Related pages :: BSidesSanFrancisco

Call For Presenters (CFP)


Please list your presentation for BSidesSanFrancisco below (and an external link to outside material if appropriate.)  Once we have a list of presentations we will vote and decide on the finalists by popular demand.  



Thanks for your valuable input - we hope to announce our final speaker list sometime this week!




Please update with your: name, contact information (email, twitter, website), presentation title, and short description.  Please leave use the example text as a template.  Simply copy and paste it into a new entry, then edit it to fit your talk.   


         The Presentation outline  is like this:
          a> Difference between attacking windows application and kernel.
          b> Defining windows kernel surface.
          c> Common mistakes kernel developers would make
          d> Finding kernel vulnerabilites.
          e> How to exploit.
          f> 2 Examples(one remote kernel vulnerability and one local kernel vulnerability).









This presentation is based on my research, which defines a measurement of rule-set complexity and provides statistics from more than 80 firewall rule-sets related to 36 configuration errors. This quantified research and analysis indicates firewalls are poorly configured and that a rule-set’s complexity is positively correlated with the number of detected configuration errors. Hence, “less is more.”


My discussion will focus on defining firewall rule-set complexity and a statistical analysis of more than 80 firewall rule-sets. Participants will learn the most serious and common firewall rule-set configuration errors, as well as the conclusions of my research. Additionally, I will provide insight into the best practices for configuring a firewall rule-set, based on my findings.



          Best observed while partaking in a beer or other inebriating material.







Every organization is a reluctant participant in the malware arms-race, investing untold blood and treasure in securing the essentially unsecurable: General-purpose, fat-client endpoints that are simply inappropriate for certain high-risk business processes and particularly sensitive data.  This talk goes through this problem and proposes an alternative approach to the one-size-fits-all desktop. grad students call this approach ROBAM, while Gartner calls it Trusted Portable Personality Devices. 

You will learn how leading government and private sector organizations are improving security while simultaneously extending remote access and mobility to administrators as well as end users. Several specific approaches and use-cases are outlined and analyzed in this talk.





          Confirmed Panelists for this talk!

-- Josh Corman, Research Director, Enterprise Security Practice, the 451Group
-- Marc Eisenbarth, Security Researcher, HP TippingPoint DVLabs
-- HD Moore,HD is Chief Security Officer at Rapid7 and Chief Architect of Metasploit 
-- Dave Shackleford, founder and principal consultant with Voodoo Security, and a SANS instructor and course author

 -- Alexander Hutton is a Principal in Research & Risk Intelligence with Verizon Business 

-- Caleb Sima, Chief Executive Officer, Armorize




Organizations the world over painstakingly work to preserve their reputations and brand value in the face of ever changing business climates.  Even in the absence of the dynamics associated with conducting business, organizations in the public and private sectors must be increasingly vigilant in safe guarding their reputations in traditional and non-traditional forums alike.  Lessons learned in the late twentieth century and the first decade of the twenty-first century have demonstrated in unequivocal terms maturity and unparalleled determination in both focus and effort with respect to goal attainment by cyber actors in the threat landscape.  Never before in the history of the analysis of cyber activity has this been more the case than today.


As a result the need for the establishment of Cyber Reputation Management (CRM) has now become a requirement rather than an option in safe guarding the cyber profiles of businesses and individuals the world over.  Evidence of this can be seen in the vast number of cases associate with compromised web presences, advancements in botnet works, IP Fast Fluxing, DNS Fast Fluxing and the countless cases of documented subversive multi-vector threats identified over the course of the last decade.  This paper will strive to identify contributing factors which have and continue to influence the proliferation of these threat conditions while addressing specific examples and advanced threat mitigation solutions such as Global Threat Intelligence assembly for combating and mitigating such occurrences. 


Join Will Gragido, Sr.Product Line Manager, of HP TippingPoint’s DVLabs , and co-Author of Cybercrime and Espionage: Analysis of the Subversive Multi-vector Threat for this lively discussion!



Join John Pirc, Sr. Product Line Manager, of HP TippingPoint’s Next Generation Security Products , and co-Author of Cybercrime and Espionage: Analysis of the Subversive Multi-vector Threat for this discussion.






















          The Presentation outline will include:

a> Overview of Android application security model.

b> Typical Android mount points and filesystem layout.

c> Extract filesystems from Android Emulator images.

d> Constructing new filesystems using Android Emulator images.

e> Using JDWP and ADB to instrument Android applications.

f> A live demonstration of dissecting an Antivirus application from the Marketplace.