About

BSides Vancouver is a two-day, high-caliber gathering for information security professionals, hackers, coders and the greater tech community. During the conference attendees will share, discuss and learn about information security, privacy and technology in the heart of Vancouver.

(more…)

21 Speakers
0 Tickets

Schedule

Two Days and three 3 Tracks to enjoy.

  • 08:00 - 09:00

    Registration

  • 09:00 - 09:15

    Opening Statements

  • 09:15 - 10:15

    Raffael Marty - Keynote Speaker

    We are writing the year 2017. Cyber security has been a discipline for many years and thousands of security companies are offering solutions to deter and block malicious actors in order to keep our businesses operating and our data confidential. But fundamentally, cyber security has not changed during the last two decades. We are still running Snort and Bro. Firewalls are fundamentally still the same. People get hacked for their poor passwords and we collect logs that we don't know what to do with. In this talk I will paint a slightly provocative and dark picture of security. Fundamentally, nothing has really changed. We'll have a look at machine learning and artificial intelligence and see how those techniques are used today. Do they have the potential to change anything? How will the future look with those technologies? I will show some practical examples of machine learning and motivate that simpler approaches generally win. Maybe we find some hope in visualization? Or maybe Augmented reality? We still have a ways to go.

    Speakers:

    Raffael Marty

  • 10:15 - 10:30

    Social Break

  • 10:30 - 11:30

    Dmitry Samosseiko - In search of a silver bullet…

    In this talk, we’ll review the current state of mass malware attacks from a protection development point of view. What are the most effective malware detection strategies of today and tomorrow? Are they bulletproof? What challenges do we face as an industry? Will machine learning and AI save us from future cyberattacks? Is there a “silver bullet”?

    Speakers:

    Dmitry Samosseiko

  • 11:30 - 13:00

    Lunch

  • 13:00 - 14:00

    Sarah Lewis - Excuse Me, I Think Your Dark Web is Leaking!

    The Dark Web has developed an ominous reputation within the security landscape. Misunderstood by both experts & outsiders, it is described as "anonymous", "impenetrable" and "a safe place for criminals". This talk will present the results of new research and demonstrate how the Dark Web fails to live up to it's own hype & speculation. In addition, this talk will explore techniques that can be used to unmask hidden services & how small innocuous, information leaks can have devastating consequences for darknet operators. Finally, this talk will present a vision for the future of the dark web, a look at how today's technologies will mold this corner of the internet & how law enforcement are unequipped to tackle the consequences.

    Speakers:

    Sarah Lewis

  • 14:00 - 14:30

    Social Break

  • 14:30 - 15:30

    Wes Wineberg - Continuous Integration, Continuous Compromise

    If you work in the software industry, chances are you're familiar with build systems. Modern build systems make use of techniques such as Continuous Integration (CI) and Continuous Deployment (CD). This talk will cover how these systems can be the ideal location to gain a foothold into a network, and further, how they can be abused to add backdoors to otherwise secure code. Some of the most common systems will be examined (Jenkins, TeamCity, and Bamboo), but the techniques covered will apply to all build environments. These techniques are useful when penetration testing, but they're just as useful to understand if you have the burden of trying to set up or secure a build system.

    Speakers:

    Wes Wineberg

  • 15:30 - 16:00

    Social Break

  • 16:00 - 17:00

    Ken Westin - Cyberstalking Criminals for Fun and Profit

    For several years Ken Westin developed and utilized various technologies and methods to track criminals leading to dozens of convictions. In the process of recovering stolen devices, larger crimes would be uncovered including drugs, theft rings, stolen cars, even a violent car jacking. Much of the evidence in these cases would be collected by stolen devices themselves, such as network information, photos captured from laptops and cell phones, but often times there was additional data that would need to be gathered for a conviction. In this presentation, Ken will walk through actual real cases and discuss in depth the technologies used and additional processes he went through utilizing open source data and other methods to target criminals. He will also discuss how these same tools and methods can be used against the innocent and steps users and developers can take to better protect privacy.

    Speakers:

    Ken Westin

  • 13:00 - 14:00

    CyberArk Sponsored Talk - Stop the Bleeding, Start Cleaning: Four Steps for Evolving Your Privileged Account Security Program

    Stop the Bleeding, Start Cleaning: Four Steps for Evolving Your Privileged Account Security Program The average enterprise environment contains 3-4x more privileged accounts than employees. The sheer numbers and political challenges can seem overwhelming in the face of a marathon approach. Join CyberArk as we discuss how to start your privileged account security program and quickly add accountability to built-in backdoor admin accounts, control access to your most critical assets and immediately mitigate the risk of high-value accounts used in discovery or vulnerability management processes.

    Speakers:

    Chris Cochrane

  • 14:30 - 15:30

    RSA Sponsored Talk - Hunting Methodology: A key to the labyrinth of network forensics

    Proactive hunting is the newest cybersecurity strategy and promises great potential. But where is one to start in the world of network forensics? This presentation presents a methodology for exactly that. It walks through the maze of network protocols with a spool of thread; discussing the protocols of interest, what to look for in each protocol, and how to find the cheese.

    Speakers:

    Matthew Tharp

  • 16:00 - 17:00

    Anomali Sponsored Talk - The Evolution of a True Threat Intelligence Platform

    Enable the collection & management of intelligence about malicious indicators and actors, but they can also enable the managing of intelligence about non malicious observables that can be used to craft data driven SIEM and control policies through well architected integration into existing security controls.

    Speakers:

    David Empringham

  • 08:00 - 09:00

    Registration

  • 09:00 - 09:15

    Opening Statements

  • 09:15 - 10:15

    Ali Aresteh - Keynote Speaker

    This talk will provide trends, statistics and case studies to illustrate how advanced threat actors have evolved over the past year based on hundreds of Mandiant incident response investigations in more than 30 industry sectors that were performed in 2016. The talk will include discussion of the latest cyber threat evolutions and offers recommendations on how organizations can improve the way they prevent, detect, analyze and respond to cyber attacks. Other topics covered in this talk will include Mandiant’s cyber security prediction for 2017, operationalizing threat intelligence and breach readiness.

    Speakers:

    Ali Arasteh

  • 10:15 - 10:30

    Social Break

  • 10:30 - 11:30

    Garland Sharratt - Weaning the World Off Passwords

    Everyone says they hate passwords, so why is the use of passwords still so entrenched in everything we do? This talk will examine the problems with passwords, the drivers to replace them, and the alternatives emerging -- and the issues that will keep passwords hanging on.

    Speakers:

    Garland Sharratt

  • 11:30 - 13:00

    Lunch

  • 13:00 - 14:00

    Richard Henderson - Around the World in 80 Gigs: What Really Happens When a Device is Stolen?

    Company-owned electronics that show up on the other side of the world. Stolen laptops that surface a year or two later. Criminal activity on corporate devices. Law Enforcement unwillingness to help… what really happens to your laptop when it’s stolen? Most people believe that when their laptop gets stolen out of their car, or swiped off the table at your local coffee shop, it ends up pawned off for a paltry sum or sold on Craigslist. Once the device is wiped clean, hard drive replaced, it’s gone forever. Certainly, that’s true in many cases, but what about the devices that didn’t get sold off for a quick buck? This talk will share some of our most interesting theft cases in the past year: tales of creative device theft from our Investigations team that rival what you might see on TV.

    Speakers:

    Richard Henderson

  • 14:00 - 14:30

    Social Break

  • 14:30 - 15:30

    Matt Carolan - Is the cloud more Secure?

    "Cloud computing is often far more secure than traditional computing, because companies like Google and Amazon can attract and retain cyber-security personnel of a higher quality than many governmental agencies." - Vivek Kundra, former federal CIO of the United States So is the cloud more secure than something you can put your hands on physically? We'll look at what physical security looks like for a major cloud provider, and what technology is in place from the software defined security and networking level. Lets have a look at the many examples in 2016 of security breaches and why it's only going to get worse. What can you do to mitigate your exposure and risk? And finally lets explore the myths about cloud security and lay out a comparison between the major players and concepts, Azure, AWS, Traditional Data Centers and Hybrid.

    Speakers:

    Matt Carolan

  • 15:30 - 16:00

    Social Break

  • 16:00 - 17:00

    Bob Fruth - Healthcare Insecurity: What are we going to do about it?

    After many years in the trenches at Microsoft, long time software industry veteran Bob Fruth recently took on a new challenge and moved into the healthcare software sector. In this talk, Bob illustrates some of the challenges of healthcare, including the patient safety trump card, how privacy conversations are relatively short, and the number one cause of all those recent ransomware attacks. He describes what he sees as the primary demands and unique opportunities for the sector in the coming years, and concludes by providing actionable guidance and detailing a pragmatic approach for assessing risk and prioritizing security remediations and enhancements.

    Speakers:

    Bob Fruth

  • 17:00 - 17:20

    Closing Comments

    Closing comments, CTF Winner Announcement, Door Prize Winner

  • 08:00 - 09:00

    Registration

  • 09:00 - 09:15

    Opening Statements (Streamed)

  • 09:15 - 10:15

    Ali Aresteh - Keynote Speaker (Streamed)

    This talk will provide trends, statistics and case studies to illustrate how advanced threat actors have evolved over the past year based on hundreds of Mandiant incident response investigations in more than 30 industry sectors that were performed in 2016. The talk will include discussion of the latest cyber threat evolutions and offers recommendations on how organizations can improve the way they prevent, detect, analyze and respond to cyber attacks. Other topics covered in this talk will include Mandiant’s cyber security prediction for 2017, operationalizing threat intelligence and breach readiness.

    Speakers:

    Ali Arasteh

  • 10:15 - 10:30

    Social Break

  • 10:30 - 11:30

    Roberto Salgado - A Wolf in Sheep's Clothing

    It is well known that humans are the weakest link in Information Security. So why is it that this area of security receives such little attention? Attackers have realized that they don't have to spend vast amounts of time or money developing or purchasing 0-days in order to successfully breach an organization. Yet, blue teams continue to invest their efforts in expensive security appliances that often do very little in protecting against these type of attacks, or they just ignore the threat all together. This talk will explore the latest social engineering techniques that are currently being used by criminals, while also going into some of the ways to defend against them.

    Speakers:

    Roberto Salgado

  • 11:30 - 13:00

    Lunch

  • 13:00 - 14:00

    Jérôme Segura - EKFiddle: a framework to study Exploit Kits

    Exploit kits are one of the top vectors to distribute malware on a large scale. In order to better fight this threat, it is important to be able to understand how they work. EK traffic captures are publicly available from various sources these days but there lacks a proper framework for analysts to parse them in a friendly manner. Typically, PCAPs can be loaded in Wireshark or Security Onion but some may prefer to view and study EKs in a more user-friendly way that lets them create rules quickly and extract interesting artifacts. This talk shows how to use the Fiddler web debugger for that very purpose via an integrated configuration file (to be released) specifically for EKs. Malware analysts will be able to write and test powerful regular expressions that will help them in their daily job for EK classification.

    Speakers:

    Jérôme Segura

  • 14:00 - 14:30

    Social Break

  • 14:30 - 15:30

    Yannick Formaggio - Reverse engineering & hijacking toy quadcopters

    This talk will describe my journey into RF and hardware hacking of mini drones: starting with dumping transceiver SPI bus as well as analyzing the bytes sent over the air using SDR, with the goal to hijack the drone in the air.

    Speakers:

    Yannick Formaggio

  • 15:30 - 16:00

    Social Break

  • 16:00 - 17:00

    Ram Dulam - Incident Response Automation

    Demonstration of inexpensive, the best, and customized Linux/Windows tools with their automation scenarios to deal with Computer relevant Incident Response.

    Speakers:

    Ram Dulam

  • 10:30 - 11:30

    Anomali Sponsored Talk - Enhance Your SIEM Capabilities with Advanced Breach Analytics

    Anomali Enterprise is a breach analytics and intelligence model that aims to unify and integrate for a holistic approach to cyber security that significantly improves enterprise risk exposures. The Anomali Enterprise Model allows for constant automated improvement of security controls enabling the sharing of other orgs hunting procedures and partial automation to gather information for human review.

    Speakers:

    David Empringham

  • 13:00 - 14:00

    RSA Sponsored Talk - Hands on Hunting with RSA Investigator

    This is meant to be a lab session focusing on network forensics, specifically, and proactivity. Users will have an opportunity to use techniques taught in the session on Hunting advanced threats to find malicious content in pcap files. Instructor assistance is available and questions are provided to guide that analyst. Use of the RSA Netwitness Investigator tools is suggested and encouraged, but any Deep Packet Inspection (DPI) tool could be used.

    Speakers:

    Matthew Tharp

Speakers

A random selection of a few of our speakers this year.

Ali Arasteh

Ram Dulam

Sarah Lewis

Farshad Abasi

Support BSides!

We absolutely value the growing support over the years to help us host a conference for the people, by the people. Without the support from the community, BSides Vancouver would otherwise be impossible to organize.

If you would like to help make BSides Vancouver 2017 a success, and have the time to contribute, please fill out the survey below.

(more…)

Venue

FIVESIXTY Nightclub | 560 Seymour St. Vancouver BC

An all new location in the heart of downtown Vancouver. View the gallery to see the new home of BSides Vancouver for 2017.

Location

  • 560 Seymour St, Vancouver, BC V6B 3J5

Sponsors

BSides Vancouver would not be possible without support from our sponsors.

News

Testimonials

See what previous years attendees have to say - Coming Soon

Team

Chester Wisniewski

Darren Thurston

Farshad Abasi

Alex Dow