Defense Needed, Superbees Wanted
- (WebApp Pentesting with bWAPP)
- Malik Mesellem
- Thursday, April 16th, 8:15pm - 9:15pm
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application developed by Malik Mesellem. It helps security enthusiasts, developers, and students to discover and to prevent web vulnerabilities.
bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. "A security testing framework made for educational purposes".
What makes bWAPP so unique? Well, it has over 100 different web vulnerabilities and issues! It covers all major known web bugs, including all risks from the OWASP Top 10 project.
Defense is needed... superbees are wanted!
Speaker Bio: Malik Mesellem is an IT professional with over 15 years of experience in IT security. He has always had a passion for ethical hacking and penetration testing, obsessed with Windows and web application insecurity.
In 2010 he started his own company, MME, specialized in security audits, penetration testing, ethical hacking and security training.
Malik gives master classes, lectures, and workshops on conferences and for several institutions worldwide. For Belgium, Malik is an OWASP ZAP evangelist.
Malik is also the founder and developer of bWAPP, a famous free and open source deliberately insecure web application...
More info: http://www.mmebvba.com
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
- Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Sunday, April 12
|Registration Welcome Reception||—||Sunday, April 12th, 5:00pm - 7:00pm||Reception|
Monday, April 13
|General Session - Welcome to SANS||Dr. Eric Cole||Monday, April 13th, 8:15am - 8:45am||Special Events|
|SANS Technology Institute Reception and Information Session||Bill Lockhart, Executive Director, SANS Technology Institute||Monday, April 13th, 5:30pm - 7:00pm||Special Events|
|Understanding the Offense to Build a Better Defense||Dr. Eric Cole||Monday, April 13th, 7:15pm - 9:15pm||Keynote|
Tuesday, April 14
|How to Become a SANS Instructor||Eric Conrad||Tuesday, April 14th, 12:30pm - 1:15pm||Lunch and Learn|
|Fight Cyber Adversaries with Controlled Collaboration||Trevor Welsh, Cyber Engineering Architect||Tuesday, April 14th, 12:30pm - 1:15pm||Lunch and Learn|
|Protecting the Things, Including the Ones You Already Have (and don't know about)||Tom Byrnes, CEO and Founder||Tuesday, April 14th, 12:30pm - 1:15pm||Lunch and Learn|
|Advanced Threats Need Comprehensive Defense||Anubhav Arora, System Architect, R&D, General Dynamics Fidelis Cybersecurity||Tuesday, April 14th, 12:30pm - 1:15pm||Lunch and Learn|
|Continuous Security Intelligence with the SANS Critical Security Controls||Justin Pennock, North America Sales Leader, EiQ Networks||Tuesday, April 14th, 12:30pm - 1:15pm||Lunch and Learn|
|Expose the Underground: Prevent Advanced Persistent Threats||Mike Milholland, Network Security Engineer, Palo Alto Networks||Tuesday, April 14th, 12:30pm - 1:15pm||Lunch and Learn|
|The Power of Threat Intelligence in your Cybersecurity Program||Jason McEachin - Director, Sales Engineering, Lookingglass||Tuesday, April 14th, 12:30pm - 1:15pm||Lunch and Learn|
|Women in Technology Meet and Greet||—||Tuesday, April 14th, 5:30pm - 6:30pm||Reception|
|Online Training Pool Party||—||Tuesday, April 14th, 6:15pm - 7:15pm||Reception|
|Using an Open Source Threat Model for Prioritized Defense||James Tarala||Tuesday, April 14th, 7:15pm - 8:15pm||SANS@Night|
|The 13 Absolute Truths of Security||Keith Palmgren||Tuesday, April 14th, 7:15pm - 8:15pm||SANS@Night|
|Self-Education: Using the Pull Method for Security Awareness Training||Lance Spitzner||Tuesday, April 14th, 7:15pm - 8:15pm||SANS@Night|
|Cyber Leadership Reception||—||Tuesday, April 14th, 7:15pm - 8:15pm||Reception|
|Router Vulnerabilities and Backdoors: Can You Trust Your Vendor?||Christoph Eckstein - Master's Degree Candidate||Tuesday, April 14th, 7:15pm - 7:55pm||Master's Degree Presentation|
|Preparing for PowerShellmageddon - Investigating Windows Command Line Activity||Chad Tilbury||Tuesday, April 14th, 8:15pm - 9:15pm||SANS@Night|
|iOS Game Hacking: How I Ruled the Worl^Hd and Built Skills For AWESOME Mobile App Pen Tests||Josh Wright||Tuesday, April 14th, 8:15pm - 9:15pm||SANS@Night|
|Securing The Kids||Lance Spitzner||Tuesday, April 14th, 8:15pm - 9:15pm||SANS@Night|
|Using Sysmon to Enrich Security Onion's Host-Level Capabilities||Josh Brower - Master's Degree Candidate||Tuesday, April 14th, 8:15pm - 8:55pm||Master's Degree Presentation|
Wednesday, April 15
|Vendor Solutions Expo||—||Wednesday, April 15th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Wednesday, April 15th, 5:30pm - 7:30pm||Vendor Event|
|Malware Analysis for Incident Responders: Getting Started||Lenny Zeltser||Wednesday, April 15th, 7:15pm - 9:15pm||SANS@Night|
|Gone In 60 Minutes||David Hoelzer||Wednesday, April 15th, 7:15pm - 8:15pm||SANS@Night|
|Windows Exploratory Surgery with Process Hacker||Jason Fossen||Wednesday, April 15th, 7:15pm - 8:45pm||SANS@Night|
|It's Time To Make a Case||Moses Hernandez||Wednesday, April 15th, 7:15pm - 8:15pm||SANS@Night|
|A 0-Budget Approach to the Containment of Malware Traffic for Small Organizations||Paul Ackerman - Master's Degree Candidate||Wednesday, April 15th, 7:15pm - 7:55pm||Master's Degree Presentation|
|GIAC Program Overview||Jeff Frisk||Wednesday, April 15th, 8:15pm - 9:15pm||Special Events|
|Enterprise PowerShell for Remote Security Assessment||James Tarala||Wednesday, April 15th, 8:15pm - 9:15pm||SANS@Night|
|Hacking Back, Active Defense and Internet Tough Guys||John Strand||Wednesday, April 15th, 8:15pm - 9:15pm||SANS@Night|
|Security Data Visualization||Balaji Balakrishnan - Master's Degree Candidate||Wednesday, April 15th, 8:15pm - 8:55pm||Master's Degree Presentation|
Thursday, April 16
|Tackling Application Security Challenges Through Progressive Scanning||Tom Cline, Technical Account Manager||Thursday, April 16th, 12:30pm - 1:15pm||Lunch and Learn|
|Rapid Visibility and Compliance with CloudPassage Halo||Ryan Thomas, Director of Product & Chad Gasaway, Sr. Sales Engineer||Thursday, April 16th, 12:30pm - 1:15pm||Lunch and Learn|
|Reverse Engineering Emails for Threat Indicators||Ronnie Takazowski, Senior Research Engineer, PhishMe||Thursday, April 16th, 12:30pm - 1:15pm||Lunch and Learn|
|Anatomy of An Attack - It Takes an Expert to Stop Attackers||Stephen Coty, Chief Security Evangelist, Alert Logic||Thursday, April 16th, 12:30pm - 1:15pm||Lunch and Learn|
|Bit9 Connect IR Partner Enablement||James Darby, Director of IR/MSSP Operations||Thursday, April 16th, 12:30pm - 1:15pm||Lunch and Learn|
|Prevent - Detect - Respond||Justin Kallhoff, Founder, Infogressive||Thursday, April 16th, 12:30pm - 1:15pm||Lunch and Learn|
|Debunking the Complex Password Myth||Keith Palmgren||Thursday, April 16th, 7:15pm - 8:15pm||SANS@Night|
|The Law of Offensive Countermeasures, Active Defense or Whatever You Wanna Call It||Benjamin Wright||Thursday, April 16th, 7:15pm - 8:15pm||SANS@Night|
|Raising the Bar with Security Skills Assessment and Training||Paul Hershberger - Master's Degree Candidate||Thursday, April 16th, 7:15pm - 7:55pm||Master's Degree Presentation|
|Let's Face It, You Are Probably Compromised. What Next?||Joff Thyer||Thursday, April 16th, 8:15pm - 9:15pm||SANS@Night|
|Defense Needed, Superbees Wanted||Malik Mesellem||Thursday, April 16th, 8:15pm - 9:15pm||SANS@Night|