Measuring The Ability to Respond to The UnExpected

Paul Davis As everyone is discovering, no single solution or security model that can defend against all attacks. The attackers are still getting in. How do you know how well you’re doing in terms of maturity? This presentation applies a model based on a white paper titled “The Role of Community Resilience in Advancing

Read more

Vulnerability Hunting in Access Control Systems

Bobby Kuzma Join the presenter as he recounts the process of reverse engineering a common access control system to hunt for vulnerabilities both on the hardware itself, the communications protocol, and the client software. He’ll go into the methodology, both hardware and software, the techniques, and the design of the device and its

Read more

The Unbearable Lightness of Failure

Dave Lewis The 19th century German philosopher Friedrich Nietzsche gave us his doctrine of the “eternal return”. This was the concept that everything in the universe is recurring and will continue to do so in perpetuity. But, what if we could step off that return? While Nietzsche was dealing with the meaning of existence,

Read more

Fuzzflow Framework and Windows Guided Fuzzing

Richard Johnson Fuzzflow is a distributed fuzzing management framework from Cisco Talos that offers virtual machine management, fuzzing job configuration, pluggable mutation engines, pre/post mutation scripting, and crash collection, and pluggable crash analysis. We have recently ported the code from crusty 90s era DHTML to a modern web

Read more

Patching Human Vulnerabilities in Cyber Security

Randy Purse We can patch operating systems and software, segregate networks, and implement security policies. However, various cyber threat and intelligence reports indicate that approximately 95% of all cyber incidents investigated had human error as a contributing factor. From taking short-cuts in system design or software development to

Read more

Hacking is Easy; Defending is Not

Greg Hills Hacking is cheap, easy, and difficult to prevent. Every day new vulnerabilities are found, new exploits are developed, malware is created. Trying to keep up is like plugging holes on a sinking ship. Taking a holistic view of security, however, can help us build-in cyber security from the start of a project. Join 

Read more