2016

Sponsored by

FROM 12 top talks

John Perry Barlow

A Declaration of the Independence of

Cyberspace

@jpbarlow

“I felt people needed to know what space they were in, in order to have a sense

of their rights,” he said, recalling the time when he

realized the federal government had

discovered the Internet.

Arne Swinnen

The Tales of a Bug Bounty Hunter

@arneswinnen

A bug bounty hunter for fun and profit, Arne

Swinnen explained how he was able to rack up

nearly $10,000 from responsibly disclosing

nine flaws in the popular Instagram app.

Matthew Hathaway &

alexandre sieira

Reverse Engineering the

Wetware

@theway99 @alexandresieira

This duo drilled the idea that information security is really all about people,

and it’s important to understand how users think in order to better

understand your role as a security practitioner.

‘IrishMASMS’

Hackers Hiring Hackers: How to

Hack the Job Search and Hack Talent

@irishmasms

Ensure the experience on your resume reflects your background and the role

you are pursuing; be careful with buzzwords;

don’t stretch the truth; and always use a professional-

looking email address.

Kuba Sendor

A Year in the Wild: Fighting Malware at the Corp. Level

@jsendor

From the moment of the threat detection, first

response throughout the analysis, and the final

resolution, Yelp works to catch as many incidents as

possible and properly sanitize the environment to cut potential problems

short.

Javvad Malik Guest to Root: How to Hack Your Own Career Path and

Stand Out

@j4vv4d

“What are you doing to get yourself noticed?”

Malik asked. “When you leave a job, will you think about the projects that

you worked on? Have you left behind enough

legacy that they wouldn’t mind having you back?”

Ethan Dodge Digital

Intelligence Gathering: Using

the Power of OSINT

@_ETH0

Leveraging a variety of open source intelligence, from

social media data to court case and property records, Dodge explained how he

was able to compile a plethora of sensitive

information on a given person.

Travis Smith Sweet Security:

Deploying a Defensive Raspberry

Pi

@mrtrav

IoT devices are often shipped with outdated operating systems and

unmaintained, vulnerable code. Using a combination

of open-source and commercial tools, Smith

demonstrated how to protect networks that

provide access to the IoT.

Kevin Bottomley The Ransomware Threat: Tracking

the Digital Footprints

@k3v_b0t

Ransomware has evolved significantly over the

years. Bottomley urged attendees to keep

backups often and train end-users about social engineering techniques

through phishing exercises. Never pay the

ransom!

James Addison

Fraud Detection & Real-Time Trust

Decisions

As a Senior Software Engineer at Lyft, Addison explained common ways in which fraudsters are

attacking online commerce today,

including traditional online storefront attacks,

and other challenges faced in real-time

marketplaces.

Craig Young Fuzz Smarter, Not Harder: An Afl-Fuzz

Primer

@craigtweets

Fuzzers can test 24×7 (without rest or overtime payment) to help identify many bugs that may not always be apparent from reviewing code. Young

explained several fuzzing techniques that bug hunters

everywhere can leverage.

Jeff Man

The Art of the Jedi Mind Trick

@mrjeffman

“It’s easy to give a talk at a conference where you’re

‘preaching to the choir’ and everyone speaks your

language, but how do you fare when you are trying to give the message to your

boss, or your bosses’ boss, or C-Level management?”

Man asked.

SunShine BenBelkacem

SunShine BenBelkacem is a Chicago-based graphic

facilitator, artist and writer. Drawing on a keen

business sense and a stunning design sensibility,

SunShine distills spoken talks, meetings and

discussions into compelling visual stories and

summaries. 

@sunnyb Sponsored by

For the latest security news, trends and insights, visit us at:

www.tripwire.com/blog @TripwireInc

Don’t miss the next BSides event near you! For more information, visit: www.securitybsides.com

Background IMAGEs COURTESY OF SHUTTERSTOCK.COM