Social Media in Marketing and the Workplace: Legal & Regulatory Compliance
|
|
Integrating OpenStack’s Keystone Service with an Access Management System
|
|
Studio: Why Companies Fail with Compliance Initiatives
|
|
Debate: Does Security Awareness Training Actually Improve Enterprise Security?
|
|
Tracking Employees via Mobile Devices - Legal.. or Not?
|
|
Studio: Application Security Everywhere: Getting Over the Old and Making the New
|
Jeremiah Grossman
,
SentinelOne
|
Public Sector Identity: The Evolution of an Idea
|
|
Cyber Security & the American States: Threats, Challenges & the Way Forward
|
|
Studio: Application Security Response: When Hackers Come A-Knockin
|
Katie Moussouris
,
Luta Security, Inc.
|
Data Breach Intelligence: Does History Always Repeat Itself?
|
Jake Kouns
,
Risk Based Security
|
How To: An IP Phone That Can’t be Used to Spy on You
|
Red Balloon Security
|
Considering Anonymous: A Roundtable Discussion
|
|
The Future of Mass Mobile Threats – Coming to a Phone Near You?
|
|
Studio: Bug Parades, Zombies and the BSIMM: A Decade of Software Security
|
|
Mobile Digital Wallets: Lessons Learned, Risks and Opportunities
|
|
Don’t Ask, Don’t Tell: The (In)Security of Vendor-Supplied Software (Veracode)
|
|
Information Security Certifications: Do They Still Provide Industry Value?
|
|
Identity-Based Encryption
|
Fudan University
|
Alternatives to Certification Authorities for a Secure Web
|
|
Evolving Security of Electronic Patient Data
|
|
!Con: RSA Conference Rump Session
|
|
20 in 2013: The Top Privacy Issues to Watch
|
|
Security Leadership - Your Secret Weapon
|
|
Control Quotient: Adaptive Strategies for Gracefully Losing Control
|
|
The Security Plateau Effect
|
|
Studio: Life as a Target
|
|
Why the Scarecrow of Oz Had It Right
|
Symantec
|
ENCORE: Managing Enterprise Risk: Y U NO HAZ METRICS?
|
|
The Freedom to Be Who You Want to Be: Strong Authentication and Pseudonymity on the Internet
|
Google Inc.
|
Relationship Issues: Privacy and Security — Can this Marriage Last?
|
|
Ipv6 Vulnerability Management: From Theory to Reality
|
Qualys
|
Combating Next Generation Cyber Crimes: An ROI Paradigm
|
|
Criminal Education: Lessons from the Criminals and their Methods
|
|
Studio: Hacking Exposed: PLA Edition
|
George Kurtz
,
CrowdStrike, Inc.
|
Debate: Internet GUN CONTROL - Are Pentesting Tools Good or Evil?
|
Dave Aitel
,
Immunity, Inc.
|
Infosec Intelligence and Regulatory Filings: Has It Made a Difference?
|
|
Application Security Response: When Hackers Come A-Knockin
|
Katie Moussouris
,
Luta Security, Inc.
|
How the Software Defined Datacenter is Turning Security on it's Head
|
|
The Value of Contextual Data in Security Intelligence
|
|
Mayans, Mayhem and Malware
|
|
Are the 20 Critical Controls a New Standard of Due Care for Cybersecurity?
|
Qualys
|
Public vs. Private Sector: Funding a Successful Security Program
|
|
Customers & Criminals: Use Web Session Intelligence to Detect 'Who Is Who' Online
|
|
Rugged Identity Management - Avoiding Single Points of Failure
|
|
Advancing the SOC: Agile, Intelligent and Context Aware
|
|
Where the Streets Have No Name: CISOs Paving the Path to a New C-Suite
|
Samsung
|
Riot Control: The Art of Managing Risk and the Internet of Things (Riot)
|
McAfee
|
Will They EVER ''Get'' Security?
|
|
Cracking Cyber Stress: How to Stay Healthy at Work
|
|
To the Cloud! Software Security Evolution at Adobe
|
Adobe Systems, Inc.
|
Your Honor, it Was Self-Defense—a Mock Trial
|
|
Getting to the Board Level: Evolving Security and Risk Management in FSIs
|
|
Awareness Doesn't Matter: A Behavior Design Approach to Securing Users
|
|
Application Security Everywhere: Getting Over the Old and Making the New
|
Jeremiah Grossman
,
SentinelOne
|
Intriguing Insider Threat Cases - Make Sure This Doesn’t Happen to You!
|
|
Solving the Cyber Security Hiring Crisis – Hiring the Un-Hireable
|
|
BYOD: Here Today, Here to Stay?
|
|
Everything We’re Doing with Passwords is Wrong
|
|
Do Your Business Partners' Web Sites Put You at Risk?
|
|
Certification of Products or Accreditation of Organizations: Which to Do?
|
SAFECode
|
Real Time Forensics: Finding the Culprit While the Body is Still Warm
|
McAfee
|
It Takes a Village: CSR Programs For the Next Generation of InfoSec Workers
|
Booz Allen Hamilton
|
The Art of... Partnership? - Global Security Org Meets Local Business Unit
|
|
Controlling Trust and Risk: Lessons Learned at Boeing and New Ponemon Research
|
|
Big Data Transforms Security
|
RSA
|
Studio: Stuxnet Lessons for Defenders
|
|
When I Need You to Know Who I Am
|
|
Actionable Intelligence for the Enterprise
|
Bank of America
|
In the Hot Seat - Microsoft's Response to the Flame Malware
|
Microsoft Corporation
|
Hacking Exposed: PLA Edition
|
George Kurtz
,
CrowdStrike, Inc.
|
50 Minutes Into the Future: Tomorrow's Malware Threats
|
Michael Sutton
|
Why Companies Fail with Compliance Initiatives
|
|
From Hours to Seconds: Managing Security in Real Time
|
McAfee
|
Cybersecurity SLAs: Managing Requirements at Arm’s Length
|
|
Trojan Horse: The Widespread Use of International Cyber-Espionage as a Weapon
|
|
The Future of Endpoint Security
|
Zscaler, Inc.
|
Hacking Exposed – Embedded
|
Cylance
|
Studio: Virtualization and Private Cloud Risk Modeling
|
SANS Institute
|
Big Data and Security: At the Edge of Prediction
|
|
Mobile Virtualization: The Cure for BYOD or a Pipe Dream
|
Verizon
|
Is Your Design Leaking Keys? Efficient Testing for Side-Channel Leakage
|
|
Managing Security Risk: The CSO Panel
|
|
Big Data Calls for Big Security!
|
|
007 or DDOS: What is Real-World Cyber Policy?
|
|
Mobile Devices as Attack Platforms
|
|
Studio: Mobile and the Connected World
|
Kevin Mahaffey
,
Lookout
|
Incident Scene Authorization using a Mobile Handheld Device
|
|
Studio: Sorry? Who Did You Say You Were? - Exploiting Identity for Fun and Profit
|
|
Cracked SSL?
|
|
Studio: Extreme Cyber Scenario Planning & Fault Tree Analysis
|
|
Administration Cyber Security Priorities for Federal Information Systems
|
|
The Cloud Ate My Network! Security for Virtual Networks
|
|
Offensive Security: Hope or Hype?
|
George Kurtz
,
CrowdStrike, Inc.
|
Cryptographic Protocols I
|
KTH Royal Institute of Technology
|
Do We Have the Authority? Legal Issues in Protecting Government Networks
|
|
Think a Password is Going to Protect You? Think Again
|
Google Inc.
|
Detecting the One Percent: Advanced Targeted Malware Detection
|
Tomer Teller
|
Studio: Who, What, Where and How: Five Big Questions in Mobile Security
|
NetSuite
|
Cyberpunk & Hacker Culture - From Fiction to Reality
|
Keren Elazari
|
Big Brother’s Greek Tragedy: State-Deployed Malware & Trojans
|
Kurt Opsahl
,
Electronic Frontier Foundation
|
Mobile Security Battle Royale
|
IOActive, Inc.
|
The Probability of Exploit: Predictive Analytics & Security Management
|
|
Mobile Attacks: Separating Hype From Reality
|
Charlie Miller
,
Uber ATC
|
Did Anyone Get the Name of that Hacker Who PWNED Me?
|
|
Mobile Applications - the Vulnerability Tsunami is Coming
|
|
Mobile Encryption: The Good, the Bad and the Broken
|
NowSecure
|
Implicit Risk Management - When is “Good Enough” Sufficient?
|
|
Studio: State of the Hack: M-Trends® 2013
|
FireEye, Inc.
|
Living Below the Security Poverty Line: Coping Mechanisms
|
Wendy Nather
,
Duo Security
|
Bug Parades, Zombies and the BSIMM: A Decade of Software Security
|
|
Shining Some Light into the Evolution of BlackHole
|
|
Data Breach Law Update – Global Trends, Legal Complexities
|
|
Roadmap Toward a More Secure and Resilient Cyber Ecosystem
|
MITRE Corporation
|
The Cyber Security Industry: Survival in the Age of Cyber Warfare
|
Kaspersky Lab
|
Achievement Unlocked: Designing a Compelling Security Awareness Program
|
Rapid7
|
Public-Key Encryption I
|
Shanghai Jiao Tong University
|
Memory Forensics: Defeating Disk Encryption, Skilled Attackers and Malware
|
|
The Crossbill SpyEye Malware Investigation
|
Sophos
|
Managing Daily Security Operations with Lean and Kanban
|
|
Legal Aspects of Bring Your Own Devices
|
|
NSTIC Report–Path from Cyber-Identity Puzzle to Interoperable ID Ecosystem
|
|
The Secret to Effective Cyber Threat Intelligence and Information Sharing
|
MITRE
|
Standards-Based Secure Single Sign-On for Native Mobile Applications
|
|
Cryptographic Protocols II
|
|
The Good and Bad of Intelligence Sharing – An After-Action Report
|
FireEye, Inc.
|
Mobile APT - How Rogue Base Stations Can Root Your Devices
|
|
Why Your Organization Needs a Travel Security Program and How to Build One
|
SANS Institute
|
Your Honor, it Was Self-Defense—a Panel Discussion
|
|
Getting Under the OS: How Real are Firmware Threats and What Can be Done?
|
Microsoft Corporation
|
The Call for a Comprehensive Privacy Program
|
|
Managing Risk When Everything is Changing
|
|
Global Vulnerability Analysis: One Year of Internet Scanning
|
|
Taking Down the World's Largest Botnets
|
FireEye, Inc.
|
Foolish Zebras: Log-tracking Your Riskiest Users to Find the Bad Guys
|
Symantec
|
Automating the 20 Critical Controls
|
Qualys
|
Who Owns the Data in Mobile Payments and Why that Matters
|
|
SocialKlepto: Corporate Espionage with Fake Social Network Accounts
|
|
Public-Key Encryption II
|
|
Too Big to Fail: CISO Panel on Scaling Security in the Era of Big Data
|
|
Adapting OAuth to the Enterprise
|
salesforce.com
|
Is a VDI Desktop More Secure Than a Standard Desktop?
|
|
Privacy is Not Dead, You Just Need to Try Harder
|
|
The Threat Horizon: The 2013 Global Information Security Workforce Study
|
|
Digital Signatures I
|
|
Is it Whack to Hack Back a Persistent Attack?
|
George Kurtz
,
CrowdStrike, Inc.
|
Studio: Trickle Down Cyber-Warfare
|
Alex Stamos
,
Yahoo!
|
How Organization Embedded Risk Scoring Improves Corporate Security DNA
|
|
Stateless Architecture for Smaller IT and Risk Footprint
|
|
Banking Fraud: Where is the Liability – With the Customer, Bank or Vendor?
|
|
SCADA Protection for Critical Infrastructure - A Collaborative Approach
|
|
We Were Hacked: Here's What You Should Know
|
Matthew Prince
,
CloudFlare
|
Using HTML5 WebSockets Securely
|
|
Is a Privacy Compliant Public Cloud Solution an Oxymoron?
|
|
Analytic of China Cyber Warfare
|
|
Democracy and the Internet
|
|
Strange Bedfellows: Security & Marketing Need to Combat Phishing Together
|
Twitter
|
Software Defined (In)Security - Virtualization, Cloud & Mobility
|
Rich Mogull
|
From the Drone Butcher's Cookbook: Live Demo of a P2P Botnet Takeover
|
Tillmann Werner
,
CrowdStrike, Inc.
|
Studio: Link by Link: Crafting the Attribution Chain
|
|
Hacking OAuth 2.0 : Avoiding Security Pitfalls in Your Deployment
|
|
I (Mr. Techie) Got the CISO Job! Should I Prepare 3 Envelopes?
|
|
Get Off My Cloud: A Panel Discussion on Cloud Security from Cloud Providers
|
|
Windows 8 Security - The Unsung Hero!
|
Microsoft Corporation
|
Studio: Building a Better APT Package
|
Gunter Ollmann
,
NCC Group
|
Fifteen Years of Being Nervous: Securing U.S. Critical Infrastructure
|
|
7 Highly Effective Habits of a Security Awareness Program
|
|
The Lifecycle of Cybercrime
|
|
Building and Securing Aadhaar – the World's Largest National ID System
|
|
Studio: The Cyber Threat Landscape: New Themes in Prevention, Detection and Response
|
|
ENCORE: The Five Most Dangerous New Attack Techniques and What's Coming Next
|
|
Security Culture: Figuring Out How Bad Your Company Really Is
|
|
GPU Assisted Password Attacks
|
|
Secure Implementation Methods
|
Graz University of Technology
|
Microsoft Security Intelligence Report
|
WW Cybersecurity & Data Protection, Microsoft
|
Cloudy with a Chance of Sploits
|
IBM
|
Studio: 20 in 2013: The Top Privacy Issues to Watch
|
|
Software Security: A Waste of Time
|
|
Sharing Indicators of Compromise: An Overview of Standards and Formats
|
|
Privacy Compliance and Oversight in the National Security Context
|
National Security Agency
|
The Hugh Thompson Show
|
Wired
|
Mobile Risk Management: Enabling Enterprises to Use Consumer Devices & BYOD
|
Cylance
|
I Was Blind, but Now I See: CISOs Discuss Visibility with Big Data Security
|
|
Mega-Trends in Information Risk Management for 2013 and Beyond: CISO Views
|
|
Everything You Wanted to Know About Cyber Insurance but Were Afraid to Ask
|
|
How to Safely Cross Borders with Computing Devices
|
Ryan Lackey
,
CloudFlare, Inc.
|
Security: Looking Forward - Protecting Critical Applications with OWASP
|
Michael Coates
,
Twitter
|
DMARC One Year Later
|
|
25 Years of Vulnerabilities: 1988-2012
|
|
Special Forum on Cybersecurity: New Directions from the White House
|
|
Will You Ever Be Able to Trust Social Networks?
|
Sophos
|
Studio: Hacking Exposed – Embedded
|
Cylance
|
Side Channel Attacks II
|
Yu Yu
,
Shanghai Jiao Tong University
|
Tactical Sec Ops: A Guide to Precision Security Operations
|
|
Doxing and Anti-Doxing: Information Recon for the Stalker and Stalked
|
|
APTs by the Dozen - Dissecting Advanced Attacks from China
|
FireEye, Inc.
|
Competing Visions: “Begun, the Mobile Security War Has”
|
Lookout
|
The Top Ten Things I Wish Static Analysis Tools Commonly Did
|
|
The Loophole: Federal Crimes Not Being Addressed
|
|
Building a Higher Order of Security Intelligence
|
|
Invited Talk I
|
Nadia Heninger
,
Microsoft Corporation
|
Writing Applications that are Easier to Defend than Attack
|
|
Symmetric Key Primitives II
|
|
What? Me, Worry? I've Already Been Hacked. Haven't You?
|
|
Winchester House Security: Why Enterprise Security Architecture Matters
|
|
Chopping Up the Cloud: How Patchwork Data Rules Undercut the Global Market
|
|
OASIS Privacy Management Reference Model (PMRM)
|
|
Mobile Security Smackdown: How Government “Pwned” the Private Sector
|
|
2012—The Year of Geolocation Privacy: Where are Law and Policy Headed?
|
|
The Layer-2 Insecurities of IPv6 and the Mitigation Techniques
|
Cisco Systems
|
Computer Crime Law: Recent Developments
|
|
Practical Advice for Cloud Forensics
|
|
Keys in the Clouds: Key Management Strategies for the Hybrid Cloud
|
|
Surviving in a Feudal Security World
|
Bruce Schneier
,
IBM Security
|
Why Haven’t We Stamped Out SQL Injection and XSS Yet?
|
Coverity
|
How the Constitution Protects your Cell Phone and Laptop Encryption Key
|
Samsung
|
Psychographics of the CISO
|
Wendy Nather
,
Duo Security
|
Pandora's Box Meets the Sword of Damocles: Curtailing Cyber Abuse
|
|
The Future of Cyber Security: A Top Investor's View
|
|
Mind over Matter: Managing Risk with Psychology Instead of Brute Force
|
Akamai Technologies
|
Android Malware Exposed - An In-Depth Look at its Evolution
|
|
Studio: Security Smarts for the Self-Guided IT Professional
|
|
Managing Enterprise Risk: Y U NO HAZ METRICS?
|
|
FPKIMA: The Dial-Tone for FPKI
|
|
Highway to the Danger Zone…Going Offensive…Legally
|
CrowdStrike, Inc.
|
Corporate Espionage Via Mobile Compromise
|
NowSecure
|
Cloud Assurance Frameworks – Which One’s Really Relevant?
|
|
Mitigating the Top Human Risks
|
SANS Institute
|
Stay Relevant! Move Security From the Back Office to the Board Room
|
|
The New Fundamentals of Security
|
McAfee
|
Studio: Intriguing Insider Threat Cases - Make Sure This Doesn’t Happen to You!
|
|
Just In Time Security: Difficulty of Being Proactive in Cyber Environments
|
|
Application Security: One Size Doesn’t Fit All
|
|
Patching Stupidity
|
|
Trust Frameworks: Alternative Approaches to Achieve the Panacea
|
|
Embedded Systems Under Fire - Fault Injection on Secure Boot
|
Jasper van Woudenberg
|
Upgrade to a Machine Gun – Automate Your Defenses
|
Juniper Networks
|
Advanced Techniques for Registry Forensics: A Study of Three Scenarios
|
|
The Killer Next Door - Devastating Impacts of Third Party Breaches
|
|
New Ways of Mitigating Botnets
|
Mikko Hypponen
,
F-Secure
|
Exploding the Phone: The Story of the Teenagers & Outlaws Who Hacked Ma Bell
|
|
Less is More - PCI DSS Scoping Demystified
|
|
Symmetric Key Primitives I
|
UC San Diego
|
Stock Exchanges in the Line of Fire – Morphology of Cyber Attacks
|
|
Blackberry Pwnage - the Bluejay Strikes
|
Federico Muttis
|
Securing the Data Center's Future Today
|
McAfee
|
Cyber Attacks: The Call for Retaliation and the Legal Ramifications
|
Federal Bureau of Investigation
|
Ten Years Later: The National Mission to Secure Cyberspace
|
|
Studio: To the Cloud! Software Security Evolution at Adobe
|
Adobe Systems, Inc.
|
Lawyers, Regs and Money: The Breach Has Hit the Fan
|
|
Invited Talk II
|
|
How to Prevent End Users from Being Fooled by Social Engineering Attacks
|
|
Complete Patch Management - 2nd Generation (Secunia)
|
|
Hunting for Indicators of Compromise
|
Lucas Zaichkowsky
|
Black Hat Budgeting: Raising the Cost of Compromise
|
|
The Cryptographers' Panel
|
|
The Five Most Dangerous New Attack Techniques and What's Coming Next
|
|
Remarks by Dr. Condoleezza Rice
|
|
Thin Slicing a Black Swan
|
|
Locking Down the Cloud – Security is not a Myth
|
|
Managing Trust and Risk at CME Group and Blue Shield of California
|
|
The Internet Health Model for Cyber Security
|
Microsoft Corporation
|
Studio: Bringing Cyber Policy in Line with the New Economic and Technical Realities
|
|
Risk Management: How to Put Theory into Practice
|
|
The Real Economics of Cybercrime
|
|
Anatomy of iOS Apps
|
|
Secure Mobile Solutions…The Handset and Beyond…
|
|
Deployment Strategies for Effective Encryption
|
Nettitude
|
Combating the Insider Threat at the FBI: Real World Lessons Learned
|
Federal Bureau of Investigation
|
Studio: Awareness Doesn't Matter: A Behavior Design Approach to Securing Users
|
|
Studio: Nation-State Attacks on PKI
|
|
Updating the Rules for Government Access to Your Cloud Data
|
Google Inc.
|
The Cyber Threat Landscape: New Themes in Prevention, Detection and Response
|
|
Techno-Ethics for Lawyers - How Technology Complicates Ethical Compliance
|
|
libinjection: New Directions in SQLi Detection
|
Signal Sciences
|
Waiter, There's a Fly in My Code
|
Oracle Corporation
|
Extreme Cyber Scenario Planning & Fault Tree Analysis
|
|
Special Operations Tactics Applied to BYOD Defense
|
Silent Circle
|
Legal and Technical Issues of Forensics in the Cloud: How to Prepare
|
Davi Ottenheimer
|
Making Rugged DevOps and Infosec Work
|
Signal Sciences
|
Studio: We Were Hacked: Here's What You Should Know
|
Matthew Prince
,
CloudFlare
|
The Security Threat to Smart Grid is Worse Than We Think
|
|
Why is SCADA Security an Uphill Battle?
|
|
Side Channel Attacks I
|
|
Sorry? Who Did You Say You Were? - Exploiting Identity for Fun and Profit
|
|
Privacy Perspectives: Leveraging Data to Protect Data
|
|
Virtualization and Private Cloud Risk Modeling
|
SANS Institute
|
Malware Hunting with the Sysinternals Tools
|
|
The Hyperconnected World of Intelligent Devices: A New Era for Security
|
Qualys, Inc.
|
Cyber Battlefield: The Future of Conflict
|
|
Studio: Everything We’re Doing with Passwords is Wrong
|
|
Examining the Legal & Policy Implications of a Breach: Who's Responsible?
|
NetSuite
|
Making a Case for Security Optimism
|
Microsoft Corporation
|
SAST, DAST and Vulnerability Assessments, 1+1+1 = 4
|
|
Best Practices for Surviving and Thriving through a DDoS Attack
|
|
Privacy: A Conversation with Facebook, Google, Microsoft & Mozilla
|
Google Inc.
|
E-Discovery: Exploring the Rising Star on Your Risk Horizon
|
|
“Artificial Intelligence:” The Myth Surrounding Perimeter Defense
|
Booz Allen Hamilton
|
The FBI and the Private Sector: Safeguarding Our Cyber Security
|
Federal Bureau of Investigation
|
Exploitation of Attackers' PHP Systems
|
Daniel Chechik
,
Trustwave
|
Cyber Conflict & The People's Republic of China
|
|
Life as a Target
|
|
Cyber Kill Chain: Applying IED Tradecraft to Counter APT
|
|
Hot Topics in Information Security Law 2013
|
|
Incident Response – How to Give the Advantage to the Hackers!
|
|
Can You Trust Your Mobile Applications?
|
|
Who, What, Where and How: Five Big Questions in Mobile Security
|
NetSuite
|
Next-Generation Threat Protection to Counter Advanced Attacks
|
FireEye, Inc.
|
Studio: The Five Habits of Highly Secure Organizations
|
Nettitude
|
Truth and Consequences: Clouds and Virtualization
|
|
Advanced Malware Sinkholing
|
Dell SecureWorks
|
Ransomware Attacks!
|
F-Secure
|
The Evolution of the ZeroAccess Botnet
|
Nokia
|
BYOD: Productivity vs. Privacy - and at What Cost?
|
|
Cyber Security, Technology and Social Networking in Crisis Management
|
|
Emerging Conflicts in Identity Space
|
The FIDO Alliance
|
New German BYOD Security and Infrastructure Solutions
|
|
Data Analysis and Visualization for Security Professionals
|
|
Resolving the Security Risks Between Consumer Shadow IT and Enterprise IT
|
|
NSA Suite B Crypto, Keys, and Side Channel Attacks
|
|
Studio: When State Actors and Cybercriminals Join Hands
|
|
Brain Drain: Solving the Cyber Talent Deficit Threatening Federal Networks
|
|
Making the Cloud a Secure Extension of Your Datacenter
|
|
Indian Airlines Flight 814 - Hijack Mission Failed
|
|
The First 48: The Early Hours of Incident Response
|
|
How Gaming Can Make a Better World
|
|
Building Your Own Central Intelligence System in the Real World
|
|