BSides Atlanta
May 5 2018 - KSU Center, Kennesaw
CPE Form Attendee Survey

About BSides

Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.

This year, our theme is Standing on the Shoulders of Giants. We’re a new group of organizers building upon the work of the previous organizers to make this conference happen. We’d like our presentations to reflect this as well. This can range from how you used someone else’s tools for success through taking over a conference run by others.

Schedule

One day, one track

  • 9am

    Doors open

    Registration, CTFs, and Lockpick Village are open at this time.

  • 10am - 12pm

    Resume Review

    JoEtta LeSueur

    JoEtta is wandering the lobby ready to review resumes. Bring her yours printed, or on a laptop. She won’t accept a thumbdrive.

  • 10am

    Mail Carts to Malware

    Jessica Pepper

    In the beginnings of my career I was a wide-eyed and curious mail clerk learning what those 70 lb equipment boxes were for. Then joined desktop support and created my personal brand. Finally, I joined the security teams and let my brand evolve into becoming a “SOC mom.”

  • 10:30am

    Containing the Cloud

    Wes Widner

    Curious about the current state of container security? Want to know what the best practices are for creating images? Interested in the current container security offerings? You’re in luck! Come join me as we explore the attack surface for containers. Recent exploits. Best practices for creating container images. And the current offerings for container security. Besides containers deployed in production, an often overlooked attack vector with containers is developer machines.

  • 11am

    Dear Blue Team: Proactive Steps to Supercharge your IR

    Joe Gray

    In an age where data breaches and malware infections are quickly becoming the norm, we must prepare for Digital Forensics and Incident Response (DFIR). Most DFIR talks and advice discuss what to do once an incident has occurred. Instead, this talk provides Security Architects, System Administrators, SOC teams, and management new techniques and advice to supercharge their IR capabilities by preemptively collecting forensic evidence as a baseline.

  • 12pm

    Lunch

    Let’s eat!

  • 12pm

    Resume Review

    Jay Beta

    Jay Beta is taking over resume review for the afternoon. Bring him yours printed, or on a laptop. He won’t accept a thumbdrive either.

  • 1pm

    Current State of Phishing - Old Bait, New Tackle Box

    Nick Powers and David Tulis

    Phishing has changed dramatically over the past several years and the methods used are constantly built upon, leveraging the work of those before us. As long as the transmission of messages from one computer to another has existed, phishing has not been far behind. As far back as phishing for AOL credentials to access to dial-up internet in the 1990s, along with the viral LOVEBUG script shortly thereafter, people have been tricked into divulging information or performing actions of which they do not fully understand the overall potential impact. As network perimeters become harder to penetrate, attackers are increasingly relying on phishing breach the perimeter.

  • 2pm

    Value Change Maps for Open Source Ecosystems

    Chris Corriere

    Open source is built on the shoulders of giants. Every technologist uses systems and components they did not produce, so how can we trust them to be safe?

    It can be difficult to ensure the security of production systems In the age of continuous delivery, and “third party dependency” has taken on a new meaning with the advent of technologies like containers and server-side JS.

  • 3pm

    Ozymandius and InfoSec RockStars – Look on my (lack of documentation) and despair!

    George Roberson

    Addressing the “Standing on the Shoulders of Giants” theme, I want to discuss what happens when giants fall, and how we can build a solid foundation to support those who come after us. This talk will cover how the resilience of an organization depends on those talented people who are pillars of institutional knowledge, but just as much on how prepared we are to lose them.

  • 3:30pm

    Vulnerability Management 101: Practical Experience and Recommendations

    Eric Bryan

    Vulnerability management, in the context of information security, is a critical, but often overlooked aspect in a comprehensive security posture. Many organizations are limited by time and resources to simply fighting fires and operating in a reactive methodology. Without a clear, defined, and management-supported vulnerability management effort, an organization may continue to operate indefinitely with a reactive methodology.

  • 4pm

    Oh the POSsibilities

    Anthony Sasadeusz and Fabius Watson

    In this presentation, we will share our Point-of-Sale security research which has revealed a multitude of concerns regarding the secure development of payment applications. We plan to discuss our analysis of several PA-DSS validated applications for security vulnerabilities and configuration issues. Next, we will cover our implementation of a proof-of-concept attack chain that demonstrates the capabilities an attacker could leverage in a vulnerable scenario. Finally, we will discuss the process of vulnerability discovery, development of attacker capabilities, as well as defensive countermeasures.

  • 5pm

    Podcast Recording

    Southern Fried Security

    The first-ever full-cast live recording of an episode of The Southern Fried Security Podcast to be conducted at BSidesATL. The event would include all of the hosts (Martin Fisher, Andy Willingham, Steve Ragan, Joseph Sokoly, and Yvette Johnson) as well as live intro/outro music (Becky Fisher).

  • 5:45pm

    Closing notes

  • 6:30pm

    After Party

    Hudson Grille, 2500 Cobb Parkway NW, Kennesaw Ga sponsored by Critical Path Security

  • Prepare
    for
    2019!

Our amazing speakers

Without them, we’d just be drinking coffee and eating lunch all day.

Jay Beta

Jay Beta

Resume review

Jay Beta, MBA, Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) , Certified Information Security Manager (CISM), and Payment Card Industry Professional (PCIP), has been an Information Security professional for 16 years in both private and public sector roles. He has extensive background in leadership along with IT compliance, auditing, risk management, governance,and security engineering. He currently works as a cybersecurity leader for a national financial institution.

Eric Bryan

Eric Bryan

North State Communications, LLC

Vulnerability Management 101: Practical Experience and Recommendations

Eric Bryan is an Information Technology and Security professional with an extensive background as a security and risk analyst. Prior to joining NorthState Technology Solutions, Eric worked for one of the five largest U.S. IT companies in various roles including Desktop Support, Risk Management Analyst, and Compliance Analyst. Mr. Bryan’s extensive technical IT security experience includes change management, vulnerability management, and analyzing security controls.

Chris Corriere

Chris Corriere

Value Chain Maps for Open Source Ecosystems

Chris Corriere has been working with data, phones, networks and writing software for over fifteen years. His background in mathematics and engineering has allowed him to adapt to new and industry specific technologies and provided many unique consulting opportunities. As a devOps professional Chris is committed to culture, automation, learning, sharing, and having a good time while getting work done. Chris is currently a senior consultant with SJ Technologies operating as an architect in SunTrust’s DevOps Center for Enablement.

Joe Gray

Joe Gray

Dear Blue Team: Proactive Steps to Supercharge your IR

Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior Security Architect and maintains his own blog and podcast called Advanced Persistent Security. In his spare time, Joe enjoys attending information security conferences, contributing blogs to various outlets, training in Brazilian Jiu Jitsu (spoken taps out A LOT!), and flying his drone. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. Joe has contributed material for the likes of AlienVault, ITSP Magazine, CSO Online, and Dark Reading.

JoEtta LeSueur

JoEtta LeSueur

Resume review

JoEtta LeSueur has over 13 years experience in the technology industry with the last 5 years in cybersecurity. JoEtta has a Master of Science in Information Systems with a concentration in Information Security. She holds a CISSP certification. She is currently employed as a product security manager at Ionic Security and an adjunct professor at KSU.

George Roberson

George Roberson

Ozymandius and InfoSec RockStars – Look on my (lack of documentation) and despair!

George Roberson is the Information Security Architect for United Community Banks, Inc. Half of his life has been spent supporting technology and security. He has a deep understanding of the value of “institutional knowledge” and has been around long enough to see giants rise and fall. A self-described “documentation freak” who writes everything with consideration for his own mortality. Like Moses come down from the mountain, he wields the FFIEC-CAT and the CSC-20 as the two tablets brought down from Sinai.

Jessica Pepper

Jessica Pepper

Mail Carts to Malware

Jessica Pepper started as a mail clerk with her current company. After putting herself through school, she moved to Field Services and has since changed careers again working as a Senior Threat Operations Analyst. She enjoys learning about emerging threats and building PC’s for her home lab environments.

Nick Powers

Nick Powers

Rapid7

Current State of Phishing - Old Bait, New Tackle Box

Nick Powers (OSCP, B.S. Computer Science) has two years of security consulting experience, since receiving his Bachelors of Computer Science degree in May of 2016. His previous experience includes compliance focused security audits within the scope of PCI, HIPAA, and other governance ordinances. He has also worked as an analyst in a Security Operations Center (SOC) performing tasks such as writing IPS signatures for new vulnerabilities, investigating incidents, and interacting with multiple SIEM solutions. Nick currently performs offensive security related engagements at Rapid7.

David Tulis

David Tulis

Protiviti

Current State of Phishing - Old Bait, New Tackle Box

David Tulis is a senior consultant for Protiviti out of Philadelphia, where he has worked for 2 years. Day to day tasks involve writing reports, with a little bit of penetration testing and social engineering in between. David’s expertise includes managing pentesting infrastructure, active directory, and PowerShell. He enjoys spending his time learning new and cool tricks to use on penetration tests. He’s previously worked as a .NET developer and as a Linux sysadmin.

Anthony Sasadeusz

Anthony Sasadeusz

VerSprite

Oh the POSsibilities

Anthony is a security researcher at VerSprite Security. He is currently focused on hardware communications, exploitation and reverse engineering. Before coming to work for VerSprite, Anthony competed in various CTFs with the University of Maryland Baltimore County (UMBC) CyberDawgs team, which is where he earned his B.S. in Computer Science. This is also where his interest in offensive computer security blossomed.

Southern Fried Security

Southern Fried Security

Podcast Recording

The Southern Fried Security Podcast is Martin FIsher, Andy Willingham, Steve Ragan, Joseph Sokoly, and Yvette Johnson. Their award-nominated podcast has been sharing updates, news, and ideas about information security since 2010. This recording at BSides Atlanta will be the first ever recording where all of the hosts are all in the room at the same time. The recording will be posted as a regular episode shortly after BSides ends.

Fabius Watson

Fabius Watson

Oh the POSsibilities

Fabius is a Security Researcher at VerSprite Security. He is ambitious about reverse engineering, vulnerability research, exploit development, and post-exploitation. Both his previous work as a Network Security Analyst and his Red Team knowledge provide him with a distinct perspective for examining technologies for real-world threats.

Wes Widner

Wes Widner

Containing the Cloud

Wes Widner is a veteran in the threat intelligence industry. His work history includes data engineering and threat modeling with McAfee Labs’s Global Threat Intelligence, building out a large scale malware pipeline with Norse Corporation, and engineering clouds at Crowdstrike. He specializes in building large scale distributed threat intelligence systems that span a range of threat vectors. Wes also enjoys teaching children how to hack, ethically of course.

Our Sponsors

We thank these sponsors for making our event great!

Code of Conduct

We have NO TOLERANCE for physical/verbal/sexual harassment of any human, humanoid or AI!

Our “Code of Conduct” is “Be Excellent to Each Other” AKA the Golden Rule. Failing that, it is “Do not be an Ass* or we will kick your ass out!“.

Asking questions of a speaker during their talk, to get clarity or debate a point is NOT being an ass – heckling or haranguing the speaker IS. If you are not sure, ask, or err on the side of basic decency and common courtesy. If what they are doing would not be acceptable to have done to you, your best friend, your worst enemy, your sister, niece, daughter, brother, nephew, son, mother, father, or any human being, do not let them treat anyone else that way – whether you know them or not. If someone asks you to stop – stop.

If you are having an issue with a BSidesATL participant of ANY type, find an organizer. They will assist you in determining the next steps for you to feel safe and heard.

*Staff reserves the right to determine what constitutes “Being an Ass”.