HomeAgenda DetailsSpeaker RosterVenue & HotelExpo DetailsRegistration Details

Monday, March 23

10:00 AM - 11:00 AM
A1 Detect, Alert, Respond: Footprints of This Year's Top Attack Vectors
Steve Ocepek, Manager, Incident Response, SecureState
Kerstyn Clover, Staff Consultant, SecureState
Better understand the most prominent cyber-attack vectors
Learn about Indicators of Compromise (IOCs) and how they can be used to detect attacks
Ideas for how to better protect the organization against these attacks
Knowledge of various resources, including logs and packet traces, that can be used for detection and prevention

11:15 AM – 12:15 PM
A2 Advanced Red Teaming: All Your Badges Belong To Us DEMO
Eric Smith, Senior Partner and Principal Security Consultant, LARES Consulting
Josh Perrymon, Senior Adversarial Engineer, LARES Consulting
Case studies on badge access control systems: inherent flaws in their design and demonstration of direct and blended attacks against them
How flaws lead to facility and system compromise, even against the most secure access control systems and card types 
A look at custom built tools
Interactive discussion of current mitigation strategies and industry needs to thwart attacks

1:30 PM – 2:30 PM 
A3 A True Adversarial Hunting Expedition
Ryan Trost, Sr. Director, Cyber Intelligence Solutions Architect, SRA International
Jon DiMaggio, Director of Cyber Intelligence, IntelThreat
Powerful tradecraft tricks to remain anonymous while hunting adversary breadcrumbs through open source intelligence efforts
Why operationalizing threat intelligence is just as important as detection efforts 
Open source intelligence techniques used to track and identify new adversary infrastructure and personas 
Build an effective adversary persona to better understand their targeting mission
Create a cyber-threat intelligence foundation to build upon 

3:15 PM – 4:15 PM
A4 Cryptography as a Service: Deploying High Assurance Hardware Crypto in the Cloud DEMO
John Buckley, MEng CEng CEH CISSP, Founder & CEO, Secure Direction Ltd.
An appreciation of how highly secure hardware appliances can protect your organization’s cryptographic keys
Challenges and weaknesses inherent in traditional methods for protecting keys using virtual cloud infrastructure
Commoditization of cryptographic services and how highly secure appliances can be rented in the public cloud 
Demo of key concepts of an end-to-end deployment of a cloud HSM service

Tuesday, March 24

8:30 AM – 9:45 AM  
A5 RFID Hacking: Live Free or RFID Hard DEMO
Francis Brown, CISA, CISSP, MCSE, Managing Partner, Bishop Fox
Rob Ragan, Senior Associate, Bishop Fox
Overview of the best RFID hacking tools available 
Stealing RFID proximity badge info from unsuspecting passers-by
Replaying RFID badge info and creating fake cloned cards
Brute-forcing higher privileged badge numbers to gain data center access
Attacking badge readers and controllers directly
Planting PwnPlugs, Raspberry Pis, and similar devices as physical backdoors to maintain internal network access
Creating custom RFID hacking tools using the Arduino
Defending yourself from RFID hacking threats

10:00 AM – 11:00 AM
A6 Attacker Ghost Stories
Rob “Mubix” Fuller, Senior Red Teamer 
Free (or mostly free), innovative, and highly effective protections, mitigation, or detection mechanisms that actually work
Methods, tactics, and software setups that will significantly decrease intrusions 
Learn the concept of "Evil Canaries"
Changes you can deploy or start deploying immediately

2:00 PM – 3:00 PM
A7 Tooling Up for Incident Response with Network Forensics and Endpoint Visibility
Dr. Anton Chuvakin, Research Director, Gartner for Technical Professionals (GTP)
How to use network forensics tools (NFT) for detecting and investigating threats
How to use endpoint detection and response tools (ETDR) for detecting and investigating threats
Key processes related to these tools

3:30 PM – 4:30 PM
A8 Too Big to Fail: Why Big Data Could Equal Big Failure
Gus Hunt, Hunt Technologies, LLC & eSentire, Inc.
Learn how and why today’s attack types are more devastating than ever before
See real-world metrics and case studies pulled from nearly 350 financial organizations 
Identify how to safely move major computing workloads to commercial cloud infrastructure
Learn to create a security-as-a-service platform that supports increasingly demanding cyber security requirements

Wednesday, March 25

9:45 AM – 10:45 AM
A9 What's in Your Wallet: Live PoS System Hack DEMO
Rich Thompson, Director, Professional Services, Guidance Software
Live demo of an attack on a simulated Point of Sale network 
Learn a method to identify unusual activity taking place on these devices
Forensic tools that help unearth information about an attack, its purpose, and its scope.
Proven techniques to secure POS devices 
Types of technology most suited for securing POS systems

11:00 AM – 12:00 PM 
A10 API Security for the Enterprise
Ryan Lackey, Product Engineer, CloudFlare
Hear how mobile and SaaS are expanding the scope of API security
Learn which technologies can provide visibility and control to third-party APIs
Understand unique API security requirements and mitigation techniques
Expose hidden APIs on mobile, cloud, and Internet of Things infrastructure
Take-away criteria to evaluate before your next buying decision
Top-notch training. Compelling speakers. Meaningful interactions.
Register for the 2015 Infosec Conference
Join the conversation using #InfoSecWorld
Contact Us

Registration/General Inquiries:
Customer Service
(508) 879-7999 ext. 501
[email protected]

Speaking Opportunities:
Katherine Teitler
Director of Content Development 
[email protected] or (508) 532-3624

Exhibit Sales:
Vendors A-L
CJ Oliveri
Director of Sales, Conference Division
[email protected] or (508) 532-3609

Vendors M-Z
Howard Weinman
Director of Sales, Conference Division
[email protected] or (508) 532-3652