Confessions of An Info Sec NewbiAbstract: Many of us in the security community have heard the saying RTFM (Read The [Friendly] Manual) as advice given to someone starting their security career. In Confessions of an Infosec Newbie, Ell Marquez will share the story of her journey, starting from tackling Security+ to starting the path into the world of DFIR, long before she has felt ready to do so. In this presentation, you will learn to tackle everything from facing impostor syndrome to facing your first attack. Sharing the lessons she has learned along the way and the tools and techniques that have made the experience more accessible than one would have ever imagined.
Some Parties are Fun, 3rd Parties are NotAbstract: From code snippets to browser plugins to entire cloud-based ecosystems, we trust an uncountable number of 3rd parties to keep our data secure and private. The time to question “should we” has long passed as our modern work and lifestyles demand this level of integration, so now we must look at how to assess our personal and company risks as we look at the plethora of options available to us with a suspicious eye.
Social Engineering 101Abstract: We have often received warnings and training to guard against social engineering attacks in the cyber world, and as a result, we begin to think that we know the tactics and won't fall for an attacker's lies. Unfortunately, history shows us that this training does not prepare us for a well-planned attack. After all, if it did, how would a 58-year-old woman with no cybersecurity experience have been able to compromise a correctional facilitates' network operations center? The truth is simple no matter how prepared you think you are; you can quickly become a target of a pregnant woman just needing a bit of your help or a college kid who bumps into you as he rushes to a job interview, leading to credit fraud, identity theft, or even an intrusion to your company by way of your personal data. Defending ourselves only takes a small amount of time, and it will keep you from becoming the next cautionary tale.
Somebody's Watching YouAbstract: Many of us are quite familiar with "If we are not paying for a product, we are the product," but these days it seems we're the product no matter what! Many of us rely on applications and services every day without thinking that we have permitted them to watch every move we make, from websites to our phones to simply trying to shop for groceries in a physical store. On top of all this, the advent of literal tracking devices such as Tile and Air Tags means collecting and exploiting every aspect of our daily routines is easier than ever. Let's learn how it's being done, and what we can do to stop it!
Defending Against SRE with SREAbstract: Site Reliability Engineering can save critical time for companies by ensuring that they have scalable, highly available systems from day one. Unfortunately, what's not often considered in the process is how security plays into the picture. The answer is simple; through collaboration between security teams and engineers, companies can go beyond the traditional implementation of security tools and create strategies specific to their environments, offering security from the ground up.
The Fallacy of DevSecOpsAbstractAs 70% of all vulnerabilities are on the application level, there is no question that developers play a crucial role in a company’s security. Since the current workflow separates developers from security teams, it is difficult to effectively work towards the common goal of a secure environment. These two teams must establish a strategy that enables both to succeed without impeding each other. Join us while we explore how threat modeling provides a clear and concise way to ease communications and develop a manageable process that reduces workload and strengthens a company’s security posture.
Network Fundamentals Being competent in Linux How the Web Works
Intro To Offensive Security Hacking Windows w/ EternalBlue