9:00 - 10:00

registration opens

(on a desktop) hover over the schedule for more information about the training

10:00 - 11:00

opening remarks, rumblings, ruminations, and rants

you won't want to miss it

Saturday 11:00 - 11:25


A foundational element of innovation in today’s app-driven world is the API.  APIs are a critical part of modern mobile, SaaS and web applications and can be found in customer-facing, partner-facing and internal applications. By nature, APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this have increasingly become a target for attackers. 

Training Room 150
BOLA, IDOR, MA, BFLA. Welcome to the OWASP API Top 10!
Adam Fisher

OpenAI talked about the theoretical abuse cases for large language models - we will prove their fears to be legitimate. In this talk we'll explore the use of language models to generate synthetic phishing emails, and build chat-bots to add a personal touch to malware delivery.

Training Room 213/209
It Is The Year 200, We Are Robots
Will Pierce

Saturday 11:30 - 11:55


Poor password habits often lead to system compromise.  The Roberts family has authored an open source tool called “The Domain Password Audit Tool (DPAT)” and will be presenting how it can be used to understand weak password use. The discussion will include background information on password hashing and how password cracking is accomplished by attackers.

Training Room 150
The Domain Password Audit Tool
Carrie Roberts
Darin Roberts
Cameron Roberts

Covering a Windows evasion technique called “RIPlace” that when used to maliciously alter files, bypasses most existing ransomware protection technologies. EDR products are blind to this technique, meaning these operations will not be visible for future incident response and investigation purposes.

Training Room 213/209
Rendering Ransomware Detection and EDR Products Blind
Rene Kolga

LUNCH 12:00 - 1:00

Women in Tech Lunch
All are welcome but women will be seated first. Lunch is provided!
Room capacity is 50. Come early!

Click here for bios

Room 203
Come and hear from two leading women in the tech industry.
Jamie Dalton
Tiffany Peterson

Saturday 1:00 - 1:25


This session will cover my story of transitioning from a Mattress Salesman to a Security Analyst. Anyone can make it in this industry if you have the drive and passion.  Attend if you're still deciding on which path in infosec to take.

Training Room 150
From Mattress sales to Infosec soldier
Chriss Hansen

Explore the power behind software defined contextual analysis in the cloud that allows DevOps and Security teams to be more proactive without disrupting their day to day operations. 

Training Room 213/209
Cloud-Based Contextual Analysis as Code
Erkang Zheng

Saturday 1:30 - 1:55


Having trouble getting execs to buy into the idea of security? This talk is a crash course in getting business buy-in to securing your organization, and getting user buy-in, too. I'll share some spreadsheet tools that will help the business understand the value of security and see return on investment for security tools and personnel.

Training Room 150
$how Me the Money! (Getting Business Buy-in)
Carlotta Sage

Today, organizations rely heavily on TLS and other encryption protocols to protect data inside and outside their network boundaries.  To achieve crypto-agility, organizations must not only be able to quickly respond to mass certificate replacement events but must also be able to demonstrate policy compliance of all certificates and identify any anomalies.

Training Room 213/209
Crypto-Agility: Responding Quickly to Cyber Security Events
Dave Brancato

Saturday 2:00 - 2:25

Typically Industrial Control Systems are air-gapped, meaning no connectivity to the internet AT ALL. Industrial sites are now focusing on ability to remotely manage and aggregate data for analysis.  Done correctly, this yields positive results for your organization.

Let's Get Cyberphysical: Securely Bridging The Air Gap
Mike Curnow 
Training Room 150

Nearly every business today is a software business.  If unauthorized changes are made to this software, either deliberately by a bad actor, or accidentally through employee mistake, there could be severe consequences for the business.

Training Room 213/209
How to Use Code Signing to Protect your Critical Software Infrastructure
Eddie Glenn

Saturday 2:30 - 2:55


MineMeld is an open source, extensible Threat Intelligence processing framework.  In this session you'll learn how to install MineMeld and set up common configurations. We'll also cover adding new and custom sources and how to integrate outputs into your tools.

Training Room 150
MineMeld - there's gold in them thar hills!
Jason Reverri

Saturday 3:00 - 3:25


As technology and software industries continue to grow at a breakneck pace, my infrastructure has moved to the cloud, and Code Rules Everything Around Me. Application security has become critical to get right. This session will cover how to jumpstart your application security program. 

Training Room 150
Jumpstarting Your Appsec Program
Julia Knecht 
Jacob Lords

Saturday 3:30 - 3:55


SSH keys are widely used in every enterprise to provide privileged administrative access. Poor SSH key management practices expose businesses to costly security risks. Learn how to take SSH keys from an operational liability to a security asset.

Training Room 150
SSH Keys: Security Asset or Liability?
Bart Lenaerts

4:00 - 5:00

closing remarks, rumblings, ruminations, and rants

thanks for joining us