Bsides PDX 2017 Workshops

Fri, October 20 2017, 9:00 AM - Sat, October 21 2017, 7:00 PM [PST]

777 NE Martin Luther King Jr Blvd, Portland, OR, 97232, United States

Register Now

1. Select Seats

2. Review and Proceed

REGISTRATION

Sale ended

Ken Westin - Threat Hunting Permit (Friday October 20, 11AM-1PM) PARTIAL APPROVAL - Free

Security analytics can be a difficult and expensive, but it doesn't have to beYour automated defenses will fail. Attackers will gain access to your network by exploiting software, or even your people. In order to deal with this reality organizations need to assume they have been breached and work backwards from there. But, how can you find adversaries in your infrastructure? Threat hunting is the practice of proactively seeking out evil in your network, finding needles in haystacks that link to other needles and unveiling how an organization was compromised and possibly even answering the “why?”. In this hands-on threat hunting workshop participants will go on a guided threat hunting expedition, pivoting across various data sources (threat intelligence, DNS, endpoint, web logs, email) to reveal a campaign targeting an organization. Participants will walk away with a basic understanding of threat hunting and the tools needed to develop a hunting practice in their own organization.

sales ended

Wu-chang Feng - Learning Symbolic Execution using an Angr-y CTF (Friday October 20, 1pm-3pm) PARTIAL APPROVAL - Free

Symbolic execution is a powerful tool for finding and exploiting vulnerabilities in binaries. In this workshop, we will introduce the concepts of symbolic execution and how it can be used in angr, a binary analysis framework. Throughout this workshop, attendees will use a scaffolded set of CTF levels at (https://malware.oregonctf.org) to develop programs that will automatically analyze binaries. To participate in this workshop, attendees are encouraged to arrive with a working version of the latest angr release. Instructions for installing angr are here: (https://thefengs.com/wuchang/courses/cs492/angr_install.txt)

Sale ended

Chris - Browser Fuzzing Tradecraft (Friday, October 20, 3PM-5PM) PARTIAL APPROVAL - Free

All the cool kids are fuzzing these days. With efficient and simple to use fuzzers like AFL and a sound corpus just a Bing search away, why not get in the game? You’ll keep your apartment heated and you might even cash in on that sweet sweet WinRar bug bounty! But what if your sights are set a bit higher; you dream of a luxurious Master of Pwns cigar jacket or some of that NSA 0day money? This workshop will not be handing out free 0day, but will show you how to get started fuzzing browsers and the pitfalls to avoid. Students should come prepared with a laptop (at least an i5 processor recommended) and VMware player or equivalent.

sales ended

Joe Fitzpatrick - Applied Physical Attacks on Embedded Systems, Introductory Version (Saturday October 21, 11AM-1PM) PARTIAL APPROVAL - Free

This workshop introduces several different relatively accessible interfaces on embedded systems. Attendees will get hands-on experience with UART, SPI, and JTAG interfaces on a MIPS-based wifi router. After a brief architectural overview of each interface, hands-on labs will guide through the process understanding, observing, interacting with, and exploiting the interface to potentially access a root shell on the target.

Sale ended

Gary Smith - Blacklisting Bad Guys With IPTables (Saturday October 21, 2:30-4:30 PM) PARTIAL APPROVAL - Free

Anyone that has run a server on the Internet for any length of time quickly learns that the Internet is full of spammers, bots, and other characters you would prefer didn’t exist. One way to keep them at bay is to use blacklists with IPTables. In this talk we’ll look at several sources of blacklists and how to efficiently incorporate blacklists into Linux IPTables to effectively mass block IP addresses and protect systems.

Enter your discount code

  • Fee
  • Total amount

Fri, October 20 2017, 9:00 AM - Sat, October 21 2017, 7:00 PM [PST]

Oregon Convention Center, 777 NE Martin Luther King Jr Blvd, Portland, OR, 97232, United States.

We have tickets for each workshop available here starting at 10AM on October 13.

Please:

1. Only register if you're pretty sure you'll attend, Cancel if your plans change

2. If you don't get one, there may still be room for walk-ins if there are no-shows. 

3. Save room for others - please don't register for more than 2 different workshops so everyone gets a chance

See https://bsidespdx.org/events/2017/workshops for details about these workshops.

Security Bsides Portland 2017 will be Friday, October 20, with an additional day of activities and workshops on Saturday, October 21. BSidesPDX will be held at the Oregon Convention Center

BSides PDX is a gathering of the most interesting infosec minds in Portland and the Pacific Northwest! Our passion about all things security has driven attendance from other parts of the country. Our goal is to provide an open environment for the InfoSec community to engage in conversations, learn from each other and promote knowledge sharing and collaboration. The Portland and greater Northwest information security community spans a broad spectrum of participation from CISOs, Fortune 100 company security experts, small business system admins, to independent security researchers.

Cancellation policy

Please cancel if you know you won't attend so others can reserve space

Joseph FitzPatrick

http://www.bsidespdx.org/