Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY
 
Beekman
Add R for Security Data Analytics to your personal schedule
1:30pm R for Security Data Analytics Bhaskar Karambelkar (Ernst And Young)
Sutton North
Add Secure Coding Practices and Automated Assessment Tools to your personal schedule
9:00am Secure Coding Practices and Automated Assessment Tools Bart Miller (University of Wisconsin-Madison), Elisa Heymann (University of Wisconsin-Madison)
Add Virtualized Service Chained Security Controls within a Layer 2 SDN - Hands On Workshop to your personal schedule
1:30pm Virtualized Service Chained Security Controls within a Layer 2 SDN - Hands On Workshop John Studarus (JHL Consulting), Cynthia Thomas (Midokura)
Sutton South
Add Applying Container and Docker Security to your personal schedule
9:00am Applying Container and Docker Security Ben Hall (Katacoda | Ocelot Uproar)
Add Web Security Analysis toolbox to your personal schedule
1:30pm Web Security Analysis toolbox Ido Safruti (PerimeterX), Amir Shaked (PerimeterX)
Regent
Add Finding the Vulnerability First and Fast to your personal schedule
9:00am Finding the Vulnerability First and Fast Kevin Poniatowski (Security Innovation)
Add Cyber crises: Bridging the response gap between the board and the front line to your personal schedule
1:30pm Cyber crises: Bridging the response gap between the board and the front line Venky Anant (McKinsey and Company), Joy Smith (McKinsey and Company)
10:30am Morning break | Room: Foyer
3:00pm Afternoon break | Room: Foyer
12:30pm Lunch | Room: Rhinelander
Add Ignite Security (sponsored by Adobe) to your personal schedule
6:30pm Ignite Security (sponsored by Adobe) | Room: Sutton Center & South
5:00pm Dinner | Room: On your own
9:00am-12:30pm (3h 30m) Security usability
Reversing the Killchain - An Actionable Framework for Defending Against Common Threats
Amanda Berlin (NetWorks Group)
Everyone talks about the cyberkill chain(tm). Along with it comes abundant misinformation and scare tactics. Instead of scaring you we'll focus on the most effective steps you can take to protect your organization from the vast majority of threats by breaking down the actions along with defensive mitigation and monitoring.
1:30pm-5:00pm (3h 30m) Tools and processes
R for Security Data Analytics
Bhaskar Karambelkar (Ernst And Young)
This talk will go over the options available in R for data analysis as it relates to Information Security. We will focus on three key areas a) general introduction to R, b) statistical and machine learning with R, and c) data visualization with in R. This tutorial will enable a security researcher to add R to his/her tool belt and also familiarize with statistical/machine learning techniques.
9:00am-12:30pm (3h 30m) Teachable moments
Secure Coding Practices and Automated Assessment Tools
Bart Miller (University of Wisconsin-Madison), Elisa Heymann (University of Wisconsin-Madison)
This tutorial is relevant to anyone wanting to learn about minimizing security flaws in the software they develop or manage. We share our experiences gained from performing vulnerability assessments of critical middleware. You will learn skills critical for software developers and analysts concerned with security.
1:30pm-5:00pm (3h 30m) Tools and processes
Virtualized Service Chained Security Controls within a Layer 2 SDN - Hands On Workshop
John Studarus (JHL Consulting), Cynthia Thomas (Midokura)
Using virtualization and SDN, software defined networking, traffic can be service chained through multiple security functions (WAF, DDOS, IDS/IPS) without the overhead and complexity of layer 3 networking. Using open source cloud security tools, this functionality will be demonstrated.
9:00am-12:30pm (3h 30m) Tools and processes
Applying Container and Docker Security
Ben Hall (Katacoda | Ocelot Uproar)
Docker offers a lot of advantages, simplifying both development and production environments. But there is still uncertainty around the security of containers. During this hands-on tutorial, Ben will share his experiences and help you investigate Docker and container security.
1:30pm-5:00pm (3h 30m) Security analytics
Web Security Analysis toolbox
Ido Safruti (PerimeterX), Amir Shaked (PerimeterX)
In this tutorial we will cover data analysis tools that any web security analyst should be familiar with in his daily work. Tools like ELK, BigQuery, python and helpful online services. These tools can help you dive into and analyze incidents on your web application and network, and help you get alerted when an attack starts.
9:00am-12:30pm (3h 30m) Teachable moments
Finding the Vulnerability First and Fast
Kevin Poniatowski (Security Innovation)
This workshop is designed to instruct participants how to decrease the time it takes to find common web vulnerabilities while also decreasing the risk of an OWASP Top 10 vulnerability making it into the production server by collecting useful data that will help participants focus on where the vulnerabilities are hiding. Bring a laptop. This is a hands-on event!
1:30pm-5:00pm (3h 30m) Bridging business and security
Cyber crises: Bridging the response gap between the board and the front line
Venky Anant (McKinsey and Company), Joy Smith (McKinsey and Company)
The lack of transparency between executive decisions and those who implement them can muddle the response to a fast-moving cyber crisis. This tutorial will simulate a crisis and elicit a response from both board/executive members and front-line responders in isolation, giving participants an opportunity to question, challenge, and ultimately improve the harmony between the respective approaches.
10:30am-11:00am (30m)
Break: Morning break
3:00pm-3:30pm (30m)
Break: Afternoon break
12:30pm-1:30pm (1h)
Break: Lunch
6:30pm-8:00pm (1h 30m) Event
Ignite Security (sponsored by Adobe)
If you had five minutes on stage, what would you say? What if you only got 20 slides and they rotated automatically after 15 seconds? Would you pitch a project? Launch a website? Teach a hack? We’ll find out again at this year's Ignite Security.
5:00pm-6:30pm (1h 30m)
Break: Dinner