A2Y.asm 2017

Saturday, September 16, 2017
09/16/17 09/16/17 America/New_York A2Y.asm 2017 A2Y.asm (as in Ann Arbor / Ypsilanti "assembly") is a mini-conference aimed at showcasing presentations on hacking and computer security-related topics by practitioners, researchers, etc. in/around the greater Ann Arbor area. Bona Sera Underground 200 W. Michigan Avenue, Ypsilanti, MI 48197 United States A2Y.asm 2017 conference@arbsec.org true MM/DD/YYYY

Registration ended Sep 15, 2017

Bona Sera Underground

200 W. Michigan Avenue
Ypsilanti, MI 48197 United States

https://www.arbsec.org/a2y.asm/

A2Y.asm (as in Ann Arbor / Ypsilanti "assembly") is a mini-conference aimed at showcasing presentations on hacking and computer security-related topics by practitioners, researchers, etc. in/around the greater Ann Arbor area.

Event Contact: A2Y Organizers
conference@arbsec.org

The A2Y.asm 2017 is full.

A2Y.asm 2017

Saturday, September 16, 2017

09/16/17 09/16/17 America/New_York A2Y.asm 2017 A2Y.asm (as in Ann Arbor / Ypsilanti "assembly") is a mini-conference aimed at showcasing presentations on hacking and computer security-related topics by practitioners, researchers, etc. in/around the greater Ann Arbor area. Bona Sera Underground 200 W. Michigan Avenue, Ypsilanti, MI 48197 United States A2Y.asm 2017 conference@arbsec.org true MM/DD/YYYY

Download Agenda

Sep

Sep 16, 2017 ico

	09/16/17 10:30 AM 09/16/17 11:00 AM America/New_York Opening remarks View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_12968 <br/> A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 10:30 - 11:00 AM Opening remarks
	09/16/17 11:00 AM 09/16/17 12:00 PM America/New_York My year managing secrets with HashiCorp's Vault View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13245 <br/> Secret management is an opinionated, convoluted, and boutique process that typically differs significantly from team to team and organization to organization. I'll discuss why Vault was chosen as the standard for secret management, provide a dive deep into it's technical implementation and architecture, and most importantly, cover how it is used it to secure a diverse ecosystem of applications and services. A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 11:00 AM - 12:00 PM My year managing secrets with HashiCorp's Vault Speaker Brian Nuszkowski Secret management is an opinionated, convoluted, and boutique process that typically differs significantly from team to team and organization to organization. I'll discuss why Vault was chosen as the standard for secret management, provide a dive deep into it's technical implementation and architecture, and most importantly, cover how it is used it to secure a diverse ecosystem of applications and services. More Info
	09/16/17 12:00 PM 09/16/17 12:30 PM America/New_York Lunch View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13244 <br/> A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 12:00 - 12:30 PM Lunch
	09/16/17 12:30 PM 09/16/17 1:00 PM America/New_York To Bcrypt Or Not To Bcrypt View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13246 <br/> Bcrypt is perhaps the world's most popular password hashing algorithm. Despite it's venerable age, it's still very commonly misused - and many libraries have hidden gotchas. This talk is a survey of bad advice on using Bcrypt taken from forums, blogs, and "helpful" resources that culminates in examples of proper, modern usage in several high level languages. A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 12:30 - 1:00 PM To Bcrypt Or Not To Bcrypt Speaker James Kruth Bcrypt is perhaps the world's most popular password hashing algorithm. Despite it's venerable age, it's still very commonly misused - and many libraries have hidden gotchas. This talk is a survey of bad advice on using Bcrypt taken from forums, blogs, and "helpful" resources that culminates in examples of proper, modern usage in several high level languages. More Info
	09/16/17 1:00 PM 09/16/17 1:30 PM America/New_York DADSEC 101 View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13247 <br/> Whether or not you have a family, it is important to secure and monitor your home network. Although outside threats receive the bulk of attention, it's the things going on inside your own network which can be the most critical. A little bit of effort goes a long way towards improving situational awareness and allows you to intervene with systems and/or users before too much damage is done. While this talk is presented in the context of a family's home network, the information highlights... A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 1:00 - 1:30 PM DADSEC 101 Speaker Richard Cassara Whether or not you have a family, it is important to secure and monitor your home network. Although outside threats receive the bulk of attention, it's the things going on inside your own network which can be the most critical. A little bit of effort goes a long way towards improving situational awareness and allows you to intervene with systems and/or users before too much damage is done. While this talk is presented in the context of a family's home network, the information highlights free and custom built tools that can also be useful for a small or medium-sized business environment. More Info
	09/16/17 1:30 PM 09/16/17 1:45 PM America/New_York Break 1 View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13254 <br/> A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 1:30 - 1:45 PM Break 1
	09/16/17 1:45 PM 09/16/17 2:15 PM America/New_York A Friendly Intro to Qubes-OS View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13248 <br/> Securing personal machines is a notoriously difficult. Generally speaking, an attacker only has to win once to access sensitive information on a personal machine and wreak havok. Qubes-OS, however, gives users the opportunity to strictly compartmentalize their online digital lives and minimize risk of malware accessing sensitive info. I'll talk about the basic design and features of Qubes-OS, example use-cases (split-gpg/ssh, disposable VMs, ...), and provide insight and experience from 6 mon... A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 1:45 - 2:15 PM A Friendly Intro to Qubes-OS Speaker Mike lastname Securing personal machines is a notoriously difficult. Generally speaking, an attacker only has to win once to access sensitive information on a personal machine and wreak havok. Qubes-OS, however, gives users the opportunity to strictly compartmentalize their online digital lives and minimize risk of malware accessing sensitive info. I'll talk about the basic design and features of Qubes-OS, example use-cases (split-gpg/ssh, disposable VMs, ...), and provide insight and experience from 6 months of Qubes-OS as a primary system. If time allows and the audience shows interest, I can demo basic features/workflows on my personal machine. More Info
	09/16/17 2:15 PM 09/16/17 3:15 PM America/New_York Wild and cultivated .onions - a ground survey. plus recipes and planting tips View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13249 <br/> Instead of making you cry when cutting into them, these .onions fashion themselves as network services accessible only via the Tor network. These Onion Services exist with self-authenticating .onion addresses. In addition, Onion Services present a number of security and privacy benefits not held by their "clearnet" counterparts. This talk presents just some of the many use cases of Onion Services, including a survey of helpful ones you might find in the wild or cultivated, recipes with ... A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 2:15 - 3:15 PM Wild and cultivated .onions - a ground survey. plus recipes and planting tips Speaker Dave the Onion Eater Instead of making you cry when cutting into them, these .onions fashion themselves as network services accessible only via the Tor network. These Onion Services exist with self-authenticating .onion addresses. In addition, Onion Services present a number of security and privacy benefits not held by their "clearnet" counterparts. This talk presents just some of the many use cases of Onion Services, including a survey of helpful ones you might find in the wild or cultivated, recipes with .onions that enhance security and privacy, and planting tips for those of you who wish to grow your own .onions, publically or privately. It covers a wide look at Onion Services, from the basics (how connecting to one might work if you know its name), to current weaknesses, to notable patterns and tools in the .onion ecosystem, to set-up demos, and anything in between. This talk should sufficiently motivate you to use existing Onion Services and prepare you to set up your own private .onions; furthermore, it should give you several leads to chase down if you care to set up a public .onion, depending upon your needs. More Info
	09/16/17 3:15 PM 09/16/17 3:30 PM America/New_York Break 2 View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13255 <br/> A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 3:15 - 3:30 PM Break 2
	09/16/17 3:30 PM 09/16/17 4:30 PM America/New_York Intro to Rootkit Design View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13250 <br/> Rootkits are code designed specifically to persist and hide in systems for as long as possible. In this talk, we'll look at some hands-on examples covering the whole spectrum from Userland to Firmware infection. We'll also discuss methods for safely exfiltrating data from your target and communicating in a way that is hard to detect. We'll talk about wrapping up all of these approaches into a single threat that is ready to hide and do your bidding. A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 3:30 - 4:30 PM Intro to Rootkit Design Speaker Michael Grube Rootkits are code designed specifically to persist and hide in systems for as long as possible. In this talk, we'll look at some hands-on examples covering the whole spectrum from Userland to Firmware infection. We'll also discuss methods for safely exfiltrating data from your target and communicating in a way that is hard to detect. We'll talk about wrapping up all of these approaches into a single threat that is ready to hide and do your bidding. More Info
	09/16/17 4:30 PM 09/16/17 5:00 PM America/New_York Rekalling the Volatile past: A Brief Intro into Memory Forensics View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13251 <br/> Live memory can be a treasure trove of indicators of compromise during an investigation. There are two major players in the memory forensics framework arena, Rekall and Volatility. In this talk I will compare and contrast the two, while giving a brief introduction on how to use both tools. A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 4:30 - 5:00 PM Rekalling the Volatile past: A Brief Intro into Memory Forensics Speaker Jessica Wilson Live memory can be a treasure trove of indicators of compromise during an investigation. There are two major players in the memory forensics framework arena, Rekall and Volatility. In this talk I will compare and contrast the two, while giving a brief introduction on how to use both tools. More Info
	09/16/17 5:00 PM 09/16/17 5:30 PM America/New_York We Don’t Always Go Lights and Sirens View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13252 <br/> One of the most critical steps to Incident Response is the initial triage phase. The same can be said of the decision Paramedics make when responding to emergency calls. During this presentation we will review how to properly triage an incident based on the information available while relating the process back to real life emergencies. A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 5:00 - 5:30 PM We Don’t Always Go Lights and Sirens Speaker Kendra Cooley · Duo Security One of the most critical steps to Incident Response is the initial triage phase. The same can be said of the decision Paramedics make when responding to emergency calls. During this presentation we will review how to properly triage an incident based on the information available while relating the process back to real life emergencies. More Info
	09/16/17 5:30 PM 09/16/17 6:00 PM America/New_York Red Team Dev/Ops: Orchestrating Red Team Operations with Ansible View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_13253 <br/> Have you ever been “caught” by the Blue Team in the middle of a pentest, had your VPS’s external IP blacklisted, and needed to quickly create a new system to catch your shells connecting back out? If you don’t have the process automated, you could be out hours or more while you’re right in the thick of it with a deadline to meet. Do you dream of simple, repeatable builds of tiered Red Team network infrastructure that can completely disappear when the engagement is complete? Are you curious wh... A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 5:30 - 6:00 PM Red Team Dev/Ops: Orchestrating Red Team Operations with Ansible Speaker Aaron Pohl Have you ever been “caught” by the Blue Team in the middle of a pentest, had your VPS’s external IP blacklisted, and needed to quickly create a new system to catch your shells connecting back out? If you don’t have the process automated, you could be out hours or more while you’re right in the thick of it with a deadline to meet. Do you dream of simple, repeatable builds of tiered Red Team network infrastructure that can completely disappear when the engagement is complete? Are you curious what the CIA might have been doing with Ansible, as revealed by the Vault7 leaks? If so, come listen to some ideas and hear how you can build your own terrible machines to help make your job easier. More Info
	09/16/17 6:00 PM 09/16/17 6:30 PM America/New_York Closing remarks View session: https://www.connect.space/accounts/events/a2y-asm-2017/agenda/2017-09-16#session_row_12969 <br/> A2Y.asm 2017 conference@arbsec.org MM/DD/YYYY 6:00 - 6:30 PM Closing remarks