A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Irongeek.com

            Welcome to Irongeek.com, Adrian Crenshaw's Information Security site (along with a bit about weightlifting and other things that strike my fancy).  As I write articles and tutorials I will be posting them here. If you would like to republish one of the articles from this site on your webpage or print journal please e-mail me. Enjoy the site and write us if you have any good ideas for articles or links.

Adrian

News/Change Log

11/29/2017 SecureWV/Hack3rcon2017
These are the videos of the presentations from Secure West Virginia 2017. Thanks to Justine, Tim, Morgan, Kevin, Todd & Roy for helping record.

Intro
Benny Karnes

Fighting Advanced Persistent Threats with Advanced Persistent Security
Ira Winkler

Coming Up with the Next Wave of Cyber Innovations-Start by Thinking 1ns1d3 th3 B0x
Ernest Wong

I survived Ransomeware.... Twice
Matt Perry

Value of threat intelligence
Stealthcare

SDR & RF Hacking Primer
Andrew Bindner

Digital Forensic Analysis: Planning and Execution
John Sammons

Intro to WireShark
Josh Brunty

Secrets of Superspies
Ira Winkler

Total Recall: Using Implicit Memory as a Cryptographic Primitive
Tess Schrodinger

IoT Panel
RCBI

Hillbilly Storytime - Pentest Fails
Adam Compton

Hackers, Hugs and Drugs
Amanda Berlin

FLDigi - E-mail over Packet Radio
Aaron West and Rob West

From junk to jewels: Destruction is the key to building
Branden Miller & Audrey Miller

SCAP: A Primer and Customization
Scott Keener

Security Through Ansible Automation
Adam Vincent

Vehicle Forensics: An Emerging Source of Evidence
John Sammons

Network Forensics using Kali Linux and/or SANS Sift
Josh Brunty

911 DDOS
Dianiel Efaw

Pi's, Pi's and wifi
Steve Truax

Technical Testimony: Doing the Heavy Lifting for the Jury
John Sammons

Emergent Gameplay
Ron Moyer

Closing

10/28/2017

GrrCON 2017 Videos
These are the videos of the presentations from GrrCON 2017. Big thanks to EggDropX and Jaime for having me out, and my video crew  (paint27, Erick, & brettahansen) for recording.

Ghast

STRATEGIES ON SECURING YOU BANKS & ENTERPRISES. (FROM SOMEONE WHO ROBS BANKS & ENTERPRISES FOR A LIVING!)
Jayson E Street

Population Control Through The Advances In Technology…
Chris Roberts

(sorry for the music in back ground)

You Got Your SQL Attacks In My Honeypot
Andrew Brandt

3rd Party Data Burns
Arron "Finux" Finnon

Morphing to Legitimate Behavior Attack Patterns
Dave Kennedy

Stealing Domain Admin (or How I Learned to Stop Worrying and Love the CSSF
Jerod Brennen

Oops! Was that your pacemaker?
Charles Parker, II

10 Cent Beer Night: The World we now Live In
Johnny Xmas

Realizing Software Security Maturity: The Growing Pains & Gains
Mark Stanislav & Kelby Ludwig

Cyber, Cyber, Cyber - Using the killchain to accomplish something
Amanda Berlin

An Employee, their Laptop and a Hacker walk into a Bar
Shannon Fritz

Eye on the Prize - a Proposal for Legalizing Hacking Back
Adam Hogan

I've got a (Pocket) Bone to pick with you
Dr Phil Postra

Gig

Topic depends on number of federal agents in audience
Atlas of Doom

Embedding Security in Embedded Systems
Dr. Jared DeMott

National Guard for Cyber? How about a Volunteer Cyber Department?
Ray Davidson

Red Team Yourself
Thomas Richards

An Attack Pathway Into Your Organization? Reducing risk without reducing operational efficiency
David Adamczyk

Pen Test War Stories - Why my job is so easy, and how you can make it harder
Aaron Herndon

Skills For A Red-Teamer
Brent White & Tim Roberts

ProbeSpy: Tracking your past, predicting your future
stumblebot

vAp0r and the Blooming Onion
Justin Whitehead & Jim Allee

A GRReat New Way of Thinking about Innovating for Cyber Defense (and even Cyber Offense)
Ernest "Cozy Panda" Wong

Threat Intelligence: Zero to Basics in presentation
Chris J

Learning from InfoSec Fails
Derek Milroy

A Reporter's Look at Open Source Intelligence
Hilary Louise

Hidden Treasure: Detecting Intrusions with ETW
Zac Brown

The Black Art of Wireless Post-Exploitation
Gabriel "solstice" Ryan

Mi Go

Change is Simply an Act of Survival: Predicting the future while shackled to the past
Bil Harmer

Dissecting Destructive Malware and Recovering from Catastrophe
Bryan York

Infosec State of Affairs: Too much Kim Kardashian - not enough Malcolm Gladwel
Jim Wojno & Dan Kieta

How do you POC? Are you really testing a product
Ken Donze

Tales From The Trenches: Practical Information Security Lessons
Michael Belton

Securing the Internet of Things (IoT) -Through Security Research and Vulnerability Analysis
Deral Heiland

The Future of Cyber Security
Anthony Sabaj

Building a Usable Mobile Data Protection Strategy
David "Heal" Schwartzberg

Software Defined Segmentation
Matt Hendrickson

The Shuttle Columbia Disaster: Lessons That Were Not Learned
Joel "I love it when they call me Big Poppa" Cardella

Infrastructure Based Security
Chris Barnes

Defending The De-funded
Keith Wilson

Real-World Red Teaming
spartan

We got it wrong
Wolfgang Goerlich

Critical Incident: Surviving my first layoff by applying BCP/DRP Principles
Tom Mead

9/25/2017 Derbycon 7 Videos
I still have a lot of work to do, but here are the Derbycon 2017 videos. Working on fixing major audio sync issues as I can. Big thanks to my video jockeys Some Ninja Master, Glenn Barret, Dave Lauer, Jordan Meurer, Brandon Grindatti, Joey, nightcarnage, Evan Davison, Tim Sayre, Morgan, Ben Pendygraft, Steven (SciaticNerd), Cory Hurst, Sam Bradstreet, MadMex, Curtis Koenig, Jonathan Zentgraf, James Hurst, Paint27, Chris, Lenard.
9/21/2017 Derbycon Streams
This page links to the streams for the different tracks when we start streaming Friday from Derbycon.
9/19/2017

Louisville Infosec 2017
Below are the videos from the Louisville Infosec 2017 conference. Thanks to all the video volunteers for helping me record.

Building an Infrastructure to Withstand
David Kennedy

Learning Crypto By Doing It Wrong
Jeremy Druin

A Needle in the Cloud
Michael Leigh

How to make your next audit less awful: Compliance by Default
Tom Kopchak

Strengthening the Human Firewall
Alexandra Panaretos

Of Flags, Frogs & 4chan: OPSec Vs. Weponized Autism
Adrian Crenshaw

The Enemy Within - Detecting and Mitigating Insider Threats
Justin Wilkins

Assessing POS Devices for Tampering
Chris Gida

Or How I Learned to Stop Worrying and Love the ...
Robert L. Brown

The Edge of Normal
Mark Loveless

Measuring Cyber Risk with Open FAIR
Apolonio "Apps" Garcia and John Zuziak

Investigating Malware using Registry Forensics
Jason Hale

Defeating the Modern Cyber Attacker
Travis Funkhouser

Show me the Money! Using the CIS Critical Security Controls to procure funding for your security program
Carla Raisler

6/24/2017

BSides Cleveland 2017 Videos
These are the videos from the Bsides Cleveland conference. Thanks to djaj9, , justinschmitt &  as the video team. Thanks to twuntymcslore & RockieBrockway for being con mom & dad.

Morning
 Keynote
Wendy Nather

Better manual web application testing through automation
Brian Mead

Blue-Teamin' on a Budget [of Zero]
Kyle Bubp

PANDA, walking loud in the cloud
Logan Hicks, Seth Hall, Kelsey Hightower, Laura Taylor, Doug Burks

Diary of a Security Noob
TJ Toterhi

Delete Yourself: Cognitive Bias during incidence response
Dru Streicher

Enterprise Monitoring From Zero
Andrew Johnson

What They're Teaching Kids These Days
Rob Olson, Chaim Sanders

Mid-Day Keynote
Ben Ten

IoT Device Pentesting
Erik Daguerre

Cyber, Cyber, Cyber - Using the killchain to accomplish something
Amanda Sullivan Berlin

Decentralization For Security and Freedom: A Discussion of Asymmetric and Decentralized Technologies
Tom Pieragastini

Getting back to the old school
Jamie Murdock

The Python in the Apple
Spencer McIntyre

Quantifying Security's Value - It Can Be Done!
Arianna Willett

Building your Human Firewall
Christopher Jones, John Winkler

Spy vs. Spy - Tips from the trenches for red and blue teams
Thomas McBee, Jeff McCutchan

Eye on the Prize - a Proposal for Legalizing Hacking Back
Adam Hogan

Choose Django for Secure Web Development
Vince Salvino

MacOS - An easy exploit 2-ways.
Cody Smith

Bypassing Next-Gen Tech
David Kennedy

Hacking in Highschool: Inspiring the next generation of security professionals
Michael Benich

Afternoon Keynote
John Strand

6/17/2017 ANYCon 2017 Videos
These are the ANYCon videos. Thanks to Tyler & Erin for inviting me down to record. Also thanks to the AV crew Chris, Bryan, Conner, Nigel, Ben, Dan & Joe.

ANYCon: Year One Kick-Off
Tyler Wightson

Keynote: Industry Of Change
Dave Kennedy

The Changing Landscape of Cyber Security and Training the New Generation of Cyber Warriors
Sanjay Goel

OWASP Top 10: Hacking Web Applications with Burp Suite
Chad Furman

Hacking Politics: Infosec in Public Policy
Jonathan Capra and Rashida Richardson and Shahid Buttar

Sniffing Sunlight
Erik Kamerling

Noob 101: Practical Techniques for AV Bypass
Jared Hoffman

Jedi Mind Tricks: People Skills for Security Pros
Alex DiPerna

Red Team Yourself
Thomas Richards

Jumping the Fence: Comparison and Improvements for Existing Jump Oriented Programming Tools
John Dunlap

The Stuffer
Sean Drzewiecki and Aaron Gudrian and Dr. Ronny L. Bull

Big Data's Big Problems
Jeanna Neefe Matthews

VLAN hopping, ARP Poisoning and Man-In-The-Middle Attacks in Virtualized Environments
Dr. Ronny L. Bull

Bringing Home Big Brother: Personal Data Privacy in the Surveillance Age
Todd Brasel and Michele Warner

Measuring the Efficacy of Real-Time Intrusion Detection Systems
Jeffrey Richard Baez

To SIEM or not to SIEM: an Overview
Chris Maulding

Let's Play Defense at Cyber Speed
Duncan Sparrell

Real Security Incidents, Unusual Situations
Adam Dean

Incident Response Evolved - A Preventative Approach to Incident Management
Aaron Goldstein

Thinking 1nside-the-B0x: Cyber Defense and Deterrence via How Hackers Think
Lieutenant Colonel Ernest Y. Wong

Making Friends for Better Security
Alexander Muentz

Does DoD Level Security Work in the Real World?
Jeff Man

The Road to Hiring is Paved in Good Intentions
Tim O'Brien

Whose Idea Was That? Comparing Security Curriculums and Accreditations to Industry Needs
Robert Olson and Chaim Sanders

Hacks, Lies, & Nation States
Mario DiNatale

Hold my Red Bull: Undergraduate Red Teaming
Jonathan Gaines

Ermahgerd: Lawrs
Prof. Robert Heverly

So You Want To Be A H6x0r, Getting Started in Cybersecurity
Doug White and Russ Beauchemin

DIY Spy Covert Channels With Scapy And Python
Jen Allen

InfoSec Career Building Through Reserve Military Service
Dan Van Wagenen

A Day in the Life of a Security Analyst
Marc Payzant and Ken Oliver and Aneesa Hussain

Breaking is Bad: Why Everyone at This Conference Will be Unemployed
Reg Harnish

6/11/2017 Circle City Con 2017 Videos
These are the Circle City Con videos. Thanks to the staff for inviting me down to record. Big thanks to @irishjack, @0DDJ0BB, @Ajediday, Jim, @securesomething Mike, @KitWessendorf, fl3uryz, InfaNamecheap, Chris and other for helping set up AV and record.

Opening Ceremonies

Opening Keynote: Words Have Meanings
Dan Tentler

And the Clouds Break: Continuity in the 21st Century
Wolfgang Goerlich

DNS Dark Matter Discovery - There's Evil In Those Queries
Jim Nitterauer

Tales from the Crypt...(analyst)
Jeff Man

Trials and Tribulations of setting up a Phishing Campaign - Insight into the how
Haydn Johnson

Everything is Not Awesome: How to Overcome Barriers to Proper Network Segmentation
Jason Beatty

Talky Horror Picture Show: Overcoming CFP Fears
Kat Sweet

Fuzzing with AFL
Adam DC949

Cybersecurity for real life: Using the NIST Framework to protect your critical infrastructure
Ryan Koop

Why is the Internet still working?
James Troutman

Effective Report Writing for Security Practitioners
Benjamin Robinson

The Decision Makers Guide To Managing Risk
Joel Cardella

Application Security Metrics
Caroline Wong

Security Training: Making Your Weakest Link The Strongest
Aaron Hnatiw

Network Security? What About The Data?
0ddj0bb 0ddj0bb

Detecting DNS Anomalies with Statistics
Jamie Buening

It's A Disaster!
Cheryl Biswas

OSINT And Your World A Love Story
Michael James

Network manipulation on video games.
Alex Kot

Threat Intelligence: Zero to Basics
Chris J

The Kids Aren't Alright: Security and K-12 Education in America
Vivienne Pustell

Ph'ing Phishers
JAe

How To Be Curious
Bret Mattingly

Of Flags Frogs 4chan OPSec vs Weaponized Autism
Adrian Crenshaw

The State of Security in the Medical Industry
Cannibal (billy)

Open Sesamee
Max Power

See beyond the veil: Automating malicious javascript deobfuscation
Chad Robertson

Changing our future with 3D Printing
Emily Peed

You're not old enough for that: A TLS extension to put the past behind us
Falcon Darkstar Momot

We Don't Always Go Lights and Sirens
Kendra Cooley

Ichthyology: Phishing as a Science
Karla Burnett

Creating Your Own Customized Metamorphic Algorithm
Raul Alvarez

Peakaboo - I own you: Owning hundreds of thousands of devices with a broken HTTP packet
Amit Serper

Ye Olde Hacking
Johnny Xmas

Closing Keynote: Lectures or Life Experiences - Awareness Training that Works!
Tottenkoph & Cindy Jones

Closing Ceremonies

6/9/2017

ShowMeCon 2017 Videos
These are the videos ShowMeCon 2017. Thanks to Renee & Dave Chronister (@bagomojo) and others for having me out to record and speak. Also thanks to my video crew @r3tr0_cod3x Aaron, Jon and some other people I may have forgotten.

Data Loss Prevention in a Social Media World
Phllip Tully

Royal Testing: Purple teaming to build and secure applications better!
Kevin Johnson

Dark Web Economies (...and you can too!)
Johnny Christmas

DIY CTF - How to gain momentum on your security awareness program by hosting a CTF
Matt Thelan

Deconstructing Chaos: …through "Behavioral Detection"
Daniel Stiegman

Something Died Inside Your Git Repo: Recognizing the Smell of Insecure Code
Cliff Smith

REVERSING A POLYMORPHIC FILE-INFECTING RANSOMWARE
Raul Alvarez

The Beginner's Guide to ICS:  How to Never Sleep Soundly Again
Dan Bougere

Windows IR made easier and faster - Find the head of the snake using AutoRuns, Large Registry Keys, Logs, IP/WhoIs and Netflow
Michael Gough

Homebrew powershell: Where to begin with Data Sources and baseline data.
Andrew Metzger

Where Cypherpunk Meets Organized Crime: The Shifting Landscape of Underground Economies and Crypto-driven Privacy
Ben Brown

VR-Bleeding Edge of Development and Technology-But Are We Making Old Mistakes?
Arnar Gunnarson

F@$#IN Trojans! An Interactive Impromptu Talk on Our Most Dangerous Threat
Parameter

Kick starting an application security program
Tim De Block

Of Flags, Frogs & 4chan: OPSec vs. Weaponized Autism
Adrian Crenshaw

Intro to Threat Hunting
Aaron Mog

Panel Title: The Good, the Bad, and the Ugly: HIPAA in an InfoSec World
Hudson Harris

How to Patch Stupid - A Modern Approach To Securing Users
Joshua Crumbaugh

When Molehill Vulnerabilities Become Mountainous Exploits
Igor Matlin

Dear Blue Team, This is why I always win. Love, A Hacker
Dave Chronister

How I Inadvertently Outsourced My IT Job to a Fancy Bear
Tim MalcomVetter

5/21/2017

NolaCon 2017 Videos
Recorded at NolaCon 2017. Thanks to @CurtisLaraque, Federico, Morgan, & Ken for the video recording help, and @nola_con, @erikburgess_, Yvonne & Rob for having me down to record.

Does DoD Level Security Work in the Real World?
Jeff Man

Hacking the IoT: A Case Study
Nancy Meares Snoke and Phoenix Snoke

Going past the wire: Leveraging Social Engineering in physical security assessments
"Snow" Stephanie Carruthers

Hurt Me Plenty: The Design and Development of Arganium
Todd Carr

Easy Indicators of Compromise: Creating a Deception Infrastructure
David Kennedy

Arming Small Security Programs: Network Baseline
Matt Domko

Make STEHM Great Again
David Schwartzberg

Designing and Implementing a Universal Meterpreter Payload
Brent Cook

EDNS Client Subnet (ECS) - DNS CDN Magic or Secur
Jim Nitterauer

Rooting out evil: defend your data center like the Secret Service protects the President
Nathaniel Gleicher

Attacking Modern SaaS Companies
Sean Cassidy

The Unbearable Lightness of Failure
Dave Lewis

Phishing for Shellz: Setting up a Phishing Campaign
Haydn Johnson

Iron Sights for Your Data
Leah Figueroa

Security Guards -- LOL!
Brent White & Tim Roberts

Embrace the Bogeyman: Tactical Fear Mongering for Those Who Penetrate
FuzzyNop

Skynet Will Use PsExec: When SysInternals Go Bad
Matt Bromiley & Brian Marks

The Devil's Bargain: Targeted Ransomware and Its Costs
Joshua Galloway

22 Short Films About Security
Charlie Vedaa

Security is dead. Long live Infosec!
David Shaw

An Employee, their Laptop and a Hacker walk into a Bar
Shannon Fritz

Beyond OWASP Top 10
Aaron Hnatiw

Scamming the Scammers: Hacking scammers with pwns
Nathan Clark

 
5/13/2017 BSides Detroit 2017 Videos
These are the videos from the BSides Detroit 2017 Conference. Thanks to Ryan Harp (@th3b00st), Dan Falk (@dnfalk), Wolfgang Goerlich (@jwgoerlich), Matt Johnson (@mwjcomputing), Kyle Andrus (@chaoticflaws), Kate Vajda (@vajkat) and Chris Maddalena (@cmaddalena) for having me out and Samuel Bradstreet, Daniel Ebbutt, Luke Gorczyca, James Green,  David Sornig, Steven Balagna, Brandon Robinson, Brett Hansen, Briee de Graaf, Nick Papa, Brandon Azer  and others I may forget for helping to record.

Moving Towards Maturity: 5 Issues InfoSec Must Address
Jim Beechey

Plotting Hackers: Visualizing Attack Patterns
Kent Gruber

STEHM is the new STEM
David Schwartzberg

Hacking with Ham Radios: What I have learned in 25 years of being a ham.
Jay and Jerome Radcliff

Navigating Career Choices in InfoSec
Fernando Montenegro

Windows Event Logs - Zero to Hero
Nate Guagenti / Adam Swan

Network Security? What about the Data?
Jack Hatwick

ProbeSpy: Tracking your past, predicting your future
Ian Odette

Playing in Memory: Examples of User Theivery and Hunting for Malware
Kyle Andrus

The AppSec Starter Kit
Timothy De Block

An Employee, their Laptop and a Hacker walk into a Bar
Shannon Fritz

Estimating Development Security Maturity in About an Hour
Matt Clapham

5/12/2017 Converge 2017 Videos
These are the videos from the Converge Information Security Conference. Thanks to Wolf for having me out and Sam, Samuel Bradstreet, Daniel Ebbutt, Luke Gorczyca, James Green,  David Sornig, Steven Balagna, Brandon Robinson, Brett Hansen, Amanda Ebbutt, Nick Papa, Brandon Azer  and others I may forget for helping to record.

You Are Making Bad Decisions and You Should Feel Bad
Joel Cardella

Violent Ruby: A Talk for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
Kent Gruber

Prioritize Vulnerability Remediation
Amol Sarwate

Stories through Logging: "It was the best of logs, it was the worst of logs"
Tom Kopchak

That Escalated Quickly
Shaun Bertrand

How to kick start and application security program
Timothy De Block

Vectors and Victims: Analyzing vulnerabilities through disease models
Rich Cassara

Threat Modeling 101
Matt Clapham

Prioritizing IT Security Projects for the Business
Martin Bally, Steve Barone, John Beeskow, David Derigiotis, Russ Gordon, John Scrivens

Defending The De-funded
Keith Wilson

How to Transform Developers into Security People
Chris Romeo

You have Updates!...A look at an old tool making a comeback 'Evilgrade'
Reid Brosko

Predicting Exploitability
Michael Roytam

Fast wins for the defense!
Justin Herman

How Much Security Do You Really Need?
Wendy Nather

Tarnished Silver Bullets
Wolfgang Goerlich

A Top 10 List for Better AppSec (Hint: It's Not the OWASP Top Ten)
Dave Ferguson

AppSec Behaviors for DevOps Breed Security Culture Change
Chris Romeo

The 4 Eyes of Information Security
Fernando Montenegro

Practical Security Recommendations from an Incident Responder
Matthew Aubert

You and Your Technical Community
David Giard

Panel - Cyber Security Hiring, Retention, and How to Get the Perfect Job in a Competitive Market

Misbehaving Networks?
Daniel Gregory

Leveraging Vagrant to Quickly Deploy Forensics Environments
Jeff Williams

New School Security: Combat Mindset
Mike Behrmann

4/30/2017 BSidesCharm 2017 Videos
These are the videos BSidesCharm (Baltimore) 2017. Thanks for inviting me down to record

Keynote
Rob M Lee

Clean up on Aisle APT
Mark Parsons

Frony Fronius - Exploring Zigbee signals from Solar City
Jose Fernandez

Weaponizing Splunk: Using Blue Teams for Evil
Ryan Hays

Current State of Virtualizing Network Monitoring
Daniel Lohin & Ed Sealing

The Not So Same-Origin Policy
David Petty

IoT Pressure Cooker What Could Go Wrong
Ben Actis

OPSEC for the Security Practictioner
Michael Clayberg

Automating Bulk Intelligence Collection
Gita Ziabari

I Went Phishing and Caught a Charge – Maryland Law for Pentesters
Joshua Rosenblatt

Imposter Syndrome: I Don't Feel Like Who You Think I Am
Micah Hoffman

The Battle for OSINT - Are you Team GUI or Team Command Line?
Tracy Z. Maleeff & Joe Gray

SOC Panel Keynote

Keynote
Jim Christy

Red Teaming the Board
Robert Wood

The AVATAR Project and You
da_667

Threat Hunting - Thinking About Tomorrow
Tazz

Understanding the Cybersecurity Act of 2015
Jeff Kosseff

Detecting the Elusive: Active Directory Threat Hunting
Sean Metcalf

Microsoft Patch Analysis for Exploitation
Stephen Sims

Arming Small Security Programs: Network Baseline Generation and Alerts with Bropy
Matt Domko

The Cryptography of Edgar Allan Poe
Robert Weiss (pwcrack)

Closing

4/22/2017 BSides Nashville 2017 Videos
These are the videos BSides Nashville 2017. Thanks to @lil_lost for inviting me down to record and being my bodyguard while in Nashville. Big thanks to Geoff Collins, Gabe Bassett, and others for helping set up AV and record.

Mental Health in Infosec: Hackers, Hugs, & Drugs
Amanda Berlin

Got Vendors?
Armin Smailhodzic and Willie Hight

Emerging Legal Trends in Cybersecurity
Rodney Hampton

Trust, But Verify, Your SAML Service Providers
Bruce Wilson

Does DoD Level Security Work in the Real World?
Jeff Man

Abstract Tools for Effective Threat Hunting
Chris Sanders

Infosec Tools of the Trade: Getting Your Hands Dirty
Jason Smith and Tara Wink

How to learn reverse engineering, kick ass at bug bounties, and being a bad ass SOC analyst
ben actis

A Pyrate looks at 40
Adam John

Springtime for code reviews
Ryan Goltry

Marrying Incident Response and Threat Intel Within Your Enterprise
Joe Gray and Ben Shipley

Security Guards -- LOL!
Brent White

Windows Operating System Archaeology
Casey Smithand Matt Nelson

Intro to drone tech
Ron Foster

Weaponizing Splunk: Using Blue Team Tools for Evil
Ryan Hays

Chunky Cookies: Smashing Application Aware Defenses
Russell Butturini

4/7/2017 AIDE 2017 Videos
Recorded at AIDE 2017. Big thanks to Bill Gardner (@oncee) for having me out to record.

The Attack Is Coming From Inside The Refrigerator!
Mark Boltz-Robinson

Human Error and It's Impact on Your Infosec Program
Mike Baker

How to Speak Cat Picture Resiliency -- The ability to make a business case for proactive incident response
Scott Lyons and Joshua Marpet

Learning Cryptography by Doing it Wrong
Jeremy Druin

I Survived Ransomware... TWICE
Matt Perry

How Russia Hacked The Election
Bill Gardner

OS X Forensics
Brian Martin

Making Our Profession More Professional
Bill Gardner

4/1/2017

Cyphercon 2.0 Videos
These are the videos from the Cyphercon 2.0 conference. Thanks to Michael Goetzman for having me out to record, and Paul and Tom for helping record.

Opening Ceremony
CypherCon Organizors

KEYNOTE: STEHM is the new STEM
David "Heal" Schwartzberg

Beyond the Fringe: Anomalies of Consciousness, Experience, and Scientific Research
Richard Thieme

Cluster Cracking Passwords & MDXfind
Robert Reif

A Look Behind the Scenes of DEFCON DarkNet
Ed Abrams (zeroaltitude), Demetrius Comes (cmdc0de)

JavasCrypto: How we are using browsers as Cryptographic Engines
Kat Traxler

Can Cryptography Frustrate Fascism?
Phillip Rogaway

Threat Intelligence 101: Basics without Buzzwords
M4n_in_Bl4ck

Explore Wisconsin Hacker History
Brad Swanson

Brain Based Authentication
Melanie Segado, Sydney Swaine-Simon

The Upside Down: Going from NetSec to AppSec
Cody Florek

Tracking/Monitoring WiFi devices without being connected to any network
Caleb Madrigal

Wireless Capture the Flag
Eric Escobar

KEYNOTE: The History of Video Game Console Hacking
Dan Loosen

Protecting Passwords with Oblivious Cryptography
Adam Everspaugh

A Look Behind the Scenes of DEFCON DarkNet - Part II - Part II
Ed Abrams (zeroaltitude), Demetrius Comes (cmdc0de)

Forensic Deconstruction of Databases through Direct Storage Carving
Dr. Alexander Rasin

Espionage & Soviet MiGs
Dave Roebke

Naked and Vulnerable: A Cybersecurity Starter Kit
Shannon Fritz

Wasn't DLP supposed to fix this?
Amit Riswadkar (FeMaven)

IoT Security Privacy Weaknesses & Ransomware
Rick Ramgattie

Predictive Analytics and Machine Learning: 'Real' Use Cases for IT/Security Professionals
John Platais

From zero to Bender in 12 months, how a software guy turned hardware
Zapp

Badge Panel

Does DoD Level Security Work in the Real World?
Jeff Man

Badges

Closing Ceremony
CypherCon Organizors

3/25/2017 Bloomcon 2017 Videos
These are the videos from the Bloomcon conference.

Strange times we live in:
Alexander Muentz

Real World Examples of IT Risks
Fred Reck

The first 48: All your data are belong to us
Chad Gough & Molody Haase & Jared Sikorski

Deleted Evidence: Fill in the Map to Luke Skywalker
David Pany

The Cox Fight and Beyond: Kodi, the Brave New World of Copyright Infringement, and ISP Liability
Alex Urbelis

What is the size of a sparse file in NTFS
John Riley

Black Box Mac OSX Forensics
Brian Martin

Math and Cryptography
Sam Gross

Road Ahead
Ben Tice

Honey, I Stole Your C2 Server: A dive into attacker infrastructure
Andrew Rector

Building a Scalable Vulnerability Management Program for Effective Risk Management
Katie Perry

New results in password hash reversal
Mark Sanders

Lessons Learned from Pwning my University Aaron Thomas
Aaron Thomas

Windows Event Logs - Zero to Hero
Nate Guagenti & Adam Swan

What Can my Logs Tell me?
Art Petrochenko

A POS Breach Investigation
Kevin Strickland

Abusing Google Dorking and Robots.txt
Dave Comstock

APT-What the heck is an APT?
Bill Barnes

Technological Changes that Affect Forensic Investigations
Diane Barrett

Deceptive Defence
Daniel Negron

Cryptography 0-128
Ben Tice

Sometimes They Are Innocent!
Scott Inch

Securely Deleting Data from SSDs
Stephen Larson

3/11/2017 BSides Indy 2017 Videos

These are the videos from the BSides Indy conference.

Intro

Strategies on Securing you banks & enterprises. (From someone who robs banks & enterprises for a living!)
Jayson Street

Crypto defenses for real-world system threats
Kenneth White

Hardware Hacking: Abusing the Things
Price McDonald

Kick starting an application security program
Timothy De Block

OSINT For The Win - Tools & Techniques to Maximize Effectiveness of Your Social Engineering Attacks
Joe Gray

Physical Phishing, Way Beyond USB Drops!
Rich Rumble

Weaponizing Nanotechnology and hacking humans; 2017 updates :)
Chris Roberts

Make STEHM Great Again
David Schwartzberg

2/25/2017 BSides NOVA 2017 Videos
These are the videos from BSides NOVA 2017.. Thanks to those who manned the video rigs.

AM Key Note
Ron Gula

Using Software Defined Radio for IoT Analysis
Samantha Palazzolo

Imposter Syndrome: I Don't Feel Like Who You Think I Am.
Micah Hoffman

PM Keynote - Tarah Wheeler

How the Smart-City becomes stupid
Denis Makrushin

Won't Get Fooled Again: The expected future of IoT malware and what to do about it.
Blaine Mulugeta

Software Supply Chains and the Illusion of Control
Derek Weeks

"Humans, right?" Soft Skills in Security
Ariel Robinson

Panel | Local Community Cyber Groups in NoVA
Jeremy Duncan

Networking with Humans to Create a Culture of Security
Tracy Maleeff

Why the NTP Security Problem Is Worse than You Think
Allan Liska

Bro, I Can See You Moving Laterally
Richie Cyrus

Panel | Parlaying Education and Experience into an Infosec Career
Forgotten Sec

So you want to be a "Cyber Threat Analyst" eh?
Anthony Melfi

0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On Challenge
Blaine Stancill

Finding a Companies BreakPoint
Zachary Meyers

Challenges and Opportunities: Application Containers and Microservices
Andrew Wild

Cyber Hunt Challenge - Develop and Test your Threat Hunting skills
Darryl Taylor

Anti-Virus & Firewall Bypass Techniques BY Candan BĂ-LÜKBAS
Candan Bolukbas

I'm Cuckoo for Malware: Cuckoo Sandbox and Dynamic Malware Analysis
Lane Huff

2/12/2017 BSides Tampa 2017 Videos
These are the videos from the BSides Tampa conference. Thanks to all of the BSides Crew for having me out to help record and render the videos. Special thanks to my video crew.

Keynote Talk : - Cyber Security in the Age of Espionage
Eric O'Neill (Not posted)

Advanced Targeted Attack.
Andy Thompson

Phishing Pholks Phor Phun and Prophit
Erich Kron

Alert All the Things! (Network Baselines/Alerts with Bro Scripts)
Matthew Domko

Intro to Fuzzing for Fun and Profit
Brian Beaudry

Keynote
Kevin Poulsen (Not Recorded)

Build Your Own Physical Pentesting Go-Bag
Beau Bullock, Derek Banks

NFC Your Smartphone's Best Friend or Worst Nightmare
Shane Hartman

e-Extortion Trends and Defense
Erik Iker

HIPAA for Infosec Professionals
Michael Brown

Deconstructing 100% JavaScript-based Ransomware
Jeremy Rasmussen & Paolo Soto

Mozilla's tips on strong HTTPS
Julien Vehent

Redefining Security in a Cloud-Centric Future
Mike Spaulding & Mitch Spaulding

Securing The Electrical Grid From Modern Threats
Christopher Williams

Securing Agile Development
Alan Zukowski

What I've Learned Writing CTF Challenges
Vito Genoese

Build the capability to Detect, Triage And Respond
Scott Sattler

What the Hell is ICS Security?
Brandon Workentin

Protecting Third-Party Risk From Plundering
Stacey Banks

Protecting Visual Assets: Digital Image Counter-Surveillance Strategies
Nikita Mazurov & Kenneth Brown

ArchStrike Linux
Chad Seaman

Hacking The Sabbath
Jonathan Singer

Chaining The Future: Block Chains and Security
Joe Blankenship

1/16/2017 BSides Columbus 2017 Videos
These are the videos from the BSides Columbus Ohio conference. Thanks to Michael Spaulding for having me up and those who manned the video rigs.

Learning From Pirates of the Late 1600s - The first APT
Adam Hogan

What I Learned About Cybersecurity by Training With US Navy SEALs
Matthew Curtin

Cross Origin Resource Sharing Kung fu
Aditya Balapure

Redefining Security in a Cloud Centric Future
Mike Spaulding

Automating Security in Building Software
Warner Moore

Planning and Executing a Red Team Engagement
Timothy Wright

DNSSec Explained!
Dan Benway

Midwestern Nice - Stereotype or Enterprise Threat?
Valerie Thomas

Information Security Talent Trends to expect in 2017
Megan Wells AJ Candella

12/03/2016 BSides Philadelphia 2016
These are the videos from BSides Philadelphia 2016.

Attacker's Perspective: A Technical Demonstration of an Email Phishing Attack
Zac Davis

Crashing Android phones via hostile networks
Yakov Shafranovich

I'm Cuckoo for Malware: Cuckoo Sandbox and Dynamic Malware Analysis
Lane Huff

How to Find a Company's BreakPoint
Andrew McNicol

What the deuce? Strategies for splitting your alerts.
John T. Myers

Red Team Yourself
Thomas Richards

Keynote
Matt Blaze

Solar Flare - Pulling apart SolarWinds ORION
Rob Fuller

Staying Afloat in a Tsunami of Security Information
Tracy Z. Maleeff

Hunting: Defense Against The Dark Arts
Danny Akacki

Every day is a Zero Day: Building an in-house Secure SDLC program
Tony Reinert

Owning MS Outlook with Powershell
Andrew Cole

A tour through the magical wonderful world of crypto land
Ben Agre

Remote attacks against IoT
Alex Balan

Hacking the Human: Social Engineering Basics
Dave Comstock (sten0)

Where do I start?
Charles Sgrillo II

Top 10 Mistakes Made In Active Directory That Can Lead To Being Compromised
Adam Steed

So you want to beat the Red Team?
Cameron Moore

Hacking Your Way into the APRS Network on the Cheap -- Extended Edition
Mark Lenigan

Threat Intel Analysis of Ukrainian's Power Grid Hack
Nir Yosha

Cryptography Pitfalls
John Downey

Information security and the law
Alex Muentz

Getting Permission to Break Things
William Bailey

"Knowing the Enemy"- Creating a Cyber Threat Actor Attribution Program
Jack Johnson

Red Teaming your Risk Management Framework
Keith Pachulski

Web Application Exploit 101 : Breaking Access Control and Business Logic
Tomohisa Ishikawa

Size Doesn't Matter : Metrics and Other Four Letter Security Words
Jim Menkevich

10/20/2016 SecureWV/Hack3rcon 2016 Videos

These are the videos of the presentations from Secure West Virginia 2016. Thanks to Dave, Justine and Tim for helping record. Sorry for the off audio timings, this is the first time I've used OBS Studio for a con and I was testing new capture gear.

Welcome
Benny Karnes

Keynote
Dave Kennedy

SHALL WE PLAY A GAME. How to make an two player bartop arcade machine with a Raspberry Pi.
Steven Truax

Maker/Hacker Space Panel - RCBI
 

So You Wanted to Work in Infosec
Joey Maresca

Making Our Profession More Professional
Bill Gardner

Special Agent Michelle Pirtle
(not recorded)

So You've Inherited a Security Department, Now What?
Amanda Berlin

SUSpect - A powershell based tool to provide early detection of ransomware and other attack techniques.
Mick Douglas

Building an Infosec Program from Ground Zero: From the Coat Closet to the Data Center
David Albaugh

How to Not Cheat on Your Spouse: What Ashley Madison Can Teach Us About OpSec
Joey Maresca

Windows Timelines in Minutes
Dr. Philip Polstra

Scripting Myself Out of a Job - Automating the Penetration Test with APT2
Adam Compton

WTF? Srsly? Oh FFS! - IR Responses
Mark Boltz-Robinson


Women in Infosec Panel
Adrian Crenshaw
Amanda Berlin
Taylor
Blair Gardner
(not posted)

Securing The Secure Shell, The Automated Way
Adam Vincent

Bitcoin: From Zero to "I get it."
Luke Brumfield

How to hack all the bug bounty things automagically & reap the rewards (profit)!
Mike Baker

Giving Back - Submitting to PTES 101
Jeremy Mio

Closing/Awards
Benny Karnes

Training

Intro to Linux
Benny Karnes

BASH Scripting
Justin Rogosky
(not recorded)

Python Scripting
Adam Byers

Intro to Kali
Wyatt Nutter

Forensics

Evidence Collection
John Sammons

Intro to WireShark
Josh Brunty

Intro to Digital Forensics
John Sammons

Network Forensics using Kali Linux and/or SANS Sift
Josh Brunty

Mobile Forensics An Introduction
Josh Brunty

10/08/2016 GrrCON 2016 Videos
These are the videos of the presentations from GrrCON 2016. Big thanks to EggDropX and Jaime for having me out, and my video crew  (Chris, Erick, & Cooper) for recording.

Thieves

Act Three, The Evolution of Privacy
Finux

Weaponizing Nanotechnology and hacking humans; defining the boundaries
Chris Roberts

Becoming a Cyborg: The First Step Into Implantable Technology
Michael Vieau

Abnormal Behavior Detection in Large Environments
Dave Kennedy

Secure Dicks
Michael Kemp

and bad mistakes I've made a few...
Jayson Street (Only first 30 min)

Predator to Prey: Tracking Criminals with Trojans and Data Mining for Fun and Profit
Ken Westin

Guarding Dinner
J Wolfgang Goerlich

Back to the Future: Understanding our future but following the past
Kevin Johnson

Breaking Android Apps for Fun and Profit
Bill Sempf

Attacking the Hospitality and Gaming Industries: Tracking an Attacker Around the World in 7 Years
Matt Bromiley & Preston Lewis

Security Guards -- LOL! Brent White & Tim Roberts

Pirates

Internet of Things (IoT) radio frequency (RF) Analysis With Software Defined Radio
Kevin Bong

So You Want to Be a Pentester
Absolute0x0

What do you mean I'm pwn'd! I turned on automatic updates!
Scott Thomas & Jeff Baruth

Surreal Paradigms: Automotive Culture Crash
D0xt0r Z3r0

Reversing and Exploiting Embedded Devices (Walking the software and hardware stack)
Elvis Collado

Threat Detection & Response with Hipara
J. Brett Cunningham

Still Broken After All These Years Aka Utility Security For Smarties
Doug Nibbelink

Threat Detection Response with Hipara
J Brett Cunningham

Quick and Easy Windows Timelines with Pyhon, MySQL, and Shell Scripting
Dr. Phil Polstra

Cruise Ship Pentesting OR Hacking the High Seas
Chad M. Dewey

Using Virus Total Intelligence to track the latest Phishing Document campaigns
Wyatt Roersma

Encryption, Mobility & Cloud Oh My!
Bill Harmer

Magnetic Stripes 101
Tyler Keeton

Machine Duping: Pwning Deep Learning Systems
Clarence Chio

Money, Fame, Power - Build your success as a security professional
Nathan Dragun

Tales from the Crypt...(analyst)
Jeff Man

What's in your Top Ten? Intelligent Application Security Prioritization
Tony Miller

Binary Ninja
Jared Demott

Phish your employees for fun!
Kristoffer Marshall

Mad Scientists

Securing Trust - Defending Against Next-generation Attacks
John Muirhead-Gould

Five Nights At Freddys: What We Can Learn About Security From Possessed Bears
Nick Jacob

Make STEHM Great Again
David "HealWHans" Schwartzberg

Pentester-to-customer:I will 0wn your network! - Customer-to-pentester:No, I will make you cry!
David Fletcher & Sally Vandeven

How Do You Secure What You Don't Control
Dimitri Vlachos

Fighting the Enemy Within
Matt Crowe

Getting to the Root of Advanced Threats Before Impact
Josh Fazio

Reality-Checking Your AppSec Program
Darren Meyer

How to Implement Crypto Poorly
Sean Cassidy

Stop attacking your mother's car!
Charles Parker, II

Contracting: Privacy Security and 3rd Party
Nathan Steed & Kenneth Coleman

Alignment of business and IT Security
Shane Harsch

So You've Inherited a Security Department, Now What?
Amanda Berlin

Piercing the Air Gap: Network Steganography for Everyone
John Ventura

On being an Eeyore in Infosec
Stefan Edwards

Welcome to The World of Yesterday, Tomorrow!
Joel Cardella

Board Breaking

9/26/2016

Derbycon 2016 Videos
The link above is where I will be putting presentations from Derbycon 2016 (it will take a few days). Big thanks to my video jockeys Sabrina, Some Ninja Master, Glenn Barret, Dave Lauer, Jordan Meurer, Brandon Grindatti, Joey, Fozy, nightcarnage, Evan Davison, Chris Bridwell, Rick Hayes, Tim Sayre, Lisa Philpott, Ben Pendygraft, Sarah Clarke, Steven (SciaticNerd), Cory Hurst, Sam Remington, Barbie, Chris Bissle (and maybe the speakers too I guess).

9/20/2016

Louisville Infosec 2016 Videos
Below are the videos from the Louisville Infosec 2016 conference. Thanks to all the video volunteers for helping me record. 

Morning Keynote
Chandler Howell
Ryan J. Murphy
John Pollack

The Domain Name System (DNS) - Operation, Threats, and Security Intelligence
Tom Kopchak

Insiders are the New Malware
Brian Vecci

Cloud Security; Introduction To FedRAMP
Sese Bennet

Cloud Access Security Broker - 6 Steps To Addressing Your Cloud Risks
Matt Bianco

Not One Thin Dime: Just Say No to Ransomware!
Mick Douglas

Securing Docker Containers
Chris Huntington

Emerging Governance Frameworks for Healthcare Security
Max Aulakh

Building Our Workforce
Kristen Bell

The Art of Offense and Defense
Mark Loveless

The Current State of Memory Forensics
Jason Hale

Understanding Attacker's use of Covert Communications
Chris Haley

How to Talk to Executives about Security
Harlen Compton

Pen Testing; Red and Blue Working Together
Martin Bos

Data Loss Prevention - How to get the most for your buck
Brandon Baker

The Transition: Risk Assessment > Risk Management
Mike Neal

Darwinism vs. Forensics
Bill Dean

Closing

 

9/11/2016 BSides Augusta 2016 Videos
These are the videos from the BSides Augusta conference. Thanks to Lawrence Abrams, and all of the BSides Crew for having me out to help record and render the videos and Pentestfail and everybody that staffed a recording rig.

Keynote

Keynote - Robert Joyce

Super Bad

Mobile Hacking
Aaron Guzman

Incident Response Awakens
Tom Webb

Dr. Pentester or: How I Learned To Stop Worrying and Love the Blue Team
Ryan O'Horo

Exploit Kits/ Machine Learning
Patrick Perry

Detection of malicious capabilities using YARA
Brian Bell

Owning MS Outlook with Powershell
Andrew Cole

RAT Reusing Adversary Tradecraft
Alexander Rymdeko-Harvey

Internet of Terrible
Brandon McCrillis

I Got You

Using Honeypots for Network Security Monitoring
Chris Sanders

This one weird trick will secure your web server!
David Coursey

This is not your Momma's Threat Intelligence
Rob Gresham

Moving Target Defense: Evasive Maneuvers in Cyberspace
Adam Duby

Beyond Math: Practical Security Analytics
Martin Holste

Exploit Kits and Indicators of Compromise
Brad Duncan

ICS/SCADA Threat Hunting
Robert M. Lee and Jon Lavender

Agilely Compliant yet Insecure
Tom Ruff

It's Too Funky In Here

Gamification for the Win
Josh Rykowski and Scott Hamilton

IDS/IPS Choices: Benefits, Drawback and Configurations
ForgottenSec

Micro-segmentation and Security: The Way Forward
Jack Koons

Adventures in RAT dev
Hunter Hardman

Linux privilege escalation for fun, profit, and all around mischief
Jake Williams

How About a Piece of Pi - Experiences with Robots and Raspberry Pi Hacking
John Krautheim

Flaying out the Blockchain Ledger for Fun, Profit, and Hip Hop
Andrew Morris

Network Situational Awareness with Flow Data
Jason Smith

Living In A America

A worm in the Apple - examining OSX malware
Wes Widner

You TOO can defend against MILLIONS of cyber attacks
Michael Banks

Finding Evil in DNS Traffic
Keelyn Roberts

Ransomware Threats to the Healthcare Industry
Tim Gurganis

Using Ransomware Against Itself
Tim Crothers and Ryan Borres

Hunting: Defense Against The Dark Arts
Jacqueline Stokes, Danny Akacki, and Stephen Hinck

Automating Malware Analysis for Threat Intelligence
Paul Melson

Hide and Seek with EMET
Jonathan Creekmore and Michael Edie

7/17/2016 BSides Detroit 2016 Videos
These are the videos from the BSides Detroit 2016 Conference. Thanks to Wolf for having me out and Chris, Daniel, Daniel, Ed, Ben, Emi, Sam, Adam & Eric and others I may forget for helping to record.

Intro

BSides Keynote
Atlas Of D00m

Car Hacking 0x05
Robert Leale

Learning Security the Hard Way: Going from Student to Professional
Benjamin Carroll

So You Want to Be a Pentester
Calvin Hedler

Sheep, the Shepard, History, and Eugenics - A historical reminder on why personal privacy matters when it comes to the government and corporations in the digital age.
David Schaefer

Emerging Threats
Tazz Tazz (Not posted)

I Have Been to The Future and I Did Not Want to Come Back
Garrett McManaway

How to Build a Home Lab
Chris Maddalena

Vulnerability Management Systems Flawed - Leaving your Enterprise at High Risk
Gordon MacKay

Bootstrapping A Security Research Project
Andrew Hay

7/16/2016

Converge 2016
These are the videos from the Converge Information Security Conference. Thanks to Wolf for having me out and Chris, Daniel, Daniel, Ed, Ben, Sam, Adam & Eric and others I may forget for helping to record.

Intro

Keynote 1
Steve Werby

So You've Inherited a Security Department, Now What?!?!
Amanda Berlin

Violating Trust: Social Engineering Past and Present
Paul Blonsky

AppSec Awareness: A Blue Print for Security Culture Change
Chris Romeo

Red Team Madness - Or, How I Learned To Stop Worrying and Expect Pentester Mistakes
Jeremy Nielson

Threat Modeling for Secure Software Design
Robert Hurlbut

Not Even One Shade of Gray: Stop Tolerating Compromise in Security
Rich Boyer

MySQL 5.7 Security
Dave Stokes

Evolving the Noise out InfoSec using Law Enforcement Paradigms
Charles Herring

Game of Hacks - Play, Hack, and Track
Igor Matlin

Red is the new Blue - Defensive Tips & Tricks from a Defender turned Pentester
Ben Ten

Building a better user: Developing a security-fluent society
Rich Cassara

Food Fight
J Wolfgang Goerlich

Maneuvering Management Madness
Andrew Hay

Enterprise Class Threat Management Like A Boss
Rockie Brockway

Compliant, Secure, Simple. Pick two.
Joshua Marpet

Sentry on the Wall
Reid Brosko

Expanding Your Toolbox the DIY Way
Chris Maddalena

Surreal Paradigms: Automotive Culture Crash
Dave Schaefer

Haking the Next Generation
David Schwartzberg

Malware Magnets: A practical walkthrough in developing threat intelligence
Tazz Tazz

Still broken after all these years aka Utility Security for Smarties
Doug Nibbelink

7/09/2016 OISF 2016 Videos
These are the videos from the OISF Anniversary Event

Intro
Tom Webster

Breaking The Teeth Of Bluetooth Padlocks
Adrian Crenshaw

Identifying and Exploiting Hardware Vulnerabilities: Demo of the HRES Process
Tim Wright

2016 Predictions and How History repeats itself
Jason Samide

A Lawyer's Perspective on Data Security
Dino Tsibouris and Mehmet Munur


The Attacker's Dictionary
Joel Cardella

6/25/2016

BSides Cleveland 2016 Videos
These are the videos from the BSides Cleveland conference. Thanks to djaj9, , Kevin, f0zziehakz &  as the video team. Thanks to twuntymcslore & RockieBrockway for being con mom & dad.

Morning Keynote
Ian Amit

Elementary, my dear Watson - A story of indicators
Nir Yosha

Preventing credential theft & lateral movement after initial compromise.
Cameron Moore

Ask a CISO
Jamie Murdock

Crime Prevention Through Environmental Design
Michael Mendez

Fun with One Line of Powershell
Matthew Turner

Learning From Pirates of the Late 1600s - The first APT
Adam Hogan

Food Fight!
Wolfgang Goerlic

Afternoon Keynote
Chris Roberts

The Art of Bit-Banging: Gaining Full Control of (Nearly) Any Bus Protocol
Aaron Waibel

Playing Doctor: Lessons the Blue Team can Learn from Patient Engagement
J Wolfgang Goerlich & Stefani Shaffer-Pond

Security Automation in your Continuous Integration Pipeline
Jimmy Byrd

The WiX Toolset, How to Make Your Own MSIs
Charles Yost

A Rookie PoV: The Hollywood Fallacy
Raquel Milligan

Port Scanning the Hermit Kingdom: Or What NMAP Can Teach Us About Geopolitics
Thomas Pieragastini

Responder for Purple Teams
Kevin Gennuso

Splunk for IR and Forensics
Tony Iacobelli

Bridging the Gap or: How I Learned to Stop Worrying, and Love the Developers
Eric Mikulas

SafeCracking on a Budget Redux
David Hunt and Zack Nagaich

Process Ventriloquism
Spencer McIntyre

The Digital Beginning of the Analog End
Brad Hegrat

Gamify Security Awareness: Failure to Engage is Failure to Secure
Michael Woolard

Cons and Conjurers: Lessons for Infiltration
Paul Blonsky

Closing Keynote
David Kennedy

6/14/2016

 

ShowMeCon 2016 Videos
These are the videos ShowMeCon 2016. Thanks to Renee & Dave Chronister (@bagomojo), Renee and others for having me out to record and speak. Also thanks to my video crew Mathew, Morgan, James and some other people I may have forgotten.

Red is the New Blue
BenOxa

My Cousin Viinny: Ethics and Experience in Security "Research"
Kevin Johnson

The Psychology of Social Engineering
Dave Chronister

Show Me Your Tokens (and Ill show You Your Credit Cards)
Tim MalcomVetter

IRLHN Pt.3 Intermediate Networking Techniques for the Recovering Introvert
Johnny Xmas

And Bad Mistakes…I've made a few
Jayson Street

All your Door(s) Belong to Me - Attacking Physical Access Systems
Valerie Thomas

Exploiting First Hop Protocols to Own the Network
Paul Coggin

Check Yo Self Before you Wreck Yo Self: The new wave of Account Checkers and Underground Rewards Fraud
Benjamin Brown

The Collission Attack - Attacking CBC and related Encryptions
Fontbonne

It's not a sprint….
Tim Fowler

Social Media Risk Metrics - There's a way to measure how +@&# you are online
Ian Amit

Attacking OSX for fun and profit: tool set limiations, frustration and table flipping.
Dan Tentler

The Art of AV Evations - Or Lack Thereof
Chris Truncer

Understanding Offensive and Defense - Having a purple view on INFOSEC
Dave Kennedy

Breaking the Teeth of Bluetooth Padlocks
Adrian Crenshaw

PowerShell Phishing Response Toolkit
Josh Rickard

Championing a Culture of Privacy: From Ambivalence to Buy-IN
Hudson Harris

Why Compliance Matters; You've Been Doing it Wrong
Stacey Banks

How to Build a Home Lab
Timothy De Block

Logging for Hackers, How you can catch them with what you already have and a walk through of an actual attack and how we caught it.
Michael Gough

Where to Start when your environment is F*(3d
Amanda Berlin

6/12/2016

Circle City Con 2016 Videos
These are the Circle City Con videos. Thanks to the staff for inviting me down to record. Big thanks to Mike, 3ncr1pt3d, fl3uryz, InfaNamecheap, f0zziehak, Chris, PhenixFire, Sammy and other for helping set up AV and record.

Opening Ceremony
CircleCityCon Staff

Keynote - Dave Lewis
Dave Lewis

Food Fight!
Wolfgang Goerlich

Binary defense without privilege
Steve Vittitoe

Establishing a Quality Vulnerability Management Program without Wasting Time or Money
Zee Abdelnabi (not posted)

Why it's all snake oil - and that may be ok
Pablo Breuer

Break on Through (to the Other Side)
Grape Ape

Bootstrapping A Security Research Project
Andrew Hay

Playing Doctor: Lessons the Blue Team Can Learn from Patient Engagement
Wolfgang Goerlich

Planes, Trains and Automobiles: The Internet of Deadly Things
Bryan K. Fite

Killing you softly
Josh Bressers

Now You See Me, Now You Don't - Leaving your Digital Footprint
Aamir Lakhani

Red Team Madness - Or, How I Learned To Stop Worrying and Expect Pentester Mistakes
Jeremy Nielson

Open Source Malware Lab
Robert Simmons

So you want to be a CISO?
Von Welch

You want to put what…where?
John Stauffacher

 IoT on Easy Mode Reversing and Exploiting Embedded Devices
Elvis Collad

Top 10 Mistakes in Security Operations Centers, Incident Handling & Response
Paul R. Jorgensen

Untrusted Onions: Is Tor Broken?
Joshua Galloway

Contextual Threat Intelligence: Building a Data Science Capability into the Hunt Team
Brian Genz

Head in the Sand Defence or A Stuxnet for Mainframes
Haydn Johnson; Cheryl Biswas

SIEM, Supersized!
Walleed Aljony

Fantastic OSINT and where to find it
Tony Robinson (da_667)

Creating a Successful Collegiate Security Club (WIP)
Chris "Lopi" Spehn; Adam "avidhacker" Ringrood

Where to Start When Your Environment is F*(K3d
InfoSystir (Amanda Berlin)

Haking the Next Generation
David Schwartzberg

Exfil and Reverse Shells in a Whitelisted World

Hacking Our Way Into Hacking
Kat Sweet

Attacking OSX for fun and profit: Toolset Limitations, Frustration and Table Flipping
Viss (Tentler)

Intro to Mobile Device Testing
Damian Profancik

Your Password Policy Still Sucks!
Martin Bos

Closing Ceremony
CircleCityCon Staff

5/22/2016

NolaCon 2016
Recorded at NolaCon 2016. Thanks to @CurtisLaraque, @HoltZilla, @sid3b00m & @ynots0ups for the video recording help, and @nola_con, @erikburgess_, & Rob for having me down to record.

Intro

Analyzing DNS Traffic for Malicious Activity Using Open Source Logging Tools
Jim Nitterauer

Snake Charming: Fun With Compiled Python
Gabe K

Monitoring & Analysis 101: N00b to Ninja in 60 Minutes
Grecs

Calling Captain Ahab: Using Open Tools to Profile Whaling Campaigns
Ryan Jones, McOmie

Check Yo Self Before You Wreck Yo Self: The New Wave Of Account Checkers And Underground Rewards Fraud
Benjamin Brown

Introducing the OWASP API Security Project
Leif Dreizler, David Shaw

Breaking Barriers: Adversarial Thinking for Defenders
Stacey Banks

It's Just a Flesh Wound!
Brett Gravois

Owning MS Outlook with PowerShell
Andrew Cole

Why can't Police catch Cyber Criminals?
Chip Thornsburg

Keynote
David Kennedy

Calling Captain Ahab: Using Open Tools to Profile Whaling Campaigns
Matt Bromiley

Haking the Next Generation
David Schwartzberg

Hacking Web Apps (v2)
Brent White

Evolving Your Office's Security Culture by Selective Breeding of Ideas and Practices
Nancy Snoke

I Promise I'm Legit: Winning with Words
Cyni Winegard &  Bethany Ward

You Pass Butter: Next Level Security Monitoring Through Proactivity
Cry0, S0ups

Going from Capture the Flag to Hacking the Enterprise. Making the switch from 'a hobby and a passion' to a lifelong career
Joseph Pierini

Hackers are from Mars, CxO's are from Jupiter
Rob Havelt

Don't be stupid with GitHub
Metacortex

DDoS: Barbarians at the Gate(way)
Dave Lewis

Hunting high-value targets in corporate networks
Josh Stone

4/22/2016 AIDE 2016 Videos
Recorded at AIDE 2016. Big thanks to Bill Gardner (@oncee) for having me out to record.

Do You Want Educated Users? Because This is How You Get Educated Users.
Tess Schrodinger

Don't blame that checklist for your crappy security program
Branden Miller

Shooting Phish in a Barrel
Amanda Berlin

Minimalistic Physical Assessment Kit
Tom Moore

Hacking Web Apps
Brent White and Tim Roberts

4/17/2016

BSides Nashville 2016 Videos
These are the videos BSides Nashville 2016. Thanks to @lil_lost for inviting me down to record and being my bodyguard while in Nashville. Big thanks to Geoff Collins, Branden Miller, Blake Urmos, Gabe Bassett, Nate and Alex McCormack for helping set up AV and record.

And bad mistakes I've made a few
Jayson Street

At the mountains of malware
Wes Widner

Collection and Detection with Flow Data: A Follow Up
Jason Smith

Container Chaos: Docker Security Container Auditing
Chris Huntington

It's Not If But When: How to Create Your Cyber Incident Response Plan
Lucie Hayward, Marc Brawner

Threat Modeling the Minecraft Way
Jarred White

AppSec Enigma and Mirage - When Good Ideas Can Go Awry
Frank Catucci

The Art of the Jedi Mind Trick
Jeff Man

How to get into ICS security
Mark Heard

The Ransomware Threat: Tracking the Digital Footprints
Kevin Bottomley

InfoSecs in the City - Starting a Successful CitySec Meetup
Johnny Xmas, Fletcher Munson, Chris Carlis, Kate Vajda

Ever Present Persistence - Established Footholds Seen in the Wild
Evan Pena, Chris Truncer

Forging Your Identity: Credibility Beyond Words
Tim Roberts, Brent White

IAM Complicated: Why you need to know about Identity and Access Management
Ron Parker

Put a Sock(et) in it: Understanding and Attacking Sockets on Android
Jake Valletta

3/31/2016 Central Ohio Infosec Summit 2016 Videos
These are the videos from the Central Ohio Infosec Summit conference. Thanks to the video volunteers for helping me record.

Track 1

Penetrating the Perimeter - Tales from the Battlefield
Phil Grimes

Navigating the FDA Recommendations on Medical Device Security _ and how they will shape the future of all IoT
Jake "malwarejake" Williams

Detecting the Undetectable: What You Need to Know About OSINT
Jerod Brennen

Why I quit my dream job at Citi - A data centric approach to key management
Mike Bass

Fail Now _ So I Don't Fail Later "A look into security testing and training methodologies"
Deral Heiland

Putting the Intelligence back in Threat Intelligence
Edward McCabe

All Your Door Belong To Me: Attacking Physical Access Systems
Valerie Thomas

The Humanity of Phishing Attack and Defense
Aaron Higbee

The Node.js Highway: Attacks Are At Full Throttle
Joshua Clark

Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway

Understanding Attacker's use of Covert Communications
Chris Haley

InfoSec Productization
David Kennedy

Track 2

Future of Information Security Governance, Risk and Compliance
Max Aulakh, Bill Lisse

How Experts Undermine Your Forensic Evidence
Matthew Curtin

Datacenter Security Virtualized
John Michealson

Embracing the Cloud
Lisa Guess

"It was the best of logs, it was the worst of logs" - Stories through Logging
Tom Kopchak

Finding the Needle in the Hardware Haystack - Identifying and Exploiting Vulnerabilities via Hardware Reverse Engineering
Stephen Halwes, Timothy Wright

PKI-Do You Know Your Exposure?
Kent King

No Tradeoffs: Cloud Security and Privacy Don't Need to Be at Odds
Jervis Hui

Today's Threat Landscape
Dean Shroll

6 Critical Criteria For Cloud Workload Security
Sam Herath

Track 2

Educating the Board of Directors
Bob West

Burp Collaborator: The Friend You Didn't Know You Needed
Jon Gorenflo

Psychological Warfare: How Cyber Criminals Mess With Your Mind
Brian Henger

Threat Modeling for Secure Software Design
Robert Hurlbut

IAST Deep Dive: Understanding Interactive Application Security Testing
Ofer Maor

Building an Application Security Program
Mike Spaulding

Formal Verification of Secure Software Systems
Aaron Bedra

AppSec without additional tools
Jason Kent

Leveraging your APM NPM solutions to Compliment your Cyber Defense Strategy
Ken Czekaj, Robert Wright

Artificial Intelligence Real Threat Prevention
Art Hathaway

Defending the Next Decade - Building a Modern Defense Strategy
Mark Mahovlich

Track 3

Security vs Compliance in Healthcare
Sean Whalen

How to Secure Things & Influence People: 10 Critical Habits of Effective Security Managers
Chris Clymer, Jack Nichelson

Economically Justifying IT Security Initiatives
Ruben Melendez

Cross Industry Collaboration
Helen Patton

Third Party Risk Governance - Why and How
Jeffrey Sweet

IT Data Analytics: Why the cobbler's children have no shoes
Carolyn Engstrom

BYODAWSCYW (Bring Your Own Device And Whatever Security Controls You Want) One approach to reduce risk
Steven Keil

Disaster Recovery and Business Continuity -_It's never so bad that it can't get worse
Valerie Thomas, Harry Regan

Cybersecurity Act of 2015 and Other Hot Privacy and Cybersecurity Topics
Heather Enlow, Chris Ingram

The Legal Perspective on Data Security for 2016
Dino Tsibouris, Mehmet Munur

The Legal Perspective on Data Security for 2016
Mehmet Munur, Dino Tsibouris

Track 4

Gamify Awareness Training: Failure to engage is failure to secure
Michael Woolard

Office 365 Security and Compliance Cloudy Collaboration - Really?
Robert Brzezinski

State of Security and 2016 Predictions
Jason Samide

A Capability Maturity Model for Sustainable Data Loss Protection
Gabriel Gumbs

Risk Management: Tactics to Move From Decision to Execution
Tremayne (Tre) Smith

Incident Response - No Pain No Gain!
Jim Wojno

Building an OSS CI/CD Security Toolchain
Kevin Glavin

A Touch(ID) of iOS Security
James (Jamie) Bowser

Track 5

Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski

You're measuring all the wrong things - information security metrics
Shawn Sines

Why Cybercriminals Are "Following The Money" Into Online Video Games
Matthew Cook

Security Certifications - are they worth it, and which ones are right for you?
William Diederich

Information Security Metrics - Practical Security Metrics
Jack Nichelson

The CONfidence of Things
John Robinson

Who is Winning?
Gary Sheehan

Security analytics journey - a year's lesson learned.
Mike Schiebel

Track 6

Integrated Software in Networking _ the Mystery of SDN
Oliver Schuermann

Securing our Future: Lessons From the Human Immune System
Gavin Hill

Have you tied together your IAM and Information Security Incident Management Program?
Joseph Greene

Compliance and Security: Building a Cybersecurity Risk Management Program
Jason Harrell

Don't try this at home! (Things not to do when securing an organization)
Jessica Hebenstreit

CISO for an Hour
Keith Fricke

Apple v. DOJ: Privacy in Today's Enterprise
Justin Harvey

Myths of Cloud Security Debunked!
Bil Harmer

Cyber Security - Super Bowl 50
Jim Libersky

3/12/2016

CypherCon 2016 Videos
These are the videos from the Cyphercon 2016 conference. Thanks to Michael Goetzman for having me out to record.

CYPHERCON's Opening Ceremony Begins!
Korgo

Security Control Wins & Fails
Jason Lang

Offensive Wireless Tactics "used in DEFCON 23’s Wireless CTF"
Eric Escobar

China"s Hackers and Cyber Sovereignty
Lieutenant Colonel Bill Hagestad II

You're Right, This Sucks
J0hnnyxm4s & Lesley Carhart

No encrypted data on this drive; just pictures of my cat
Parker Schmitt

Curry and TARTS
JP SMITH

All your Wheaties belong to us. Removing the basics that humans need for survival.
Chris Roberts

CYPHERCON I Conference Begins!
Korgo & The CYPHERCON PuzzleMaster Speaks
BeLouve

P.I.S.S.E.D. Privacy In a Surveillance State, Evading Detection
Joe Cicero

Bypassing Encryption by Attacking the Cryptosystem Perimeter
Trenton Ivey

Hypervault Demo
& HTTP and SSH Tunneling
Caleb Madrigal

Quantum Computation and Information Security
David Webber

Medical Devices: Pwnage & Honeypots
Scott Erven

ESPIONAGE - A WEAPON DURING THE COLD WAR
Werner Juretzko

3/5/2016 BSides Indy 2016 Videos
These are the videos from the BSides Indy conference.

Keynote
Eddie Mize (Not recorded)

Managing Elevated Privileges in the Enterprise Environment
Erik Burgess

Food Fight
Wolfgang Goerlich (Not recorded)

Where to start when your environment is F*(k3d
Amanda Berlin

Building an Application Security Program
Mike Spaulding

The Art of the Jedi Mind Trick
Jeff Man

Securing Docker Instances
Chris Huntington

ClientHacking: How a chef uses OSINT and SE to make more money.
OneManicNinja

3/1/2016

BSides San Francisco 2016 Videos
These are the videos from the BSides San Francisco conference. Special thanks to Mike & Doug for having me out, Steen, Zappo & Jeremy for their house AV work, and n0ty3p, Forest, Nick, James & others I'm forgetting for their help recording

Track 1

Keynote: A Declaration of the Independence of Cyberspace
John Perry Barlow

The Tales of a Bug Bounty Hunter
Arne Swinnen

Reverse Engineering the Wetware: Understanding Human Behavior to Improve Information Security
Alexandre Sieira, Matthew Hathaway

Who's Breaking into Your Garden? iOS and OS X Malware You May or May Not Know
Claud Xiao

A year in the wild: fighting malware at the corporate level
Kuba Sendor

Breaking Honeypots for Fun and Profit
Gadi Evron, Dean Sysman, Itamar Sher

Everything Is Awful (And You're Not Helping)
Jan Schaumann

Why it's all snake oil - and that may be ok
Pablo Breuer

Ask the EFF
Kurt Opsahl, Eva Galperin, Andrew Crocker, Shahid Buttar, Cooper Quintin

Sedating the Watchdog: Abusing Security Products to Bypass Windows Protections
Tomer Bitton, Udi Yavo

Sweet Security: Deploying a Defensive Raspberry Pi
Travis Smith

Planning Effective Red Team Exercises
Sean T. Malone

Fraud Detection & Real-time Trust Decisions
James Addison

Fuzz Smarter, Not Harder (An afl-fuzz Primer)
Craig Young

Elliptic Curve Cryptography for those who are afraid of mathematics
Martijn Grooten

APT Reports and OPSEC Evolution, or: These are not the APT reports you are looking for
Gadi Evron

Sucker-punching Malware: A Case Study in Using Bad Malware Design Against Attackers
John Bambenek, Hardik Modi

Employee Hijacking: Building a hacktober awareness program
Ryan Barrett, Ninad Bhamburdekar, Dylan Harrington

Track 2

Mainframes? On My Internet?
Soldier of Fortran (not recorded)

Securing the Distributed Workforce
William Bengtson

Hackers Hiring Hackers - How to hack the job search and hack talent
IrishMASMS (not recorded)

Scan, Pwn, Next! - exploiting service accounts in Windows networks
Andrey Dulkin, Matan Hart

Guest to root - How to Hack Your Own Career Path and Stand Out
Javvad Malik

IoT on Easy Mode (Reversing Embedded Devices)
Elvis Collado

In the crosshairs: the trend towards targeted attacks
Lance Cottrell

Developing a Rugged DevOps Approach to Cloud Security
Tim Prendergast

Digital Intelligence Gathering: Using the Powers of OSINT for Both Blue and Red Teams
Ethan Dodge, Brian Warehime

Sharing is Caring: Understanding and measuring Threat Intelligence Sharing Effectiveness
Alex Pinto

The Ransomware Threat: Tracking the Digital Footprints
Kevin Bottomley

Access Control in 2016 - deep dive
Dr. Ulrich Lang

Using Behavior to Protect Cloud Servers
Anirban Banerjee

The Art of the Jedi Mind Trick
Jeff Man

Mobile App Corporate Espionage
Michael Raggo

Advanced techniques for real-time detection of polymorphic malware
Ajit Thyagarajan

2/15/2016 BSidesCapeTown 2015
Mike Davis asked me to post these videos to get wider circulation.

Ode to the Node

Automating the process of mapping and compromising networks

Hack all the things - Exploiting and fixing IoT

Running a Secure Tor Hidden Service

Sharepoint Hacking

Hacker Jeopardy

2/07/2016 BSides Huntsville 2016 Videos
These are the videos from the BSides Huntsville conference. Thanks to @PaulCoggin, @CharlineNixon, Brian, @NagleCode, @GRMrGecko and all of the BSides Crew for having me out to help record and render the videos.

Opening Keynote
Jack Daniel

Hacking Peoples' Lives with Google Sync
Shawn Edwards, Sean Hopkins

Slaying Rogue Access Points with Python and Cheap Hardware
Gabriel Ryan

Web shells as a covert channel
Joe Vest

A practical approach to deploying Data Loss Prevention
Jon Damratoski

Afternoon Keynote: TSA Luggage Locks: Details, Flaws & Making The Best Of A Bad Lock
Adrian Crenshaw

Threat Modeling the Minecraft Way
Jarred White

At the mountains of malware: Lessons learned from analyzing terabytes of malware
Wes Widner

History of WRT and Wireless Mesh protocols.
Alex Kot

BSides Closeout
Paul Coggin

1/16/2016 BSides Columbus 2016 Videos
These are the videos from the BSides Columbus Ohio conference. Thanks to Michael Spaulding for having me up and Greg, James & Brandon who manned the video rigs.

Keynotes

Keynote Thomas Drake
Thomas Drake

Offence

Where Did All My Data Go
Deral Heiland

Developers: Care and Feeding
Bill Sempf

Open Secrets of the Defense Industry: Building Your Own Intelligence Program From the Ground Up
Sean Whalen

The Economics of Exploit Kits & E-Crime
Adam Hogan

Hacking Corporate Em@il Systems
Nate Power

All Your Base Still Belong To Us: Physical Penetration Testing Tales From The Trenches
Valerie Thomas & Harry Regan (Not recorded)

Defense

Establishing a Quality Vulnerability Management Program without Wasting Time or Money
Zee Abdelnabi (not posted)

Practical DLP Deployment for your Organization
Jon Damratoski

The Good The Bad and The Endpoint Protection
Joseph Ciaravino

Securing Docker Instances
Chris Huntington

Better SIEM Notifications - Making Your SIEM Situationally Aware
Jesse Throwe

Social Media Correlation of Credit Card Fraudsters
Chris Cullison & CW Walker

Special Teams

Removing Barriers of Diversity in Information Security
Helen Patton & Connie Matthews

Panel Discussion: InfoSec Trends, Talent Management, and Retention
Michael Butts, AJ Candella & Megan Wells

Indecision and Malformed Conclusions: The things that stifle security improvement and what can be done about them.
Tyler Smith

Gamify Awareness Training: Failure to engage is failure to secure
Michael Woolard

The Long and Winding Road: An InfoSec Career Panel
Lonnie Kelley & Valerie Thomas

The Pineapple is dead..Long live the Pineapple
David Young

1/16/2016

 

Shmoocon Firetalks 2016
Videos from Shmoocon Firetalks 2016.

Opening Red Team Upgrades Using SCCM for Malware Deployment Matt Nelson (@enigma0x3)

Jailbreaking a Digital Two-Way Radio Travis Goodspeed (@travisgoodspeed)

CheapBugs.Net - Low-End Bug Bounties for the Masses Dean Pierce (@deanpierce)

Failure to Warn You Might Get Pwned Wendy Knox Everette (@wendyck)

GreatFET, a Preview Michael Ossmann (@michaelossmann)

Fuck You, Pixalate! @da_667

DNS C&C Ron Bowes (@iagox86)

11/08/2015

SecureWV 2015 Videos
These are the videos of the presentations from Secure West Virginia 2015.

Building a Cantenna
Ed Collins

Dropping Docs on Darknets Part 2 Identity Boogaloo
Adrian Crenshaw

Network Segmentation - Some new thoughts
Mark Jaques and Brandon Schmidt

Security Onion
Brandon Schmidt

Drones
Mike Lyons

The Lemonaid Pomegranite, basics of security in a digital world
Tim Sayre

My Little P0ny: What you can do with 20 lines of code and an open machine
Mark Jaques and Brandon Schmidt

And now for something completely different, security at Top O Rock
Tim Sayre

The Art of Post-Infection Response and Mitigation
Caleb J. Crable

Documenting With ASCIIDOC
Jeff Pullen

The Core of Cybersecurity: Risk Management
Josh Spence

The Unique Challenges of Accessing Small and Medium Sized Organizations
Bill Gardner

OpenNSM, ContainNSM, and Docker
Jon Schipp

Here is your degree. Now what?
Shawn Jordan

Wolf in shell's clothing, why you should be skeptical of your trusted tools
Jeff Pullen

 

10/16/2015 HouSecCon v6 2015 Videos
These are the videos from HouSecCon 2015 v6. Thanks to Michael R. Farnum for having my down and all of the video crew.

Opening Keynote - Mike Rothman

Chris Jordan - Fluency: A Modern Approach to Breach Information and Event Management

Dennis Hurst - Application Security in an Agile SDLC

Wendy Nather - How Google turned me into my mother: the proxy paradox in security

Chris Boykin - Mobile Threat Prevention

Adrian Crenshaw - Dropping Docs on Darknets Part 2: Identity Boogaloo

Julian Dunning - Kraken: The Password Devourer

Trey Ford - Maturing InfoSec: Lessons from Aviation on Information Sharing

Richard Peters and Matthew Roth - Parasyste: In search of a host

Lunch/ISACA Session

Damon Small - Connections: From the Eisenhower Interstate System to the Internet

Rich Cannata - Arm Your Endpoints

Anthony Blakemore - Removing the Snake Oil From Your Security Program

Erik Freeland - Does SDN Mean Security Defined Networking?

Danny Chrastil - What I know about your Company

Lunch / Business Skills Workshop

Josh Sokol - The Fox is in the Henhouse: Detecting a Breach Before the Damage is Done

Jason Haddix - How to Shot Web: Better Web Hacking in 2015

Zac Hinkel, Andrew Huie, and Adam Pridgen - Arm Your Endpoints

Dan Cornell - SecDevOps: A Security Pro's Guide to Development Tools

Closing Keynote - Eric Cowperthwaite - Everything I need to know about Information Security, I Learned Shooting Tank Guns

Closing

More.........

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast