I’m hoping my readers can help vote up some of the presentations that I am a part of at BSidesSanFrancisco. As such, here is a consolidated view of the presentations:
- Name: Dave Shackleford (@daveshackleford) & Andrew Hay (@andrewsmhay) Vote for this talk!
- Title: A Brief History of Hacking
- Abstract: Phreaking? Captain Crunch? Blue boxes? Not to mention LoD, MoD, and the evolution of cyberpunk in modern society. This may be all Greek to you, or you might know exactly what all of these monikers mean. Either way, come along for the ride as we revisit the beginnings of hacking, as well as the key players that contributed to its growth and notoriety. We’ll cover the early days of phone phreaks and bulletin boards, hacker gangs and 2600, Kevin Mitnick and Cliff Stoll’s story of how a 75 cent accounting error led to an international computer crime investigation. Learn about Bill Cheswick’s evening with “Berferd”, the first Trojan Horse programs, and which “hacker movies” are the most realistic, if that’s even a possibility. Audience participation required – this thing is fast, furious, and ridiculous.
- Name: Joe Gottlieb, email@example.com, @joe_gottlieb Vote for this talk!
- Title: Open Security Intelligence: Art of the Possible or Science of the Necessary?
- Abstract: As cyber crime and cyber war drive up the stakes involved, security management has become much more proactive – organizations must understand where they are most vulnerable, where they have been hacked, and why. Currently, organizations have *too much* security data and not enough tools to efficiently analyze it. They have security *content*, but not enough *context* to recognize new attacks or trends that might indicate a breach. What’s missing is the ability to “mine” security data to find the key bits of information that may define a new attack. With so many logs and data stores from so many systems, network, and security tool vendors, it’s a nightmare to find the key “needles” in the haystacks of security information. This process of mining security intelligence needs to be improved – and it needs to be open.
Nearly a decade old, the SIEM and log management market has matured over time and is now widely adopted among large enterprises and government agencies seeking to maintain compliance and respond to security incidents. Unfortunately, most SIEM and log management products constrain end users’ ability to drill down and analyze the data, which is so necessary to drive informed incident response and the continuous improvement efforts originally intended by compliance regulations.
Led by a panel of security management experts, this talk will discuss emerging use cases that are “prying open” SIEM platforms, analytics and dashboards. Sub-topics of interest will include:
– How to Walk, Talk and Dream Like a Security “Quant”
– SQL as Cyber-attack Signature Language
– Leveraging BI Tools to Mine Security Data
– Dashboards For All My Friends (CISO, CIO, CEO, Customer 1, Customer 2…)
The goal of this session is to stimulate an industry dialogue on how best to turn “the art of the possible” into “the science of the necessary” when it comes to truly customer-driven security data analysis. Panelists will include: Joe Gottlieb, CEO of SenSage; Andrew Hay, Security Analyst at The 451 Group; and Dan Ritari, Vice President of Enterprise Information Risk Management at Deluxe Corporation. Come join the debate and help shape the revolution!
- Name: Andrew Hay, @andrewsmhay, Senior Security Analyst, The 451 Group Vote for this talk!
- Title: Attacking Cyber Security Marketecture
– Richard Bejtlich, Director, Incident Response at General Electric
– Rob Lee, Director, MANDIANT Corporation
– Amit Yoran, CEO, Netwitness
- Abstract: There are likely no terms wielded within the information security industry with greater carelessness than those of ‘Cyber Security’ and ‘Cyberwarfare’. A $55b market by 2015, the nation-state Cyber Security market can not, and should not, be defined by the broad strokes employed by enterprise marketing personnel. Chaired by Andrew Hay, this panel of industry experts with hands-on experience protecting cyber security assets serves to provide unbiased third-party insight into the differences between traditional enterprise security and government, military and intelligence agency-driven Cyber Security.