https://sector.ca

SecTor | Security Education Conference TorontoSecTor | Security Education Conference Toronto Informa Black Hat is part of the Informa Tech Division of Informa PLC Informa PLC About us Investor relations Talent This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.   SecTor 2024 About Contact Call for Papers Review Board Presentations Welcome to SecTor Canada's Cybersecurity Conference MTCC, Toronto Summits Oct 22 | Conference Oct 23-24, 2024 SecTor 2024 Join Mailing List SecTor 2024 Registration Open See you in October More Details SecTor 2024 Briefings Schedule   More Details SecTor 2024 Summits AI + Cloud + Executive More Details SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defenses. The conference provides an unmatched opportunity for cybersecurity professionals, managers, and executives to connect with their peers and learn from their mentors. Connect The contact information below is for mailing and admin only. SecTor can be reached at the following coordinates: Email: sector@informa.com Phone: 1.415.947.6846 USA Toll Free: +1-866-203-8081 SecTor C/O Informa Tech Canada, Inc. 20 Eglinton Ave. West, Suite 1200 Toronto ON M4R 1K8 Canada About SecTor Event Information Each year, SecTor features Keynotes from the industry’s most respected and trusted experts and Speakers who are true security professionals with depth of understanding on topics that matter. SecTor is a must attend event for every IT Professional. For Technical Security Professionals For the technically savvy attendee, there is a wealth of content and learning opportunities. Content is selected based on timeliness, relevance and practicality. We do our best to ensure that the content is both current and useful. Latest technical research. New attacks. New defences Tools Track offering a ‘no-budget-needed’ security option Opportunities for Networking during the event Purist approach – no amount of money can buy a speaking slot in our technical track Experts from around the world For Management SecTor was founded on a passion for security and it doesn’t take long to realize that security extends far beyond the bits and bytes. Our promise is to ensure that we provide quality content – current information you can’t get anywhere else. The same rigor and dedication that our advisors apply to the selection of the technical content is also invested in selecting the management track session. Marketing fluff is not allowed or tolerated. Your time is valuable and our commitment to you is to provide the information that you need to know. Latest research, trends and approaches Privacy, Policy, Compliance Opportunities for Networking during the event Purist approach – no amount of money can buy a speaking slot in our management track Experts from around the world Mission SecTor is Canada’s premier IT Security Education Conference. The annual event where IT Security professionals gather to learn from and network with the world’s most innovative, intellectual, exciting and entertaining security professionals. SecTor is IT security training at its best. Background SecTor was created by founders of TASK, North America’s largest and most successful IT security user group. After many years of attending IT Security events in the United States, and being disappointed that no similar event existed in central Canada, the decision was made to fill the void. SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques. In a non-threatening and productive way, SecTor sheds light on the underground threats and mischief that threaten corporate and personal IT systems. Through identifying, discussing, dissecting and debating these digital threats, the strongest defences can be mounted. Black Arts Defined Hacker Slang – black art A collection of arcane, unpublished, and (by implication) mostly ad-hoc techniques developed for a particular application or systems area (compare black magic)... The huge proliferation of formal and informal channels for spreading around new computer-related technologies during the last twenty years has made both the term black art and what it describes less common than formerly. See also voodoo programming. Review Board SecTor is very fortunate to have an impressive group of leading security and industry professionals on our Review Board. These individuals play a critical role bringing the world’s best speakers and minds to the stage for the benefit of all in attendance. If networking and being plugged into the Security Community are priorities for you, then we highly recommend introducing yourself to these folks. SecTor acknowledges and extends our gratitude for the contributions made by the following Review Board Members. James Arlen James Arlen × CISO Aiven.io James Arlen is Aiven.io’s CISO bringing a mix of security and engineering background to DBaaS (database as a service). Over the past twenty plus years, James has been delivering information security solutions to Fortune 500, TSE 100, and major public-sector organizations. James is best described as: “Infosec geek, hacker, social activist, author, speaker, and parent.” His areas of interest include organizational change, social engineering, blinky lights and shiny things. In addition to his work at Aiven.io, James is a Contributing Analyst at the research firm Securosis, blogger/podcaster with Liquidmatrix Security Digest, a frequent speaker at industry conferences, and is a prolific contributor to media and standards including a lead author contribution to the Cloud Security Alliance Security Guidance for Critical Areas of Cloud Computing V4. James holds the CISSP, CISA, and CRISC security certifications. Opheliar Chan Opheliar Chan × Chapter Co-Lead OWASP Toronto Opheliar Chan spends most of her time trying to make software security more accessible, pragmatic, and FUD-free, both as the lead of Accenture’s Application Security Advisory Services in Canada, and while moonlighting as co-lead of the OWASP Toronto Chapter. For over a decade, she has focused on application security, SDLC process consulting and implementations, program building, penetration testing/vulnerability assessments, and related. Prior to her career in consulting, she worked in security research, web application development, and technical writing. You can usually find her in-person at OWASP Toronto Meetups, or at opheliar.chan@owasp.org. Bruce Cowper Bruce Cowper × Co-Founder SecTor Bruce Cowper is a founding member of the Security Education Conference Toronto (SecTor), the Toronto Area Security Klatch (TASK), the Ottawa Area Security Klatch (OASK) and an active member of numerous organizations across North America. Until recently Bruce worked for Microsoft managing security and compliance programs. Cowper joined Microsoft in 2004 and held several positions at Microsoft Canada before moving to the United States, most recently focusing on global Security Policy and Standards, and managing the Microsoft’s Government Security Program. Today he spends his time consulting on various topics from cyber security to wine and beer making. Eric Evenchick Eric Evenchick × Co-Founder and Managing Partner Tetrel Security Eric Evenchick is a co-founder and Managing Partner at Tetrel Security, specializing in embedded device security and bespoke tool development. His journey into embedded systems began with the development of research vehicles at the University of Waterloo in collaboration with General Motors and the US Environmental Protection Agency. This experience propelled him into roles involving the development of automotive firmware and reverse engineering vehicle systems at companies including Tesla Motors. Prior to co-founding Tetrel Security in 2023, Eric served as Technical Director at NCC Group and as Principal Research Consultant at Atredis Partners. In these capacities, he conducted security assessments on diverse hardware and software targets, encompassing automotive systems, medical devices, cloud infrastructure, and mobile devices. Eric holds a Bachelor of Applied Science in Electrical Engineering from the University of Waterloo. He has been a featured presenter at numerous technology and security conferences, including Black Hat, escar, SecTor, ToorCon, NorthSec, and PyCon USA. His work has garnered recognition in publications such as Wired and Forbes. Since 2019, Eric has been delivering training sessions on reverse engineering embedded systems at Black Hat conferences worldwide. Roy Firestein Roy Firestein × CEO Autohost.ai Roy Firestein is a strategist, seasoned hacker and expert in cyber security, business development and project management. He has a background in security, programming, research, management, marketing and sales with a unique ability to manage multi-disciplinary projects while navigating complex cyber challenges. Roy’s passion lies in Big Data and Machine Learning, especially when applied to cyber security. As a multi-linguist of technology-driven business, he speaks fluent geek, marketer, designer, salesperson and investor. Jamie Gamble Jamie Gamble × Senior Director, Threat Defense and Response ServiceNow Jamie Gamble’s experience extends across many security disciplines. As a consultant he spent years performing incident response, application security (e.g. code reviews, testing, design reviews) and offensive security (network penetration testing, red team) activities for a large range of clients. He built a threat hunting program at a top 5 North American bank whose scope included both cyber and financial crime. Currently he is leading Threat Defense and Response (Incident Response, Red Team, Detection Engineering and Threat Intel) at a large SaaS company. His involvement in the security community runs deep and has helped organize several security conferences. Jessica Ireland Jessica Ireland × Operational Security Manager City of London Jessica Ireland leads the information security team for the City of London. Prior to her time in the public sector, she worked in the private sector where she managed projects around critical information security processes such as security strategies, risk management governance, policies and technology selection decisions for organizations around the world. Her focus is coaching and empowering the next generation of information security leaders. Vicky Laurens Vicky Laurens × Security Engineering at a Canadian Financial Institution Vicky Laurens is a cybersecurity professional with over two decades of experience spanning diverse industries. For more than eleven years, she has been dedicated to protecting global financial institutions from various information security risks. Vicky is a sought-after speaker at cybersecurity and industry conferences where she shares her expertise on information security and effective leadership strategies. She is a passionate leader who is focused on strategizing, implementing, and deploying new and emerging detective and preventative technologies that keep global financial institutions safe. Dave Lewis Dave Lewis × SecTor Review Board Dave Lewis has 30 years of industry experience. He has extensive experience in IT security operations and management. Dave is Global Advisory CISO for Cisco. He is the founder of the security site Liquidmatrix Security Digest & podcast as well as the host of DuoTV and the Plaintext podcast. He is currently a member of the board of directors for BSides Las Vegas. Previously he served on the board of directors for ISC2 as well as being a founder of BSides Toronto conference. Dave has been a DEF CON speaker operations goon for over 10 years. Lewis also serves on the Review Board for the Black Hat Sector Security Conference and the CFP review board for 44CON. He is currently working towards his graduate degree at Harvard. Dave has previously written columns for Forbes, Dark Reading, CSO Online, Huffington Post, The Daily Swig and others. For fun he is a curator of small mammals (his kids) plays bass guitar, grills, is part owner of a whisky distillery and a soccer team. Kellman Meghu Kellman Meghu × Security Architect DeepCove Cyber Kellman Meghu raised their children with a firewall, shamed a large airline into using SSL for check-in, served as front line for the security as some of the biggest corporations went online for the first time, spent 20 years helping every sector define, deploy, and defend their infrastructure, thinks learning a new programming language is a great way to relax on holiday, dreams in key/value pairs, is obsessed with putting everything in containers and is loving every minute of it. Dave Millier Dave Millier × CSO Quick Intelligence Dave Millier is a serial entrepreneur, off-road motorcycle rider and food lover. Dave has been involved in cybersecurity for almost 25 years. He founded the InfoSec company Sentry Metrics, one of Canada’s most successful MSSPs. After the sale of Sentry Metrics, Dave’s lifelong passion for reading led him to finally sit down and write his first book, Breached! In late 2014, Dave launched Uzado, a cloud-based InfoSec company focused on helping companies simplify cybersecurity by answering the questions “what now?” or “what next?” Dave sold Uzado in 2019. Dave is currently the CSO of Quick Intelligence, a boutique VAR and cybersecurity consulting company. Karen Nemani Karen Nemani × Security Practice Manager, AWS Canada; President, WiCyS Ontario Affiliate Karen Nemani (she/her) is a Cybersecurity Leader with expertise in cloud security, risk and strategy along with 25 years of cybersecurity experience across multiple domains, Karen is a thought leader in cybersecurity as well as a contributing author and mentor. She launched the first International Women in CyberSecurity (WiCyS) Ontario Affiliate that has since received the Women in Cybersecurity 2022 Affiliate Leadership Award and ITWC honoured Karen as one of Canada’s Top 20 Women in Cybersecurity in 2022. As WiCyS Ontario President, Karen works with her leadership team to build community and open doors to cybersecurity opportunities for Canadian women both in Canada and globally. Karen is part of the 2023 WiCyS Conference Program Committee and co-developed the 2023 WiCyS Mentorship Program content and in 2023 WiCyS honoured Karen with a Special Appreciation award for her many community-building contributions. Maryna Neprosta Maryna Neprosta × Advisory Board Maryna Neprosta is a threat research lead experienced in digital forensics, incident response and malware analysis. Maryna has successfully handled more than 100 ransomware investigations, business email compromise cases, data leakage and insider threat events. Even though Maryna’s career started with risk and vulnerability management, proactive security quickly became Maryna’s passion and area of expertise. Occasionally Maryna works on software and web development projects (Python, C, JavaScript, C#) to automate IOC & threat hunting. Besides Maryna’s direct job responsibilities, Maryna is interested in cryptography and never skips a good article on artificial intelligence advancements as it may change our industry drastically in the near future. Laura Payne Laura Payne × Chief Enablement Officer & VP Security Consulting White Tuque Laura Payne has built her career in IT and security over 20 years, starting at one of Canada’s largest financial institutions before moving into consulting, and currently serves as the Chief Enablement Officer & VP Security Consulting at cybersecurity firm White Tuque. Her experience covers a variety of domains, including information security governance and risk, security operations and engineering, and security leadership. She is passionate about bringing people together to solve problems in today’s increasingly complex technical landscape. Outside of work, Laura is actively engaged in mentoring professionals seeking to join the Information Security field, while also volunteering on the Review Board of SecTor, Canada’s largest security conference. In addition, she chairs the Program Advisory Committee for Seneca College’s School of Information Technology Administration & Security. Laura holds an Honours Bachelor of Applied Science in Systems Design Engineering from the University of Waterloo, along with the CISSP, GCED, and GWAPT designations. Eldon Sprickerhoff Eldon Sprickerhoff × Strategic Advisor Caledon Ventures Eldon Sprickerhoff devotes significant time as a strategic advisor to infosec startups. Eldon is best known as a founder of eSentire, a premier Managed Detection and Response infosecurity services company with global operations. Ways to connect with Eldon: Twitter: @TheEldon LinkedIn: www.linkedin.com/in/eldon-sprickerhoff-4ba463 Gord Taylor Gord Taylor × Founder and Principal Consultant Authoritative Consulting Gord Taylor is Founder and Principal Consultant at Authoritative Consulting. He is one of Canada’s most sought-after Security and Networking experts, developing and actualizing next generation Security programs for large enterprises and high-growth technology firms. Gord spent 16 years at one of Canada’s “Big 5” Financial Institutions, serving as resident expert across Information Security, Networking, Distributed Computing, and co-developed the company’s first CSIRT team more than 20 years ago. Since launching Authoritative Consulting in 2012, he has helped enterprise customers, independent software vendors, and service providers to actualize technology and service solutions that work. A self-proclaimed “geek”, Gord has developed a practical approach to Security that brings cost-effective risk management solutions from promise to practice, drawing from his studies in mathematics and computer science at University of Waterloo and 30+ years of hands-on industry experience. Not afraid to engage in tough conversations, Gord has established himself as one of Canada’s foremost experts in challenging the status quo and driving new value. Ways to connect with Gord: Twitter: @rg0d LinkedIn: www.linkedin.com/in/gordt Afeerah Waqar Afeerah Waqar × Security Operations Analyst Aiven Afeerah Waqar is a Security Operations analyst at Aiven.io, making her a hands-on cybersecurity professional with practical experience in the industry. As one of the youngest members of the team, Afeerah demonstrates a natural aptitude for learning and adapting to new technologies and trends. She is proficient in programming languages such as Python, Java, and C++, which are crucial for cybersecurity professionals. Additionally, Afeerah is currently pursuing an Honours Bachelor in Cyber Security Degree and working towards earning her certifications, showing her commitment to developing a strong foundation of knowledge and expertise in the field. Along with her technical skills, Afeerah possesses top people skills such as communication, teamwork, and leadership. Afeerah has a young and intellectual mind and her drive to learn and explore new ideas in cybersecurity is impressive. Her youthful perspective brings a fresh and innovative approach to the field. She is a strategic thinker who is not afraid to challenge conventional wisdom and offer creative solutions to complex problems. Presentations Intro 2023 2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 Looking for a solution, inspiration, catching-up on last year’s presentations, or taking a trip down memory lane to see how the IT security industry has evolved over the years? You’re in the right place! View the history of SecTor Presentations and be sure to also check out our YouTube channel for highlighted topics, sessions, interviews and more. 2023 Keynotes Welcome to SecTor 2023 – Brian Bourne, Bruce Cowper Keynote: The New Canadian Internet: How New Rules Are Transforming the Online World and What You Can Do About It - Michael Geist Keynote: 2024 Predictions in Future-Hindsight View - Get Ready! - Laura Payne Tech Track A Journey into Medical Device Security Research - Deral Heiland Aikido: Turning EDRs to Malicious Wipers Using 0-day Exploits - Or Yair BingBang: Hacking Bing.com (and much more) with Azure Active Directory - Hillai Ben-Sasson Breaking Pipelines - Noam Dotan & Nadav Noy Browser Security / Isolation-101 - Evgeniy Kharam Cutting Through the Noise – Key Industry Trends to Pay Attention To - Fernando Montenegro Defending Cyber Space with Great White North AI - Stephan Jou & Nakkul Khuraana Dress Code - Analysis of the Current Status of the Content Security Policy - Felipe Molina de la Torre Going Undercover in the Underground - A Practical Guide on How to Safely Infiltrate and Engage - Michael-Angelo Zummo Hardening CI/CD Pipelines Against Open-Source Supply-Chain Attacks Using Packj - Ashish Bijlani & Jai Balani I Watched You Roll the Die: Unparalleled RDP Monitoring Reveal Attackers Tradecraft - Olivier Bilodeau & Andréanne Bergeron One Drive, Double Agent: Clouded OneDrive Turns Sides - Or Yair Revealing Non-Compliance of Apple Privacy Labels at Scale - Luyi Xing, Yue Xiao & Xiaojing Liao State of the Art in AI Security: Cybersecurity Requirements for AI - Farbod H Foomany, Farnood Faghihi & Lama Moukahal The Dark Side of Large Language Models: Uncovering and Overcoming of Code Vulnerabilities - Javan Rasokat The Most Interesting Bits From Sniffing Bluetooth the Last 3 Years - Xeno Kovah Uh-OAuth! - Breaking (and Fixing) OAuth Implementations - Aviad Carmel & Yaniv Balmas Video-Based Cryptanalysis: Recovering Cryptographic Keys from Non-Compromised Devices Using Video Footage of a Device's Power LED - Ben Nassi, Etay Iluz & Boris Zadov What Does an LLM-Powered Threat Intelligence Program Look Like? - Ron Graf & John Miller Wiki-Slack Attack - Keegan Keplinger & Joe Stewart You Shall Not Pass! Detecting Insider Data Exfiltration Using Data Science and Machine Learning - Angelo Schranko Oliveira Management Track Are You Cyber Insurable? Lessons Learned From Cyber Insurers Fighting Ransomware - Julien Ducloy Do We Really Need to Worry about Critical Infrastructure? Discussion about Cyber Operations in the Context of Leaked Vulkan Files - Marina Krotofil failGPT - The Eleventh Edition - James Arlen Real-time Quantification of Cyber-Resilience - Jeff Schwartzentruber Stress: An Impediment to You and Your Team's Ability to Defend Your Cyber Assets - Learn How to Identify and Manage Stress While Building Resilience for Your Operators and Teams - Jennifer Stanford Sure, Let Business Users Build Their Own. What Could Go Wrong? - Michael Bargury You Gotta Fight for Your Right to Third Party - Finding a Way Through the Challenges of Third-Party Risk Management (TPRM) - Mathew Caplan SECurity FUNdamentals 90-day SSL Certificates Are on the Way: What It Means to You - Henry Lam Active Directory Tricks and Hidden Features - Pierre Audonnet Cyberwarfare on the Rise: How to Defend our Critical Infrastructure - Nadir Izrael & Mohammad Waqas From Love Bytes to Bad Bites: The Hidden Threat of Digital Stalking and Harassment in Intimate Partner Violence - Jennifer Couture Ghidriff: Ghidra Binary Diffing Engine - John McIntosh The Future of Threat Intelligence with AI - Susan Peediyakkal When the External Threats and Internal Risks Meet: A Story of Cloud Breach - Jay Chen & Noah McDonald Sponsor Track A Guide to AI: From The Pioneers of AI in Cybersecurity - Shiladitya Sircar A Pervasive Security Risk: Protect Your Users, Domain, and Brand - Bob Adams AI Code Remediation: Fix Security Flaws Faster Than You Currently Find Them - Mina Tawadrous Anatomy of a Cloud Attack - Nicolas Ehrman Bell Security Outcomes Study: Learning from the Leaders - David Senf Canadian Business Strategy Amid Evolving Threats and Regulations - Roshan Abraham Cat(astrophe): Cyber Insurance & The Value of Catch Rate - Jane Arnett Closing Security Gaps: Enhancing Asset Visibility with EASM - Kevin Garrett Cloud Security in Canada: Expectations vs. Reality - Kim Schreader Cyber Counterintelligence - Leveraging Cyber Deception - Joseph Salazar Cyber Risk is a Business Risk: Navigating Uncertainties & Mindset Shifts - Antoine Saikaley Elevating Cloud Security through ServiceNow: Streamlined Workflows for Effective Vulnerability Response and Cloud Security Posture Management - Deepak Kolingivadi Evil By Design: Innocent Until Active - Hossein Jazi Fast & Furious: To Beat Ransomware, You Need to Meet Attackers Where They Are - John Shier Fighting Complexity Across the Hybrid Landscape - Jarod Sigmund How AI and Cyber Converge for a Full Lifecycle of Cyber Resilience - David Masson How to Defend Against Identity-Based Attacks - Madhur Bhargava Hybrid Cybersecurity: A Winning Formula for Securing your Business - Colin Belcourt Insider Threats and How to Hunt for Malicious Insiders - David Balcar Internet Threat Radar - The Current Cyber Threat Landscape - Trey Guinn Let's Call The Browser What It Is: The Eighth Layer in the Technology Model - Negin Aminian Modernization and Your Data: A New Take on Security and Compliance - Luke Babarinde Modernize Security with Insights from the 2023 Global Threat Report - Dain Perkins Navigating Threat Landscape for First Party, Third Party and Open Source Software - Mehul Ravankar Phishing is at an All-Time High and MFA is Broken. Get?Phishing-Resistant Identities for your Users! - Rohan Ramesh Practical Security Operations for an AI-powered, Multi-cloud World - Joe Partlow Scaling Your AppSec Program with ASPM - James Rabon Securing the Sprawl: From Asset Management to Asset Intelligence - Sean Blenkhorn Security Validation as the Heart of Exposure Management - Stephen Tutterow Stopping the Data Fire Before It Happens - Stephen Kingston Strategies to Ensure Optimum Cyber-Hygiene and Enhancing End User Experience - James Sambasivam Strengthening Cybersecurity Defenses with MITRE ATT&CK - Anwar Adil The 5 Obstacles Organizations Forget When Designing Their Cybersecurity Program - Victor De Luca The ChatGPT Threat: Protecting Your Email from AI-Generated Attacks - Jeffrey Raymond The Dark Web Myth: Unearthing Cybercriminals in Plain Sight - Ygor Maximo The Future of Identity Security and Privileged Access Management: Common Challenges and How to Overcome Them - Christopher Hills The Human Firewall: Strategies for Establishing a Strong Culture of Security - Leita Ouellette The Missing Piece In Your Data Protection Strategy: Mobile Devices - Aaron Cockerill The Right Privileged Access Management Strategy - Christus Sunil Kumar Untangling APIs: Addressing Sprawl, Leveraging AI/ML to Secure Your Modern Digital Ecosystem ? - Brian McHenry Vulnerabilities: Are Companies Accidentally Paving the Way for Cyber Attacks? - Tony Anscombe What Can Security Professionals Learn from Shipbuilders - Garrett Weber Why Siloed Cloud Security Tooling in the Modern Cloud Environment Isn't Enough - Adam Hogan XDR : Past, Present, and Future - Ron Chittaro You're Doing Pentesting Wrong, Do it Right with Ethical Hackers - David Barberis Tools Track (Nearly) Universal Threat Detection with Falco Plugins - Mike Coleman Advancing BYOVD to A New Era - Lateral Movement on Microsoft Layer Kernel Virtualized Mitigation - Sheng-Hao Ma All You Need is Guest - Michael Bargury Harnessing Large Language Models for Enhanced Malware Reverse Engineering - Jeremy Richards Introducing CS2BR - Teaching Badgers New Tricks - Moritz Thomas & Patrick Eisenschmidt Nothing but Net: Leveraging macOS's Networking Frameworks to Heuristically Detect Malware - Patrick Wardle What's Your Quantum Readiness Plan? - Michele Mosca Career Track Career Panel and Career Fair - Brian Bourne, Eric Evenchick, Roy Firestein, Karen Nemani, Maryna Neprosta & Tom Tran 2022 Keynotes Welcome to SecTor 2022 – Brian Bourne, Bruce Cowper Planning For Sunny Days – James Arlen The Future Of Cryptography – Dr. Whitfield Diffie Tech Track 10th Anniversary FAILtacular! – James Arlen A Diamond Is An Analyst’s Best Friend: The Diamond Model For Influence Operations Analysis – Charity Wright A Hermit Out Of Its Shell – Christoph Hebeisen, Paul Shunk Adventures In The Underland: Uncommon Hacker’s Persistency Methods And Countermeasures – Paula Januszkiewicz Anti-Abuse Operations And The Abuse Bestiary – Allan Stojanovic Defrauding Merchants Like It’s Y2K – Craig Barretto, Yuk Fai Chan Food Production Is Critical Infrastructure – Seth Hardy GitHub Actions: Vulnerabilities, Attacks, And Counter-Measures – Magno Logan New Memory Forensics Techniques To Defeat Device Monitoring Malware – Andrew Case New Minimum Cybersecurity Requirements For Cyber Insurance – Danny Pehar Purple RDP: Red And Blue Tradecraft Around Remote Desktop Protocol – Olivier Bilodeau The COW (Container On Windows) Who Escaped The Silo – Eran Segal The Development Of A Completely Unsupervised Machine Learning Pipeline For Security Analytics – From Ingestion To Analytics – Jeff Schwartzentruber The Evolution Of Ransomware – Fernando Montenegro Tokenizing The Dark Web: Applying NLP In The Context Of Cyber Threat Intelligence – Olivier Michaud, Francois Masson Under The Hood Of Wslink’s Multilayered Virtual Machine – Vladislav Hrčka Understanding, Abusing And Monitoring AWS AppStream 2.0 – Rodrigo Montoro What Is Linux Kernel Keystore And Why You Should Use It In Your Next Application – Ignat Korchagin Zhadnost – Finding And Tracking A GRU-Controlled Botnet – Ryan Slaney Management Track “What Do You Mean Moose Meat?” Advancing Resilience Through Preparing For The Unexpected. – Kevin Sandschafer A Transformation Blueprint For Developer-First Security – Larry Maccherone FAIR STRIDE – Building Business Relevant Threat Models For AppSec – Arthur Loris Innovation And Evolution – How Medical Device And IoT Profiles Have Evolved – But So Is Your Attack Surface – Mohammad Waqas OPSEC Is Not A Buzzword – Tim Dafoe The Vastaamo Data Breach – Antti Kurittu Vulnerability Management: Try Fixing Less To Reduce More Risk – Mitch Dollin SECurity FUNdamentals Advanced Bot Landscape – Yohann Sillam AI In A Minefield: Learning From Poisoned Data – Johnathan Azaria Azure AD And Microsoft 365 Security Fundamentals – Peter Carson Build More Secure Apps By Harnessing The Power Of OWASP SKF & ASVS On Kubernetes – Farshad Abasi-Jahromi, Kurt Hundeck De-Escalate The Overly-Permissive Cloud IAMs – Jay Chen Evasive Manoeuvres: Analysing The Past To Predict The Future Of Malware Evasion Techniques – Stefano Zanero Security Architecture Review For Cloud-Based Applications – Where To Start And How To Shift Left? – Bernardo Wernesback Trust Or Dare: Supply Chain Risks In Aviation – Manon Gaudet Sponsor Track A Data Product Approach To Reducing Security Debt – Carson Pickens BlackBerry XDR: Even The Odds – Anthony Toric Calculating Risk In The Era Of Obscurity: Reading Between The Lines Of Security Advisories – Dustin Childs Correctly Configure All The Clouds – Steve Riley Cybersecurity Insurance: Where To Start & How To Qualify – Christopher Hills Decision Making In Uncertain Times: Key Teachings From Executive Exchanges – Rafi Wanounou Defending Ukraine: Early Lessons From The Cyber War – John Hewie Effective Response In The Face Of Zero Day Threats And Vulnerabilities – Karl Klaessig From The Field – Stories Of Successfully Detecting Cyber Attacks – Stephan Jou, Paul Reid How 2FA Is Circumvented – Ahmad Alsabagh How AI Can Think Like An Attacker – David Masson How Safe Is Your Cloud? Deciphering Cloud Threats And Security Models – James Spiteri Impact Of The Russia – Ukraine Conflict On Your Cybersecurity – David Poellhuber Indicators Everywhere! How SOCs Can Maintain Efficiency Against Any Attack – Andrew Mundell Into The Abyss: Cybersecurity Tool Selection, Rationalization, And Decommissioning – Jeff Schmidt Is Your Defensive Stack Ready For A Targeted Attack? – Stephen Tutterow Leave No Stone Unturned: The Elements Of Security Visibility – Christopher Fielder Master Of Audits – Vulnerability And Risk Management In 2022 – Nathan Harrison Mobile Security – The Hackers Next Frontier – Robert Falzon Navigating Enterprise Security In A Post-Compromise Reality – Kanen Clement Neither Pointless Nor Boring: Pop It And Lock It Down With CIS Controls – Matt Jerzewski Preparing SRM Leaders To Communicate The Relationship Between The Cyber Risks And Physical And Human Systems – David Ortega Protecting Your Critical Data And Enhancing Cyber Recovery – Jessica Hetrick Ransomware IR Playbook To Remember & An Art Of Building Resilience – Raheel Qureshi Report: Protecting Customer Identity And Access Management (CIAM) Services Against Online Threats – Matt Duench Researching Risk: The Qualys Approach To Identifying And Reducing Risk – Travis Smith Scaling Security Operations: The Answer To The Challenge Of Threat Inflation – Augusto Barros Securing Your Operational Technologies – Gaétan Houle Seize The Breach: Protect Your Organization With Behavior-Based Security Intelligence – Steven Flowers Smarter XDR Demands Email Security – Neil Clauson, Andrew Williams Software Supply Chain Security: Knowing What You Don’t Know – Mallory Woods State Of Cloud Security In Canada: How Does Your Organization Measure Up? – Dave Senf The (Hard) Key To Stop Phishing: How Cloudflare Stopped A Targeted Attack And You Can Too – John Engates The Agent Of Influence – Charity Wright The Compelling Case For Zero Trust: Bridge The Gap Between Cybersecurity And Business – Ram Vaidyanathan The Unsung Hero Of Cybersecurity: Taking Your Vulnerability Management Program (VMP) From Good To Great – Kim Schreader ThreatConnect & The Decisive Group Q&A – Lara Meadows, Devin Somppi Time To Re-Evaluate Your Security Layers – Elie Nasrallah Top 10 Cyber Security Actions For Canada – Victor De Luca Two Years Of Accelerated Cybersecurity And The Demands Being Placed On Cyber Defenders – Tony Anscombe What Log4Shell Taught Us About The Software Supply Chain, That Other Vulns Didn’t – Jobert Abma Why Do We Accept Gaps In Our Data Protection Practices? – Terry Ray Will Your Backups Help You Recover From Ransomware? – Nyron Samaroo Tools Track Deep Dive Into SBOMs And Microsoft’s SBOM Tool – Adrian Diglio DIY Tooling For Incident Responders – Peter Morin Extend Falco With Plugins, Detect And React To Security Incidents From Any Stream Of Events – Michele Zuccala Java Crypto: Don’t Just Get It Working, Use It Securely – Mansi Sheth Leverage AI In Threat Management – Ida Siahaan The Power Of The Pico: Replacing Expensive Toys With The Raspberry Pi Pico – Tyler Reguly The State Of Packet Capture In A Hybrid Infrastructure: The More You Know – Chris Boucek Career Track Career Panel And Career Fair 2022 – Max Cizauskas, Roy Firestein, Andrea Stapley, Tom Tran, Afeerah Waqar 2021 Keynotes Welcome to SecTor 2021 – Brian Bourne, Bruce Cowper Infosec Halloween 2021: Unmasking The Scary Characters – Wendy Nather The Evolution Of Hacking – Jeff Moss Tech Track Behavioral Biometrics – Attack Of The Humanoid – Justin Macorin, Iain Paterson BioHackers: The Invisible Threat – Len Noe Breaking The Laws Of Robotics: Attacking Automated Manufacturing Systems – Stefano Zanero Common NGINX Misconfigurations That Leave Your Web Server Open To Attack – Spencer Perlman Detecting Illicit Drone Filming – Ben Nassi Explore Adventures In The Underland: Forensic Techniques Against Hackers – Paula Januszkiewicz FAIL – Notorious* Number 9 – James Arlen Full Circle Detection: From Hunting To Actionable Detection – Mathieu Saulnier Ghost Misdetection Attacks Against Tesla Model X & Mobileye 630 PRO – Ben Nassi Hacking & Securing Clinical Technology – Jeremy Richards HAFL1: Our Journey Of Fuzzing Hyper-V And Discovering A 0-Day – Peleg Hadar, Ophir Harpaz How We Automated Ourselves Out Of On-Call Burnout … And You Can Too! – Prima Virani JavaScript Obfuscation – It’s All About The Packers – Or Katz Large-Scale Security Analysis Of IoT Firmware – Daniel Nussko Many Stunts, One Design: A Crash Course In Dissecting Native IIS Malware – Zuzana Hromcová MFA-Ing The Un-MFA-Ble: Protecting Auth Systems’ Core Secrets – Tal Be’ery, Matan Hamilis Secure And Scalable Development With Microsoft 365 And Azure AD – Peter Carson Siamese Neural Networks For Detecting Brand Impersonation – Yuchao Dai, Nitin Kumar Goel, Justin Grana, Jugal Parikh The Call Is Coming From Inside The House-The Truth About Linux And Cloud Security – Ell Marquez The Story Of Ghost One – Tim Dafoe, Patrick von Sychowski Towards Developing The Human Risk Assessment Platform – Maria Bada Management Track Building Security Champions – Tanya Janca Epic Journey Of An Enterprise Cloud Transformation – Helen Oakley Harder, Better, Faster, Stronger – Privacy Laws And The Anatomy Of A Breach Response – Stanislav Bodrov Maturing Your Toolkit With Mental Models – Fernando Montenegro Redefining Threat Modeling: Security Team Goes On Vacation – Jeevan Singh The Cross-Disciplinary Challenges Of Data Governance Policies – Alexander Rasin The Quantum Threat: Where Are We Today? – Michele Mosca SECurity FUNdamentals Adventures In Underland: What Your System Stores On The Disk Without Telling You – Paula Januszkiewicz An Anatomy Of A DevOps Tool Chain Attack – Alex Dow Attacker Techniques: Data Exfiltration – Julian Pileggi Bot Shops And Info Stealers – Exploring The Dark Web’s Newest Frontier – Bryan Oliver Broken Brokers In Boxes: Fuzzing Breaks Everything, Even Erlang – Jonathan Knudsen Cloudy With A Chance Of APT: Novel Microsoft 365 Attacks In The Wild – Doug Bienstock, Josh Madeley Software Composition Analysis 101: Knowing What’s Inside Your Apps – Magno Logan Sponsor Track 3 Essentials For Automating Security Across Hybrid Cloud – Sattwik Gavli A Technical Deep Dive Into: Supply Chain Based Triple Extortion Ransomware With DDoS And Scrambled Voice Phone Blackmail And A Review Of Successful Prevention Tactics And Strategies – Pete Nicoletti A Unified Approach To Discover, Protect And Control Your Sensitive Data – Stephen Kingston Adopting A Zero Trust Approach To Cybersecurity – Marc Kneppers An Introduction To Risk-Based Vulnerability Management – Jerry Gamblin Best Practices For Open-Source Management – Pete Chestna Best Practices: PAM Security & Data Privacy – Christopher Hills Breaking Down Silos Between Security And Infrastructure – Chad Reaney Building A Response Strategy To Advanced Threats – Jeff Costlow Building An Active Defence Program – Why A Traditional SOC Alerting Service Isn’t Good Enough – Bill Dunnion Coverage: How To Get Results From Threat Detection And Response Solutions – Augusto Barros Data-First SASE Using Behavior Intelligence And Risk Analytics – Benoît H. Dicaire Deconstructing A Ransomware Attack: A Case Study In Privileged Account Misuse – Daniel Conrad, Bryan Patton Defending Against Ransomware – Building A Future-Proof Architecture – Brian Brown Detection At Scale – Realize Cyber Resilience Using Intelligence-Driven XDR – Mark Alba Exposing Ransomware-As-A-Service And Where It’s Going Next – Jamison Utter Faster And Smarter Response To Cyber Threats In A Hybrid Cloud Environment – Dan Jezerinac For The Greater Good: Challenging The Vulnerability Disclosure Status-Quo – Laurent Desaulniers, Olivier Bilodeau Get It Right, Get It Savvy – Remote Workforce Enablement – Diana John Getting Started With SASE: Connect, Control And Converge With Confidence – Najib Hatahet Global Privacy: Keeping Up And Staying Ahead – Liam McLaughlin Hindsight Security: Things Breach Victims Wish They Had Done – Matthew Hickey How To Maximize ROI With Frictionless Zero Trust – Stephane Asselin Intelligence-Driven SOAR – Chris Adams Is Your Defensive Stack Ready For A Targeted Attack? – Nelson Santos Opening XDR To More Insight – Peter Cresswell Poking Around At Scale: One Year Of Scanning The Internet – Marc-Etienne Léveillé Reducing Ransomware At Scale: Exploring The Ransomware Task Force’s Recommendations – Jen Ellis Responsible And Ethical AI For Cyber: Why It’s Important, Why It’s Hard, How To Do It – Stephan Jou Security For Mortals: Think Like A Hacker And Protect Your Assets – Laura Payne, Raheel Qureshi Security Operations And The End Of Cyber Risk – Matthew Trushinski SOARing To New Heights With TheHive And Cortex – Geoffrey Roote Tackling Developer Security Training – Rey Bango The Prestige – Aamir Lakhani Transforming Cloud Security With SASE – Jay Reddy Triple Extortion Attacks On The Rise From Ransomware Gangs – Gary Sockrider Walking The Cybersecurity Data Tightrope – Travis Smith What Elon Musk And SpaceX Can Teach Us About Ransomware And Cybersecurity – Morgan Wright Where Is Cybercrime Really Coming From? – Luis Carvajal Kim Why An Integrated Approach To Cybersecurity Is No Longer A Choice – Andrew Williams Why The Future Of DevOps Needs Hackers – Will Kapcio XDR And SIEM On A Collision Course: What Remains When The Dust Settles? – Corey Still Tools Track Introducing A New Construct For Advanced Interactive Volatile Memory Analysis – Solomon Sonya Introducing A New Construct For Advanced Interactive Volatile Memory Analysis – Solomon Sonya Knocking On Clouds Door: Threat Hunting In Azure AD With Azula – Mangatas Tondang Moving Upstream, Securing The GitOps Workflow – Yoni Leitersdorf Sandboxing In Linux With Zero Lines Of Code – Ignat Korchagin Zero-Code Data Validation – Bernardo Sanchez Zero-Code Data Validation – Bernardo Sanchez Career Track 2020 Keynotes “Welcome to SecTor 2020” – Brian Bourne, Bruce Cowper A Hacker’s Perspective on Your Infrastructure and How to Keep Them Out of Your Life – Paula Januszkiewicz Tech for Good, Maybe – Tracy Ann Kosa Tech Track A DECEPTICON and AUTOBOT Walk into a Bar: Python for Enhanced OPSEC – Joe Gray Common Flaws in Public and Private ICS Network Protocols – Mars Cheng, Selmon Yang Defending Containers Like a Ninja: A Walk through the Advanced Security Features of Docker & Kubernetes – Sheila Berta Demystifying Modern Windows Rootkits – Bill Demirkapi Detecting Access Token Manipulation – William Burgess Detection Mastery – War Stories from the Hunters Side! – Ilya Kolmanovich, Felix Kurmish Escaping Virtualized Containers – Yuval Avrahami Getting Rid of Passwords with FIDO2 and W3C WebAuthn – Michael Grafnetter Heroku Abuse Operations: Hunting Wolves in Sheep’s Clothing – Allan Stojanovic, Spencer Cureton How to Store Sensitive Information in 2020 – Mansi Sheth Lamphone: Real-Time Passive Reconstruction of Speech Using Light Emitted from Lamps – Ben Nassi Lateral Movement and Privilege Escalation in GCP; Compromise any Organization without Dropping an Implant – Dylan Ayrey, Allison Donovan My Cloud is APT’s Cloud: Investigating and Defending Office 365 – Doug Bienstock, Josh Madeley One Malicious Message to Rule Them All – Omer Tsarfati Policy Implications of Faulty Cyber Risk Models and How to Fix Them – Wade Baker, David Severski Practical Defenses Against Adversarial Machine Learning – Ariel Herbert-Voss Security Metrics That Matter – Tanya Janca Submarines in Pirate Waters: Cloud Attack Strategies – Moses Frost The fast and the FAIL 8 – James Arlen, Dave Lewis, Nick Johnston, Laura Payne The Paramedic’s Guide to Surviving Cybersecurity – Rich Mogull Management Track Are You Doing It Wrong? Highlights into Cybersecurity Quandaries – Masarah Paquet-Clouston, Laurent Desaulniers Can’t Stop This Train – Top Cases in Privacy Litigation – Stanislav Bodrov Crown Jewels Lifecycle Management – Akshat Saxena DevSecOps: The Right Solution to The Wrong Problem – Mark Nunnikhoven I Promise It’s Not a Computer: Power Grids, Online Voting, and the Lies We Tell – Mark Dillon Only After Disaster Can We Be Resurrected: Field Lessons in Cyber Incidents – Mark Sangster Solving Security’s People Problem by Expanding the Talent Pool – Ning Wang SECurity FUNdamentals Active Directory Database Security – Michael Grafnetter An Introduction to Automotive Security in 2020 – Eric Evenchick Compliant Yet Vulnerable: Critical Risks of Measuring Instruments in Production Line – Philippe Lin, Shin Li Drinking Coffee, Unicorns & Demystifying Zero Trust – Dave Lewis PKI Well Revised: Common Mistakes Which Lead to Huge Compromise of Identity – Mike Jankowski-Lorek, Paula Januszkiewicz Ransomware Attacks: Do’s & Don’ts – Julian Pileggi The Great Hotel Hack: Adventures in Attacking the Hospitality Industry – Etizaz Mohsin Sponsor Track A Brave New World – Attacks in the Age of COVID – Aamir Lakhani A Decade After Stuxnet’s Printer Vulnerability: Printing Is Still the Stairway to Heaven – Tomer Bar, Peleg Hadar A Hackers Dream: Unmanaged Privileges – Christopher Hills A New Security Reality: Data IS the Perimeter – Gina Scinta A Savvy Approach to Leveraging MITRE ATT&CK – Travis Smith AD Security vs Modern Attacks – Bryan Patton Building a Threat Intelligence Team From Scratch on a Budget – Lilly Chalupowski Cloud First It for Dynamic Work – Sami Laine Could Your Business Survive a Ransomware Attack? – Dinah Davis, Jonathan Walsh CryCryptor, the Fake COVID-19 Tracing App That Targeted Canadians – Alexis Dorais-Joncas Cyber Threat Intelligence and Today’s Complicated Cyber Security Environments – Chris Davis Dissecting Pandemic-Themed Malware and Threat Tactics – Shyam Sundar Ramaswami Don’t Be Afraid to Upgrade: Lessons of Speed and Security From High Performance Open Source Development – Bryan Whyte Evolving Your Security Culture – Rodney Buike From Security Operations to COVID-19: Security AI State of the Nation, 2020 – Stephan Jou How an XDR Approach Helps Speed Response & Improve MITRE ATT&CK Coverage – Peter Cresswell How to Automate Security Validation and Reduce Enterprise Security Risk – Aviv Cohen How to Talk to the Board About Cybersecurity – Jeff Costlow Identifying and Defending the Perimeter With Attack Surface Management – Geoffrey Roote Intelligent Network Security: A Paradigm Shift in Cybersecurity! – Victor Tavares Knowing Is Half the battle: Shared Responsibility and Secure Configuration in the Cloud – David Lu Level Up Your SOC: Meet CyBot, Our Open Source Threat Intel Chat Bot – Tony Lee Measuring Risk in 2020 – The Enterprise of Things Security Report – Shane Coleman Mitigate Organizational Risk With Integrated Cyber Resilience – Thom Bailey Priority Intelligence Requirements (PIR) Are Not Just for Threat Intel Analysts – Jody Caldwell SASE Success Behind-The-Scenes – Nicolas (Nico) Fischbach Security Transformed – Avi Rembaum SOC Automation: Faster Decision Making and Response – Andy Skrei Sophistication Advancements in Ransomware – Josh Burgess The Hunt is On! – Matthew Balcer The Impact of Digital Transformation in the Face of Today’s Threats – Nathan Smolenski The Need for Speed: Collaborative Strategies for Accelerating Security Outcomes – Justin Pagano Threat Hunting Intelligently – Ryan Cobb Trends in IOT/OT/mIOT – Sean Tufts Understanding the Threat Landscape – Gary Sockrider Using Automation to Secure Your Remote Workforce – Karl Klaessig Using Threat Metrics for Better Information Security Program Efficacy – Leveraging MITRE ATT&CK – Brian Brown Zero Trust Security Starts With Identity – Baber Amin Tools Track Achieving PyRDP 1.0 – The Remote Desktop Pwnage MITM and Library – Alexandre Beaulieu, Olivier Bilodeau Automating Intuition: Digging for Gold in Network Data with Machine Learning – Serge-Olivier Paquette BHPD: BlueHound Path Destroyer – Mathieu Saulnier Detecting AWS Control Plane Abuse in an Actionable Way Using Det{R}ails – Felipe Espósito, Rodrigo Montoro PE Tree: How Covid19 Spurred a New Malware Reverse Engineering Tool – Tom Bonner Recon – The Road Less Traveled – Rohan Aggarwal What’s in Your Pipeline? Ups and Downs of Container Image Scanners – Shay Berkovich Career Track 2019 Keynotes “Welcome to SecTor 2019” – Brian Bourne, Bruce Cowper Creating a Culture to Foster Collaboration, Creativity, and Critical Thinking – Radia Perlman Toronto Communities Keynote – Brian Bourne, Nick Aleks, Opheliar Chan, Max Cizauskas, Lee Kagan, Helen Oakley Made in Canada – the Significance of Canadian Security Technology – Brian O’Higgins, Stephan Jou, Leo Lax, Leah MacMillan, Michele Mosca Navigating Cyberspace: Identifying a New Path to Defeating Tomorrow’s Attacks – Solomon Sonya Tech Track Behind the Scenes: The Industry of Social Media Manipulation Driven by Malware – Olivier Bilodeau, Masarah Paquet-Clouston Cloud Adoption – Trends and Recommendations for Security Teams – Fernando Montenegro Chip.Fail – Glitching the Silicon of the Connected World – Thomas Roth Cloud Native Security Explained – Tanya Janca FAIL Panel: I Quit Securi7y – James Arlen, Rich Mogull, Nick Johnston, Dave Lewis FLAIR (Fuzzy simiLArIty fRamework) – Hossein Jazi Fuzzing for your Offensive and Defensive Teams – Roy Firestein Hashes, hashes everywhere, but all I see is plaintext – Will Hunt Internet-Scale Analysis of AWS Cognito Security – Andrés Riancho Into the Fog – The Return of ICEFOG APT – Chi-en Shen (Ashley) IoT Security: An Insiders Perspective – Lee Brotherston Major Pitfalls to Avoid in Performing Incident Response in AWS – Jonathon Poling Malware in Google Play: Latest tactics used to penetrate the official app store – Corneliu Nitu One-Person Army – A playbook on how to be the first Security Engineer at a company – Kashish Mittal Poisoned RDP Offense and Defense – Dana Baril Post-Quantum Manifesto – Philippe Lamontagne Powershell is Dead. Long Live C# – Lee Kagan Profiling Fraudsters from the Darknet to ICQ – Mathieu Lavoie The SOC Counter ATT&CK – Mathieu Saulnier Threat hunting in the cloud – Kurtis Armour, Jacob Grant Your phone is using TOR and leaking your PII – Milind Bhargava, Adam Podgorski Management Track Beyond Spam: Using CASL to Stop the Spread of Malware in Canada – Neil Barratt Outrunning the Avalanche of Unmanaged, Un-agentable Devices – Nadir Izrael Quantifying Unknown Risks: Data-Driven Ways to Estimate First-Time Hacks, Emerging Risks, and Rare Incidents – Dr. Marshall Kuypers Securing pipes with TACOs – Peter Maddison The Year in Cybersecurity Law – David Fewer The Year of Privacy and Its Effect on Cyber Security – Stanislav Bodrov Pentesting for Success – Critical Success Factors – Robert Beggs SECurity FUNdamentals A Few Things Right: Insights from Live and Simulated Incident Response Failures – Chad Calease How to Build an Insecure System out of Perfectly Good Cryptography – Radia Perlman It’s Never DNS…. It Was DNS: How Adversaries Are Abusing Network Blind Spots – Edmund Brumaghin, Earl Carter OAuth – Everything You Wanted to Know but Not Really! – Elaheh Samani, Kevin Watkins Serverless Security Top 10 Risks – Tal Melamed Surviving a Ransomware Attack – Lessons from the Field – Wilfred Farias, Marco Maglaviti The CIS Critical Controls for Free – Defend all the Things! – Rob VandenBrink Sponsor Track Advanced security automation made simple – Albert Kramer AI, Intelligently. A Current Look into AI in Cyber Security. – Robert Falzon ARUBA + ZSCALER = Better Together Network Transformation – Bil Harmer, Raja Sundarrajan Beyond the Ones and Zeros: Aligning Effective Infosec and People Leadership Principles – Michael Cole Catching and Cleaning Phish (for O365) – Jim Banach Chaos, order and the road forward – perspectives on evolving cybersecurity – Gary Miller Code Signing: What You Don’t Secure Can Hurt You – Ryan Sanders, Jack Palivoda Data Governance for Risk Reduction and Value Creation – Neil Correa Embracing a Risk Adaptive Approach to Data Protection – Charles Keane Enabling Zero Trust with Artificial Intelligence – Chris Pittman Expand your cybersecurity program with complete visibility! – Mark Holub Identity – the Foundation of your Zero Trust Architecture – Robin Wilson, Madhu Mahadevan Introduction to Advanced Persistent Threats – Jill Sopko Key elements to prioritizing security vulnerabilities and risks – Darren Chin, Benjamin Li Modern MDR and Machine-Accelerated Human Response – Karl Ackerman Phishing Defense: The Art of Human Intuitive Repulsion – Jason Meurer Revitalizing the Scotiabank SOC with Big Data Security Analytics and Automation – Rob Knoblauch Risk Transformation: Plan-Build-Run in a World Without Time – Chris Gray The Race Against the Adversary: How to Win in the Era of the 18 Minute Breach – Serge Bertini The Value of Threat Intelligence – David Empringham Threats and Trends of 2019 – Austin McBride Tony Stark and Cybersecurity – Aamir Lakhani Your Tools are Protecting the Network but What is Protecting the Tools? – Matthew Adams Tools Track Car Hacking on Simulation – Rohan Aggarwal OWASP Find Security Bugs: The community static code analyzer – Philippe Arteau Step by step AWS Cloud Hacking – Andrés Riancho The Tools of a Web App Pentester – Chuck Ben-Tzur Use the Tools You Have: Threat Detection and Hunting in Azure – Daryl Novak Using Static and Runtime Analysis to Understand Third-Party Applications – Guy Acosta Visualizing Your Security Posture from Link, to Gateway, and Beyond – Joe Cummins Career Track Career Panel and Career Fair 2019 – Nick Aleks, Joe Cummins, Inna Danilevich, Kevvie Fowler, Andrea Stapley, Tom Tran 2018 Keynotes “Welcome to SecTor 2018” – Brian Bourne Are We Setup to Fail? – Mark Nunnikhoven Collaborating for a Secure Canada – Scott Jones The Future of Cyber Security – From a Friendly Hacker’s Perspective – Keren Elazari Translating a Lifetime of Learning into Cyber Risk Management – Bruce Potter Tech Track 5G: Security Status and Opportunities – Marc Kneppers Alexa, what did I do Last Summer? – Vladimir Katalov ATT&CKing the Command Line and Hunting for More – Evan Gaustad Conquering Complexity: Addressing Security Challenges of the Connected Vehicle – Ted Shorter Deep Learning – Classifying Malicious Websites with Image Recognition Models – Akbar Qureshi Don’t @ Me Hunting Twitter Bots at Scale – Olabode Anise Exploiting Hardware Wallet’s Secure Element – Sergei Volokitin Fail Panel: Revenge of the Sixth – Ben Sapiro, Bruce Potter, Dave Lewis, James Arlen, Nick Johnston HomeBrew: Developing Your Own (Threat) Intel – Chris Brewer, Chris Woods How to Select your Future Hardware Security Module (HSM) – Bruno Couillard How to Spot a Fake: Improve Your Security Operations with Real-world AI – Stephan Jou Securing Robots at Scale – Talha Tariq Security is an Illusion: How I Rob Banks – FC aka ‘Freakyclown’ Serverless Infections – Malware Just Found a New Home – Shimi Eshkenazi Smart Contract Vulnerabilities: The Most Interesting Transactions on the Ethereum Blockchain – J. Maurelian, Sarah Friend The Chrome Crusader – Lilly Chalupowski The Hunt is on! Advanced Memory Forensics Meets NextGen Actionable Threat Intelligence – Solomon Sonya The New Paradigm of Security Controls – John Lambert Twisted Haystack: Protecting Industrial Systems with Dynamic Deception – Lane Thames Unblockable Chains – Is Blockchain the Ultimate Malicious Infrastructure? – Omer Zohar Why Memory Attacks are on the Rise and How to Stop Them – Josh Fu Management Track Ashley Madison: Cybersecurity in a World of Discretion – Matthew Maglieri How Identity Management is Transforming Modern Business – Sarah Squire Integrating Privacy Engineering into Your Security Practices – John Wunderlich ISO 27001 & The GDPR – Andrew Clearwater Turning Your Cybersecurity Toddlers into Warriors! – Shira Shamban Who’s Watching the Watchers? Keeping Your Security Provider Honest – Mark Sangster Why Can’t We Build Secure Software? – Tanya Janca SECurity FUNdamentals 25 Techniques to Gather Threat Intel and Track Actors – Sun Huang, Wayne Huang A Peep into the Iron Triangle: IoT Purchasing in a ‘Me First’ Society – Tyler Reguly Building Bespoke Threat Intelligence Enrichment Platforms – Sean Tierney Make Your Own Cloud Security Monitoring Solution – John Ventura PCI for Pen Testers, Now with 100% More Cloud! – Joe Pierini Pragmatic Cloud Security: The Future is Now – Mike Rothman Threat Hunting: From Platitudes to Practical Application – Neil “Grifter” Wyler Sponsor Track Achieving Secure Digital Transformation: Turning the Dream into Reality – David Millar Behavior Analytics and Model Driven Security – Leslie K. Lambert Breach Readiness, Mandatory Reporting and You! – Danny Pehar Case Studies in Defending Your Digital Enterprise – Matt Broda Crowd Sourced Security – Applying the Wisdom of the Crowd to Cyber Defences – John “Lex” Robinson Cybersecurity Evolution/Cost Reduction Paradox – Ajay Sood Developing and Implementing an Effective Endpoint Security Strategy – Kurtis Armour Encryption is More than a Button – Alex Loo Everything or Nothing: Active Defense in the Corporate World? – Aamir Lakhani From Profit to Destruction: Analyzing Today’s Threat Landscape – Earl Carter Internet of Things: Is Winter Coming? – Robert Falzon Minority Report: A Predictive “Pre-crime” Approach Requires a Human Focus – Charles Keane On the Eve of Quantum Computing: The Definitive Need for Crypto Agility – Chris Hickman Orchestrate. Automate. Accelerate. – Jadon Montero Reinventing PC & Printer Security – Kurt Lysy Security Powered by Big Data – David Soto Standing Up to Cryptojacking – Best Practices for Fighting Back – Matthew Hickey Streamlining Compliance Programs for Operational Security – Mark Holub The Human Firewall is on Fire – What Do You Do When the Smoke Clears? – Mounil Patel The Real Deal About AI – Josh Fu Tools Track Angad: A Malware Detection Framework Using Multi-Dimensional Visualization – Ankur Tyagi Elytron: Next-Generation Security for Java Servers – Farah Juma Extending Your Incident Response Capabilities with Sysmon – Peter Morin Heimdall: Vulnerable Host Discovery and Lifecycle Monitoring Toolkit – Andrea Braschi How much Cyber Insurance Do You Need, or Do You Need it at All? – Julien Ducloy Keyspace Reduction in Mechanical Locks – Schuyler Towne Malboxes: Make Malware Analysis More Accessible – Olivier Bilodeau Weapons of a Pentester – 2018 Edition – Nick Aleks Career Track Developing Your Career in IT Security (2018) – Brian Bourne, Dave Millier, Maxwell Shuftan, Laura Payne, Stephan Jou, Donald Messier 2017 Keynotes “Welcome to SecTor 2017” – Brian Bourne Fighting Cyber(in)security – David Shrier Prosperity and Security: A Renewed Approach to Cyber Security for Canada – Colleen Merchant Security and Privacy in a Hyper-connected World – Bruce Schneier Winning Defense – Allison Miller Tech Track “BlueBorne” Explained – New Attack Vector Exposing 5B+ Devices – Nadir Izrael A Deep Dive into the Digital Weapons of Mysterious Cyber Army – Chi-en Shen (Ashley) Attacking Modern SaaS Companies – Sean Cassidy Botract – Abusing smart contracts and blockchain for botnet command and control – Majid Malaika Breaking the Laws of Robotics: Attacking Industrial Robots – Stefano Zanero Disrupting the Mirai Botnet – Chuck McAuley FAIL Panel Version 5 – EquiFAIL! – James Arlen, Dave Lewis, Ben Sapiro, Rich Mogull Gitting Betrayed: How agile practices can make you vulnerable – Clint Gibler, Noah Beddome Improving Incident Response for ICS – Dean Parsons Incident Response and Forensics in AWS – Jonathon Poling Lies and Damn Lies: Getting Past the Hype Of Endpoint Security Solutions – Lidia Giuliano MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need to Adapt) – Chris Thompson Pwning a Smart Home in Under 10 Minutes – Aditya Gupta Reverse Engineering Automotive Diagnostics – Eric Evenchick Rootkits vs Ransomware 2.0. Using evil to fight for good – Boris Rudakov Securing Shopify’s PaaS on GKE – Jonathan Pulsifer The Black Art of Wireless Post-Exploitation – Gabriel Ryan The Cyberwar Playbook: Financial Services as Critical Infrastructure – Jennifer Fernick, Louise Dandonneau The quantum threat: what really matters today? – Michele Mosca, Vlad Gheorghiu Threat Hunting an Evolving Malware Campaign and the Actors Behind It – Jeremy Richards When Two-Factor Authentication is a Foe: Breaking the iCloud Keychain – Vladimir Katalov Management Track Best Practices to Secure Application Containers and Microservices – Anil Karmel Does a BEAR Leak in the Woods? What the DNC breach, Guccifer and Russian APT’s have taught us about attribution analysis – Toni Gidwani Establishing the CSIRT Team for The Rio 2016 Olympic Games – Rômulo Rocha GDPR for Canadian Organisations – What you need to know! – Bruce Cowper Leveraging Best Practices to Determine Your Cyber Insurance Needs – Dave Millier, Matthew Davies Power Up/Level Up: Supercharging Your Security Program for Cloud and DevOps – Rich Mogull Your Chance to Get It Right: 5 Keys to Building AppSec Into DevOps – Chris Wysopal SECurity FUNdamentals After the Incident: DIY Forensic Collection – Eugene Filipowicz Barbarians At The Gate(way): An Examination Of The Attacker’s Tool Box – Dave Lewis Breach Happens: Effectively Responding to a Data Breach – Iain Paterson Building Your Own Open-source Android Penetration Testing Platform – Amadeus Konopko, Jean-Paul Mitri Common Attacks Against Active Directory and How to Protect your Organization Against Them – Kevin McBride Frugal Web Application Testing – Can in-house penetration testing achieve industry standard results while saving you money? – Harshal Chandorkar, Natalia Wadden Top SIEM Use Cases You Should Implement Today – Julian Pileggi Sponsor Track Boosting Canada’s Cyber Immune System for Internet Health – Matt Broda Building a Secure Foundation for the Internet of Things (IoT) – John Grimm Building Your Own Automated Malware Analysis Lab for Insights on Active Threats. – Kurtis Armour Cloud Security is Application Security – Securing the Cloud as a Team – John Turner Cyber Crime and Financial Crime: different sides of the same coin – Tyson Macaulay Decoding Cyberespionage from Insider Mistakes – Ken Bell How to Ramp Up Security Operations to Stop Advanced Threats – David Millar Hunting Ransomware: Automate protection to get ahead of the next global outbreak – Sean Earhard Insider Threat Analytics & Anomalous Behaviors – Carl Miller Moving Up the Security Maturity Curve – The Sisyphean Task – Jamie Hari Prioritizing Vulnerability Remediation From an Attacker’s Perspective – Bharat Jogi Privileged Access Security for Hybrid Cloud: Secure Amazon, Azure and Google Environments – Wade Tongen Security Automation and Orchestration That Won’t Get You Fired – Syra Arif Security consideration for Microservices using Container Technology – Ralph Janke Skin​ ​in​ ​the​ ​Game:​ ​How​ ​Security​ ​Teams​ ​are​ ​Scaling​ ​Through​ ​IT​ ​Orchestration – Jen​ ​Andre Take Best Practices to the Next Level – Ken Muir The Future of Privacy – David Fewer The Power Of Integration – Brian Read The Spy in Your Pocket – Bobby Buggs The State of the Phish and Response – Mike Saurbaugh Threat hunting demystified – Strengthening risk management through proactive investigation and response – Michael Otto Tools Track Chkrootkit: Eating APTs at Breakfast Since 1997 – Nelson Murilo Extending BloodHound for Red Teamers – Tom Porter Metasploit Community: Tips, Tricks and What’s New – Jeffrey Martin NOAH: Uncover the Evil Within! Respond Immediately by Collecting All the Artifacts Agentlessly – Pierre-Alexandre Braeken Security Training in a (Virtual) Box – Marcelle Lee, Joe Gray TLS Tools for Blue Teams – Lee Brotherston Weapons of a Pentester – Nick Aleks Career Track Developing Your Career in IT Security (2017) – Dave Millier, Eric Belzile, Laura Payne, Mike Murray, Nik Alleyne 2016 Keynotes “Welcome to SecTor 2016” – Brian Bourne Defense Against the Dark Arts: Examining, Fixing and Fighting for our Cyber Defenses – Edward Snowden It’s 2016: What can you do about gender balance in Information Security? – Laura Payne and Co., Alexis Lavi, Andrea Stapley, Julie Leo, Karen Nemani, Marilyn Blamire Retaking surrendered ground: making better decisions to fight cybercrime – Chris Pogue Securing Our Future – Mikko Hypponen Tech Track [Ab]using TLS for defensive wins – Lee Brotherston AirBnBeware: short-term rentals, long-term pwnage – Jeremy Galloway CANtact: Open Source Automotive Tools – Eric Evenchick Control system security, are we living on luck? – Chris Sistrunk Crash Course in Kubernetes & Security – Matt Johansen EventID Field Hunter (EFH) – Looking for malicious activities in your Windows events – Rodrigo Montoro Hack Microsoft by using Microsoft signed binaries – Pierre-Alexandre Braeken Hiding in Plain Sight – Taking Control of Windows Patches – Travis Smith How to build a malware classifier [that doesn’t suck on real-world data] – John Seymour How To Secure Serverless Applications – Kellman Meghu Jihadism and Cryptography, from internet to softwares – Julie Gommes Lessons Learned Hunting IoT Malware – Olivier Bilodeau Making sense of a million samples per day: Behavior-based Methods for Automated, Scalable Malware Analysis – Stefano Zanero Open Source Malware Lab – Robert Simmons Practical Static Analysis for Continuous Application Security – Justin Collins Purple Teaming the Cyber Kill Chain: Practical Exercises for Management – Chris Gates, Haydn Johnson RTF Abuse: Exploitation, Evasion and Counter Measures – Devon Greene Securing Network Communications: An Investigation into Certificate Authorities on Mobile – Andrew Blaich The State of SCADA on the Internet – Kyle Wilhoit Utilizing Memory and Network Forensics for Scalable Threat Detection and Response – Andrew Case WiFi Exploitation: How passive interception leads to active exploitation – Solomon Sonya Management Track Cybersecurity in an era with quantum computers: will we be ready? – Michele Mosca Data-Driven Computer Security Defense – Roger Grimes Getting Business Value from Penetration Testing – Mark Bassegio, Tim West How to Rob a Bank or The SWIFT and Easy Way to Grow Your Online Savings – Cheryl Biswas Introducing G.Tool – A batteries included framework for building awesome GRC tools without wasting money. – Ben Sapiro Safety Should be the Security Paradigm – Chris Wysopal Security by Consent, or Peel’s Principles of Security Operations – Brendan O’Connor SECurity FUNdamentals All roads lead to domain admin, a part of a presentation series: From breach to C.D.E. Part I – Yannick Bedard Can massive data harvesting drive down the time to breach detection? – Sean Earhard Expanding Your Toolkit the DIY Way – Chris Maddalena IPv6 for the InfoSec Pro on the Go – Allan Stojanovic Lighting up the Canadian Darknet Financially – Milind Bhargava, Peter Desfigies, Philip Shin The Power of DNS: Gaining Security Insight Through DNS Analytics – Scott Penney The Security Problems of an Eleven Year Old and How To Solve Them – Jake Sethi-Reiner Fail Panel – James Arlen Sponsor Track An Effective Approach to Automating Compliance Activities – Dave Millier Defending Against Phishing: Effective Phishing Incident Response Using Employees, Incident Responders, and Intelligence. – Mike Saurbaugh Eliminating the Automation and Integration Risks of the “Security Frankenstein” – Chris Pogue Exposing Ransomware: Intelligent cybersecurity for the real world. – Sean Earhard Global Encryption Usage is on the Rise! – Si Brantley Held for Ransom: Defending your Data Against Ransomware – James L. Antonakos Lessons from the Attack Chain: Bolster Your IR Program – Eric Sun Network virtualization to enhance context, visibility and containment – Bruno Germain Next-Gen Now, Outsmarting ransomware, exploits and zero-day attacks – Keir Humble Overwhelmed By Security Vulnerabilities? Learn How To Prioritize Remediation – Amol Sarwate Rethinking Threat Intelligence – Danny Pickens Securing a Cloud-Based Data Center – Peter Cresswell Stopping the Attacker You Know – Brian Read The Cyber Security Readiness of Canadian Organizations – Ryan Wilson The Emerging Era of Cognitive Security – Peter Allor The Industry Need for Cloud Generation Security – Ryan Leonard Understanding Ransomware: Clear and Present Danger – Raul Alvarez Threat Landscape, Technology in action – Robert Falzon Why Technology is Not the Answer to Cybersecurity – Sean Blenkhorn Career Track Developing Your Career in IT Security – Panel 2015 Keynotes “Welcome to SecTor 2015” – Brian Bourne Big Data Needs Big Privacy … Enter Privacy by Design – Dr. Ann Cavoukian IT Security Operations: Successful Transformation – Kristin Lovejoy Globalization of Cybercrime – Jason Brown Maturing InfoSec: Lessons from Aviation on Information Sharing – Trey Ford Tech Track Automation is your Friend: Embracing SkyNet to Scale Cloud Security – Mike Rothman Breaking Access Controls with BLEKey – Mark Bassegio and Eric Evenchick Breaking and Fixing Python Applications – Enrico Branca Complete Application Ownage via Multi-POST XSRF – Adrien de Beaupré Confessions of a Professional Cyber Stalker – Ken Westin Cymon – An Open Threat Intelligence System – Roy Firestein Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing – Alex Pinto DevOps For The Home – Kellman Meghu Drug Pump and Medical Device Security – Jeremy Richards Exploitation Trends: From Potential Risk to Actual Risk – Tim Rains Hijacking Arbitrary .NET Application Control Flow – Topher Timzen Incoming Threats At the Speed of Retail – Wendy Nather Learning To Love Your Attackers – Ryan Linn Making & Breaking Machine Learning Anomaly Detectors in Real Life – Clarence Chio Malware Activity in Mobile Networks – An Insider View – Kevin McNamee Software Defined Networking / Attacker Defined Networking – Rob VandenBrink Stealth Attack From The Produce Aisle – Todd Dow and Keith Benedict Stealthier Attacks and Smarter Defending with TLS Fingerprinting – Lee Brotherston UNMASKING MALWARE – Christopher Elisan What Google knows about you and your devices, and how to get it – Vladimir Katalov Xenophobia is Hard on Data: Forced Localization, Data Storage, and Business Realities – Brendan O’Connor and James Arlen Management Track Bulletproofing Your Incident Response Plan: Effective Tabletops – Reg Harnish CISO Survival Guide: How to thrive in the C-Suite and Boardroom – Chris Wysopal Dolla Dolla Bill Y’all: Cybercrime Cashouts – Benjamin Brown Make Metrics Matter – Jessica Ireland The Effective Use of Cyber Ranges for Application Performance and Security Resilience – Train Like You Fight! – Bob DuCharme There’s no such thing as a coincidence – Discovering Novel Cyber Threats – Jim Penrose What does it take to deliver the most technologically advanced Games ever? – Enzo Sacco and Quang Tu SECurity FUNdamentals Agile Incident Management – Bringing the “Win” Back to Data and Privacy Breach Responses – Robert Beggs Building an Effective Vulnerability & Remediation Management Program – Dave Millier Ground Zero Financial Services: Targeted Attacks from the Darknet – Joe Pizzo Peeling The Layers Of Vawtrak – Raul Alvarez Preventing Home Automation Security Disasters – James Arlen Run Faster, Continuously Harden – Embracing DevOps to Secure All The Things – Chayim Kirshen Security for non-Unicorns – Ben Hughes The Internet of Bad Things and Securing the Software Defined Data Center – Ian Redden and Marc Edun Sponsor Track 2015 State of Vulnerability Exploits – Amol Sarwate Advanced Threat Analytics: Adapt as Fast as Your Enemies – Jasbir Gill and Lanny Cofman Advanced Threats: Eliminating the Blind Spot – Fahmy Kadiri Browser and Environment Hardening – Kurtis Armour Building Better Indicators: Crowdsourcing Malware IOCs – Sean Wilson Business Backed CVEs – The Major Vulnerabilities of the Past Year – Atif Ghauri and Brad Antoniewicz Certifi-gate: Has your Android device been Pwned? – Shai Yanovski Changing the Game of Threat Hunting – Jim Penrose Detecting the Bear in Camp: How to Find Your True Vulnerabilities – Ryan Poppa Effective Ways to Tackle Vulnerability Remediation – Dave Millier Ensuring the Success of Your IAM Project – Jeremy Hanlon Exposing Advanced Threats: How big data analytics is changing the way advanced threat defense is deployed, managed and measured – Sean Earhard Insider Threat – The Soft Underbelly of CyberSecurity – Harold Byun Knowing what happened is only half the battle. – Grayson Lenik Mitigating the Alert – Impact Prevention in a super active security battlefield – Brian Read One Ring to Rule Them All – Hardware isolation and the future of virtualization security – Simon Crosby SIEM and the Art of Log Management – Jeff Pold and Ron Pettit Taking back Endpoint Control! – John Beal The State of Software Security – Chris Wysopal 2014 Keynotes “Welcome to SecTor 2014” – Brian Bourne New Era Risk Management: Using Information to Predict, Understand and Mitigate Organizational Threats – Ray Boisvert The Connected Car: Security Throwback – Chris Valasek The Extinction of Trust – Felix ‘FX’ Lindner $#!T My Industry Says. . . – Kellman Meghu Tech Track ALL YOUR MACS ARE BELONG TO US – Christopher Elisan Attrition Forensics, Digital Forensics For When the Going Gets Tough and the Stakes Are High – Troy Larson Corporation in The Middle – Lee Brotherston Demystifying the mobile network – Chuck McAuley Document Tracking for Fun, Insight, and Profit – Roy Firestein Elevator Hacking: From the Pit to the Penthouse – Deviant Ollam and Howard Payne Cybercrime 101 – Christopher Pogue Hide it with encryption, display it with performance – Brandon Niemczyk and Prasad Rao How’d That End Up On Pastebin? – Ryan Linn Hunting Malware on Linux Production Servers: The Windigo Backstory – Olivier Bilodeau KickaaS Security with DevOps and Cloud – Rich Mogullsau Mobile Fail: Cracking Open “Secure” Android Containers – Chris John Riley Pentesting in SDN – Owning the controllers – Roberto Soares Play Flappy Bird while you pentest Android in style – Chris Liu and Matthew Lionetti POS Malware Evolved – Josh Grunzweig Predictions Panel – Moderated by Bruce Cowper Reverse Engineering a Web Application – For Fun, Behavior & WAF Development – Rodrigo Montoro and Daniel Cid Stay Out of the Kitchen: A DLP Security Bake-off – Zach Lanier The Internet of Fails: Where IoT Has Gone Wrong and How We’re Making It Right – Mark Stanislav and Zach Lanier The Latest Changes to SAP Security Landscape – Alexander Polyakov Unmasking Careto through Memory Analysis – Andrew Case Management Track Asymmetry in Network Attack and Defense – William Peteroy FAIL Panel Again! Third time’s the charm – Ben Sapiro, Dave Lewis, James Arlen Human Metrics – Measuring Behavior – Lance Spitzner Quantitative Risk Analysis and Information Security: An OpenFair Case Study from BMO – Laura Payne Re-Thinking Security Operations – Dave Millier and Mike Lecky Scaling Security in Agile Scrum – Chris Eng Security Awareness Has Failed: A Suggested New Approach! – Francois van Heerden SECurity FUNdamentals Track Covering my IaaS: Security and Extending the Datacenter – Brian Bourne and Tadd Axon Identity in the Age of the Cloud – Madhu Mahadevan Pulling back the covers on credit card fraud: A detailed look at financial fraudware. – Chester Wisniewski So, you want to be a pentester? – Heather Pilkington Stupid H4x0r Tricks v2.0 – Stupid is as Stupid Does – Chris Pogue and Grayson Lenik The Things You See (and Application Scanners Won’t) – Chuck Ben-Tzur What’s Behind “Big Data” and “Behavioral Analytics” – Stephan Jou Sponsors Track 4 Undeniable Truths about Advanced Threat Protection – Patrick Vandenberg A New Way to Look at Endpoint Security – IT’s Job in a Connected World – Claudio Damaso and Alex Binotto Anatomy of a Credit Card Stealing POS Malware – Amol Sarwate Casting Light on a Dark Web – Aamir Lakhaniaaron Check Point Compliance Software Solutions “Your Second Set of Eyes” – Scott Tripp CYDBA: Protecting Your Applications’ Rear End – Josh Shaul Data protection and Identity Management at cloud scale – Jasbir Gill The Theory of Cyber Security Evolution: Adopting Continuous Active Threat Protection and Security as a Service – Mark Sangster Getting Into Mobile Without Getting Into Trouble, A Guide for the Stodgy Old Enterprise – Greg Kliewer How Scalar is Providing Information Security Services to the TO2015 Pan Am and Parapan American Games – Frederic Dorré Introducing Recog, an open source project utilizing Sonar data for asset and service identification – Ross Barrett & Ryan Poppa Next Generation SOC: Building a Learning Security Ecosystem Using HP ArcSight Technology – Matt Anthony OS Legacy Systems – Alexander Rau Phishers are Boring Party Guests: The Value of Analyzing Stale, Recycled Phishing Content – Aaron Higbee Security for the People: End-User Authentication Security on the Internet – Mark Stanislav SilverBlight – Craig Williams The Rise of Threat Detection and Response – Lucas Zaichkowsky 2013 Keynotes “Welcome to SecTor 2013” – Brian Bourne “How the West was Pwned” – G. Mark Hardy “Why We Need DevOps Now: A Fourteen Year Study Of High Performing IT Organizations” – Gene Kim “Crossing the line; career building in the IT security industry” – Keynote Panel “Tech it out ” – Marc Saltzman Tech Track “BIOS Chronomancy” – John Butterworth “Big Data Security, Securing the insecurable” – Kevvie Fowler “Malware Automation” – Christopher Elisan “MILLION BROWSER BOTNET” – Matt Johansen “RATastrophe: Monitoring a Malware Menagerie” – Seth Hardy and Katie Kleemola “Software Refined Networking – The Path To Hell Is Paved With Good Abstraction” – Christofer Hoff “Running at 99%, mitigating a layer 7 DoS” – Ryan Huber “Popping the Penguin: An Introduction to the Principles of Linux Persistence” – Mark Kikta “Exploiting the Zero’th Hour: Developing your Advanced Persistent Threat to Pwn the Network” – Solomon Sonya and Nick Kulesza “Swiping Cards At The Source: POS & Cash Machine Security” – Ryan Linn and John Hoopes “Cryptographically Isolated Virtualized Networks – A Community of Interest Approach” – Robert Johnson “.NET Reversing: The Framework, The Myth, The Legend” – Kelly Lum “CeilingCat IS Watching You” – Shane MacDougall “Build Your Own Android Spy-Phone” – Kevin McNamee “Weaponized Security” – Kellman Meghu “The World’s Deadliest Malware” – Christopher Pogue “Your own pentesting army complete with air support” – Philip Polstra “BREACH: SSL, Gone in 30 seconds” – Angelo Prado and Yoel Gluck “Pivoting in Amazon clouds” – Andrés Riancho “Fiber Channel – Your OTHER Data Center Network” – Rob VandenBrink “Needle in a Haystack – Harnessing Big Data for Security” – Dana Wolf Management Track “Return of the Half Schwartz FAIL Panel w/Tales from beyond the echo chamber” – James Arlen, Dave Lewis, Mike Rothman and Ben Sapiro “Building a Security Operations Center – Lessons Learned” – Yves Beretta “Reacting to Cyber Crime: Preserving Crucial Evidence for Law Enforcement” – David Connors and Stéphane Turgeon “SDN : Radically New Network Architecture, Same Old Cyber Security Protection ” – Llewellyn Derry “Data in the Cloud. Who owns it and how can you get it back?” – Dave Millier “Microsoft Security Intelligence Report, Canadian Edition” – Tim Rains “FUFW: 5 Steps to Re-architecting Your Perimeter” – Mike Rothman SECurity FUNdamentals “CRYPTOGEDDON – Sector 2013 Edition: Online Cyber Security War Game ” – Todd Dow “Watching the watchers: hacking wireless IP security cameras” – Artem Harutyunyan and Sergey Shekyan “Threat Modeling 101” – Leigh Honeywell “Appsec Tl;dr” – Gillis Jones “Frayed Edges; Monitoring a perimeter that no longer exists” – Mark Nunnikhoven “Vulnerability analysis of 2013 SCADA issues” – Amol Sarwate “How they get in and how they get caught” – Schuyler Towne Sponsor Track “Beyond the Smokers Entrance – Physical Security Assessments in Hardened Environments” – Mark Baseggio and Jamie Gamble “Analyzing Exploit Packs: Tips & Tricks” – Mohamad AL-Bustami “It Takes a Village: Reducing the Threat Gap by Allying with Your Competition” – Michael A Barkett “The Threat Landscape” – Ross Barrett and Ryan Poppa “Stopping Cross Contamination with Network Access Control…”The ULTIMATE PATCH” ” – Toni Buhrke “Enterprise Forensics = new category that focuses on user activity and what drives the business (analytics + behavior) ” – Gary Freeman “How to Connect Security to the Business” – Jeanne Glass “Information & Risk Mitigation” – Neils Johnson “Trust No One: The New Security Model for Web APIs” – Greg Kliewer “The US Department of Homeland Security’s Software Assurance Enumerations” – David Maxwell “Enabling Access Assurance and Identity Intelligence for a multi-perimeter world ” – Sridhar Muppidi “Vulnerability Management Programs and Lessons Learned from the Field” – Bill Olson “Securing Enterprise Mobility beyond MDM” – Danny Pehar and Ali Afshari “The Bad Boys of Cybercrime” – Christopher Pogue “Identity & Access Governance: Key to Security or Completely Useless?” – Jackson Shaw “Modern Malware and APTs – What Current Controls Can’t See” – Ajay Sood “Ending the information security arms race with end-to-end encryption” – Jill Walsh “Fortifying Canada’s Cyberspace: Together” – John Weigelt “Today’s Cyber Threat Landscape – Prevention is no cure” – Lucas Zaichkowsky 2012 Keynotes “When Does Lawful Access Become Lawful Surveillance: The Future of Lawful Access in Canada” – Michael Geist “How NOT to do Security: Lessons Learned from the Galactic Empire” – Kellman Meghu “Exploring the NFC attack surface” – Charlie Miller “Global Efforts to Secure Cloud Computing” – Jim Reavis Tech Track “With new technologies come new vulnerabilities” – Chuck Ben-Tzur “Sploitego – Maltego’s (Local) Partner in Crime” – Nadeem Douba “Pwned in 60 Seconds – From Network Guest to Windows Domain Admin” – Zack Fasel “Hadoop Forensics, Tackling the elephant in the room” – Kevvie Fowler “The More Things Change: The vulnerabilities that time forgot” – Jamie Gamble “Poortego: An OS-INT correlation tool for the 99%” – Mike Geide “Recent Advances in IPv6 Security” – Fernando Gont “APT ALL THE THINGS: are Mac users no longer safe?” – Seth Hardy “Monday Night Malware” – Jibran Ilyas & Christopher Pogue “Conquer the Beast – How to Effectively Manage Open-source Intelligence Outbursts” – Kevvie Fowler and Naveed Ul Islam “Reversing Patches for Exploit Creation, Pen-Testing or Just Fun!” – Bharat Jogi “Hunting Carders for fun and profit” – Grayson Lenik “Hey, I just middled you, and this is crazy” – Ryan Linn “Hacking .NET Applications: The Black Arts (v2)” – Jon McCoy “Threat Attribution via DNS” – Gunter Ollmann “Introducing ‘Android Security Evaluation Framework’ – ASEF” – Parth Patel “Anti-Forensic Techniques and Countermeasures” – Michael Perklin “Sniper Forensics: Reloaded” – Christopher Pogue “Microsoft Security Intelligence Report; Canadian Edition” – Tim Rains “VMware ThinApp: Does Isolation Trim your Risk?” – Tyler Reguly and Jordan Powers “Building Dictionaries and Destroying Hashes Using Amazon EC2” – Steve Werby Management Track “*PT, Chinese cyber-something, the summer of breach and doing it wrong” – Ben Sapiro, Mike Rothman, Dave Lewis and James Arlen “Cybercrime in Canada: a Law Enforcement Perspective” – Dave Black “How I Learned to Stop Worrying and Love the Cloud ” – Chris Carpenter “The Defense RESTs: Automation and APIs for Better Security” – David Mortman “Controlling BYOD before it Becomes Your Own Demise” – Mike Rothman “Microsoft’s Response Process: 10 Years of Hard-Knock Learning” – David Seidman and Jeremy Tinder “A Forecast of Data Loss in Canada” – Dave Senf “BlackHat to Black Suit” – James Arlen “Network forensics – the orphan child of cyber investigations” – Robert Beggs “Targeted Malware Attacks – Sophisticated Criminals or Babytown Frolics?” – Josh Grunzweig and Ryan Merritt “Introduction to Web Application Testing” – Dave Millier and Assef G. Levy “Physical Security In Context” – Schuyler Towne “Inside the Blackhole Exploit Kit (BHEK)” – Chester Wisniewski “DNSSEC: Securing the DNS and beyond” – Paul Wouters Turbo Track “Hitting Above The Security Mendoza Line” – Ed Bellis “Getting Shells When Metasploit Fails” – Ryan Linn “Security Organizational Behaviour – making people part of the solution” – John Proctor “Forget Malicious Links and Fear the QR Code” – Steve Werby Sponsor Track “Life’s a Breach! Lessons Learned from Recent High Profile Data Breaches” – Ross Barrett “Web Application Scanning in the SDLC” – Will Bechtel “Best Practices on building and operationalizing Microsoft SCOM for health and performance monitoring.” – Rodney Buike “Engineering the Social Animal” – Robert Falzon “Mobile Security: Protecting your Corporate Smartphones from Malware & Targeted Attacks” – Dennis Fisher “Face Today’s Threats Head-On: Best Practices for a BYOD World” – Sangameswaran Manikkayam Iyer “Exposing Enterprise Services to Mobile Platforms” – Greg Kliewer “Differences between SOA/XML Gateway and a Web Application Firewall” – Jason Macy “Importance of integrating network forensics with host forensics” – Jason Mical “ACTing Out – Automated Compliance Testing” – Dave Millier “Microsoft Trustworthy Computing Cloud Security, Privacy, and Reliability in a Nutshell” – Tim Rains “Using a SIEM Solution to Enable the Business” – Matthew Schnarr “The Kill Chain and Evolution in Intrusion Detection Mechanisms ” – Eldon Sprickerhoff “Threat Intelligence: What makes it smart” – C. Thomas “The Benefit of a “Research-Driven” IT Security Partner, especially in this day of Modern Malware” – William Tysiak and Elvis Gregov 2011 Keynotes “Trust me, I am a cloud vendor!” – Bruce Cowper “Thinking Differently: Bringing the Hacker Mindset to the Corporate Environment” – Joe Grand “Online Attacks and Espionage by Nation-States” – Mikko Hypponen “The Bizarre Business of Rogue Internet Pharmacies” – Brian Krebs Tech Track “Near Field Communications (NFC) mobile security for those with No F’ing Clue” – Corey Benninger and Max Sobell “FireShark – A Tool to Link the Malicious Web” – Stephan Chenette “Weaponizing The Smartphone: Deploying The Perfect WMD” – Nicholas Donarski “Finding Evil in Live Memory” – Michael J. Graven “What is an APT without a sensationalist name?” – Seth Hardy “Time and Place: Finding Evil with Atemporal Time Line Analysis” – Dave Hull “A Replicant by Any Other Name: A Security Analysis of the BlackBerry PlayBook” – Zach Lanier and Ben Nell “I’m Your MAC(b)Daddy” – Grayson Lenik “Progression of a Hack” – Ryan Linn “Browser Security Face-off: Browser Security Edition” – Paul Mehta and Shawn Moyer “HTTP Header Hunter – Looking for malicious behavior into your http header traffic” – Rodrigo Montoro “A Technical View on Cloud Security: How Not To Get Your Undies In A Bunch aka Please Don’t Squeeze The Charmin ” – David Mortman “SSD: Solid State Drives & How They Work For Data Recovery And Forensics” – Scott Moulton “Targeted and Opportunistic Botnet Building” – Gunter Ollmann “Malware FreakShow” – Nicholas J. Percoco and Jibran Ilyas “Sniper Forensics v3.0: Hunt” – Chris Pogue “Infosec Sheepdogs: Creating an Abstraction/Translation Layer Between InfoSec and Law Enforcement” – Nick Selby “How to Survive DDoS the Play at Home Game” – Michael Smith “Bust a Cap in an Android App” – Patrick Szeto and Maxim Veytsman “Wireless Hacking Techniques and Tips” – Kent Woodruff “FACEROUTE: Mapping and Harvesting Social Media Sites” – Rob VandenBrink Management Track “Security When Nanoseconds Count” – James Arlen “It’s Not About the “Warm Fuzzy” – How to Plan for a Comprehensive Penetration Exercise” – Kai Axford “The Search for Intelligent Life” – Ed Bellis “Built What? Why The Bad Guys Do It Better” – Sean Bodmer “Change Happens: CISO Survival Through Adaptation” – Jack Daniel, David Mortman, Gal Shpantzer, Michael Smith and Stacy Thayer “Everything You Need to Know about Cloud Security (and then some)” – Mike Rothman “Binary Risk Analysis” – Ben Sapiro Turbo Track “OSSAMS, Security Testing Automation and Reporting” – Adrien de Beaupré “Cubical Warfare, The next Arms Race” – Jason Kendall “Incident Response Kung fu: Tree Style” – Jason Kendall “Disc Detainer Locks” – Schuyler Towne Sponsor Track “Security Testing” – Areg Alimian “Walking on the Crocs back – when security measures fail” – Travis R. Barlow “Mapping The Penetration Tester’s Mind – An introduction to a pentester’s approach to security audits” – Nicholas Donarski “Detecting The Insider Threat- Finding The Needle in Stack of Needles” – Omar Garcia “Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests” – Rob Havelt “Be Ready for IPv6 Migration and Beyond! ” – Cricket Liu “Evolution of Digital Forensics” – Jason Mical “Building a GRC Strategy” – Dave Millier “Anatomy of a Data Breach: Exploring the Current Threat Landscape” – Paul Pinkney “Cybersecurity, the Law, and You” – Bill Roth “Think outside the enterprise security box” – John Trollinger “Information Security and Risk pertaining to smart phone and mobile devices” – Nicholas (Nic) Wetton 2010 Keynotes SecTor 2010 Introduction – Brian Bourne “The Problem with Privacy is Security” – Tracy Ann Kosa “Today’s Face of Organized Cyber Crime: A Paradigm for Evaluating Threat” – Steve Kelly “Attribution for Intrusion Detection” – Greg Hoglund “Involuntary Case Studies in Data Security” – Mike Rothman Tech Track “SCADA and ICS for Security Experts: How to avoid cyberdouchery” – James Arlen “Starting an InfoSec Company: Three Founder’s Stories” – Robert Beggs, Dave Millier, Brian O’Higgins and Eldon Sprickerhoff “Building the DEFCON network, making a sandbox for 10,000 hackers” – David Bryan and Luiz Eduardo “Dissecting the Modern Threatscape: Malicious Insiders, Industrialized Hacking, and Advanced Persistent Threats” – Brian Contos “Sharingan – A Ninja art to Copy, Analyze and Counter Attack” – Mrityunjay Gautam “CLOUDINOMICON: Idempotent Infrastructure, Survivable Systems & Bringing Sexy Back to Information Centricity” – Chris Hoff “Google’s approach to malware on the web” – Fabrice Jaubert “IPv6, for worse or better” – Joe Klein “Metasploit Tips and Tricks” – Ryan Linn “Inside The Malware Industry” – Garry Pejski “Malware Freakshow 2010” – Jibran Ilyas and Nicholas J. Percoco “How I Met Your Girlfriend” – Samy Kamkar “Into the Black: Explorations in DPRK” – Mike Kemp “What’s Old Is New Again: An Overview of Mobile Application Security” – Zach Lanier and Mike Zusman “Into the Rabbit Hole” – Rafal Los “Black Berry Security FUD Free” – Adam Meyers “Beyond Exploits: Real World Penetration Testing” – HD Moore “The Four Types of Lock” – Deviant Ollam “Sniper Forensics v2.0 – Target Acquisition” – Christopher Pogue “Web Application Payloads” – Andres Pablo Riancho “Distributed Denial of Service: War Stories from the Cloud Front” – Michael Smith Management Track “Gates, Guards, and Gadgets: An Introduction to the Physical Security of IT” – Kai Axford “SDL Light: A practical Secure Development Lifecycle for the rest of us” – Marisa Fagan “Mastering Trust: Hacking People, Networks, Software, and Ideas.” – Pete Herzog “How Many Vulnerabilities? And Other Wrong Questions” – David Mortman “Smashing the stats for fun and profit v.2010” – Ben Sapiro “400 Apps in 40 Days” – Sahba Kazerooni and Nish Bhalla “How do we prevent, detect, respond and recover from CRM failures?” – Kelly Walsh Turbo Track “Cloud definitions you’ve been pretending to understand” – Jack Daniel “64-bit Imports Rebuilding and Unpacking” – Sebastien Doucet “Building your own secure U3 launchable Windows forensic toolkit” – Jason Kendall “Securing your network with open-source technologies and standard protocols: Tips & Tricks” – Nick Owen “Fuzzing Proprietary Protocols – A Practical Approach” – Thomas Proll “Barcodes: Read it, Write it, Hack it” – Michael Smith “BLINDELEPHANT: Web Application Fingerprinting with Static Files” – Patrick Thomas “OMG-WTF-PDF” – Julia Wolf Sponsor Track “Microsoft’s cloud security strategy” – Mohammad Akif “Do it yourself – Security Assessments made easy and FREE” – John Andreadis “Crime & Carelessness: Gaps that Enable the Theft of Your Most Sensitive Information” – Ryan Boudreau “Unidirectional Connectivity as a Security Enabler for SCADA and Remote Monitoring Applications” – Lior Frenkel “Beyond Aurora’s Veil: A Vulnerable Tale” – Derek Manky “A Day in the life of APT” – Adam Meyers “Realize More Value From Your Existing security Tools” – Dave Millier “Metasploit Pro – An HD Moore Production” – HD Moore “Culture Shift: Social Networking and Enterprise Environments (Security Risk vs Reward)” – John W. Pirc “Today’s Reality: Living in Compromise to Advanced Persistent Threats” – Charlie Shields “By The Time You’ve Finished Reading This Sentence, ‘You’re Infected'” – Eldon Sprickerhoff “Emerging Threats, The Battle for the Access edge” – Mark Townsend 2009 Keynotes SecTor 2009 Introduction – Brian Bourne “Cloudification” – Christofer Hoff “A day in the life of a hacker…” – Adam Laurie (Major Malfunction) “Consumer Internet Identity” – Andrew Nash , Paypal   Sessions “To cache a thief | Using database caches to detect SQL Injection attacks” – Kevvie Fowler “w3af – A framework to own the web – Part 1” – Andres Riancho “Nsploit: Popping boxes with Nmap” – Ryan Linn “The GhostNet Story” – Nart Villeneuve “Smashing the stats for fun and profit” – Ben Sapiro “Weaponizing the Web: More attacks on User-Generated Content” – Nathan Hamiel and Shawn Moyer “Towards a more secure online banking… ” – Nick Owen “Game Over, Man: Gamers Under Fire” – Chris Boyd “Portable Document Malware, the Office, and You – Get owned with it, can’t do business without it” – Seth Hardy “Your Mind: Legal Status, Rights and Securing Yourself” – James Arlen, Tiffany Strauchs Rad “When Web 2.0 Attacks – Understanding AJAX, Flash and “Highly Interactive” Technologies” – Rafal Los “Crimeware: Web Exploitation Kits Revealed” – Roy Firestein “DNSSEC deployment in Canada” – Paul Wouters, Norm Ritchie “Sniper Forensics – Changing the Landscape of Modern Forensics and Incident Response”” – Christopher E. Pogue “Malware Freakshow” – Nicholas Percoco and Jibran Ilyas “SSLFail.com Panel Discussion” – Jay Graver, Tyler Reguly, Mike Zusman “Hacking the Privacy Legislation” – Tracy Ann Kosa “The Past, Present & Future – SQL Injection” – Jerry Mangiarelli “Massively Scaled Security Solutions for Massively Scaled IT” – Michael Smith “Cain BeEF Hash: Snagging passwords without popping boxes” – Ryan Linn “Consumerization and Future State of Information Warfare” – Robert “RSnake” Hansen “Retaliation: Breaking Attack Vectors in the Infrastructure” – Jennifer Jabbusch “Deblaze – A remote method enumeration tool for flex servers” – Jon Rose 2008 Keynotes SecTor 2008 Introduction – Brian Bourne David Black – The RCMP National Security Criminal Investigations Program Lunch Panel: Security in the Real World No-Tech Hacking – Johnny Long Baggage: What I took with me when I ‘left’ Computer Security – Stephen Toulouse   Sessions Security and Robustness in Backbone Design – Raven Alder Exploit-Me for Fun and Profit – Jamie Gamble & Tom Aratyn Security Heretic: We’re Doing It Wrong – James Arlen Owning the Users with The Middler – Jay Beale Pwning the proxy – Dino Covotsos More SCADA/ICS Security: Findings from the field – Mark Fabro Double Trouble: SQL Rootkits and Encryption – Kevvie Fowler Googless – Christian Heinrich The New New Thieves and Contemporary Security Analysis – Pete Herzog The Four Horsemen Of the Virtualization Security Apocalypse: My Little Pwnie Edition – Christofer Hoff Under the iHood – Cameron Hotchkies Network Security Stripped: From layered technologies to the bare essentials – Jennifer Jabbusch (jj) RFID Unplugged – 3ric Johanson New Research on Canadian Privacy Breaches – Tracy Ann Kosa Metasploit Prime – H D Moore Ten Things Everyone Should Know About Lockpicking & Physical Security – Deviant Ollam Advanced Spear Phishing Attack Framework – Joshua Perrymon Novel Malware Detection – Bruce Potter Tracking Current and Future Botnets – Matt Sergeant Finding Cryptography in Object Code – Jason Wright The Future of Snort: Why it must change for network security to live – William Young 2007 Keynotes SecTor 2007 Introduction – Brian Bourne Growing The Security Profession – Dr. Richard Reiner Zen and the Art of Cybersecurity – Ira Winkler Defending Layer 8 – Steve Riley A Law Enforcement Perspective – Carole Bird   Sessions Black Ops 2007: DNS Rebinding Attacks – Dan Kaminsky Cybercrime, CVEs, OVAL, CME and why you must care! – Gary S. Miliefsky Data on Threat Evolution – What 47 Leading Security Vendors Are Seeing – Ben Sapiro DNSSEC: Theory and Worldwide Operational Experiences – Paul Wouters Exploit-Me Series – Free Firefox Application Penetration Testing Suite Launch – Nish Bhalla and Rohit Sethi Hacking Bluetooth for Fun, Fame and Profit – Dino Covotsos Hacking Hollywood – Johnny Long How Close is the Enemy – Kevin G. Coleman Human Factor vs. Technology – Joanna Rutkowska Modern Trends in Network Fingerprinting – Jay Graver and Ryan Poppa NAC@ack – Dror-John Roecher and Michael Thumann Process Control and SCADA: Protecting Industrial Systems from Cyber Attack – Mark Fabro Security Challenges in Virtualized Environments – Joanna Rutkowska Securing Commodity Systems using Virtual Machines – David Lie SQL Server Database Forensics – Kevvie Fowler State of the Hack – Kevin Mandia TCP/IP Perversion – Rares Stefan The Evolution of Phishing to Organized Crime – Rohyt Belani Web Application Worms: The Future of Browser Insecurity – Mike Shema Wireless Security – What Were They Thinking – Brad ‘Renderman’ Haines You’re Just Not Pretty Enough to Do Investigations – Kai Axford and local law enforcement   Sustaining Partners Discover more from Informa Tech Dark Reading SecTor Black Hat Trainings Omdia Working With Us About Us Code of Conduct Contact us Upcoming Events Follow on Social Cookie CCPA: Do not sell my personal info Privacy Terms Copyright © Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and head office is 5 Howick Place, London, SW1P 1WG.enen1728594121https://sector.ca

ތިޔަ ސައިޓް އެޑިޓް ކުރަންވީތަ؟

ތިބާ ކީއްކުރަނީ؟