Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Track 3 - Room A2 [clear filter]
Thursday, April 26

11:00 ADT

The Increasingly Sophisticated Threat Landscape
The security threat landscape is constantly in flux as attackers evolve their skills and tactics. Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world. Using our visibility into the threat landscape we are constantly analyzing new attacks against our customer’s networks. During this talk I will examine various threats that Talos has examined over the last year to show how attackers are continually becoming more sophisticated. Understanding how these actors are evolving and how they are targeting networks is vital to protecting your network. For example, many people do not consider DNS worth monitoring yet we discovered the DnsMessenger attack that solely utilized DNS messages for its C&C and data exfiltration. Other attacks have been very destructive such as the Nyetya supply chain attack that crippled the Ukraine causing 100’s of millions in damage. Wormable malware has become commonplace as seen in WannaCry, Nyetya, Bad Rabbit, Olympic Destroyer. Only by understanding the evolving threat landscape an the attack vectors that threat actors are using can people begin to harden their networks against these increasingly sophisticated attacks.

avatar for Earl Carter

Earl Carter

Threat Researcher, Cisco Systems
Earl Carter has always had a passion for solving puzzles and understanding how things operate. Mr Carter quickly learned that identifying security weaknesses is just like solving puzzles. Almost 20 years ago, he was introduced to network security when he accepted a position at the... Read More →

Thursday April 26, 2018 11:00 - 11:45 ADT
Track 3 - Room A2

13:00 ADT

Canaries in a Coal Mine - Using Honeypots to Detect Lateral Movement
The same way canaries have been used to detect toxic gases in mines, the cyber-canaries are invaluable in detecting lateral movement on enterprise networks. With the constant barrage of breaches occurring today, organizations must focus on early detection beyond the walls of their network perimeter if they are to stave off attacks and further data loss.

This presentation will discuss the following:
- Provide information on the use of honeypots, specifically Canaries to detect lateral movement on networks following a breach.
- Difference between traditional honeypots such as honeyd and canaries
- Use-cases using OpenCanary with demonstrations and examples of attack scenarios including some well known breaches such as Target orHome Depot.

avatar for Peter Morin

Peter Morin

Director, Cybersecurity and Privacy, PwC
Peter is a Director in PwC's Cybersecurity and Privacy consulting practice. He is a senior cyber security professional with over 20 years of experience focusing on information security risk management, cyber threat incident response, threat hunting, malware analysis, and computer... Read More →

Thursday April 26, 2018 13:00 - 13:45 ADT
Track 3 - Room A2

14:00 ADT

Educating the Next Generation of Canada’s Cybersecurity Leaders
Best known for its innovative Blue Kit, which provides a low-cost Internet of Things (IoT) educational starter kit helping students understand the fundamentals of IoT, Blue Spurs is one of the leading IT consulting firms in Canada.  

According to Cybersecurity Ventures, by 2021 there will be 3.5 million cybersecurity jobs unfilled around the world. After a couple years of success with the Blue Kit, the company is now expanding cloud education to the topic of cybersecurity. Through its partnership with CyberNB, Blue Spurs just launched a new cybersecurity educational module. Located in Canada’s cybersecurity headquarters - New Brunswick, which was the first province to develop a comprehensive cybersecurity strategy, Dawson, Head of Technology at Blue Spurs, will share best practices for educating K-12 and post-secondary students in two major technology focus areas that will shape the future of Canada’s reputation as a leader in cloud technology.
Session key takeaways include:
·         Fundamentals of building a cybersecurity education program for students and young professionals.
·         Why now is the optimal time to educate the next generation of technology leaders.
·         Major national cybersecurity trends that are being shared with students that will impact the future of Canadian IT.

avatar for Dawson Mossman

Dawson Mossman

Head of Technology, Blue Spurs
Dawson has more than 15 years in technical leadership. His expertise led to senior development positions at Bulletproof Solutions and PQA. Prior to his current role, Dawson acted as the Head of Development for Lashpoint Consulting. During this time, he led the development of many... Read More →

Thursday April 26, 2018 14:00 - 14:45 ADT
Track 3 - Room A2

15:00 ADT

Advanced Attackers Hiding Inside Encrypted Traffic at the Endpoint
Advanced attackers are always looking for ways to stay hidden. The growing use of traffic encryption — over 50% of Web traffic today is encrypted — provides a simple trick for attackers to hide their threats and communications channels. Exploit kits, malware, adware, callbacks, as well as command & control channels leverage encrypted communications to infiltrate organizations and exfiltrate information. 
Look into encrypted traffic, without the need for a proxy or additional agents and ensure full coverage of threats hiding within covert channels. SentinelOne extends EPP capabilities to provide an integrated workflow from visibility & detection to response & remediation. The single agent, single console architecture provides deployment simplicity and operational agility to improve productivity and minimize business impact of threats.
In this session:
- Explore and expose threats hiding inside encrypted traffic at the endpoint
- Discover Autonomous Detection and Response to formerly “unseeable” threats
- Live Attack Demonstration, Investigation and Remediation

avatar for Jared Phipps

Jared Phipps

Vice President of Worldwide Sales Engineering, SentinelOne
Jared Phipps has been involved in cybersecurity professionally since 2001, and is passionate not only about technology, but also with effective use of technology to solve real problems. Jared is the Vice President of Worldwide Sales Engineering at SentinelOne, where he gets to use... Read More →

Thursday April 26, 2018 15:00 - 15:45 ADT
Track 3 - Room A2

16:00 ADT

Turbo Charging Discovery: An Introduction to Offensive Golang
It has been said that in the coming years, being able to run tools will not be enough, and that penetration testers will need to learn/know how to code. There's lots of Python and Ruby code out there, but there's one thing that it doesn't do that well: scale. This talk covers how Golang can scale out to cover discovery quickly, using native features.

avatar for Scott Walsh

Scott Walsh

Senior Threat Intelligence Researcher, SecurityScorecard
An ill tempered, mostly recovered, former systems administrator who now does threat intelligence work for SecurityScorecard. His goal is to help make the Internet a better place by empowering others to break things at scale.

Thursday April 26, 2018 16:00 - 16:45 ADT
Track 3 - Room A2
Friday, April 27

09:15 ADT

An Introduction to Wireless Hacking
This talk will go into the basics of hardware and software suites needed to capture, analyze, and crack WEP and WPA/WPA2 WiFi passwords.

avatar for Grant Boudreau

Grant Boudreau

Cyber Security Consultant, MNP
Grant Boudreau is a Cyber Security Consultant for MNP LLP. He holds a Bachelor degree in Information Technology – Network Management from Cape Breton University, is an OSCP and OSWP graduate from Offensive Security, and has several other industry certifications. Grant has a passion... Read More →

Friday April 27, 2018 09:15 - 10:00 ADT
Track 3 - Room A2

10:15 ADT

Red Meets Blue: Strengthening Defense through Offense
This talk will introduce the concept of internal red teams and the unique value and insight that can be gleamed from the formation such internal teams. We will delve in to methods organizations can employ to leverage red team skillsets beyond traditional exercises, in order to provide more value. The talk will also discuss general operating models and integration considerations between offensive and defensive teams within enterprise environments.

avatar for Milos Stojadinovic

Milos Stojadinovic

Director of Cyber Security Assessments, Royal Bank of Canada
Milos Stojadinovic is Director of Cyber Security Assessments at the Royal Bank of Canada. His primary focuses are on red teaming, penetration testing, and other offense geared services. He holds a bachelors degree in information sciences (specializing in information security) and... Read More →

Friday April 27, 2018 10:15 - 11:00 ADT
Track 3 - Room A2

11:15 ADT

The Chrome Crusader – Browser Extension Malware Development
Crusade into the wild world of malicious browser extensions. You will learn how to do keylogging, cookie stealing, credential harvesting and building a C&C server allowing you to execute arbitrary JavaScript remotely of your choosing. We will also be talking about CORS (Cross-Site Resource Sharing) and some interesting quirks with the browser extension environment. If you are a front-end developer and you want to dive into malicious code this would be the best way to start learning.

avatar for Lilly Chalupowski

Lilly Chalupowski

Cyber Security Analyst, GoSecure
Lilly works with GoSecure on Threat Intelligence and started her journey being mostly self-taught making hacking tools in her spare time. Chameleon (custom base64 steganography), Badger (DLL Security Enumeration including ASLR Entropy), Dirty-Needle (DLL Injection Tool) and more... Read More →

Friday April 27, 2018 11:15 - 12:00 ADT
Track 3 - Room A2

13:00 ADT

Advancing the Next Disruption in Security through Integration
Securing sensitive, protected data has never been more challenging. Email remains the leading attack vector due to evolving techniques combined with sophisticated social engineering skills. CISOs, CIOs and their security teams struggle to prevent attackers from breaching their organizations and targeting employees. Proofpoint and Palo Alto Networks developed API integrations to combine their super powers for defeating cyber criminals with a perfect balance of protection, detection, threat visibility and orchestration. Join us the learn how the two best-of-breed and leading security companies united their platform offerings, resulting in comprehensive protection without complexity.

avatar for Luigi Avino

Luigi Avino

Sr. Sales Engineer, Proofpoint
Luigi Avino is a Sr. Sales Engineer at Proofpoint, Inc. He is responsible for helping customers implement smarter strategies for their corporate security.  Luigi specializes in people centric security, focused on email, social, brand protection, mobility, and SaaS security.  Luigi... Read More →
avatar for Victor Tavares

Victor Tavares

Sr. Manager, Systems Engineering, Palo Alto Networks
Victor Tavares leads the Systems Engineering organization for Palo Alto Networks in Canada, where he is responsible for the customer and partner facing SE team. Victor has more than 20 years of experience in the networking and information security industry and he has worked with most... Read More →

Friday April 27, 2018 13:00 - 13:45 ADT
Track 3 - Room A2

14:00 ADT

Friday April 27, 2018 14:00 - 14:45 ADT
Track 3 - Room A2

15:00 ADT

One Citizen, One Password - How the State of Louisiana streamlined and secured digital services for its residents
The State of Louisiana, which serves more than 4 million citizens, took a challenge around an outdated system and created the opportunity to establish a foundation for citizen services. The need to improve and transform a dated Medicare and Medicaid enrollment system turned into an opportunity to change the way software was developed. Instead of creating a monolithic application, the team decided to embrace the application economy and design a new service-oriented system that could accommodate a broad range of citizen services. The team quickly realized a fragmented customer experience is not acceptable in the application economy. The State of Louisiana did not want citizens to have to remember separate passwords for every service provided by the state, so they created a central platform that all agencies could share. Each citizen will use a single identity and password to access services.

Like the State of Louisiana, many governments are taking services online to provide 24-7 access and better service at lower cost—while also optimizing the experience for the end user. And to inspire others, the IT team in Louisiana published the architecture. This type of digital transformation is reshaping the image of government as a model for bureaucracy to government as a center for innovation. The State of Louisiana is breaking stereotypes around government agencies and outdated technology as they transform their IT systems to provide customers with the digital experience they expect.

The team at the State of Louisiana understands that interacting with government systems should be intuitive, informative and easy. That’s why the State of Louisiana created an IT architecture that will anticipate the technologies of tomorrow while addressing constituents’ needs today.

Key advantages include:
- Fraud Prevention  
- Citizen submits a Permit Request and Securely Routes Request for Approval
- Permits filtered with security intelligence

avatar for James Alt

James Alt

Enterprise Application Architect, State of Louisiana
avatar for Dustin Glover

Dustin Glover

Chief Information Security Officer, State of Louisiana
avatar for Matthew Vince

Matthew Vince

Director of Project Management, Louisiana Office of Technology Services

Friday April 27, 2018 15:00 - 15:45 ADT
Track 3 - Room A2