December 6-7, 2019 | Mesa AZ



Jamie Winterton

Anatomy of an AppSec Program; OR How to Stop Deploying Shoddy Code to Production Systems

Joe Ward

ARMaHYDAN - Misadventures of ARM instruction encodings


Automation and Open Source: Turning the Tide on Attackers

John Grigg

Bug Bounty: Under the Hood

Pax Whitmore, Ray Duran, Mitchell Poortinga

DarkMention: Next-Generation Attack Prediction

Paulo Shakarian, Ph.D.

Detecting Dedicated Infrastructure

Artsiom Holub and Jeremiah O'Connor

Detecting WMI exploitation

Michael Gough

Grandma got run over by an email – senior citizens and computer security

Russ Gritzo

How Can I Find Thee? Let Me Count the Ways - Automated Bug Finding in Practice

Clint Gibler and Daniel DeFreez

Implementing a Kick-Butt Training Program: BLUE TEAM GO!

Ryan Chapman

Lessons Learned: Emerging Adversary Playbooks

Nicholai Piagentini

On the Nose: Bypassing Huawei's Fingerprint Authentication by Exploiting the TrustZone

Nick Stephens

Pathways Into Darkness: Hunting for Adversary Behaviors Atop the Pyramid Of Pain

Kyle Gervais

Quest Accepted: Gamifying Security Awareness Training

Jeremy Ralston

Red Team Tactics for Cracking the GSuite Perimeter

Mike Felch - @ustayready

Running Laps Around Microsoft's LAPS

ActualReverend and CatatonicPrime

Searching the Void - IPv6 Network Reconnaissance

Kevin Tyers

So you want to be a mentor: taking someone from noob to knowledgeable

Nick Moore

Stealing Cycles, Mining Coin: An introduction to Malicious Cryptomining

Edmund Brumaghin

Weaponizing your Pi

John Freimuth

Wireless Monitoring with the #WiFiCactus

Mike Spicer (d4rkm4tter)

Working with WeirdAAL (AWS Attack Library)

Ken Johnson and Chris Gates