Pen Test HackFest Summit Agenda
We strive to present the most relevant, timely and valuable content. As a result, this agenda is subject to change. Please check back frequently for changes and updates. The following talks and speakers have been confirmed for Pen Test HackFest Summit 2018:
| Monday, November 12 | ||||
|---|---|---|---|---|
| Time | Presentation | Speaker | ||
| 9:00-9:15 am |
Opening Remarks |
Ed Skoudis, Fellow, SANS Institute | ||
| 9:15-10:15 am | Keynote Address Accidental Hero: How a Minor Accounting Error Gave Birth to the Field of Cybersecurity |
Clifford Stoll, Author, The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage | ||
| 10:15-10:45 am | Networking Break | |||
| 10:45-11:20 am | NoSQL Injection: It Isn't Just MongoDB | Adrien de Beaupre, SANS Institute | ||
| 11:20-11:55 am |
Hatfields and McCoys: Feuds, Anti-Patterns and Other Crossed Connections in the Dev/Sec Relationship |
Rachelle Saunders, Helical Levity | ||
| Noon-1:15 pm | Lunch | |||
| 1:15-1:50 pm |
Timelines: Not Just for Incident Response |
Joe Schottman @JoeSchottman, Security Analyst, BB&T |
||
| 1:50-2:45 pm |
Panel Discussion |
|||
| 2:45-3:05 pm | Networking Break | |||
| 3:05-3:40 pm |
The Changing Landscape of Offense |
Tim Medin @TimMedin, Principal Consultant, Red Siege; Principal Instructor, SANS Institute | ||
| 3:40-4:15 pm |
Wrangling Malware for Fun and Pen Testing |
John Freimuth, Sr. Security Engineer, Dignity Health Alex Stockwell @astockwell, Security Engineer, Dignity Health |
||
| 6:00 - 9:00 pm |
World of HackFest - off-site networking event and custom challenge |
|||
| Tuesday, November 13 | ||||
|---|---|---|---|---|
| Time | Presentation | Speaker | ||
| 9:00-10:00 am |
Keynote A Year Of Gaining Superpowers |
Tarah M. Wheeler (@tarah), Senior Director, Data Trust & Threat and Vulnerability Management at Splunk |
||
| 10:00-10:35 am | The Clouds Are Out to Get Me! | John Strand, Founder, Black Hills Information Security & Senior Instructor, SANS Institute | ||
| 10:35-11:00 am | Networking Break & Vendor Expo | |||
| 11:00 am - 11:35 am |
Extending Burp to Find Struts and XXE Vulnerabilities |
Chris Elgee @chriselgee, Pen Tester, Counter Hack Challenges | ||
| 11:35 am - 12:10 pm | Come to the Dark Side: Python's Sinister Secrets | Mark Baggett @markbaggett, Senior Instructor, SANS Institute | ||
| 12:10-1:15 pm | Lunch | |||
| 1:15-1:50 pm |
Ubiquitous Shells |
Jon Gorenflo @flakpaket, Founder, Fundamental Security; Community Instructor, SANS Institute | ||
| 1:50-2:25 pm | Grape Jelly: How Threat Intel Enhances a Red Team | Lori Stroud, Cyber Threat Analyst, BB&T | ||
| 2:25-2:45 pm | Networking Break | |||
| 2:45-3:20 pm |
Domain Fronting for the Win! |
Matthew George @sircosec, Analyst, phia, LLC |
||
| 3:20-3:45 pm |
Post Exploitation in Developer Environments |
Ian Lee @IanLee1521, Computer Engineer, Lawrence Livermore National Lab |
||
| 3:45-4:20 pm |
“The Future is Going to be More Money” - Majority Reports |
Moses Frost, Security Architect, Cisco Systems; Instructor, SANS Institute |
||
