Have you ever wanted to hack a satellite? Yeah me too but where do you get started? Ever thought "maybe I can build something"? Then this is the talk for you. In this talk, we will cover the challenges faced, the creative engineering, and all the compromises made along the way, in building an hands on CubeSat lab. Included in this talk is all the resources needed to replicate the effort along with the incredible lessons learned during the process.
CISOs are tasked with securing a spiraling business whirlwind that can change direction at any moment however the current overarching Business Strategy rarely takes security under consideration, can’t articulate their desired Security Risk posture and Security operational model, and don’t really know what they want from their CISOs. CISOs know full well that everything they do will be heavily scrutinized, and ultimately, they will pay the price for things that are not necessarily under their control. To that end, many take the approach of checking compliance boxes and following “Best Practice”, and while this approach may provide a blanket to cover one’s back side it is ineffective security practice. In this session, Yaron Levi, 2x CISO, a Cloud Security Research Fellow and an advisor to several VCs and security start-ups, will challenge conventional thinking and the notion of “following best practices” and will share his vision about approaches that reimagine how we practice our craft and help our organizations properly manage risk.
Learn about threat hunting.
This session will explore what Security Technical Implementation Guides (STIGs) are and why they are crucial for robust cybersecurity. We will present examples of essential tools used to achieve and maintain STIG standards. We will demonstrate how to use OpenSCAP for security assessment and review its automation capabilities to streamline processes and enhance security management.
Looking for ways to protect your DevOps pipeline from hackers, bugs, and co-workers? We'll cover the foundational concepts of CI/CD, its purpose, and why it's critical for faster time-to-market, improved code quality, and increased collaboration. Learn about the risks and attack vectors for DevOps and gain valuable insights from real-life case studies. Our experts will provide you with the best practices and security tools to maximize the benefits of CI/CD while ensuring a safe pipeline. Don't miss this opportunity to learn key knowledge and strategies for achieving uninterrupted, secure, and efficient continuous delivery!
This presentation delves into the critical issue of common network misconfigurations in large organizations as highlighted by a joint cybersecurity advisory from the NSA and CISA. Focusing specifically on Microsoft Active Directory (AD), the talk explores the top 10 security vulnerabilities that cyber actors often exploit. Participants will gain a understanding of how these misconfigurations work in AD environments and the best practices for mitigating them. This presentation is essential for IT professionals and security administrators seeking to enhance their cybersecurity posture against sophisticated threats.
Taming the Vulnerability Beast: Turning Raw Scans into Actionable Insights Forget overwhelming vendor reports! This session empowers you to transform vulnerability scan data into consumable intelligence for your teams. We'll dive into: Validation is Key: Learn to validate scan findings with light testing, ensuring accuracy before raising alarms. Data Wrangling for Impact: Harness the power of pivot tables to categorize vulnerabilities and prioritize remediation efforts. Building Confidence: Small, actionable steps build trust and empower both vulnerability management and remediation teams. Bonus Round (Time Permitting): Discover advanced asset discovery techniques leveraging nmap, routing tables, and DHCP logs. This session equips you to maximize the effectiveness of your vulnerability management program, leading to faster remediation and a more secure environment.
Ghidra is already a well known and widely used platform for reverse engineering. Ghidra provides a platform for plugin development and use. A lot of the work for RE, however, is done manually via researchers each time they RE. This talk enables researchers into a glimpse of what is possible with Ghidra plugins by discussing the philosophy of what can be automated and done via plugins to prevent toil and improve efficiency. This talk and demo aims to enhance researchers knowledge of the possibilities of Ghidra and its Plugin System by walking through how to build a Plugin to aid in reverse engineering Gameboy games and the information embedded in them, which provides a fun and unique view into what is possible with Ghidra Plugins. The talk aims to lay the groundwork on common use-cases researchers encounter in Ghidra, potentially automating some of those factors, and looking at what can be implemented. It may be difficult to view all the potential use-cases in an abstract way, so what better way to show a use-case than by walking through the development of a plugin and use of it for extracting information out of a Gameboy game and how to develop the plugin that does so.
Explore the Purple Ascent Framework, a structured approach to enhance your purple team's capabilities. Learn to select the right TTPs for your goals, leveraging existing frameworks for maximum impact. Ready for the climb?
Open-source software is a huge part of the security community. There's open-source tooling in use by defensive teams, offensive teams, development teams, and more. Additionally, there's audit and compliance risks of open-source. There are also security perspectives and an attack surface that need to be considered when organizations use open-source software. Overall, lots of companies, teams, and individuals use open-source software (OSS). It's usually summarized as free, public code software that people can use and do what they want. However, the world of open-source software is a lot more complex than one may initially think. There are contribution guidelines, benevolent dictators for life (BDFL), licensing complexities, and a whole lot more. This talk aims to explore open-source from both sides: a consumer and a contributor. The talk allows a deeper dive into what it takes to contribute to popular open-source projects as well as the types of communities and realities that develop around open-source and the projects that live in the open-source realm.
Large Language Models (LLMs), such as ChatGPT and Bard, have revolutionized natural language understanding and generation and offer immense potential, but their security vulnerabilities can pose significant risks. This talk outlines how organizations can leverage SecOps best practices to secure LLMs. We emphasize the importance of a holistic approach, integrating security considerations throughout the LLM lifecycle, from training data hygiene to deployment and monitoring. The talk highlights the role of automation tools in fortifying the training pipeline. Techniques like data sanitization and adversarial training can be automated to mitigate bias, data poisoning, and prompt injection attacks. Continuous Integration/Continuous Deployment (CI/CD) pipelines can streamline secure deployments, enabling rapid integration of security patches and updates. Furthermore, this talk underscores the value of DevSecOps practices and how organizations can proactively identify and address security concerns throughout the LLM development process by fostering collaboration between developers, security professionals, and operations teams. This collaborative approach ensures that security becomes an inherent aspect of LLM development, fostering a more robust and trustworthy AI ecosystem.
Hackers are always looking for new and creative ways to disguise their malicious phishing links as something benign. This is both to better bypass spam filters as well as to better trick their victims. This session will cover several interesting and tough to detect link obfuscation techniques to include RFC1738 abuse, alternate IPv4 representation, homoglyphs, and open redirects.
This is a gentle introduction to some of the more intimidating aspects of Computer Science - type theory, formal methods, software proofs, and verification. These concepts can help us develop software that is more robust and difficult to exploit.
"Zero trust architecture" is a term frequently abused by sales professionals and ridiculed by practitioners, but very few of them have sat down and read NIST SP 800-207. Join Ross Brunner for a chat about NIST's definition of ZTA and how we can move from the ridicule and abuse of ZTA toward a more secure architecture.
Heritage designs live on for a long time. I purchased a product that contained an old microprocessor that is now 'end of life' (not being officially manufactured). It intrigued me as it is a custom design (not ARM, MIPS, etc) and there did not seem to be any available devices to program or interact with it. In this talk I will review this microprocessor and how I found it to be vulnerable to a read-out protection bypass. In addition I will discuss a proof-of-concept that I recently released, Arduino code to interact with the microprocessor as well as a Ghidra processor definition that can be used to disassemble dumped firmware.
We are in a new space race. Not one to be the first to the moon, or even, Mars, but rather for companies, big and small, to stake their claim to the heavens above. Access to space was previously limited to nation states and their cohort of aerospace companies but that is not the case any longer. With the proliferation of nano satellites and rapidly reduce launch costs, the ability to put a system in space has never been cheaper. In this talk we look at some of the foundational issues with securing space systems. We will look at historical events that have taken place and project forward to look at what the future could hold in terms of cyber security in space. Lastly, this talk will give attendees the information and resources needed to start their own journey to be able to build and play with technology that is flying right now.
We will present our research supporting USAFA Senior Design Capstone projects. Partnered with AQUINTAS and USAFA, we are looking into Wireless Power Transfer (WPT). Qi, specifically, security vulnerabilities. We have uncovered affordability aspects, unexpected measurable distances, and limitations in mitigations such as using certificates. This research mixes the realms of electronic warfare, emissions security, firmware/software integrations, and the like.
My top 7 items that we are doing wrong with cybersecurity leadership and how we can improve it.
Join me for an overview of how domain registration and DNS resolution work. This talk is targeted at professionals who are early in their career and I hope this will help people of all skill levels have a better understanding of a fundamental and critical Internet service. I will provide an overview of registrars, registries, how they work together, zones, delegation, resolution, common recordset types, and common DNS problems. I will also cover some of the challenges associated with enumerating DNS records when performing discovery for security testing.
In the realm of cybersecurity, awareness videos, phishing campaigns, and social engineering training are critical components for protecting our assets. However, a key element is often missing: the human element. The expectation that employees will prioritize company security without feeling that the company cares about their personal security is causing a decline in overall engagement with security practices. This is particularly concerning given the increasing frequency of security breaches and issues reported in the media. In this talk, we will explore the importance of making security awareness training personal first and company-focused second. By prioritizing the individual needs and concerns of employees, we can foster a deeper interest and engagement in cybersecurity awareness. Our approach will demonstrate how a personal investment in security can translate into a more committed and vigilant workforce, ultimately enhancing the company’s overall security posture.
In this presentation, Ashley Fairman, Founder & CEO of DICE Cyber, LLC, delves into the critical intersection of cybersecurity and mergers and acquisitions (M&A). Speaking from 5 M&A experience at Google, this talk emphasizes the often-overlooked cyber threats that can significantly impact M&A transactions, offering attendees valuable insights, lessons from real-world case studies, best practices, and actionable guidance to mitigate these risks.
The landscape of API management is undergoing a profound transformation, propelled by emerging trends that promise to revolutionize how organizations interact with their digital ecosystems. This talk will discuss the transformative power of AI-powered threat detection, which proactively identifies and neutralizes malicious activity before it can disrupt operations, and the concept of self-healing APIs, capable of autonomously diagnosing and resolving issues, ensuring consistent uptime and optimal performance as well as the role of Web Application and API Protection (WAAP) solutions in fortifying this future-proofed API ecosystem, providing an additional layer of defense against ever-evolving cyber threats. You will walk away with an understanding on how to secure API using WAAP and how existing API security methodology are possibly weak and do not always one size fit all.
Coming Soon!
Featured at ICS Village DEFCON 32
Disclaimer: The conference schedule is subject to change without notice due to unforeseen circumstances. Attendees are advised to regularly check for updates on the official conference platform. We apologize for any inconvenience this may cause.