View
 

BSidesDenver

 

Thanks for helping make BSides Denver 2010 a success. Please join us on the 2013 event page!

 

Event details (#BSidesDEN)

Talk/CFP information: BSidesDenverTalks

Entertainment information/CFE: BSidesDenverMusic

 

When: Friday, June 18, 2010, 9AM to 12AM (talks begin at 10AM)

Where: 238 Santa Fe Dr, Denver, CO (Arts District)

Cost: Free- Donations Appreciated

RSVP: In participants section below

Download flier here

Day of event agenda

 

Event pics can be found here.

 

*** Ustream available here: http://www.ustream.tv/channel/bsidesbay

 

The theme of this Bsides event is Mile High Security, where participants are encouraged to discuss potential future directions of infosec over the next 2-5 years.

 

BSides Denver will have two tracks (with availability for additional, ad-hoc talks that come up during the event). One track will feature traditional-style presentations; the second track (and additional tracks if needed) will be lightning/open style, wherein talks will be announced in the morning and scheduled on-the-spot.

 

Invite your friends by posting this on Twitter: "#BSidesDEN June 18, 2010: Mile High Security!

 

Schedule of Events

 

 

Friday - June 18, 2010 Presenter
9:00 AM - 10:00 AM Unconference registration/ Coffee
10:00 AM- 11:00 AM
Name: Erin Jacobs @SecBarbie
Title: Compliance Crystal Ball – Future trends in risk-based security framework
Abstract:
More often than not organizations structure their internal security framework based almost exclusively upon regulatory and business compliance drivers. Through the discussions and drivers that are occurring in the security community as well as the cross-pollination into the business community, security compliance framework is changing direction. This talk will guide the audience though a history of regulatory compliance focusing on SAS70’s, ISO 2700x, PCI-DSS, HIPAA, SOX, and GLBA. Through this historic analysis, we will extract the known trends and forecast where the future is taking the security compliance landscape.

11:00 AM - 12:00 PM

Name: Tim Skorick
Title: Browser Extension Malware
Abstract: In an age in which the PC exists almost exclusively for web use whether at work or at home, malware authors no longer have to puzzle how to trojan a computer: the browser offers fewer impediments, has an API that publishes every object they could possible want to hook, and contains the user's entire work and play experience. Add to that varying failures in client-side or enterprise-level controls and you have the perfect breeding ground for a growing species of malware.
12:00 PM - 1:00 PM

Name: Daniel J. Molina, @DJMolina
Title: Top 10 Ways IT is Enabling Cybercrime
Abstract: Today's IT departments, unbeknownst to themselves, are empowering cybercrime by their own actions. Daniel Molina presents The Top 10 Things that your IT department is doing, that enables cybercrime in your own company.

1:00 PM

2:00 PM

Name: Davi Ottenheimer, @daviottenheimer
Title: Cloudy with a chance of security
Abstract: Virtualized computing continues to evolve and bring both pros and cons (pun not intended) to information security. Everything from access controls to logs and forensics is being forced to adapt as IT resources are migrated from physical to virtual. This presentation gives a comparative analysis of the physical and virtual environments to identify key differentiators and risks. It then proposes several new approaches to meet the challenge of security and compliance for virtual systems, especially in clouds.
2:00 PM - 3:00 PM Name: Peter Schawacker @alchemyps
Title: Peter Schawacker- Agile Security, SOC and how Mortman/Hutton ruined my summer vacation
Abstract: This talk is about organizing unmanageable people to accomplish impossible tasks. In it I talk about why traditional project management approaches almost always fail, especially when it comes to security. There's been some discussion of Agile software development, but not so much about its application to other domains. I've been using Agile to build and security operations centers and manage teams of analysts. Think of this as a how-to for effective cat herding, security requirements analysis and managing by not managing.
3:00 PM - 4:00 PM Name: Steve Pordon
Title: Defeating High Security Locks: An Overview
Abstract: Intermediate-level overview of how high security locks work, and how to defeat them. Assumes basic lockpicking knowledge and concepts (shear line, tension, etc.), but will include a 2-minute refresher for those who need it. Emphasis will mainly be on high security pin-tumbler locks--ASSA Twin, Medeco Biaxial, Schlage Primus, and similar sidebar locks--with some discussion of disc locks (Abus, Abloy).
4:00 PM - 5:00 PM Name: David Willson
Title: When Does Electronic Espionage Become an 'Act of War' and What Options Do Nations Have to Defend Their Networks?
Abstract: This presentation will be a combination of my two articles published in the ISSA Journal last August 2009 and this June 2010. I will discuss current cyber threats, how nations have reacted to them, or not, the types of threats, where the line might be drawn between electronic espionage/cyber crime and “acts of war,” the significant challenges nations face, and potential solutions. I will also discuss some more practical security solutions for business to reach beyond their networks to create a greater security posture.
5:00 PM - 6:00 PM Panel Discussion: Infosec- Looking Towards the Future
6:00 PM - 7:00 PM

Name: Jamey Heary

Title: Sneak Peek at PCI 2.0 Changes

Abstract: Learn about how PCI works behind the scenes, PCI Proposed Changes for October, PCI Virtualization SIG Update, PCI and Cloud Services, New Guidance on Audio Recordings.

7:00 PM - 8:00 PM TBD
8:30 PM - Midnight Whomp Truck DJ Crew

 

  • Evening/Party
    • Entertainment to be provided by the fabulously awesome Whomp Truck crew!!!

 

Sponsorships

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Planners and Volunteers (Actively looking!!)

 

  • Joe Bonnell (@jobobreck) - Organizer
  • Peter Schawacker (@alchemyps) - Organizer
  • Arun Gerra - Volunteer
  • Kevin Burns - Volunteer
  • Brian Keenan- Volunteer
  • Jonas Pettersson- Volunteer
  • David Matslofva- Volunteer
  • John Hoopes - Volunteer 
  • Art Prince - Volunteer 

 

Volunteers please plan on arriving on site at 8:15 for event debrief & coordination.

 

Participants:

 

If you are planning on attending, please add your name to the table below so we can get an accurate count for food/bevs.

 

First Name
Last Name Twitter/Email Friday
Joe
Bonnell

 

@jobobreck Y
Peter  Schawacker  @alchemyps
Jonas
Pettersson
  Y
David
Matslofva
  Y
Arun  Gerra   
Chris  Morgan  @tmcalain 
Alex    Y
Steve
Pordon (+1)
bsidesneutronstarorg (you know where the @ and . go)
Y
Greg
Martin  (+1)
@gregcmartin
Y
Jamey
Heary
jheary @ appledreams.com
Y
Kevin
Burns
@soleblaze
Y
Dave
Herrald
@daveherrald
Y
Christopher  Bischoff  @cjbischoff/christopherjbischoff at gmail.com 
John
Hoopes (+3)
bsides at olympus.dyns.cx
Y
Dan
Howerton
@metacortex  Y
Chris Triolo
  Y
Erin Jacobs 
@Secbarbie  Y
Daniel
Molina
@DJMolina
Y
Tim
Skorick
  Y
Joshua  Gimer  @jgimer 
Rachid
Chaoua
  Y
Andy
Zmolek
@zmolek
Y
Davi
Ottenheimer
@daviottenheimer
Y
Brian
Keenan
  Y
Anton
Rager
screw facetwitbook, [email protected] Y
Patrick  Orz  @shftleft 
Bill
Lemieux
gomez-at-owlhouse (put it here) org
Y
Matt
Yoder
@acr0nym
Y
Robb
Reck
@robbreck
Y
Travis
Good
what is twitter? I dont use a mac
Y
Chris
Jenkins
  Y
Luke McOmie   Y
Jm
Rallo
  Y
Nick
Arnott
  Y
Nick
Essner
  Y
Mary
Karnes
@markar
Y
John
Jackson
johnj (U+0040) tno.org
Y
Todd  Garrison   
John  Marthe   
Jose
Santos
  Y
Sean  Clark 
@SClark_Colorado
Carl
Nimbus
  Y
Ryan
Jones
  Y
David Willson  [email protected]
PJ
Torney Y
Isabella  Skarbo   
Brandon
E
@hackinghebron
Y
Brian
Martin
@attritionorg / jericho[at]attrition.org
Y
Pete  Rasmussen    Y
Dave
G
@davesan
Y
Sergio
Laureano
  Y
Fernando
Padilla
  Y
Mat   
@wuntee 
Art
  metabit at gmail
Y
Delchi
    Y
J.D.
Falk
@jdfalk
Y
Cindy
Wallace
  Y
Aaron  Nichols  @anichols 
Thomas
Falkowski
  Y
Matt
Toth
 
Y
Greg   Evans  @LIGATT 
       
       
       

 

 

Task List

Obtain chairs/tables

Procure food, beer

Line up entertainment <--WHOMP TRUCK!! Wh00t!

Streaming equipment <-- Huge thanks to PJ Torney for steppin up!

 

 

Tech

 

Wifi- Courtesy of Jamey Heary

Projector, White Boards (Provided by Alchemy Security/venue)

Video recording equipment (Covered by PJ Tourney)

Audio (Provided by Alchemy Security/venue)

Streaming (PJ Tourney/UStream info to be provided prior to the con.)

 

Non-tech

 

Breakfast/Coffee- (Provided by SANS Institute)

Dinner (Provided by IOActive)

Beer-  (Provided by Kasperksy Lab)

Tables and chairs, soft drinks, incidentals (Provided by Kasperksy Lab)

Entertainment- (Provided by Bandkitty.com)

 

Parking Info

Parking is limited directly in front of the facility. For those driving there are a number of parking options available north along Santa Fe, Kalamath (1 block west of SF), 1st, 2nd streets, and Inca (one block east of SF). Parking in unauthorized lots may result in being towed.

 

Public Transit

The closest RTD light rail station is 10th & Osage, an easy 20-minute walk away.  You can also take RTD bus route 1 to Galapago & 2nd, then walk three blocks West to Santa Fe.

 

Local Hotel Info

The TownePlace Suites is approximately 1.2 miles from the con, and offer free shuttle service between the hotel and conference facility and currently listing a rate of $149 for the nights of June 17-18th.

 

Tags for flickr, delicious, ma.gnolia, technorati etc.

The hash tag to use is #BSidesDEN as in (http://bit.ly/BSidesDenver).

 

Comments (17)

Jerry said

at 7:57 am on Apr 26, 2010

Is there an offical BSIDESDEN Hotel?

jobo said

at 10:08 pm on Apr 27, 2010

Jerry- we'll look into it.

Steve Pordon said

at 7:07 am on May 10, 2010

I signed up for a talk, but I'm not sure how long a presentation I should prepare for. Is it safe to assume the one-hour blocks shown in the table above are accurate?

jobo said

at 11:19 pm on May 11, 2010

Great question Steve. Plan on a 45 min presentation, with a bit of room for Q&A and between talk breaks.

jobo said

at 11:04 am on May 12, 2010

An in-process lesson learned for future B-Sides event coordinators: While Eventbrite and other social media sites such as LinkedIn have some nice features to announce an event, both have limitations. In the case of Eventbrite the community is unable to see who has registered which is a bummer because some neat BSidesers have signed up that way. LinkedIn provides an easy way to track attendees, but doesn't support limiting the number of attendees (we've only got so much room available so attendance needs to be limited to no more than100 participants). So, until a new medium can be found to meet the objectives of both, we're requesting those that the 20+ folks who have signed up through Eventbrite and Linkedin to kick it old school and use the participants section found within the BSidesDenver page.

For those interested in presenting, we're still looking for speakers who have a passion for sharing innovating ideas about where our industry is headed and what challenges we'll face.

Now that date draws closer, expect to see more frequent info and forthcoming announcements re BSidesDen!

jobo said

at 1:30 pm on May 17, 2010

Big thanks to IOActive for sponsoring BBQ from the Breckenridge Brewery!

jamey heary said

at 10:26 am on May 26, 2010

I'd like to be added to the participants section, but it is not editable.
Can you add me Jamey Heary [email protected] ?

jobo said

at 3:50 pm on May 26, 2010

Folks- at the excellent recommendation of Nickerson, we're moving the event to the day prior, Friday, June 18th.

Jamey- done, and thanks for the offer of wifi gear!

A lot of folks have pinged us about presenting, please use the CFP page to post your abstract as we will be announcing speakers soon!

jobo said

at 8:01 pm on Jun 4, 2010

Big thanks to Kaspersky Lab for stepping up with a sponsorship to support BSides Denver!

Steve Pordon said

at 6:09 am on Jun 8, 2010

Do we know what type of equipment will be available to presenters? And are these going to be videotaped or should I bring my own camera?

jobo said

at 4:35 pm on Jun 11, 2010

Steve, presenters will have access to a projector/mic for the larger room. We're working on video solutions but if you or others can bring something, that'd be great.

Any volunteers for bringing/manning cameras for live streaming, PLEASE STAND UP!!

Steve Pordon said

at 9:05 pm on Jun 11, 2010

Thanks, jobo. I knew there would be a projector, but I was unclear on the type. Is this projector of the type that I can plug my laptop into, or did we get the ghetto overhead/transparency type? :)

jobo said

at 2:58 pm on Jun 12, 2010

Hey Steve, it's a standard DLP projector with both an hdmi and vga interface.

PJ Torney said

at 3:57 pm on Jun 12, 2010

I have video equipment to record the event and the capability to put it up on uStream. Let me know what you need.

Steve Pordon said

at 6:10 pm on Jun 12, 2010

Excellent, thanks.

jobo said

at 12:17 pm on Jun 16, 2010

Big thanks to SANS Institute for picking up coffee/bagels!!

Steve Pordon said

at 5:18 pm on Jun 20, 2010

Thanks for recording, PJ. Will the video be available anywhere? I missed the last two talks.

You don't have permission to comment on this page.