SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Schedule"

Difference between revisions of "Schedule"

From BruCON 2016

Jump to: navigation, search
(Keynote Speakers)
 
(232 intermediate revisions by 7 users not shown)
Line 1: Line 1:
=Keynote Speakers=
+
__NOTOC__
 +
{| border="1" width="100%" style="text-align:center;"
 +
| The completed schedule is available on '''http://sched.brucon.org/grid-full'''
 +
|-
 +
|}
  
'''Haroon Meer (Thinkst.com, South-Africa) -- You and your research'''
+
 +
=General Information=
  
Haroon is a well-known security researcher who has recently started his own venture with Thinkst.com, an applied research company. He is also involved with ZACON, a security conference in South-Africa.
+
* '''Registrations start at 8h30!'''
Haroon is a frequent speaker at conferences such as Blackhat, Defcon, etc.
+
* Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
 +
* Workshop rooms in the location '''Novotel Ghent (Orval, Chimay, La Trappe)''' are 5 minutes walking from the main venue
 +
* Workshop seats are limited. '''Reserved seats get in until 5 min before the workshop. After that it is first come, first in.'''
 +
* Read our important instructions on [[how to use SCHED.org]]!
 +
* This schedule is subject to change, check back regularly.  
  
What does it take to do quality research? What stops you from being a one-hit wonder? Is there an age limit to productive hackery? What are the key ingredients needed and how can you up your chances of doing great work? In a talk unabashedly stolen from far greater minds we hope to answer these questions and discuss their repercussions.
+
'''Talks:'''
 
 
 
'''Alex Hutton (Verizon Business, United States)'''
 
  
Alex is a principal in the Verizon Business RISK intelligence team and has been one of the driving forces behind the VERIS (Verizon Risk Information Sharing) Framework and their yearly Databreach Investigations Report (DBIR). He is involved with the SIRA podcast and frequently presents on risk management and data-driven security at conferences such as Blackhat and Source.
+
* Building a Successful Internal Adversarial Simulation Team - Chris Nickerson and Chris Gates
 +
* What Does the Perfect Door or Padlock Look Like? - Deviant Ollam
 +
* New Adventures in Active Defense, Offensive Countermeasures and Hacking Back - John Strand
 +
* NO EASY BREACH:Challenges and Lessons Learned from an Epic Investigation - Matthew Dunwoody
 +
* Decepticon The Rise and Evolution of an Intelligent Evil Twin…!!! - Rushikesh Nandedkar, Amrita Iyer and Krishnakant Patil
 +
* Hello to the Dark Side: Understanding YOUR Adversaries without All Those Expensive Threat Intel Tools" - L. Grecs
 +
* Security through design - Making security better by designing for people - Jelle Niemantsverdriet
 +
* Esoteric Web Application Vulnerabilities - Andres Riancho
 +
* Invoke-Obfuscation: PowerShell obFUsk8tion Techniques - Daniel Bohannon
 +
* Virtual Terminals, POS Security and becoming a billionaire overnight - Grigorios Fragkos
 +
* Hacking KPN: Lessons from the trenches - Jeremy Goldstein and Bouke van Laethem
 +
* Scraping leaky browsers for fun and passwords - Stefaan Truijen, Adrian Toma
 +
* Smart Sheriff, Dumb Idea. The wild west of government assisted parenting - Abraham Aranguren, and Fabian Fäßler
 +
* Anti-Forensics AF - DualCore
  
'''Jaron Lanier (Microsoft, United States)'''
 
  
Jaron is a pioneer in the realm of virtual reality and currently works as a principal architect for Microsoft’s Extreme Computing lab. He is the author of the 2010 bestseller “you are not a gadget” and has given talks at conferences around the world on virtual reality and the impact of social networks and web 2.0.
+
'''Workshops:'''
  
'''Due to time constraints Jaron will not be able to attend the conference. Instead we are organizing for him to deliver his keynote talk through a video link. We're still privileged to have Jaron on-board for our 2011 edition!'''
+
* The Control Things Workshop - Justin Searle
 +
* Hacking The Enterprise - Nathan Magniez and Wim Remes
 +
* Brewcon - Chris Lytle
 +
* Hunting Malware with osquery at scale - Erik Waher, Jackie Bow, and Nick Anderson
 +
* Analyzing Malicious Office Documents - Didier Stevens
 +
* Incident Response Workshop - Maxim Deweerdt and Erik Van Buggenhout
 +
* Crowdsourced Malware Triage - Sergei Frankoff and Sean Wilson
 +
* How to securely build your own IoT enabling embedded systems - Jens Devloo, Jean-Georges Valle and Vito Rallo
 +
* 802.11 Leakage: How passive interception leads to active exploitation - Solomon Sonya
 +
* Putting a lock around your containers with Docker Security Primitives - Nils De Moor
  
=Workshops=
 
  
  
'''Agnitio: the security code review Swiss army knife (David Rook - Security Ninja)'''
+
Final times for talks are still being finalised.
 
 
Its static analysis, but not as we know it
 
 
 
'''Collective Malicious PDF Analysis (Brandon Dixon - x0ner)'''
 
 
 
Going beyond one sample at a time
 
 
 
'''Script Kiddie Hacking Techniques (Ellen Moar & Colin McLean)'''
 
 
 
How a script kiddie can copy and paste their way to effective hacks
 
 
 
'''The Web Application Hacking Toolchain (Jason Haddix - jhaddix)'''
 
 
 
web hacking made better
 
 
 
'''White Hat Shellcode: Not for Exploits (Didier Stevens)'''
 
 
 
Learn to use shellcode for defense
 
 
 
'''Beer brewing (TBD)'''
 
 
 
'''Lockpicking (TBD)'''
 
 
 
'''VOIP (TBD)'''
 
 
 
'''RFID (TBD)'''
 
 
 
=Presentations=
 
 
 
 
 
''' Ripping Out Code: Practical Attack Surface Reduction for Open Source Systems (Craig Balding)'''
 
 
 
'''Abusing Locality in Shared Web Hosting (Nick Nikiforakis - nikifor)'''
 
 
 
'''Botnet Identification and remediation (Barry Irwin)'''
 
 
 
Cleaning up in your own back yard
 
 
 
'''Botnets and Browsers - Brothers in a Ghost Shell (Aditya K Sood)'''
 
 
 
'''iOS Data Protection Internals (Andrey Belenko)'''
 
 
 
'''The 99¢ heart surgeon dilemma (Stefan Friedli)'''
 
 
 
How to fix penetration testing
 
 
 
'''Pushing in, leaving a present, and pulling out without anybody noticing (Ian Amit)'''
 
 
 
Data Exfiltration in highly secure environments
 
 
 
'''Social Engineering Like In The Movies (Dale Pearson)'''
 
 
 
The reality of awareness and manipulation
 
 
 
'''Smart Phones – The Weak Link in the Security Chain (Nick Walker - tel0seh)'''
 
 
 
Hacking a network through an Android device
 
 
 
'''Enterprise Wi-Fi Worms, Backdoors and Botnets for Fun and Profit (Vivek Ramachandran)'''
 

Latest revision as of 13:33, 18 October 2016

The completed schedule is available on http://sched.brucon.org/grid-full


General Information

  • Registrations start at 8h30!
  • Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
  • Workshop rooms in the location Novotel Ghent (Orval, Chimay, La Trappe) are 5 minutes walking from the main venue
  • Workshop seats are limited. Reserved seats get in until 5 min before the workshop. After that it is first come, first in.
  • Read our important instructions on how to use SCHED.org!
  • This schedule is subject to change, check back regularly.

Talks:

* Building a Successful Internal Adversarial Simulation Team - Chris Nickerson and Chris Gates
* What Does the Perfect Door or Padlock Look Like? - Deviant Ollam
* New Adventures in Active Defense, Offensive Countermeasures and Hacking Back - John Strand
* NO EASY BREACH:Challenges and Lessons Learned from an Epic Investigation - Matthew Dunwoody
* Decepticon The Rise and Evolution of an Intelligent Evil Twin…!!! - Rushikesh Nandedkar, Amrita Iyer and Krishnakant Patil
* Hello to the Dark Side: Understanding YOUR Adversaries without All Those Expensive Threat Intel Tools" - L. Grecs
* Security through design - Making security better by designing for people - Jelle Niemantsverdriet
* Esoteric Web Application Vulnerabilities - Andres Riancho
* Invoke-Obfuscation: PowerShell obFUsk8tion Techniques - Daniel Bohannon
* Virtual Terminals, POS Security and becoming a billionaire overnight - Grigorios Fragkos
* Hacking KPN: Lessons from the trenches - Jeremy Goldstein and Bouke van Laethem
* Scraping leaky browsers for fun and passwords - Stefaan Truijen, Adrian Toma
* Smart Sheriff, Dumb Idea. The wild west of government assisted parenting - Abraham Aranguren, and Fabian Fäßler
* Anti-Forensics AF - DualCore


Workshops:

* The Control Things Workshop - Justin Searle
* Hacking The Enterprise - Nathan Magniez and Wim Remes
* Brewcon - Chris Lytle
* Hunting Malware with osquery at scale - Erik Waher, Jackie Bow, and Nick Anderson
* Analyzing Malicious Office Documents - Didier Stevens
* Incident Response Workshop - Maxim Deweerdt and Erik Van Buggenhout
* Crowdsourced Malware Triage - Sergei Frankoff and Sean Wilson
* How to securely build your own IoT enabling embedded systems - Jens Devloo, Jean-Georges Valle and Vito Rallo
* 802.11 Leakage: How passive interception leads to active exploitation - Solomon Sonya
* Putting a lock around your containers with Docker Security Primitives - Nils De Moor


Final times for talks are still being finalised.