- Видео 138
- Просмотров 10 897
BSidesCharm
США
Добавлен 30 апр 2021
BSidesCharm is a regional Security B-Sides held in the Baltimore region of Maryland. It operates under the umbrella principles of Security B-Sides as a larger community project within information security. The goal of BSides is to offer small, intimate events where all participants can engage each other to help develop connections, friendships, and network with different industry professionals.
We recognize the value in engaging a smaller audience and being the big fish in a small pond. Every organization will have different goals and priorities which is why we offer different levels of participation for every individual, group, or organization. We specifically designed several different options for any sized organization to participate and support this event.
We recognize the value in engaging a smaller audience and being the big fish in a small pond. Every organization will have different goals and priorities which is why we offer different levels of participation for every individual, group, or organization. We specifically designed several different options for any sized organization to participate and support this event.
BSidesCharm 2024 Keynote - Melanie Ensign - Influencing Business Decisions
Melanie Ensign is the Founder and CEO of Discernible Inc, a specialized communications consultancy for security and privacy teams. After managing security, privacy, and engineering communications for some of the world’s most notable brands including Uber, Facebook, and AT&T, she now coaches teams around the world to increase their influence with business leaders and reduce risk. She counsels executives and technical teams alike on how to cut through internal politics, dysfunctional inertia, and meaningless metrics. Previously, Melanie led the press department for DEF CON as a volunteer for 10 years. A certified rescue scuba diver, she brings lessons from navigating unexpected, high-risk u...
Просмотров: 35
Видео
BSidesCharm 2024 - Closing Ceremonies
Просмотров 113 месяца назад
Join us as we wrap up our 2024 events and present CTF contest winners!
BSidesCharm 2024 Keynote - Caroline Wong - Humans of InfoSec
Просмотров 583 месяца назад
Caroline Wong is the Chief Strategy Officer at Cobalt. As CSO, Caroline leads the Security, Community, and Pentest Operation teams at Cobalt. She brings a proven background in communications, cybersecurity, and experience delivering global programs to the role. Caroline’s close and practical information security knowledge stems from her broad experience as a Cigital consultant, a Symantec produ...
BSidesCharm 2024 - Beyond Booze: Rethinking Networking Events for a Healthier Security Culture
Просмотров 173 месяца назад
Working in security can be stressful, and substances are often used as coping mechanisms. This is especially prominent at networking events, which almost always involve alcohol. But it doesn’t have to be that way. I’ll share tips for employers and event organizers who want to make their events more inclusive, and some un-scary steps individuals can take to move towards a more sober lifestyle. P...
BSidesCharm 2024 - Defenders can use ATT&CK! Oh really? - Lex Crumpton
Просмотров 333 месяца назад
As a defender, what does “I use ATT&CK” really mean? In this talk, we will share how defenders like you can translate the adversary perspective provided by ATT&CK into knowledge on how to detect and protect against cyber threats. We will also explore using ATT&CK to identify defensive gaps, develop analytics, and measure/improve your SOC maturity. Presenter: Lex Crumpton Alexia “Lex” Crumpton i...
BSidesCharm 2024 - CI/CD Talent Development Pipeline
Просмотров 263 месяца назад
Using the CI/CD pipeline analog, let us apply it to the concept of talent development and pipelining new candidates to integrate into the workforce as we continuously develop others. This concept can be used at both the micro stages of particular companies or the macro stages of workforce development at the state or national level. Presenter: Chris Foulon Christophe Foulon, founder and cybersec...
BSidesCharm 2024 - Cloud IAM Strategy for Multicloud and Hybrid Environments: Risks and Gaps
Просмотров 663 месяца назад
As companies move beyond single-cloud migrations into multicloud, cloud-savvy threat actors continually adapt. Much of the extensive damage resulting from these breaches is compounded by the theft and abuse of highly privileged credentials. In this talk, we’ll discuss the multicloud attack surface, and walk through strategic and technical do’s and don’ts of cloud-focused IAM. Presenter: Cassand...
BSidesCharm 2024 - Everything You Didn’t Want to Know About CVE - Paul Asadoorian
Просмотров 813 месяца назад
In the past year (or so), many events have highlighted issues with vulnerability disclosure and CVE. This makes the defender’s jobs difficult as evaluating and prioritizing remediation for vulnerabilities is a complex and time-consuming task. In this talk, I will discuss in detail several different events that exemplify the shortcomings of vulnerability disclosure and specifically the CVE proce...
BSidesCharm 2024 - Scaling the Security Wall: Agile Threat Modeling for Complex Systems
Просмотров 353 месяца назад
This talk advocates for a paradigm shift in threat modeling to tackle complexities in large-scale systems. It emphasizes the drawbacks of traditional security measures and proposes threat modeling as a cost-effective solution. Challenges posed by cloud architectures and rapid development are discussed, alongside strategies for integrating scalable threat modeling into the SDLC. Presenter: Vinee...
BSidesCharm 2024 - Hackers in Jurassic Park: When Attackers Find a Way - Kevin Johnson
Просмотров 273 месяца назад
Kevin Johnson of Secure Ideas delves into the world of cybersecurity, through the lens of hacking stories. Just as ‘Jurassic Park’ unveiled the consequences of bringing dinosaurs back to life, this presentation uncovers the methods used by cyber attackers to breach seemingly impregnable digital fortresses. Our journey takes us through a series of true tales from the front lines of cybersecurity...
BSidesCharm 2024 - Top Ways I Still Hack Your Company (and How to Defend Against Them)
Просмотров 523 месяца назад
In this technical deep-dive, we explore the landscape of current vulnerabilities and weaknesses based on extensive field experience penetration testing. This session focuses on persistent vulnerabilities that continue to challenge application and network security defenses into 2024. We’ll dissect common penetration test successes, shedding light on enduring issues like auth flaws and network po...
BSidesCharm 2023 - Driving Your Own Vulnerability: How to Navigate the Road of BYOD Attacks
Просмотров 513 месяца назад
Preventing attacks that use Bring Your Own Vulnerable Drivers pose a unique threat to Windows security, but what makes a driver vulnerable, and how prevalent are vulnerable device drivers? In addition to answering these questions, this talk provides categories of vulnerabilities that are unique to Windows drivers and provides real world case studies to illustrate the theoretical concepts. Dana...
BSidesCharm 2024 - The Fellowship of the Ring0
Просмотров 273 месяца назад
Unveiling the Driver Risk Scores (DRS) threat detection system. Using research from loldrivers.io we know which drivers are vulnerable, and we know not all vulnerabilities are created equal. How can you quickly and accurately determine the risk that a device driver creates by either having built-in vulnerabilities or malicious behavior? The Driver Risk Score harnesses seven vital traits that in...
BSidesCharm 2024 - Identifying and Securing Psychologically Vulnerable Users
Просмотров 213 месяца назад
As studies show 4% of users cause 80% of the loss, it is critical to identify those users who put the organization most at risk. A study was performed that allowed for the determination of psychological traits that led to susceptibility. This presentation shows how this study data can be used to both better secure the organization and make red teams more useful. Presenter: Ira Winkler Ira Winkl...
BSidesCharm 2024 - Network Segmentation without a Network Engineer
Просмотров 1123 месяца назад
Create a network segmentation strategy by solely utilizing the Windows Host-Based Firewall. Using Group Policy as an orchestrator for centralized management, firewall rules can be deployed to endpoint firewalls to limit the ports and protocols that are allowed to communicate between security zones. These security zones will be based upon Active Directory User and Computer Security Group members...
BSidesCharm 2024 - The Current State of Microsoft Identity Security: Common Security Issues
Просмотров 2713 месяца назад
BSidesCharm 2024 - The Current State of Microsoft Identity Security: Common Security Issues
BSidesCharm 2024 - From Aspire to Hire: Navigating Your First Cyber Job
Просмотров 143 месяца назад
BSidesCharm 2024 - From Aspire to Hire: Navigating Your First Cyber Job
BSidesCharm 2024 - Protect Your Most Sensitive Users With This One Weird Trick!
Просмотров 993 месяца назад
BSidesCharm 2024 - Protect Your Most Sensitive Users With This One Weird Trick!
BSidesCharm 2024 - Using Bloodhound as a Defender: Tips from the Red Team
Просмотров 1213 месяца назад
BSidesCharm 2024 - Using Bloodhound as a Defender: Tips from the Red Team
BSidesCharm 2024 - Who’s going to secure the code our army of robots are going to be writing?
Просмотров 233 месяца назад
BSidesCharm 2024 - Who’s going to secure the code our army of robots are going to be writing?
BSidesCharm 2024 - Securing generative AI: threats, old and new
Просмотров 323 месяца назад
BSidesCharm 2024 - Securing generative AI: threats, old and new
BSidesCharm 2024 - Getting Started in ICS - Not just for engineers
Просмотров 323 месяца назад
BSidesCharm 2024 - Getting Started in ICS - Not just for engineers
BSidesCharm 2024 - Sysmon or it Didn’t Happen
Просмотров 573 месяца назад
BSidesCharm 2024 - Sysmon or it Didn’t Happen
BSidesCharm 2024 - Purple Teaming 301 - Free Attack Simulation and Control Validation via Atomic Red
Просмотров 433 месяца назад
BSidesCharm 2024 - Purple Teaming 301 - Free Attack Simulation and Control Validation via Atomic Red
BSidesCharm 2023 - Keynote: AI with a Security Mindset - Elissa Shevinsky
Просмотров 210Год назад
BSidesCharm 2023 - Keynote: AI with a Security Mindset - Elissa Shevinsky
BSidesCharm 2023 - Protecting Yourself From Supply Chain Attacks-Trust Is Overrated- Paul Asadoorian
Просмотров 49Год назад
BSidesCharm 2023 - Protecting Yourself From Supply Chain Attacks-Trust Is Overrated- Paul Asadoorian
BSidesCharm 2023 - Blackbox Containers: Container Security in the Enterprise - Kenny Parsons
Просмотров 92Год назад
BSidesCharm 2023 - Blackbox Containers: Container Security in the Enterprise - Kenny Parsons
BSidesCharm 2023 - Hack Your Brain: Using IR skills to help recover from grief - Marc Muher
Просмотров 30Год назад
BSidesCharm 2023 - Hack Your Brain: Using IR skills to help recover from grief - Marc Muher
BSidesCharm 2023 - Stop the Leak! Adversarial Thinking in Cybersecurity with PRE-ATT&CK- Nick Ascoli
Просмотров 81Год назад
BSidesCharm 2023 - Stop the Leak! Adversarial Thinking in Cybersecurity with PRE-ATT&CK- Nick Ascoli
BSidesCharm 2023 - Ten Ways to Frustrate Attackers in 2023 - Justin Palk
Просмотров 139Год назад
BSidesCharm 2023 - Ten Ways to Frustrate Attackers in 2023 - Justin Palk