ABCDEFGHIJKLMNOPQRSTUVWXY
1
Want to see your talk here?
CFP is open http://bit.ly/BDECFP15

Got an opinion on a talk, awesome! Speakers love feedback but it's best for everyone when it's constructive as these comments are public.
Shortlink to this page: http://bit.ly/2014CFPVotingBSidesDE
Want more info on the conference?

Twitter @BSidesDE
Main Wiki page https://bitly.com/BSidesDE
Website http://www.bsidesdelaware.com/

Mark your calendar for November 13th and 14th 2015
Want to see your name and logo in lots of places?
Download Sponsor Kit: http://bit.ly/BDE2015SponsorKit
2
TitleHow would you like to be
credited as the speaker
and author of the talk?

(This will be posted online AS IS for the
schedule and/or talk voting)
Abstract Intended audience or level skill levelSpeaker Bio (This will be posted online AS IS after your talk is accepted so spell check it please)Can you make people want to see your talk in 140 characters? Go:
5
Pros V Joes CTFEric ArnothThe Pros vs Joes CTF is a live combat Capture The Flag event. The Pros are Information Secuirty professionals or advanced in their knowledge of securing / compromising computers and networks. These professionals will help the Joes to improve their skills through the course of two days of attack and defend. On the first day, teams of Joes, captained by a Pro, protect their network from the Red Cell. On the second day, the Red Cell disolves and joins the Joe teams, which then attack each other.

The game is completely virtual, players only need bring a laptop for connecting to the gaming environment via the Internet. Laptops will NOT be in the line of fire.

At the end of each day, there will be a debrief to reveal how compromises occurred, with discussion for how to better defend.
Students and professionals who want to learn the details of computer compromise through hands on experience in a live combat scenario
Eric Arnoth has been an Information Security professional for over 15 years, spending most of his time in the Financial Sector, though he has recently moved over to the DoD. His background is split between defensive and offensive computing, and he has been building and running CTF for the community since 2010.
#ProsVJoes #CTF is at #BSidesDE for the 4th year in a row! Come learn through the fun of real-world computer and network breaches!
6
Physical Penetration Testing (Low tech or no tech)Keith Pachulski - @sec0psThis training presentation will be a complete walk through on how to perform physical security penetration tests. This is NOT a lockpicking class. We will be covering common tools and tactics used to gain access to target facilities as well as provide videos from real world testing and hands on demonstrations of physical and electronic tools. Additionally, common issues that penetration testers run into will also be discussed, such as personal psychological issues (insertion mentality), manipulating people efficiently and quickly and learning when to not talk.

Topics topics to include:
- Onsite and remote advance work
- Penetration of the external barriers
- Penetrating the facility
- Penetrating the people
- Deploying boxes on the network for remote network access and audio/video surveillance.
Intro to active tester
Keith Pachulski is currently working as a Security Consultant for Dell – SecureWorks. Keith has more than 23 years of experience in physical and information security. He is currently responsible for the performance of red team testing, vulnerability assessments, penetration testing, application security assessments, wireless security assessments, compliance assessments (PCI-DSS, HIPAA, ISO 27001(2), FISMA), security strategy, security training and best practices assessments (CERT, NSA, NIST, ISO). He has created and managed a Managed Security Services program for a private sector company supporting clients internationally. He has extensive experience working in the Federal sector performing vulnerability assessments, penetration testing and compliance assessments. Keith also operates a physical security consulting firm specializing in executive security and physical security penetration testing.
7
processing 101 for kidscorbin r frisvoldA talk and (hopefully) hands on teaching of the processing language just to keep kids occupied. I will have hands on demos and programs for the kids to download and fix once they learn. I hope that they all have a lot of fun. This talk can take around 3 hours and then sometime for kids to work on their own. But i might bring in robots they can program with processing so it may take several hours.not skilled and for kids
I am a 12 year old programmer, i like designing robots and building them.
I am hoping to give others the start that i had with programming. I hope that kids will love what they learn!
8
Kids - Learn to Bypass Parental Controls!Walt Berstler - @kingofbigwheelsUnable to install your own mobile apps? Blocked from surfing the Internet? Is your DVR locked down with Parental Controls? Learn how to bypass those controls - and not get caught. Your parents have been finding ways around restrictions for years - in fact, some of them get paid to do it! Now it's your turn.Everyone - talk is geared to kids and concerned parents
Walt Berstler is a father of two, was a chef in a past life, and currently works at Protiviti as Manager in IT Security Consulting. He has over 12 years of IT security experience and is still the reigning King of the Big Wheels.
Parents! Show your kids this tweet.
KIDS! Learn to bypass parental controls at my talk at #bsidesde!
10
A Brief History of the Information Security IndustrySpace Rogue @spacerogAn introduction and overview of the Information Security Industry as it is today and how it got there from an industry veteran. The focus is on the companies and their related technology that created the industry. This talk starts with information security in general with the creation of the first locks circa 1000BC through the development of the Internet, encryption, anti virus, firewalls, etc., and the companies that created them such as RSA, DEC, Checkpoint and others. The focus is on the companies and the market forces that shaped them.This look at history and the present day is then extrapolated to attempt to look into the near future and what might be coming. This talk is recommended for anyone who is new to the industry or anyone who wants to understand where we came from and where we might be heading. Anyone new to the Industry
Space Rogue is widely sought after by journalists and industry analysts for his unique views and perceptions of the information security industry. He has been called to testify before the Senate Committee on Governmental Affairs and has been quoted in numerous media outlets.
Space Rogue and his colleagues created the first security research think tank known as L0pht Heavy Industries and was a co-founder of the Internet security consultancy @Stake. While at L0pht Space Rogue created the widely popular Hacker News Network, and ran the The Whacked Mac Archives.
Space Rogue has spoken before numerous audiences including BlackHat, Defcon, Shmoocon, SecTor, HOPE, numerous B-Sides, and others. He has been quoted and filmed by a wide variety of different media outlets from Austrian TV to MTV, from Wired to MSNBC.
Currently Space Rogue is a Strategist for Tenable Network Security.
11
How to Recruit Purple Squirrels, Pink Unicorns and other Mythical Security Creatures. Or If You Are a Pink Unicorn, How Best to Work with RecruitersKathleen Smith @YesItsKathleen Recruiters and job seekers are at odds in the battle for better candidates and jobs. The are horror stories shared in communities, in blogs and on videos about the recruiter who didn’t know one code from another, or tried to recruit the founder of Ruby on Rails to be an admin. So what do we do? After sharing some of the horror stories from both sides, let’s get down to clear tactics that job seekers and recruiters can use to work together. Hear from security recruiters and jobseekers how they have handled these situations. This session is for anyone looking to find a new job, hire new employees or understand how recruiting is an important part of any company's success.
We will be a panel of two great recruiters who "get it" working with security candidates and one security professional who has fun dissecting poor recruiter behavior on Twitter.
Everyone who wants to better understand how to recruit and/or find a job in the security field.
Kathleen Smith leads up the outreach and marketing efforts for a security cleared job board and job fair company. Kathleen frequently sees the frustration from both recruiters and job seekers in trying to connect and wonders why it is so hard to get along?

Panelists and Moderator
Lee Wanless is a Resource Manager with G2 Inc and has been active in the recruiting arena since 2006. The past 6 years have been focused on engaging and hiring highly cleared cybersecurity systems and software engineers within the Intelligence Community and Department of Defense. In addition to the aforementioned Lee also supports G2's Federal & Commercial Practice his focus has been engaging cybersecurity engineers in support of NIST most notably recruiting security policy experts in support of NIST's Cybersecurity Framework.
Lee is active in the security community attending network security events and MeetUps. Lee resides with his wife, two children and German Shepherd in Columbia MD. He can be reached at Lee.Wanless@G2-Inc.com @LeeWanless
Lamont Price
At age thirteen LaMont Price took over one of the worst paper routes in the neighborhood. He recruited his best friend to help and within 30 days he optimized the customer experience using one simple tactic. The result: a young kid with too much tip money for the next few months. For the last 16 years he continues to share his successful strategies in marketing and recruiting to colleges students and small businesses. LaMont is currently a Sr. Recruiter for Tenable Network Services in Columbia, Maryland.
@lamontprice
Neal Anders Lead Software Engineer, Research & Development at Tenable Network Security
Kathleen Smith, CMO, ClearedJobs.Net – Kathleen has worked in the recruiting marketing community 12 years and is constantly search for ways to have recruiters and jobseekers better understand each other.
@YesItsKathleen
Recruiters & jobseekers in security battled it out w/ light sabers & Death Stars why can't we get along? Let's find a way!
12
Raspberry Pi, Kismet, and PCI 11.1Bob HewittPCI 11.1 requires testing for the presence of wireless access points (802.11), and to detect and identify all authorized and unauthorized wireless access points on a quarterly basis. Learn how to use Raspberry Pi along with Kismet to comply with this requirement by identifying new wireless access points on a continuous basis for a fraction of the cost of commercial products. This is an easy project for anyone that needs to be PCI compliant regardless of their experience level. Anyone that needs to be PCI compliant- little or no experience is required, attendees can easily implement this solution while gaining some basic Linux and Raspberry Pi experience.
Over 20 years’ experience in IT and Information Security. Currently responsible for Information Security for an SMB that provides web based services to the financial and philanthropic community.
Yet another business case for a raspberry pi! Easily and inexpensively comply with PCI 11.1. n00b's are welcome!
13
"Reasonable" security or are the lawyers coming?Alex Muentz, law talking guyBreaches are still in the news and we're failing to stop them. Will other groups get involved? Will it be scary?

This talk will discuss the influence regulators, lawyers and insurers currently have and how their involvement will likely affect our jobs, our industry and the organizations we work for.
Anybody who has data they'd like to protect as well as people who protect data.
Alex is both an infosec professional and a lawyer. He's worked at a few places you've heard of, talked at a few conferences you've heard of and is generally considered entertaining and educational.
#Infosec doesn't happen in a vacuum. Insurers, regulators and #lawyers are getting involved
14
IoT SecurityJustin C. Klein KeaneIt’s been called junk hacking or stunt hacking, but Internet of Things (IoT) security is serious business. The risks and challenges of IoT create a new and vital security and privacy landscape. From resource constraints, to hostile deployment environments, to machine-to-machine (M2M) trust, to autonomous operations, the hurdles to IoT are both unique and formidable. This session will cover the different domains of IoT security from the home to the operating room and the factory floor, outline some of the classic security and privacy challenges that face IoT in novel ways, and the new security and privacy concerns specific to the IoT space. This talk will also cover existing frameworks for assessing IoT security and privacy as well as influential organizations in the space. The presentation will identify the broadest attack surfaces of IoT and common attacks used to compromise IoT deployments. This talk should inform the audience about the problems of the domain, the organizations working to influence change, and resources for those interested in learning more about IoT security.Everyone interested in learning more about IoTJustin Klein Keane is a recognized security expert working in the IoT industry and one of the chapter leaders of Philadelphia OWASP. Justin is a member of BuildItSecure.ly, the Industrial Internet Consortium, and the OWASP IoT project.
Justin Klein Keane is a recognized security expert working in the IoT industry and one of the chapter leaders of Philadelphia OWASP. Justin is a member of BuildItSecure.ly, the Industrial Internet Consortium, and the OWASP IoT project.
IoT security lame or leviathan? Let’s talk attack, defense and challenges, find out who’s working on change & the future
15
Web Hacking 101 Hands-on with Burp SuiteDavid Rhoades @mavensecurityA high-energy demo-laden caffeine-laced session that will introduce the student to the techniques needed to remotely detect and validate the presence of common vulnerabilities in web-based applications using Burp Suite, the industries’ most popular toolkit. Testing will be conducted from the perspective of the end user (as opposed to a source code audit).

This is a hands-on session. Attendees are encouraged to bring a PC, Mac, or Linux box running either Oracle VirtualBox or VMware Player (both are free). All of the tools and targets used during the session will be available to the attendees in a single virtual machine file.

To prepare wait until the day before the event then grab the latest version of the Web Security Dojo from here: https://www.mavensecurity.com/web_security_dojo/

NOTE: It’s best to wait a few days prior to the event to be sure you have the latest version of “the Dojo” since that will be used during the session.

Time permitting the following topics will be covered:
Web Primer (HTML, HTTP, Cookies; just the basics)
Introduction to Burp Suite
Threat Classification Systems (OWASP Top Ten & WASC Threat Classes)
Vulnerability Category: A3: Cross-Site Scripting (XSS)
Vulnerability Category: A4: Insecure Direct Object References
Vulnerability Category: A1: Injection (SQL, XML entity, etc.)

NOTE: Since the student will have all of the tools and targets in a single virtual machine, they are free to continue the learning after the session in the privacy of their own localhost. No network required. The Web Security Dojo includes various PDF walk-through guides for some of the targets.
Anyone looking to "break into" the web app security field (lame pun intended)
David Rhoades is the founder & CEO of Maven Security Consulting Inc. (www.mavensecurity.com). Maven Security is a Delaware corporation that provides information security assessments and custom services to a global clientele.

David’s expertise includes web application security and vulnerability assessments. David has been active in information security consulting since 1996, when he began his career with the computer security and telephony fraud group at Bell Communications Research (Bellcore).

David has taught at various security conferences around the globe (Interop, OWASP, USENIX, ISACA, SANS, DefCon, Black Hat).

David has a Bachelor of Science degree in Computer Engineering from the Pennsylvania State University (psu.edu).
Hands-on #training for #webapp #security #hacking the #owasp Top Ten with #BurpSuite at #BSidesDE 2015 #cyber #cyber #cyber :-)
16
OSINT for Fun & GamesBrian Martin of LiticodeOpen Source Intelligence (OSINT) is the material garnered from publicly available resources and assembled into useful information for an intelligence apparatus. This can be governmental, political, commercial, or personal. This introductory field overview encompasses the origins, the foundational readings, the resources, and real world examples of the information in question. There is a real demand for people in the government and commercial space, who are able to acquire, distill, and or assemble OSINT into useful materials for political or commercial gain.Anyone unfamiliar with OSINT.
This Brian Martin is an information security professional currently based in Allentown, PA. He disassembled his first household electronic device at the age of 4. In 1988 the USAF told him to start breaking things, which was easy, given what some Pentagon contractors were turning out as “secure” in those days. After bouncing around the world for a bit, he settled in Allentown where he ended up in charge of information security at a $2B healthcare organization before finally founding Liticode, LLC focusing on commercial litigation evidence and pen testing. He is not the Brian M from Attrition, but would like to mention that they rock and the phone calls he gets on their behalf from charlatans are very entertaining.
#dry #boring #osint #avoidatallcosts #dearlordno #ohgodohgodwhyme #maltego #foca #thatthingisreal!!?? #matrixhasme #mrrobot
17
Technology? Business? How do they intersect, and do I care?Joshua Marpet @quadlingI've been a CEO of a startup product company for a bit over a year now. It's so far removed from technology, I can't even tell you. Well, I can try. Let's talk about how investors, marketers, and Shark Tank-ish type people will look at, evaluate, and decide if you're worth their time. Have an amazing idea for a new technology or problem solver? Most of the time, they won't care. :) Not a joke. Want to know why? Come to the talk!Everyone interested in Tech and Business
From cop, to fireman, to Senior Information Security Analyst at the Federal Reserve, Josh has been around the block a few times. He’s been staff at Shmoocon, Defcon, BSidesLV, Derbycon, and spoken at them as well as many other events. As a current Mindshare member, Josh has connected with some of the top entrepreneur’s and CEO’s in the area, and as a Mach37 graduate CEO, he’s part of an ecosystem of mentors, speakers, and cohort members. Josh has been featured in American Book of Secrets “Big Brother” episode, and has been cited in numerous books and publications. In international politics, Josh has the infamous distinction of being the original authenticator of the Erdogan corruption wiretaps, as well as working on a Turkish forensic case that ultimately freed innocent journalists from being framed and imprisoned. Oh, by the way, when Josh was a cop, it was in Louisiana, before, during, and after Katrina. If you want to talk Disaster Recovery, he’s kind of an expert.
#TechnologyIsOnlyWorth5Percent #WhyDoBusinessPeopleSuck? #WhyDon'tTheyLikeMyIdea? LEARN HOW TO DO IT RIGHT!
18
Startup VillageJoshua Marpet @quadlingTech people are valued in the industry. We're in one of the few negative unemployment industries that there is. But we want more. We want control of our own destiny! How do we do that? Start your own company! Ok, how do I do that? Should I do that? Why would I do that? Oh god, it's scary!! How do I raise money? Who do I talk to??? We're going to bring the people in to talk to. They want to meet you. You want to meet them. It's a match made in heaven!Everyone interested in Tech and Business
Startup Village is to learn about entrepreneur-ism. How to be one, why to be one, and more importantly, why and how NOT to be one! Talk to VC's, Accelerators, Lawyers, and Organizations devoted to working with Startups. We'll have em, and they're here to meet you!
#EntrepreneurRoundUp! #BusinessAndTech #StartupVillage #LegalAndAcceleratorAndVCOHMY!
19
Cyber Intent: CybersecurityJoe Klein & GS McNamaraThe current status of cyber security lacks any judge of visitor intent. We are throwing out valuable intelligence available in the earliest stages of the cyber kill chain, instead choosing to react haphazardly in the later, more expensive stages. We fail to identify the digital bank robbers before they enter and create an expensive, drawn out, and potentially fatal hostage situation. If we were looking out, we could have just locked the door.

Up to this point organizations have chosen to immediately block attacks instead of using them as an opportunity to gather intelligence about their persistent adversary. It’s been a simple business decision because recording attack activity against an organization’s real infrastructure has an associated operational cost that is just too high to bear. But intent tells you a lot about your visitors, potentially allowing you to classify them into good/bad even before a breach occurs.

As an example, predictive policing is a concept that would fair a whole lot better in the cyber world than the real. Removed from the social concerns about profiling, we can fully use it as well as predictive analytics to identify malicious activity early, and then prioritize our human response to handle the truly advanced of the APTs.

Intent is equally important as pre-breach forensics to law enforcement and prosecutors. Being able to establish intent is the differentiator between some classes of crime in the real world, leading to different levels of severity in penalties. Without capturing valuable intelligence surrounding intent, a defendant can allege that their action was a crime of opportunity and not that of a concerted effort. Stalking or any other crime incorporating purposeful or repetitive behavior cannot even be identified in the cyber realm. Today we don’t look into the mindset of the attacker, and so either they’re not caught or they get off easy.
Mid-level security professionals
Joe Klein: Joe Klein is a 30-year veteran of the IT and IA industry. He has extensive experience in DoD, US Government and commercial sectors, focusing on information assurance, network security, IoT security and IPv6. Mr. Klein is often requested to speak at professional security venues and routinely participates in high-level government working groups as an expert on secure implementation of IPv6.

GS McNamara: With a master’s degree specializing in Intelligence Technologies and a bachelor’s in Information Security, GS focuses his work on the three areas of Information: Exploitation, Protection, and Monetization. With practical business experience and a homegrown technical background, he can translate concepts for multiple audiences and understands the partnerships needed to achieve a mission. He has spoken domestically and abroad, and has worked in environments as fast as startups, as small as a sole proprietorship, as large as a Fortune Global 500, and as challenging as DARPA.
Indicators of Intent (IOIs) are the paradigm shift in cyber threat intelligence. Stop buying IOCs. Start leveraging IOIs.
20
Practical IPv6 Setup and Security for your HomeHristo Asenov @h_asenovIPv6 is turned on by default in most modern Operating Systems. However, many people are unaware of its capabilities. In this talk, I will explain how to create a publicly addressable IPv6 home network, even if your ISP has not enabled support for it yet. DNS registration, network reachability and home router IPv6 support will be also covered. Security implications of running an IPv6 capable home network and its mitigations will be discussed.People with Basic knowledge in Networking
I am currently a Ph.D. student, majoring in Computer and Information Sciences at University of Delaware, where I previously completed Master of Science.
I conduct research in High-Availability Core Router Architectures. The work is part of NEBULA Future Internet Architecture (FIA), a joint collaboration with multiple researchers and universities, funded by National Science Foundation and Cisco Systems.
I completed Bachelor of Science at Rowan University, working with Dr. Vasil Hnatyshin on GPS-enhanced ad-hoc routing protocol.
I am advised by Dr. Chase Cotton, a Professor and Director for Center for Information and Communication Sciences at University of Delaware.
Sick of configuring port forwarding on your router? With #ipv6 you can have more public addresses than you know what to do with.
21
Incident Response Explained by Dora The Explorer and IR training GameBryan BechardI have a presentation on the basics of how to create an incident response program. I use the cartoon Dora the explorer as my inspiration and show hoe she uses many infosec principles to maneuver in her world. Then we put our skills to the test in a mock red vs blue team exercise that pits hackers against infosec pros for command of a companies network. Each game takes about 15 minutes to go through and then you get to switch sides and play again. Anyone can listen and play
Currently CISO for Auto finance company as well as adjunct instructor at several online and in person universities. Owner of Philly Area Security Technology Enthusiasts (PASTE) group.
Come see Dora tackle incident response and then play a red vs blue game
22
Wireless Village WCTF
@Wifi_village and @WCTF_US
The Wireless Village is a group of experts in the areas of information, WiFi, and radio frequency with the common purpose to teach the exploration of these technologies with a focus on security. We focus on teaching classes on Wifi and Software Defined Radio, presenting guest speakers and panels, and providing the very best in Wireless Capture the Flag (WCTF) games to promote learning.

The Wireless Village plans to hold a WCTF contest during Bsides DE.
We cater to those who are new to this game and those who have been playing for a long time. Each WCTF begins with a presentation on How to WCTF. We also have a resources page on our website that guides participants in their selection of equipment to bring.
We have a number of people who support the Village. Once we know that we are accepted, we will provide the BIOs of the staff who will be supporting this event.

Here is a link to our Staff page that also includes BIOs.

http://www.wirelessvillage.ninja/crew.html
Come play the Wireless Capture the Flag at Bsides DE. All your RF belong to us! @wctf_us and @wifi_village
23
Hello Ransomware, Goodbye Data?
Dave Vargas, dvargas@vatg.com
Malware is such an effective attack tool that it continues to be used by threat actors to endanger organizational data. In this presentation, attendees will be introduced to a new and powerful family of malware known as ransomware. The term ransomware will be defined and there will be a thorough explanation of why it poses such a significant threat. The presentation will review the logical evolution of ransomware from its origins as “rogue software” to the more malicious encrypting versions that we see today. There will be a discussion of the main ransomware families along with a review of the threat actors who are primarily responsible for their distribution. To truly understand the threat that ransomware poses, however, security professionals must know what happens to systems once they are compromised. As a result, the audience will be shown a typical compromise -- from initial infection to the payment of a bitcoin ransom (God forbid). Despite ransomware’s effectiveness, there are protections against it and the presentation will review those innovative solutions and best practices that can best mitigate this threat. The presentation will conclude by discussing those ransomware trends that we can expect to see in the future, including the franchising of specific ransomware. By the end of the session, attendees will possess the knowledge necessary to win the battle against ransomware.Any level that has to deal with malware
Dave Vargas is a lead consultant at VATG, Inc. where he fights (and sometimes defeats) all kinds of malware. In his spare time, he teaches cybersecurity courses at several colleges in the Washington, DC-area. Dave graduated from The George Washington University and has completed graduate work in Information Systems at The Johns Hopkins University. His current certifications include, CEHv7, CISSP, and CISM.
Current ransomware is so innovative, that it may dominate the threat landscape for several years to come.
24
How Evil Kirk Uses MaltegoRobert McMahonHow to use Maltego to enumerate information from inside a domain, get domain users, computers, shares, files on remote computers and much more with the click of a button by using new local transform API for Maltego that allows you harness the power of .NET. After the talk we will release the API and the transforms mentioned in the presentation.Beginner to Intermediate. Should have some knowledge of Maltego.
Robert McMahon's career includes three years as an IT mentor/instructor, four years as a .NET developer and two years as a Security Analyst. He has a strong background in Networking, Programming and is passionate about Information Security.
A new maltego API and transforms to enumerate the inside of your victi.. err client's domain with ease.
25
Wireshark for Post-Incident AnalysisDaniel RicoIn an analytic world with a vast wealth of tools, often the simplest methods are the best for determining an attack chain. Wireshark provides the perfect platform for the "dirty" analysis that no one wants to get into. Rather than sifting through false positives provided by IDS/IPS alerts, Wireshark, and a bit of patience, can show summarize an attack. The dissection of anomalous traffic into segments using Wireshark can provide a framework for the reconstruction of an attack. A hands-on approach to traffic analysis. Providing post-mortem PCAPs of an attack, individuals will be asked to determine a method of attack using whatever tools available. Reconstruction of an attack and the determination attack patterns will be then decoded and reconstructed using nothing but Wireshark.Everyone because Wireshark is an open source tool with various practical applications in the field.
Daniel Rico is a member of Global Cyber Security & Fraud at First Data Corporation. He began working in IT at an early age and progressed to penetration testing as a side-hobby, attempting to exploit vulnerabilities in game server environments. After working with his Alma Mater and the New York Department of Education as the IT Director for a special needs advocacy group Daniel moved into the corporate cyber security space. Daniel has has an MS in Information Management and Technology as has spoken at Facebook regarding OSINT practices and the utilization of open source intelligence for profiling threat actors.
Wireshark like you have "never" seen before! Revisit WS and learn some techniques for identifying anomalies that lead to attacks.
26
A tiny datacenter, On my head
Nate Lager (@Gangrif) and Kiera Lager
For DerbyCon 2015, I had a crazy thought, and we put it into action. A CTF inside of a derby. Find out how you too can turn a Raspberry Pi into a self contained mobile datacenter (with or without the hat).

Come and learn the basics on this build, and see how it was assembled. Including a Raspberry Pi, WiFi access, containerization with Docker, and an OLED display.

Presented by Myself, and my 5 year old daughter/derby display model.
Anyone interested in a unique hardware project
Nate is a system administrator at Lafayette College, and holds several Red Hat Certifications (RHCE, RHCSA, RCHVA). He is also a tinkerer, builder, hacker, and Jeep enthusiast.
Come learn how you can run several services, self-contained, and mobile. Maybe even inside of a Hat.
27
Mechanics of an ICS/SCADA Man-In-The-Middle AttackJim Gilsinn @JimGilsinnWhat does a man-in-the-middle (MITM) attack look like on an ICS/SCADA system? It isn't hard to find videos, presentations, and tutorials on IT-based MITM attacks, but ICS/SCADA systems don't react the same way in the presence of an attack. These systems, for the most part, were never designed with security in mind, so strange things happen when you run some of the freely available attack tools.

In this talk, I'll describe a series of MITM attacks that were run against an ICS/SCADA test system. I'll talk about how the control system reacted to the attacks. I'll also show some different configurations that were used during the testing and how the packet streams differed.
Everyone
Jim Gilsinn is a Senior Investigator at Kenexis. He is responsible for conducting network and security assessments, designing networks and security systems for industrial control systems (ICS), and developing network reliability monitoring tools and techniques. He is the lead developer of the Dulcet Analytics network reliability monitoring software. Jim received an MSEE from Johns Hopkins University in control theory and a BSEE from Drexel University specializing in control theory, robotics, and advanced electronics.
What does a MITM attack look like against an ICS/SCADA system? How does a control system react? #ICS #SCADA #MITM #BSidesDE
28
IDS is dead, long live IDSEric ArnothFor almost 20 years defenders have depended upon signature based technologies such as intrusion detection and antivirus. In the last several years, however, significant changes have made these technologies almost ineffective. This talk will examine what happened and how defenders need to respond in a post-signature world to survive.
Infosec Practictioners with any level of experience, or those aspiring to the field
Industry professional for 15 years and life-long computer junkie. Reformed sig-based IDS evangelist looking to make things better.
find out who killed the ids sig
29
Padawans - Hacking 101Don HessLearning The Ways of the Force...ing your way into someone's vulnerable network. Going over the Hacker's Methodology for the Padawans to understand the Force. Also understand that "With Great Power Comes Great Responsibility" and how not to get into trouble with the Dark Side. Then I would like to demo/workshop introduction to Armitage (Gotta support Raphael) and help mentor those interested in exploring WILMU's CTF environment. Understand that this is an introduction and "Much to learn, you still have."

(Seriously Star Wars: Episode VII is around the corner)
Open to all but benefit those with a passion...and a Laptop w/ Kali VM
Jack of all Trades and Mastery of none-ish? - Over 14 years of IT experience covering almost the entire spectrum of IT & Security for the Gov't. Graduated from Wilmington University and teach as an Adjunct Professor. Enjoy volunteering to support educating Cyber Security topics.
30
Forensics VillageJon LuceniusThis is the first year of a forensic village at BSidesDE! This area will feature an intense forensic contest, two talks, and conducting live forensics against the CTF as opportunities arise.

Bring your own laptop or use our loaner machine - either way you will be in an environment where you can be the forensic examiner, working a real life historical major case. We intend to test all aspects of your forensic abilities, including log analysis, image extraction, logical reasoning, investigative sense, and anti-forensic detection skills to name a few.

In addition to the forensics and ANTI-forensic contest above, there will be two talks on wildly different but relevant forensic topics.

We'll be there for both days, stop by for a little, stay the whole time, or just come over and hang out. This is an opportunity to bring your forensic questions and get them answered from a professional perspective. New to forensics, no problem, we'll help you get started - we were new once too!
Forensic pros, interested amateurs, and newbies that want to get started.
This village is being hosted by an experienced forensic guy, who worked for a big telecom company, a major financial institution, and now a great payments processor. I started using computers in the 1970s, doing desktop publishing in 1980s, web-design in the 1990s, hacking and forensics in the 2000s, and helping put people in jail in the 2010s.

My life and passion are about putting things together, solving problems, and making a difference with what I learn. With research, forensics, hacking, and investigations, I can live my passion every day.
Test your skills at #BSForensicsVillage at #BSidesDE2015. Solve a case, hear some talks, and learn why #ForensicsIsFun!
31
Advanced Cyber Detection: Kill Chain Evolution
Paul Neslusan @Nescafe187
When the kill chain first became part of the security conversation back around 2008, it was quite useful. It gave people a vision for people to follow, and allowed security professionals to provide a clear narrative to people outside of the security realm.
Now that the Kill Chain model has been applied for a little over a half a decade, we have learned a few things.
Everyone--people familiar with the kill chain can learn new ways to leverage the Kill Chain. People unfamiliar with IT Security in general could benefit from learning how threat actors operate.
Think about getting involved in a good cause.
http://www.hackersforcharity.org/
Kill Chain: Evolved. Crawl, walk, stalk. #EnterpriseSecurity #Cyber #InfoSec
32
R2-D2 where are you?Sam Kinch @spatialdThe super affordable Edison robot for learning and inventing. Edison is Lego compatible, easy to program and has built-in programs that are activated by driving over barcodes. Students find robotics highly engaging which assists in rapid learning in areas such as science, technology, engineering and maths (STEM). However there are other educational elements can be leveraged from this high level of engagement. Throughout our lesson plans students provide written responses to describe their programs and the actions that their robots take. In the design brief worksheets students get to plan and create their own programs. They also write descriptive behaviors for icons used in their program.Spawn Camp
Sam Kinch works with Hackers for Charity, a US 501(c)(3) dedicated to finding unique technology solutions for non-profits, charities and educational institutions; particularly, organizations that cannot afford traditional technical resources. Mr. Kinch’s recent development efforts focused on creating the most robust and cost-effective software and hardware device loaded with educational content; a solution that provides a wealth of information for use by teachers and students in remote schools/villages.

Mr. Kinch is also an experienced instructor in computer security working with the US Air Force and the State of Delaware Department of Technology and Information. Over the last 8 years, Mr. Kinch worked as a cyber security analyst, a threat emulation specialist, and regularly provides red team support to the top cyber defense exercises in US Cyber Command and the US Air Force.

Find Sam and his work at http://hackersforcharity.org and http://worldpossible.org.
R2-D2 where are you? Edison robots are Lego compatible, easy to learn/program. Come learn @bsidesde #spawncamp with #HFC
33
Flow Chart Self-DefenseInfojanitorSelf-Defense is a process just like learning a tool or command line arguments. This seminar will cover some simple concepts to allow manipulation of the human machine that is your body. You live with and in the target all of your life. Now it's time you learned how to protect yourself IRL not just in the logical sense. You will learn three simple concepts in your flow chart that are always leading to protecting yourself.

This seminar will cover these three simple concepts that will give you some of that knowledge. This knowledge should start you on the road to personal physical protection by identifying and exposing you to some of the weaknesses that exist in the human machine no matter how in shape the attacker appears.

We will not cover or say Cyber, you won't become a Ninja, or compete in MMA but, you should get an simple understanding of how to protect yourself in an unfortunate event from three simple concepts and nullify the threat IRL.
Anyone who has ever wanted to learn some of the limitations of the human machine
Infojanitor - is a senior security systems engineer with more than 20 years experience for a fortune 60 company currently assigned to a customer site in the Washington DC metropolitan area. As a senior engineer he is responsible for world-wide evaluation, certification and integrity testing of a variety of current and emerging technologies, network architectures, and devices.

In addition to electronic systems testing he has engaged in personal physical protection for more than 30 years and taught seminars in Europe, Asia, and The Americas.
@bSidesDE Learn how to exploit and protect the human machine with Flow Chart Self Defense #FCSD
34
Data you don't store cannot be hacked! Michael SpurgeonIn this talk we will discuss how organizations can increase the security of their information and drastically reduce the risk of data breaches. These methods work in conjunction with encryption.

PII
• Limit PII to a minimal amount of servers
• Limit access to PII
• Utilize unique IDs
• No PII in transit
• No PII as primary keys
• Check those backups for PII

Payment Processing
• Apple pay leads way
• No servers with stored card numbers or banking info
• No card numbers or banking info in transit
• EMV is a joke

Know the LAW
• What data requires breach disclosure in your HQ state
• Are driver’s license numbers included
• Educate leadership

Executive Support
• Properly document an explain data manipulation
• Security for 10 servers is cheaper than securing 100
• Don’t be a sitting duck


Anyone interested in limiting and/or avoiding data breaches and data breach discloures.
Michael Spurgeon, CISSP, CCNA, MCITP
11 years of experience in the following industries:

Education
Higher Ed
Banking
Manufacturing
Industrial
Restaurant
Small Business
Fortune 500

Dedicated to spreading awareness, helping organizations be more secure and changing the future of internet defense...
Tired of seeing companies in the news for data breaches. Let's talk about how you can avoid data breaches all together!
35
0wn the c0n - Two BSides for the price of one!
Alex Norman (@webyeti), Dorann Norman (@deedee0x00), Josh Marpet (@quadling)
An open forum with a small presentation to get us started, 0wn the c0n - BSides Edition will cover the 101 of putting on your own BSides. First we'll cover the high level items that every conference must have such as tickets, talks, and volunteers. Then we'll cover some of the extras t-shirts, extra tracks, villages, etc that you may want to add to make your con better or stand out from other events. After we've covered the basic ideas, we can go into detail on the differences between BSidesDC and BSidesDE. Differences in geographic location and type of location have effects, both positive and negative for each con. We'll share some stories of things we've gotten right (sometimes accidentally) and some of the pain points and lessons we have learned (also sometimes accidentally). This is meant to be a guided open forum so if you have questions feel free to ask us!Con-goers, con director curious types
Alex Norman has over ten (10) years of experience in the field of information security and system development, with concentrations in penetration testing, security test & evaluation and web application development.
Mr. Norman is a Penetration Tester for Veris Group's Adaptive Threat Division, where he assists in multiple penetration testing engagements and web application security assessments for government and commercial clients.
Prior to focusing on penetration testing, Mr. Norman specialized in IT systems development, multiple security test and evaluation assessments and security requirement definitions. In addition, he has several years of experience in web application and user interface development. Mr. Norman also actively participates in the security community, volunteering on community projects (OWASP) and managing security conferences (BSidesDC).
Ever wondered what goes into a BSides and what is different between events? Why do we do what we do? Come to this talk and ask us!
36
Malware Analysis: N00b to Ninja in 240 Minutes@grecsKnowing how to perform basic malware analysis can go a long way in helping infosec analysts do some basic triage to either crush the mundane or recognize when its time to pass the more serious samples on to the the big boys. This workshop, based on grecs’ Malware Analysis 101 - N00b to Ninja talks, covers several analysis environment options and the three quick steps that allows almost anyone with a general technical background to go from n00b to ninja (;)) in no time. Well … maybe not a "ninja" per se but the closing does address follow-on resources on the cheap for those wanting to dive deeper into the dark world of malware analysis.Students and those that want to learn about basic malware analysis. Beyond basic Windows use students should also have some light experience in using Linux as well as know how to use VirtualBox, VMware, or the like. In order to get the most out of the workshop students should also have time to prep a basic environment from which we will start.
grecs has almost two decades of experience, undergraduate and graduate engineering degrees, and a really well known security certification. Despite his formal training, grecs has always been more of a CS person at heart going back to his VIC-20, Commodore 64, and high school computer club days. After doing the IT grind for five years, he discovered his love of infosec and has been pursuing this career ever since. Currently, he spends his days improving and architecting defensive solutions. At night he runs a local infosec website where he discusses his latest security research and offers his commentary on the world of cyber.
Based on his Malware Analysis 101 - N00b to Ninja talks, don’t miss the 4 hour hands-on workshop by @grecs at #bsidesde.
37
Scratching the Surface: What We Know about Lockpicking Forensics So Far
Preston Thomas @PNTinDC
"Every contact leaves a trace." The basic principle of forensic investigation extends from trace evidence to network intrusion, and yes, to lockpicking, too.

This talk will provide a primer on the forensic detection and analysis of various methods of lockpicking and non-destructive entry, including bumping and impressioning. The main body of the talk summarizes the excellent work of Datagram, Deviant, Scuyler Towne, and others, as well as providing scientific and legal context for the task of detecting covert entry
A basic knowledge of lockpicking will help, but is not required to understand the discussion.
Preston Thomas is the chapter lead of TOOOL DC.
Even the best lockpickers leave a trace, if you know what to look for. Join us for a survey of lockpicking forensic research.
38
Bootstrapping Threat Intelligence Out of Thin Air@grecsIn the presentation that threat intel vendors do not want you to see, open source and internal data meets home grown resources to produce actionable threat intelligence that your organization can leverage to stop the bad guys. This presentation discusses using what your already have to bootstrap this capability using existing data management platforms with open and flexible schemas to ease identification of advanced threats. Specific topics covered include the advantages of using open and flexible platforms that can be molded into a data repository, a case tracking system, and an Indicator Database. By analyzing this data using techniques such as the Cyber Kill Chain and Diamond Model for Intrusion Analysis, organizations can create Campaign and Adversary tracking artifacts that evolve into actionable threat intelligence and guide other investigative activities such as Data Fusion and Hunting. And yeah … threat intel vendors still hold a role in ultimate threat intelligence nirvana but there is a lot you should do on your own first in order to better understand your requirements in searching for that ideal partner.Techies in SOCs looking to defend their network more intelligently
grecs has almost two decades of experience, undergraduate and graduate engineering degrees, and a really well known security certification. Despite his formal training, grecs has always been more of a CS person at heart going back to his VIC-20, Commodore 64, and high school computer club days. After doing the IT grind for five years, he discovered his love of infosec and has been pursuing this career ever since. Currently, he spends his days improving and architecting defensive solutions. At night he runs a local infosec website where he discusses his latest security research and offers his commentary on the world of cyber.
Looking to bootstrap a threat intel capability without all those expensive tools? Find out how from @grecs at #BSidesDE.
39
Building the Next Generation of InfoSecBrian @ForgottenSecMany infosec professionals would love to help those interested in joining the infosec community, but don't know the available resources and options to volunteer. Many organizations building the programs for new professionals desperately need volunteers. This talk aims to identify resources and opportunities for us as professionals to help the pipeline. Helping also comes with the silver lining of being able to help develop new professionals which can allow for more visibility for choosing your organizations next intern. Resources continue to build and continue to target younger groups for learning infosec as programs targeting middle schoolers are becoming more frequent. I will be discussing many of the more popular programs that exist and how to participate.Everyone interested in developing infosec skills and more infosec professionals
Brian is focusing primarily on Snort, Network Security Monitoring, and more recently Industrial Control Systems, but also consuming all available content on Pen Testing and Red Teaming. As I deveoped my own skills, I have always been interested in how to learn more efficiently and effectively. Brian is the president of Unallocated Space, a Maryland Hackerspace, Director of BSidesCharm, a organizer for BSidesDC and runs the Barcode Shmarcode contest at Shmoocon.
The #infosec shortage exists and many of us want to help but struggle how. Let's talk about resources and opportunities
40
SoHo SIGINTRuss HandorfSoHo SIGINT is about the wandering musings of the value and use of collecting basic information about radio communications in your immediate residence. You'll learn what worked, what doesn't, what's interesting and what's not and hopefully enough to build something yourself. From WiFI, Bluetooth and Software Defined Radio intercepts and recordings, you'll specifically learn about the hardware, software and other choices that might influence your own SoHo SIGINT collection.Basic radio knowledge.
Russell has been in the information security realm for 15 years. He built and sold a wireless ISP, worked info sec in the financial services industry and now is a public servant of sorts. His hobbies and interests have always involved radio in some sort of fashion. When he has spare time, he is completing his PhD, teaches, create mischief, and is working on his dad jokes.

Flowers, red and blue,
Russell loves SDR toys.
This is a haiku.
SoHo SIGINT for fun, and not profit. The talk says it all, come one and all. For Ive got a lovely bunch of coconuts.
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103