conferences
Building an information security awareness program from scratch
Most security awareness programs suck. They involve canned video presentations or someone from HR explaining computer use policies. Others are extremely expensive and beyond …
Can you trust the apps you use?
With the advent of smartphones, the word “app” has almost become a synonym for pleasure. Whatever you need, whatever you want is right there at your fingertips, …
Video: Operationalizing security intelligence in the enterprise
Many organizations say they acquire and use security intelligence for the benefit of their organizations – but few actually do this right. While security intelligence is …
Big thinkers converge on small town for Day-Con 2013
Day-Con, Dayton Ohio’s annual hacker conference, celebrated its 7th year last month with a completely re-imagined format: limited seating, invitation only, and …
Video: Malware Management Framework
You can throw lots of time and money at scanning your systems for unknown malware, but the reality is that you will only identify a small portion of the bad stuff. Changing …
Customizing defense models to reduce the window of exposure
Most organizations already have a defense model in place that is meant to protect them from attacks, but the problem is that many use an outdated one. But the threat landscape …
The Internet of Things: Vulns, botnets and detection
Does the Internet of Things scare you? It probably should. This DerbyCon video discusses why embedded device security is laughably bad, handling vendor notification, and …
Digital ship pirates: Researchers crack vessel tracking system
In the maritime business, Automated Identification Systems (AIS) are a big deal. They supplement information received by the marine radar system, are used for a wide variety …
Video: Hacking back and active defense
In this DerbyCon video, John Strand will demonstrate the Active Defense Harbinger Distribution, a DARPA funded, free Active Defense virtual machine. He will debunk many of the …
Video: Antivirus evasion techniques
This video from DerbyCon discusses the basics of the AV evasion problem, what techniques work, which ones don’t and why. The talk has a particular focus on AV evasion as …
Strengths and weaknesses of MS SmartScreen filter
Microsoft’s SmartScreen application control feature, introduced with Internet Explorer 8 and lately ported to Windows 8 is a good addition to the new OS. It might …
Video: DIY Command & Control for fun and no profit
Many security professionals have heard about Command & Control botnets, even more have been infected by them. Very few have had the opportunity to actually look inside …