View
 

BSidesJackson 2015

BSidesJackson is the premier security conference in Mississippi!

 

BSidesJackson 2015

 

 

Event Details   |    JXN Links    |     CFP     |     Sponsors     |     Registration     |     Schedule     |     Speakers

 

Event Details

 

When:

 Saturday, November 7, 2015

 

Where:     

Old Capitol Museum
100 South State St
Jackson, MS 39201 

Cost:        

 Free (as always!)

 

 

 

 


View Larger Map 

 

Invite your friends by posting this on Twitter:

"#BSidesJXN 7NOV2015: Hacks in Jackson! #HXNJXN"

 

 

 

 

 


 

Jackson Links

 

http://www.visitjackson.com/

http://www.jacksonfreepress.com/

http://www.jmaa.com/JAN/default.htm - Jackson Airport

Follow us on Twitter

    

 

Email us at

bsidesjackson (at) gmail.com

 

 

 


 

Call for Papers/Presentations

 

CFP Opens August 14, 2015

CFP Closes September 18, 2015

Speakers will be announced September 25, 2015

 

Each presentation should be no longer than 1 hour in length, including questions and answers, and the format should consist of:

  • Presentation or
  • Workshop or
  • Hands on Training

 

Please email your presentation proposal to bsidesjackson at gmail.com. When submitting a presentation proposal, include the following:

  • Your Name
  • Contact Information
  • A short biography
  • Title
  • Abstract
  • Supporting Research
  • Format (Presentation/Training/Workshop)

 

If you're from Mississippi, Louisiana, or Alabama, we'd like to hear from folks who are local...here's your chance to make this conference yours!

 

 


Sponsors 

 

 

@thinkVSS


@archerenergy

 

 @RSAsecurity

 

 

 

 

 

 

 

 

 

 

 

Mississippi Infragard

 

 

 

 
 
 
 

Donors

 
 

@ruraltechfund

 

 

@dragossecurity

 

If you would like to be a sponsor, please email us for the sponsorship packet.

http://www.securitybsides.com/w/page/12194170/Sponsoring

 

 

 


Registration

 

 

 


 

Schedule

 

Saturday - November 7, 2015 Talk Track Workshop Track

 

9:00 AM - 9:50 AM

 

Keynote Speaker - Jack Whitsitt (@sintixerr)

 

10:00 AM - 10:50 AM

Will Showalter (@WillShowalter) Vendor abandoned – vulnerabilities in consumer devices

Pat O'Neil (@JPatONeil) - Software Defined Radio workshop

11:00 AM - 11:50 PM

Shannon Sistrunk (@shannonsistrunk) - You are the weakest link    

 

12:00 PM - 1:30 PM

 

LUNCH - and free time to tour museum (aka HALLCON)

 

1:30 PM - 2:20 PM

Leonard Isham  (@LenIsham) - Privacy 101: An introduction with Tradecraft Light

Wesley McGrew (@McGrewSecurity) - Enough Reverse Engineering to Get You in Trouble

2:30 PM - 3:20 PM

Wesley Riley (@wesleyriley) - Response-Focused Defense with OCOKA

3:30 PM - 4:20 PM

Art Conklin (@ArtConklin) - Why infosec is like being in the Military

4:30 PM - 5:00 PM

Raffle drawing and closing remarks Chris Sistrunk (@chrissistrunk)

 

PRE-PARTY!!!

- ???

 

AFTER PARTY!!!

- Hal & Mals???

 

 


 

Speakers

 

Pat O'Neil (@JPatONeil)

Title: Software Defined Radio Workshop

Abstract

A quick introduction to getting started into the fascinating world of software defined radio.

 

Shannon Sistrunk (@shannonsistrunk)

Title: You are the weakest link

Abstract

Humans are the weakest link in any organization...especially when it comes to security. She'll discuss why and how to help improve your "human security"

Bio

Shannon Sistrunk is an expert in human communication, nonverbals, & social engineering techniques.  She has her Bachelors and Masters degrees in Communication.  Shannon owns and operates Bayou Communications.

 

Will Showalter (@WillShowalter)

Title: Vendor abandoned – vulnerabilities in consumer devices

Abstract:

In this talk Will presents his experience finding vulnerabilities in consumer network devices. Many vendors build these devices reusing open source software with no regard to any support lifecycles. Common examples of such products are network attached storage and home security cameras, which are used by both consumers and small businesses. Product support is frequently discontinued as soon as new models are released, and devices stay in production for years without any software maintenance.

This presentation goes over the methodologies that can be used in discovering these vulnerabilities and developing them into exploits. This presentation looks specifically at the Seagate NS440 NAS as a case study. Its replacement model received security advisories in March 2015 when BeyondBinary.io published a writeup about RCE vulnerabilities they discovered. This presentation was inspired by their work but the vulnerabilities discovered between the two are separate.

Bio

Will Showalter (@willshowalter) is a Computer Science graduate student researching at Mississippi State University. Will is originally from Palmer, Alaska and received his B.S. in Computer Science from the University of Alaska Fairbanks before coming to Mississippi. While at UAF he ran the Cyber Security Club, organizing training exercises and UAF’s teams for CTF and CCDC events. Now he participates in and helps out with the MSU-CTF club. Areas of his interest include exploit writing, reverse engineering, and causing trouble.

 

Leonard Isham  (@LenIsham

TitlePrivacy 101: An introduction with Tradecraft Light 

Abstract:

An introduction to privacy that aims to leave the audience with questions… Including an overview of todays world, basic tools and a light introduction into Tradecraft AKA OPSec

Bio

Leonard's start in life is lost in the mists of antiquity. He began as a nerd, maybe nerdling is a better description… Eventually evolving into a geek and entered the workforce in, the then yet unnamed, information technology field. Leonard moved into information security over 12 years ago. He is a self-proclaimed con rat that has lived on a floating hacking lab. In his declining years he started rambling in front of con attendees and eventually slipped into dementia as a sales engineer…

 

Wesley Riley (@wesleyriley)

Title: Response-Focused Defense with OCOKA

Abstract:

"Traditional information security defense strategies have relied heavily on prevention and detection to protect networks. However, in recent years it has become readily apparent that these strategies have done little to effectively combat threats as well as allowing organizations to accept a false sense of protection that is all too commonly shattered once an intrusion occurs. When the intrusion does occur, so much time, effort, and money has been dedicated to prevention and detection strategies that organizations find themselves ill-equipped to adequately respond to the actors within their borders. In this talk, we will adapt a proven military terrain analysis methodology known as OCOKA to discuss a defensive strategy that starts by gaining a true understanding of the threat profile of an organization and how to use that understanding to appropriately respond should the worst happen, as well as adjust current security methods to more rapidly address threats."

Bio

"Wes Riley is an Advisory Practice Consultant for the Netwitness Incident Response and Discovery (IR/D) at RSA. In this capacity, Wes is responsible for delivering holistic incident response services and rapidly identifying threats as part of tactical response to intrusions involving sophisticated adversaries that target intellectual property and other critically sensitive data.  He previously served as a member of the U.S. Army Corps of Engineers CIRT, as well as working as Information Assurance Officer for DoD Supercomputing in Vicksburg, MS.  Wes has a Bachelor's in Software Engineering and a Master's in Computer Science from Mississippi State, where he worked for the National Forensics Training Center during his graduate studies."

 

Wesley McGrew (@mcgrewsecurity)

Title: Enough Reverse Engineering to Get You in Trouble

Abstract:

This workshop is designed to give the attendees exposure to how software, operating systems, and the hardware they run on work at a low level. The focus will be on user-land software and processes, but we will discuss the environment it executes in as-needed to get the bigger picture. The goal is to give attendees a starting point to reverse engineer binary software for the purposes of malware analysis and vulnerability research. Where we leave off, your personal research and drive will be able to pick up. Attendees are guaranteed to be able to understand more articles in POC||GTFO after this session, or their money will be refunded. Attendees should show up with a VMWare or VirtualBox installation on their laptops, at a minimum. I'll have more detailed instructions on what should be brought and what will be provided as the date for this draw near.

Bio

Wesley McGrew (@McGrewSecurity) is an assistant research professor at Mississippi State University's Distributed Analytics and Security Institute. At DASI, he is involved in malware and vulnerability research. In the spring 2013 semester, he began teaching a self-designed course on reverse engineering to students at MSU, using real-world, high-profile malware samples, as part of gaining NSA CAE Cyber Ops certification for MSU. Wesley has presented at Black Hat USA and DEF CON on forensics, malware, and penetration testing topics, and is the author of security and forensics tools that he publishes through his personal/consultancy website, McGrewSecurity.com.

 

Art Conklin (@ArtConklin)

Title: why infosec is like being in the military 

Bio

Art Conklin is an associate professor at the University of Houston

 

Planners


  • @chrissistrunk - Organizer 
  • @tomsellers - CFP Reviews
  • @russelljordan - CFP Reviews 
  • @itsthattim - CFP Reviews

Volunteers


  •  
  • add yourself... 

 

Participants

 

  • add yourself...

 

Name  Twitter/Email 
   

 

 

 

Task List

(please -cross out- when it's done)

 

Tech

Wifi (venue)

Projector

Photo

Video

Audio (venue)

Streaming or Stickam or Skype or Ustream or Livestream

 

Non-tech

Breakfast Archer Energy

Coffee

Beverages

Tables and chairs (venue)

Venue Mississippi Infragard

Lunch VSS

T-shirts Archer Energy

Badges/Landyards RSA

 

Afterparty!

 

Tags for flickr, twitter, blog, etc.

Please use the tag #BSidesJXN for content related to this event

 

Who's blogging?

 

  •  

 

 

Comments (0)

You don't have permission to comment on this page.