Schedule: https://bsorl.org/schedule

Eva Galperin
Director of Cybersecurity, EFF
Keynote – Who Deserves Cybersecurity?

Nestori Syynimaa
Attacking Azure Active Directory Under-The-Radar

Jhansi Munukoti, Ken Nichols
Broken Access Control: How to protect your APIs against the world’s top vulnerability?

Joe Tegg
Cistern Attack: Exploiting Absolute Trust

Noy Pearl
Cypher Query Injection – the new ‘SQL Injection’ we aren’t aware of

Andy Dennis
DevSecOps on a $ store budget

Jace Powell
Don’t Hack My Pumpjack – An Introductory OT/ICS Case Study on Modernizing the Oil Production Process

Kevin Suckiel, Andy Chiang
Full Metal Recon: From Certs to CIRT

Rose Songer
GRC – The Swiss Army Knife

David Probinsky
Intro to Red Teaming: Getting ready for your first physical engagement

Anthony Monge
Intrusion Detection System Use in Controller Area Networks to Impede Remote Attacks

Jack Murphy
Meaningfully Threat Modeling ML-Based Features

Michael Bargury
No-Code Malware: Windows at Your Service

Open Sesame- Your garage goes up, your security goes down!

Michael Rogers
Ransomware Management and Response Tactics

Ryan Dinnan, Megi Bashi, Joshua Pardhe
Scum-baiting and Scam-banning: How We Avenge the Scammed

Michael Music
The Data Exfiltration Challenge

Ryan Thompson
The Keys to Staying Hidden: Leveraging the Windows Registry for Defense Evasion

Kat Fitzgerald
Threat Modeling in 600 seconds or less (ok, I lied, more like 2,400)

Last updated November 4, 2022