Breaking Closed Systems with Code-Signing and Mitigation Techniques
Code signing is abundant in the enterprises and consumer space. This session will review the current landscape showing attacks against several open (Windows, Android, Mac) and close
All Posts (2678)
Sort by
…But Now I See—A Vulnerability Disclosure Maturity Model
Someone politely knocks on your door and reports that there’s a hole in your wall big enough for a person to climb through. You immediately threaten legal action. Crazy? In the world of vuln r
Linguistic Passphrase Cracking
With the constant increase of availability of processing power comes the need for longer passwords and hence the need for usage of passphrases in order to remember them. But are passphrases really safe? This session wi
Hacking a Professional Drone
Professional drones are now actively used across various industries to perform daily critical operations. In this awareness session, Nils Rodday will perform a live hack which exploits vulnerabilities of the professional
Autonomous Hacking: The New Frontiers of Attack and Defense
Vulnerability analysis has largely been a process that requires substantial human expertise. However, very recently there has been a push for completely autonomous hacking systems, which ca
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Ever wondered how to find bug fixes residing in Microsoft patches? In this presentation we will take a look at the tools and techniques used to reverse engineer Microsoft secu
Braking the Connected Car: The Future of Vehicle Vulnerabilities
In this presentation, analysts from Kelley Blue Book’s Automotive Industry Insights will illustrate how the connected car is quickly becoming an unrestricted playground for cyberthreat
Securing Today’s Online Kids
Technology is an amazing enabler for kids today, but it also brings unique risks. This interactive talk will cover the top three risks facing kids online today, and what parents can do to help protect them. This talk is
AppSec Awareness: A Blueprint for Security Culture Change
How does an individual change the application security culture of an organization? By deploying an application security awareness program with engaging content, humor and recognition. See the
People-Centric Security: Transform Culture, Reduce Risk, Drive Success
This session links security culture and program performance, providing tools and guidance that will enable attendees to measure, manage and transform their own organizations’ sec
Securing the “Weakest Link”
Security professionals often call people “the weakest link.” We claim that they'll always make mistakes, however hard we try, and throw up our hands. But the simple truth is that we can help people do well at a wide varie
Using Behavioral Psychology and Science of Habit to Change User Behavior
Why is it so hard to make users adopt security best practices? The answer lies in human psychology. In this talk the speaker shall explain the “Habit Cycle” and why habits are
Train Like You’re Going to Fight—What Kind of Exercise Meets Your Needs?
Cyber-exercises can be used to hone skills, build teams and practice procedures. With several different types of exercises available, which is the right type to achieve your ob
The Art of Hacking a Human
This session will review security techniques on how to navigate different personalities using traditional hacking techniques. Determine what “operating system” they are running. What patches are in place? What vulnerabilit
Proactive Measures to Mitigate Insider Threat
The threat posed by rogue insiders affects every organization worldwide. The difficulties in balancing employees’ legitimate need to access corporate data along with the need to compartmentalize access a
NSTAC Report to the President on the Internet of Things
Detailed Presentation:
(Source: RSA USA 2016, San Francisco)
Building an Android Scale Incident Response Process
The Android ecosystem has over one billion active devices from hundreds of OEMs and carrier networks. The Android Security Team will explain how the ecosystem is able to respond quickly and effecti
Upwardly Mobile: Looking at Evolving Cybercrime Tactics in Mobile Malware
This session will cover two key trends in mobile malware observed over the past 12 months and explore the evolution in fraud-linked mobile malware where criminals are developi
Finding Triggered Malice in Android Apps
Traditional techniques to detect malice in Android apps struggle to identify trigger-based changes to application logic. Unfortunately, such triggers are a key component of targeted malware, where the trigger
How to Analyze an Android Bot
This presentation will demonstrate a complete end-to-end analysis of an Android bot. This will include the decompilation and static analysis of bot code and the dynamic analysis of the bot’s behavior in a controlled san
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
Atlanta Chapter Meet: Build the Pen Test Maturity Model (Virtual Session)
- Description:
The Atlanta Pen Test Chapter has officially begun and is now actively underway.
Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
- Created by: Biswajit Banerjee
- Tags: ciso, pen testing, red team, security leadership
The Insider Risk Summit (West)
- Description:
- Created by: pritha
- Tags: insider risk summit, monterey, california
