
|
|
Phishing Dark Waters – Defending against Malicious Emails
|
|
|
Be like Water: Applying Analytical Adaptability to Cyber Intelligence
|
|
|
Post-Snowden Cryptography Part I
|
Paul Kocher
|
|
SANS: ICS Cybersecurity Overview with Hands-on Lab
|
|
|
Epidigitalogy: Surveying for Digital Diseases like an Epidemiologist
|
Symantec
|
|
U.S. vs EU Privacy Cage Match: Adapting to Changing Data Protection Laws
|
Internal Revenue Service
|
|
Threat Intelligence Is Dead. Long Live Threat Intelligence!
|
|
|
RSA Conference Codebreaker Bash
|
|
|
Assume Breach: An Inside Look at Cloud Service Provider Security
|
|
|
Privileged Account Exploitation – the Point of No Return (CyberArk Software, Inc.)
|
|
|
The Promise and the Perils of Wearables
|
Dartmouth College
|
|
South Expo Pub Crawl
|
|
|
CSI Digital Crime Lab: A Virtual Whodunnit
|
|
|
TCG: Should We Trust Mobile Computing, IoT and the Cloud? No, But There Are Solutions
|
|
|
Information Technology Insights from the DoD CIO
|
|
|
SSLammed, SSLayed and SSLapped Around - Why Hackers Love SSL
|
Blue Coat Systems
|
|
Cultivating a New Generation of Cyber-Workforce Talent
|
|
|
Cyber Security for Start-ups: An Affordable 10-Step Plan
|
|
|
Are You Burning Money By Not Classifying Your Data? (Identity Finder, LLC)
|
|
|
Using Team Structure as Defense in Depth
|
|
|
Victims DON'T Have Their Heads in the Cloud - An Insider Threat Case Study
|
|
|
Security – Rewritten by the Application Economy
|
|
|
Threat Intelligence is Like Three-Day Potty Training
|
|
|
The Kelvin Mantra: Implementing Data-Driven Security Practices
|
|
|
Updating Surveillance Law on Government Access to Your Online Data
|
Google Inc.
|
|
How to Enable Micro-Segmentation to Create a More Secure Data Center Network (VMware)
|
|
|
There’s an App for That: How the Future of Privacy Will Be Consumer-Driven
|
|
|
How We Discovered Thousands of Vulnerable Android Apps in One Day
|
Will Dormann
,
CERT
|
|
The Evolution of the Cybersecurity Executive Trifecta: The CSO/CIO/CISO
|
Palo Alto Networks
|
|
Trimming the Waste from Your Security Portfolio
|
Wendy Nather
,
Duo Security
|
|
Continuous Security: 5 Ways DevOps Improves Security
|
|
|
Dan Geer on the Future of Security
|
Dan Geer
|
|
Riding the Wave of the Digital Bank: A Security Perspective
|
|
|
The Insider Threat in the Cloud: The Harsh Reality in Today's World
|
|
|
Containers vs. VMs for Secure Cloud Applications
|
Docker
|
|
Behind Enemy Lines: Security in a Hostile Environment
|
|
|
DevOps Connect: SecOps Edition
|
|
|
Managing Expectations: The S.E.C. & F.T.C. Target InfoSEC Compliance
|
|
|
Hacking Smart Cities
|
Cesar Cerrudo
,
IOActive, Inc.
|
|
How to Spread Information Security Best Practices Virally Across Your Organization
|
|
|
Demystifying Cloud Security: Lessons Learned for the Public Sector
|
|
|
FBI Cyber: Leading Globally
|
|
|
Whats Next? Teaching Machines How to Speak Security.
|
|
|
Secure Agile Development: Why Can’t We All Get Along?
|
|
|
A Privacy Primer for Security Officers
|
|
|
Shining Light on the Shadows: Integrating Security into the Lines of Business
|
|
|
From Cowboys to Sales Engineers: Building Mature Security Services
|
|
|
Misconceptions of Risk in the Payments World
|
|
|
CANCELLED: Zero Knowledge Security
|
Akamai Technologies
|
|
On the Care and Feeding of Human and Device Relationships
|
|
|
Countering Development Environment Attacks
|
|
|
Data + Security + iOT (JIRANSOFT)
|
|
|
(ISC)2 Foundation Safe & Secure Online Program Volunteer Orientation (Members Only)
|
|
|
Evasive Malware Exposed and Deconstructed
|
Christopher Kruegel
,
Lastline, Inc.
|
|
Incident Response: A Test Pilot’s Perspective
|
Cisco Systems
|
|
Enhancing Cloud Trust
|
Microsoft Corporation
|
|
Practical Advice for Embracing RASP - A New Kind of Defense
|
|
|
Know your Adversary: Gathering Intelligence on Targeted Attacks (Verisign)
|
|
|
(ISC)² CISSP CBK Training
|
Battelle Memorial Institute
|
|
Detecting Unknown Malware: Security Analytics & Memory Forensics
|
|
|
The Terrorist’s Son – A Story of Choice
|
|
|
Staying Secure As Users and Resources Disperse (Barracuda Networks)
|
|
|
Dinner for 6
|
|
|
Rapid Hybrid Pentest – Validating Control Effectiveness, One Exploit at a Time… (SynerComm)
|
|
|
Insider Threat and the Dark Web: Cyber Response Mini-Wargame
|
Booz Allen Hamilton
|
|
Powering Your Threat Intel Team with Off-the-Shelf Tools
|
Palo Alto Networks
|
|
Don’t Get Left in the Dust: How to Evolve from CISO to CIRO
|
|
|
Endpoints in the New Age: Apps, Mobility and the Internet of Things
|
|
|
Security in the App Economy: How to Ride the Wave Without Wiping Out
|
|
|
When IT Threats Meet OT Innocence
|
|
|
Hacking Exposed: Next Generation Attacks
|
Cylance
|
|
Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
|
|
|
Avoiding the 'Creepy Factor' in Biometric and Other Technologies
|
Thomas Keenan
,
University of Calgary
|
|
The Mother of All Pen Tests
|
|
|
Making Threat Intelligence Actionable: Recommending Responses with STIX
|
Cisco Systems
|
|
Building an Appsec Program with Sun Tzu, the Dalai Lama and Honey Badger
|
|
|
Modern Threat Defense: Hiding in Plain Sight (Unisys)
|
|
|
Who’s Invited to Your Party? Minimizing Risk from Outsourced Partners
|
Morrison Consulting
|
|
Six Degrees of Kevin Bacon: Securing the Data Security Supply Chain
|
|
|
Getting a Jump on Hackers
|
Qualys
|
|
Constructions of Hash Functions and Message Authentication Codes
|
|
|
RSA Conference Orientation
|
|
|
Membership
|
|
|
Rise of the Machines: An Internet-Wide Analysis of Web Bots in 2014
|
Akamai Technologies
|
|
Security Basics Seminar
|
Rapid7
|
|
From the Battlefield: Managing Customer Perceptions in a Security Crisis
|
Cybersecurity
|
|
Inside the World of Java Applets
|
FireEye, Inc.
|
|
STIX in Practice for Incident Response
|
|
|
Leadership Lessons of History: American Presidents
|
|
|
Fail-safe the Human Pysche to Advance Security and Privacy
|
|
|
Securing the Grid: Opportunities and Risks in Operational Technology
|
|
|
The Wolves of Vuln Street: The 1st Dynamic Systems Model of the 0day Market
|
Massachusetts Institute of Technology
|
|
Cyber Battlefield: The Future of Conflict
|
|
|
TLS/SSL and Certificate Crossfire
|
Data Protection Engineering, Fidelity Technology Group
|
|
The Six Most Dangerous New Attack Techniques and What's Coming Next
|
SANS Institute
|
|
Status of the Industry: 2015 Global Information Security Workforce Study
|
|
|
Open Garages – Learn How Technology Drives Your Car
|
|
|
Securing the Internet of Things: Mapping IoT Attack Surface Areas with the OWASP IoT Top 10 Project
|
|
|
WestJet’s Security Architecture Made Simple—We Finally Got It Right!
|
|
|
Supply Chain as an Attack Chain: Key Lessons to Secure Your Business
|
|
|
The Internet of Things: Revolutionary, Evolutionary or Fad?
|
|
|
How Much Does Your Ox Weigh?: Crowdsource Your Way to Data Protection
|
|
|
Wait! Wait! Don't Pwn Me!
|
|
|
CForum: A Community Driven Solution to Cybersecurity Challenges
|
|
|
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
|
Andrew Blaich
,
Lookout
|
|
Identity Proofing - Blinding the Eye of Sauron
|
|
|
The Long Road to a Secure Web
|
Akamai Technologies
|
|
Before and Beyond the Breach: New Research in the 2015 DBIR
|
|
|
Dissecting Office Malware for Fun and Espionage
|
|
|
Effective Management of Key Storage Files Including Java Keystores and Oracle Wallets
|
|
|
The Second Machine Age
|
|
|
Across the Desk: Opposing Perspectives on InfoSec Hiring and Interviewing
|
Instructor
|
|
Let's Talk Security and Adoption of IPv6. Is Your Organization Ready?
|
|
|
Addressing The Global Supply Chain Threat Challenge: Huawei, A Case Study
|
|
|
Is Your Third-Party Service Provider Vendor Management Program Good Enough?
|
|
|
Next Generation Healthcare Security
|
Instructor
,
SANS Institute
|
|
Automating Security Workflows: The SDDC Approach
|
VMware
|
|
Stuxnet: The Real Story Behind the Digital Whodunit
|
Kim Zetter
|
|
Inside the Boardroom: How Boards Manage Cybersecurity and Risk
|
Accuvant
|
|
Cloud Based Security and Identities: Brilliance or Madness?
|
|
|
Hot Topics in Privacy: A Conversation with Facebook, Google and Microsoft
|
Google Inc.
|
|
Security: Meet Your New Roommate, The Dynamic Provisioning Environment
|
|
|
The CISO Reporting Project
|
Trey Ford
|
|
Building an Effective Incident Response Program (Rapid7)
|
|
|
Live Industrial Control Systems (ICS) Demo
|
|
|
Side-Channels in the 21st Century: Information Leakage from Smartphones
|
Yan Michalevsky
,
Stanford University
|
|
Advanced Strategies for Defending Against a New Breed of Attacks
|
|
|
How One Smart Phone Picture Can Take Down Your Company
|
|
|
You Are What You Click: Using Decoys to Identify Mobile Device Attackers
|
Columbia University
|
|
ISSA Member Reception (Members Only)
|
|
|
Identity is the Center of Everything (ForgeRock)
|
|
|
Incident Response Agility: Leverage the Past and Present into the Future
|
|
|
But...It’s an App/Play Store Download: Research Exposes Mobile App Flaws
|
NowSecure
|
|
Managing the Unmanageable: A Risk Model for the Internet of Things
|
Accenture
|
|
The Black Blob of Death Threatens Your Data Center: How to Find It and How to Stop It (SSH Communications Security)
|
|
|
Structural Entropy Analysis for Automated Malware Classification
|
Matt Wolff
,
Cylance
|
|
The Coming Revolution: Industry Groups Defining Vendor Assessment Standards
|
|
|
Owning SAP ASE: Chained Database Attack
|
Trustwave
|
|
Vulnerability Management Nirvana: A Study in Predicting Exploitability
|
Kenna Security
|
|
Bridging the Divide between Security and Operations Teams
|
Microsoft Corporation
|
|
Protecting Critical Infrastructure Is Critical
|
|
|
How Security Can Be the Next Force Multiplier in DevOps
|
|
|
Taking a Business Risk Portfolio (BRP) Approach to Information Security
|
|
|
The Sound of Metrics
|
David Scott
|
|
States at Risk: Cyber Threat Sophistication, Inadequate Budget and Talent
|
|
|
Lie. Cheat. Deceive. How to Practice the Art of Deception at Machine Speed
|
|
|
How to Develop a Security Operations Center (SOC)
|
|
|
Be Heard: Developing Effective Board-Level Communications for the CISO
|
Accuvant
|
|
JTAGulator with Joe Grand
|
Joe Grand
,
Grand Idea Studio, Inc.
|
|
Applied Information Sharing: Lessons Learned from the Gameover/Zeus Takedown
|
|
|
Continuous Breach Response Posture (Splunk)
|
|
|
Cyber Ranges – A Strategic Outlook
|
|
|
A Tale of Two Mocks—a Deep Dive into the Issues Raised
|
|
|
Are Digital Anonymity and a "Right to Forget" the New Snake Oil?
|
|
|
CSOC for Critical Infrastructure Protection
|
|
|
Watt, Me Worry? Analyzing AC Power to Find Malware
|
|
|
Misinforming Management
|
|
|
To Trust or Not To Trust: Behavioral Analytics Has the Answer (Guardian Analytics)
|
|
|
Limiting the Spread of Threats: A Data Center for Every User
|
VMware
|
|
Pragmatic Metrics for Building Security Dashboards
|
Enclave Security
|
|
Managing the Unmanageable (Citrix)
|
|
|
Identithication: Convergence of Identity and Authentication - A Rock Opera
|
|
|
How to Motivate Security and Compliance Performance & Get People to Love It
|
8x8, Inc.
|
|
How Can We Use Classified Information to Make Our Companies More Secure, Without Going to Prison?
|
|
|
Cyber-Shock 2015: Corporate Breach Role Play
|
|
|
Curbing Email Threats & Spearphishing– The Promise & Results with DMARC
|
|
|
Active Defense & Offensive Security: Where Are We Now and How Did We Get Here?
|
Neil Wyler
,
RSA
|
|
How To Play the Cybersecurity Game (Verizon)
|
|
|
How APIs Turned Cloud Security on Its Head
|
|
|
True Cost of Fraud and Cybercrime Against Your Mobile Channel
|
RSA
|
|
Security Metrics That Your Board Actually Cares About!
|
|
|
The Sophisticated Attack Myth: Hiding Unsophisticated Security Programs
|
|
|
What Trusted Computing History Teaches Us about Today's Challenges
|
|
|
Common IAM Flaws Plaguing Systems after Years of Assessment
|
|
|
How to Design Data Centric Security and What to Watch For?
|
|
|
Big Tech's Burden to Develop Predictive Indicators to Combat Cyber-Attacks
|
|
|
Never, Ever, Give Up
|
|
|
Challenges in Network Forensics
|
|
|
Mobile Vulnerabilities: From Data Breach to Complete Shutdown
|
Yair Amit
,
Modern OS, Symantec
|
|
Security on Offense
|
McAfee
|
|
Network Security and Operations When the Network Is Already Compromised
|
|
|
What a Relief - It Works! How to Build an Insider Threat Program in One Year
|
|
|
Can DNSSEC and DANE Add a Layer Of Trust to TLS and DNS?
|
|
|
The Hazards of Online Ads: What Is Being Done and What You and Your Employees Can Do
|
|
|
Hunted to the Hunter
|
|
|
Following the Sun: A Worldwide View of Cybersecurity Laws and Regulations
|
|
|
Wanted: Innovation in Security Research
|
|
|
New Trends In Cryptographic Algorithm Suites Used for TLS Communications
|
Intel Corporation
|
|
Website Counterintelligence: Leveraging Web Logs to Gather Intelligence
|
|
|
The Insider Threat: Protecting Your Network from the Inside Out (Lancope)
|
|
|
Penetration Testing with Live Malware
|
Gunter Ollmann
,
NCC Group
|
|
Secretary Jeh Johnson, Department of Homeland Security
|
U.S. Department of Homeland Security
|
|
Hack the Planet: Some Men Just Want to Watch the World Burn
|
|
|
You Can’t Stop What You Can’t See
|
Carbon Black
|
|
Major Cyberfraud Innovations of the Last Twelve Months
|
IBM Security
|
|
Healthcare Case Study: Beating Cybercrime, Nation-states & Insider Threats
|
|
|
PCI DSS and SSL: What You Need to Know in 2015
|
|
|
Secure Apache Web Server with HMTL5 and HTTP 2.0
|
|
|
UMA in Health Care: Providing Patient Control or Creating Chaos?
|
|
|
Accountability: How to Make Professional Risk a Growth Opportunity and Love It
|
|
|
A Comprehensive Approach to Advanced Threat Defense (Fidelis Cybersecurity)
|
|
|
Information Security Leadership Development: Surviving as a Security Leader
|
Trey Ford
|
|
Cookin Up Metrics with Alex and David: A Recipe for Success
|
David Mortman
|
|
Home Sweet Owned? – A Look at the Security of IoT Devices in our Homes
|
Billy Rios
|
|
The 50-Minute MBA for Information Security Professionals
|
|
|
The Little JPEG That Could (Hack Your Organization)
|
|
|
General Alexander: Life After the NSA
|
|
|
How DHS Does Cybersecurity with Content Filtering
|
|
|
Inconvenient Security: When Attorneys Drive Security Decisions
|
FS-ISAC
|
|
Quantitative Security: Using Moneyball Techniques to Defend Corporate Networks
|
Symantec
|
|
Implementing an Automated Incident Response Architecture
|
Mayo Clinic
|
|
Data Science Transforming Security Operations
|
|
|
Attackers Can Pivot through Your Infrastructure, What if You Could Pivot through Theirs? (OpenDNS)
|
|
|
Design and Analysis of Block Ciphers
|
|
|
Hacking Exposed: Beyond the Malware
|
George Kurtz
,
CrowdStrike, Inc.
|
|
If Your Company Were to Have a Breach Today, Would They Know What to Say and Who Will Say It?
|
Diversified Global Graphics Group
|
|
Patching Exploits with Duct Tape: Bypassing Mitigations and Backward Steps
|
SANS Institute
|
|
Building a Secure Cloud Without Reinventing the Wheel (Lynx Software Technologies)
|
|
|
The Hunter’s Dilemma: Taking the Kill Shot with Threat Intel, Analytics and Managed Security Services (Trustwave)
|
|
|
Effective Security Governance in Critical Infrastructure
|
Cisco Systems
|
|
Renewing the Patriot Act
|
Google Inc.
|
|
Restoring Order: The Inevitable Evolution of IT Security Regulation
|
|
|
Secure Graphical Passwords
|
RSA
|
|
Risk-Ops at Scale: Framework Operationalization to Address Business Risk
|
|
|
Security’s Evolving Role as an Enabler to the Business
|
SolarWinds
|
|
Please Do Focus on the Man Behind the Curtain (Websense)
|
|
|
How Vulnerable Are Our Homes? - The Story of How My Home Got Hacked
|
Kaspersky Lab
|
|
Designing your Cloud Security Reference Architecture
|
|
|
RSA Conference Welcome Reception
|
|
|
Bricks and Mortar to Bits and Bytes: A History and Future of Insider Threat
|
|
|
Cybersecurity Framework: Adoption Experiences and Opportunities
|
RSA
|
|
Alert Logic (Alert Logic)
|
|
|
The Big Hacks, Malware and Exploits of 2014 and What is to Come
|
SANS Institute
|
|
Embedded Exploitation Party Trick
|
Ang Cui
,
Red Balloon Security
|
|
Hunting the Undefined Threat: Advanced Analytics & Visualization
|
|
|
Understanding Threats Using Big Data and Contextual Analytics
|
|
|
Phishing for the Phoolish: Why Hackers Love Gilligans and Their Best Lures
|
Blue Coat Systems
|
|
Finally We've Got Game: Real Government Info Sharing after 15 Years of Talk
|
|
|
Doing Security Response with Your Cloud Service Provider
|
Microsoft Corporation
|
|
Secure Multi-party Computation
|
École Polytechnique Fédérale de Lausanne
|
|
Use Context to Improve Your User Identification Odds
|
|
|
The Data Security Challenge that Every Cloud Provider Faces – Who Owns the Keys? (Vormetric, Inc.)
|
|
|
Top 10 Web Hacking Techniques of 2014
|
|
|
Are You Giving Firmware Attackers a Free Pass?
|
Xeno Kovah
,
LegbaCore
|
|
Best Practice or Bust? Test Your Approach to Third-Party Risk
|
|
|
Mobile Security Shootout - Which Smartphones Are Up to the task?
|
Chester Wisniewski
,
Sophos
|
|
The Internet of TR-069 Things: One Exploit to Rule Them All
|
Shahar Tal
,
Check Point Software Technologies
|
|
Protecting Enterprise Data and Critical Applications Using Context-Based Authentication (ThreatMetrix)
|
|
|
Incident Response Tabletop Meet 'n Swap
|
SANS Institute
|
|
The Economics of Online Identity: 6 Buzzwords to Impress your Boss
|
|
|
More Books You Should Have Read by Now: The Cybersecurity Canon Project
|
Palo Alto Networks
|
|
Security Data Science: From Theory to Reality
|
|
|
Qigong for Health and Vitality
|
|
|
U.S. Government Initiatives for Securing the Global Supply Chain
|
|
|
Drones: All Abuzz with Privacy & Security Issues
|
|
|
Managing Risk in a Mobile First World
|
|
|
Smarter Intelligence: Real Time, Contextual, and Predictive (WEBROOT)
|
|
|
How to Avoid the Top Ten Software Security Flaws
|
|
|
LTE Security - How Good Is It?
|
|
|
The Legal Pitfalls of Failing to Develop Secure Cloud Services
|
|
|
Internet of Threats: What’s Really Connected to the Net and Why You Care
|
Trey Ford
|
|
Talking ’bout My Next Generation
|
Juniper Networks
|
|
Please DON'T Share My Data: Imparting Sensitivity Markings on Shared Data
|
|
|
The Social Network Panel at RSA Conference
|
Paul Moreno
|
|
Wargaming for the Boardroom: How to Have a Successful Tabletop Exercise
|
|
|
Become the Leader the Industry Needs
|
Cisco Systems
|
|
Alert Logic
|
|
|
Cyber Insurance: The Next Big Thing or the Next Requirement?
|
|
|
Sun Tzu Meets the Cloud: Everything Is Different, Nothing Has Changed
|
|
|
Can We Satisfy the ACLU and Still Share Suspicious Activity Reports (SARs)?
|
|
|
SANS: Critical Security Controls: Planning, Implementing and Auditing
|
Enclave Security
|
|
Combating Cyber Risk in the Supply Chain
|
Raytheon Foreground Security
|
|
SANS: Lethal Network Forensics
|
|
|
“Your VISA has been DEACTlVATED” – How Cybercriminals Cash In Via SMS Attacks
|
|
|
Balancing Compliance and Operational Security Demands
|
Cybersecurity
|
|
Automate or Die! How to Scale and Evolve to Fix Our Broken Industry
|
|
|
Hot Topics in Information Security Law 2015
|
The MITRE Corp
|
|
Surviving SOC2 – The Why and How for Cloud Service Providers
|
|
|
A CISO's Perspective on Talking to the Board about Cybersecurity (Veracode)
|
|
|
The “New Paradigm” of Business-Driven Cyber Defense: An Update from the FCC Chairman
|
Federal Communications Commission
|
|
How To Become a World-Class CISO
|
|
|
Technologies That Will Shape the Future Privacy Debate
|
|
|
We Have Met the Future of Security and It Is Us
|
Trey Ford
|
|
Killing the Kill Chain: Disrupting the Cyber Attack Progression
|
Tripwire
|
|
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
|
|
|
A Case Study in Building an AppSec Program: 0–60 in 12 months
|
|
|
(ISC)2® CSSLP® CBK® Training Preview Seminar
|
|
|
Another Bug Bites the Dust
|
Booz Allen Hamilton
|
|
Pragmatic SecDevOps
|
Rich Mogull
|
|
The Long and Winding Road: Building an InfoSec Career from Techie to CISO
|
Zurich Insurance Group
|
|
From Nonexistent to Gartner's #1 Security Technology in Three Years: What's a CASB?
|
Cisco Systems
|
|
Don't Touch That Dial: How Smart Thermostats Have Made Us Vulnerable
|
Yier Jin
,
University of Central Florida
|
|
Is DevOps Breaking Your Company?
|
CyberArk
|
|
The (anti)Social Network: Key Facts About Social Media Threat Vectors, Security and Compliance (Emerging Threats)
|
|
|
Tracking Ghosts through the Fog
|
Waylon Grange
,
Blue Coat Systems
|
|
Building the Bridge across the Great Minority Cyber Divide
|
|
|
No More Snake Oil: Why InfoSec Needs Security Guarantees
|
Jeremiah Grossman
,
SentinelOne
|
|
Can Cyber Insurance Be Linked to Assurance?
|
|
|
Analysis of SSL and Crypto Vulnerabilities in Android Applications
|
Yulong Zhang
,
FireEye, Inc.
|
|
70% of US Business Will Be Impacted by the CSF: Are You Ready?
|
|
|
Secure Application Development with Go
|
Signal Sciences
|
|
Rapid Threat Modeling Techniques
|
|
|
PORTAL: Open Source Secure Travel Router for International Adventure
|
Ryan Lackey
,
CloudFlare, Inc.
|
|
Data Collection for Litigation: Avoiding Privacy and Security Pitfalls
|
|
|
A Comedy of Errors: Assessing and Managing the Human Element of Cyber Risk
|
|
|
One Mobile, Two Factors of Authentication (ENTERSEKT)
|
|
|
Stop Selling and Start Marketing Your Information Security Program
|
|
|
Cyber Security and Aviation
|
|
|
FBI and Trend Micro: Combating Cybercrime within your Organization
|
Trend Micro, Inc.
|
|
The Truth about Cyber Risk Metrics: Connecting Vulnerabilities to Economics
|
|
|
Analogue Network Security
|
|
|
The Weakest Link: Mobile Apps and Data Insecurity (NowSecure)
|
|
|
Seven Grades of Perfect Forward Secrecy
|
|
|
The Emperor’s New Password Manager: Security Analysis of Password Managers
|
Zhiwei Li
,
Shape Security
|
|
Closing the Gap: Steps to Satisfy the Demand for Security Talent
|
NetSuite
|
|
The Physics of Security
|
|
|
Chosen Ciphertext Attacks in Theory and Practice
|
ANSSI
|
|
Using the Cybersecurity Framework: Lessons Learned and Opportunities
|
Intel Corporation
|
|
National Cyber Crisis – Live Exercise Scenario
|
|
|
Post-Snowden Cryptography Part II
|
Paul Kocher
|
|
Game of Hacks: The Mother of All Honeypots
|
Maty Siman
,
Checkmarx
|
|
Beyond the Behavioral Analysis Against APTs (AhnLab)
|
|
|
Mindfulness: Leadership from Within
|
|
|
The Cryptographers' Panel
|
|
|
Innovation Sandbox - "Most Innovative Company at RSA Conference" Live
|
|
|
More Apt Than You Think: Data Protection at Massive Scale
|
Davi Ottenheimer
|
|
Securing Boomers, Gen Xers And Gen Yers: OMG We Are So Different!
|
|
|
That Point of Sale Is a PoS
|
|
|
Game Consoles & Mobile Device Security: A Model for the Internet of Things
|
|
|
CyberLegislation is Upon Us... But Are We Ready?
|
|
|
Cybersecurity as a Boardroom Investment: Business Speaks Resilience
|
|
|
Breach 360: How Top Attacks Impact Tomorrow’s Laws, Litigation, Security
|
|
|
CSA Summit 2015: Enterprise Cloud Adoption and Security Lessons Learned
|
|
|
Lock Your Front Door: Protecting Patient Portals
|
|
|
Lead Like a Woman
|
The Executive Women's Forum
|
|
Hacking the CEO: Ninja Mind Tricks and Other Ruses to Get Security $$$’s
|
|
|
The Evolution of Threats Targeting Industrial Control Systems
|
|
|
Standards for Exchange of Identification Context between Federated Parties
|
Microsoft Corporation
|
|
Authenticated Encryption
|
|
|
Deconstructing Incident Response
|
|
|
Emergent Privacy Models in Healthcare
|
|
|
Notice of Eviction
|
Dell SecureWorks
|
|
Who’s Protecting What Things? Managing Cyber Risk in the Internet of Things Era
|
Deloitte & Touche LLP
|
|
The Encryption Games: Going from Encryption to Crypto Management (SafeNet, Inc.)
|
|
|
Separating Signal from Noise: Taking Threat Intelligence to the Next Level
|
|
|
Mobility and the Law: Protecting Your M-Info
|
|
|
Cyber Bullying, Revenge Porn and the Work Place
|
|
|
Third Party Supplier Governance – Secure the Supply Chain
|
|
|
Cybersecurity Legislation; Congressional & Administrative Action
|
|
|
Security in an Age of Catastrophic Risk
|
Bruce Schneier
,
IBM Security
|
|
How Secure are Contact-less Payment Systems?
|
RSA
|
|
Security: Changing the Game
|
Facebook
|
|
Executive Women's Forum Reception
|
|
|
Breaking the Glass Firewall: The Changing Role of Women in IT Security
|
|
|
Android Security: Data from the Front Lines
|
Adrian Ludwig
,
Google Inc.
,
Android Security
|
|
Secure and Efficient Implementation of AES Based Cryptosystems
|
|
|
Cybersecurity: You’re Doing IT Wrong
|
|
|
To Sign and Protect - COPS in OS X and iOS
|
Jonathan Levin
|
|
Combining Firewalls and Security Intelligence is a Hacker’s Worst Nightmare
|
Juniper Networks
|
|
CSI Digital Crime Lab: Virtual WhoDunnit
|
|
|
Can Peer Collaboration Be Our Next Best Practice for Risk Management?
|
|
|
IANS Research - The 7 Factors of CISO Impact
|
|
|
Building a Next Generation Security Architecture
|
|
|
Holistic IAM & PAM: Integrated Identity Governance with Privilege Access Management (Lieberman Software)
|
|
|
Minimizing the PCI Footprint: Reduce Risk and Simplify Compliance
|
|
|
Characterizing Malicious Traffic on Cellular Networks: A Retrospective
|
|
|
Amazing True Crimes and the Lessons They Can Teach Us
|
|
|
Cisco’s Security Dojo: Raising the Technical Security Awareness of 20,000+
|
|
|
Pass-the-Hash II: The Wrath of Hardware
|
Microsoft Corporation
|
|
Evolving Security Operations and Sharing at Net Speed
|
Fortinet, Inc.
|
|
Having an “Identity” Crisis? Overcoming the Security Challenges of the Internet of Everything (Covisint)
|
|
|
Enterprise Acquisition of Cloud Computing Services
|
|
|
Privacy and Security, the Ties That Bind
|
|
|
You’ve Been Warned: iBeacons to Bring a Tsunami of Change to Data Security
|
|
|
Attacks on Crown Jewels: SAP Vulnerabilities and Exploits
|
Onapsis
|
|
CANCELLED: Mobile Botnets: Fact or Fiction?
|
Arbor Networks
|
|
License to Kill: Malware Hunting with the Sysinternals Tools
|
|
|
Modern Department of Homeland Security Cyber: Our Vision Forward
|
|
|
To Swipe or Not to Swipe: A Challenge for Your Fingers
|
Yulong Zhang
,
FireEye, Inc.
|
|
Automating Executive-Level Cybersecurity Monitoring (Tenable Network Security)
|
|
|
Gamification of your Global Information Security Operations Center
|
|
|
Your Security Connected: Options for Simplifying the User Authentication Experience in a Mobile-first, Cloud-first World (HID Global)
|
|
|
Terror Gone Social: The Islamic State and Social Media
|
Kenneth Geers
,
Comodo Group
|
|
The Art of Thinking Security Clearly
|
|
|
Hacktivism in 2015 - It Isn’t Just for the Lulz Anymore
|
iSIGHT Partners
|
|
What Does Responsible Vulnerability Disclosure Look Like?
|
|
|
The Library of Sparta: Applying Military Doctrine to Cybersecurity
|
Greg Conti
,
West Point
|
|
Domain Name Abuse: How Cheap New Domain Names Fuel the eCrime Economy
|
Paul Vixie
,
Farsight Security, Inc.
|
|
Should 2015 Be the Year We Ditch Information Security Certifications?
|
Nettitude
|
|
Quantum Keys to the Future of Encryption (BT)
|
|
|
Cyber Security: The Brink of Prediction
|
Symantec
|
|
Into the Woods: Protecting Our Youth from the Wolves of Cyberspace
|
|
|
The Four Essential Building Blocks of Cyber Security (Agiliance)
|
|
|
Inception: APT Campaign Spanning PCs, Mobile, the Cloud, and Home Routers
|
Waylon Grange
,
Blue Coat Systems
|
|
We're Gonna Need a Bigger Boat
|
Intel Corporation
|
|
Live Mobile Hacking Demo and Dissection!
|
RSA
|
|
(ISC)2® CISSP-ISSMP® CBK® Training Preview Seminar
|
|
|
Stuck in Patterns - How Your Mind Fools You Every Day
|
|
|
Security and Privacy: Let’s Stay Together, Baby
|
Uber
|
|
Hacking High: Teaching Our Kids Vital Cyber Skills
|
|
|
Implementation Attacks on Exponentiation Algorithms
|
|
|
Implementing the U.S. Cybersecurity Framework at Intel—A Case Study
|
Intel Corporation
|
|
Should Organizations Share Threat Intel to Avoid the Next Cybergeddon?
|
MITRE Corporation
|
|
Active Response: Automated Risk Reduction or Manual Action?
|
Splunk
|
|
Enterprise Cloud: Advancing SaaS Security and Trust
|
Microsoft Corporation
|
|
I Was Attacked by My Power Supply: A Mock Trial
|
|
|
Advanced Attacks: How One Exploited Endpoint Leads to Total Datacenter Breach
|
Palo Alto Networks
|
|
Next Wave of Security Operationalization
|
|
|
IAPP: Engineering Privacy: Why Security isn’t Enough
|
|
|
A Case Study for Building Cybersecurity Policies for Industrial Robots
|
|
|
Bug Hunting on the Dark Side
|
Tillmann Werner
,
CrowdStrike, Inc.
|
|
There Are No Domestic Cyber Issues: US & UK Leaders on Global Partnership
|
|
|
Attribute and Identity Based Encryption
|
|
|
Insider Threat Best Practice, Developing a Solid Program for Success
|
|
|
Security Humanitarianism: Extraordinary Examples of Tech Improving Lives
|
Davi Ottenheimer
|
|
Advancing Information Risk Practices Seminar
|
|
|
Security Hopscotch
|
|
|
SANS NetWars
|
Instructor
|
|
News Flash: Some Things Actually Do Work in Security!!!
|
SANS Institute
|
|
Rapid Threat Modeling - Start Your Own Threat Model Now!
|
|
|
There’s a Cougar in the Car – Quickly Navigating through a Cyber Crisis
|
|
|
Timing Attacks
|
Yuval Yarom
|
|
Homomorphic Encryption and Its Applications to DRM
|
University of Connecticut
|
|
Securing Active Directory Correctly
|
|
|
VMware: The Software Defined Data Center and Network Virtualization: An Inherently Better Security Model
|
|
|
Malware Persistence on OS X Yosemite
|
Patrick Wardle
,
Digita Security
|
|
Grow Up: A Maturity Model and Roadmap for Vulnerability Management (Core Security)
|
|
|
POSitively under Fire: What Are Retailers Facing?
|
|
|
How Next Generation Trusted Identities Can Give You a Business Edge (Entrust Datacard)
|
|
|
Enterprise Cloud Security via DevSecOps
|
DevSecOps, Intuit
|
|
The Future of the ITU, ICANN and the IANA Transition
|
|
|
Security and Privacy in the Cloud: How Far Have We Come?
|
Google Inc.
|
|
Operationalizing Threat Intelligence
|
|
|
Mock Trial: International Discovery and Analysis: Miscarriage of Justice?
|
|
|
The Day My Kids Brought Home Malware
|
|
|
Attribution Debate - Is It Worth It?
|
|
|
Orchestrating Software Defined Networks (SDN) to Disrupt the APT Kill Chain
|
|
|
SANS: Metasploit Kung Fu for Enterprise Pen Testing
|
SANS Institute
|
|
Bug Bounties: Internet Savior, Hype or Somewhere Between?
|
|
|
Leveraging Global Threat Intelligence: Raising the Cost of Cyber-Warfare
|
|
|
A Dialogue on Threat Intelligence KPIs
|
Rafal Los
,
Optiv
|
|
Exploitation Trends: From Potential Risk to Actual Risk
|
WW Cybersecurity & Data Protection, Microsoft
|
|
Medical Device Security: Assessing and Managing Product Security Risk
|
|
|
Something Awesome on Cloud and Containers
|
Rich Mogull
|
|
Using an Open Source Threat Model for Prioritized Defense
|
Enclave Security
|
|
Continue The Conversation: The Cryptographers' Panel
|
|
|
Tools of the Hardware Hacking Trade
|
Joe Grand
,
Grand Idea Studio, Inc.
|
|
Preventing Data Breaches with Behavioral Analytics (Varonis Systems)
|
|
|
Full Disclosure: What Companies Should Tell Investors about Cyber Incidents
|
|
|
Does The New 2015 California Data Breach Law Protect Individual Privacy, Corporate Security, Both or Neither?
|
|
|
Realities of Private Cloud Security
|
|
|
IoT: When Things Crawl into Your Corporate Network
|
|
|
How To: Aggressive Remediation in an APT World
|
|
|
Want to be Secure in the Cloud? Build a Casino
|
|
|
Cybersecurity Awareness is a Big Deal for Small Business
|
|
|
Open Garages: Learn How Technology Drives Your Car
|
|
|
Trusted Servers for a Mistrusted World (UNICOM Engineering)
|
|
|
A Short History of Attacks on Finance
|
Fox-IT
|
|
Vulnerability and Risk Scoring: What Ratings Really Mean
|
Tripwire
|
|
Escaping Security’s Dark Ages
|
|
|
2014 Hack, Exploit and Malware Retrospective...And the Worry List Ahead
|
SANS Institute
|
|
Algorithms for Solving Hard Problems
|
Wei Wei
|
|
Effective Incident Response from the Front Lines
|
|
|
Trust in Mobile Enterprise – Have We Lost the Game?
|
|
|
Defending the Cloud from the Full Stack Hack
|
Erik Peterson
,
Veracode
|
|
State of Cybersecurity: 2015 Findings and Implications
|
|
|
Preventing and Disrupting National Security Cyber Threats
|
|
|
The Third Rail: New Stakeholders Tackle Security Threats and Solutions
|
|
|
When Will InfoSec Grow Up?
|
|
|
Do You Know What You Don't Know?
|
|
|
Six Things Wireless Security Professionals Need to Know About Wireless
|
|
|
Welcome to the New School of Cyber Defense
|
|
|
Continuous Network Compliance: Finding Flaws and Betting Futures
|
|
|
Defending against State-Sponsored Cyber Theft of Intellectual Property
|
Steptoe & Johnson LLP
|
|
Hugh Thompson and Guests
|
|
|
Detecting and Tracing Malicious Activities
|
|
|
The Newest Piece of Defense-in-Depth: Social Media & DNS
|
|
|
Interoperability: Making the Best of KMIP (QuintessenceLabs)
|
|
|
(ISC)2 Member Reception (Members Only)
|
|
|
Achieving Defendable Architectures via Threat-Driven Methodologies
|
|
|
Gumshoes Part Deux – Security Investigative Journalists Speak Out
|
The New York Times
|
|
Defending Critical Infrastructure: Preparing via Real-World Cyber Exercises
|
|
|
I’m in Control Here: Who’s in Charge of Cybersecurity?
|
CrowdStrike, Inc.
|
|
10 Tips for Running an Effective SOC - BuzzFeed Style
|
|
|
Risk & Compliance Management for Private & Hybrid Cloud Deployments
|
|
|
Majority Report: Making Security Data Actionable (and Fun!)
|
Thibault Reuille
,
OpenDNS
|
|
Building The Midgardian Citadel: Active Detection and Response
|
FireEye, Inc.
|
|
Why the Cyber Fusion Center Concept Works
|
Target
|
|
What You Don't See WILL Breach You! "Intelligizing" Detection through Context
|
|
|
Compliance by Design: Using Innovation to Beat the Compliance Rat Race
|
RSA
|
|
Defense in Depth to Coordinated Defense: Organizing against Our Common Enemy
|
Sophos
|
|
Layered Defenses to Prevent Phishing Attacks
|
|
|
Use of Technology in Preserving and Protecting Humanity
|
Morgan Marquis-Boire
,
Citizen Lab, University of Toronto
|
|
Chipping: The Next Litigation Issue on the Horizon
|
|