The A2Y.asm 2017 is full.

10:30 - 11:00 AM

Opening remarks

11:00 AM - 12:00 PM

My year managing secrets with HashiCorp's Vault

Brian Nuszkowski

Secret management is an opinionated, convoluted, and boutique process that typically differs significantly from team to team and organization to organization. I'll discuss why Vault was chosen as the standard for secret management, provide a dive deep into it's technical implementation and architecture, and most importantly, cover how it is used it to secure a diverse ecosystem of applications and services.

View Details
12:00 - 12:30 PM

Lunch

12:30 - 1:00 PM

To Bcrypt Or Not To Bcrypt

James Kruth

Bcrypt is perhaps the world's most popular password hashing algorithm. Despite it's venerable age, it's still very commonly misused - and many libraries have hidden gotchas. This talk is a survey of bad advice on using Bcrypt taken from forums, blogs, and "helpful" resources that culminates in examples of proper, modern usage in several high level languages.

View Details
1:00 - 1:30 PM

DADSEC 101

Richard Cassara

Whether or not you have a family, it is important to secure and monitor your home network.
Although outside threats receive the bulk of attention, it's the things going on inside your own network which can be the most critical.
A little bit of effort goes a long way towards improving situational awareness and allows you to intervene with systems and/or users before too much damage is done.
While this talk is presented in the context of a family's home network, the information highlights free and custom built tools that can also be useful for a small or medium-sized business environment.

View Details
1:30 - 1:45 PM

Break 1

1:45 - 2:15 PM

A Friendly Intro to Qubes-OS

Mike lastname

Securing personal machines is a notoriously difficult. Generally speaking, an attacker only has to win once to access sensitive information on a personal machine and wreak havok. Qubes-OS, however, gives users the opportunity to strictly compartmentalize their online digital lives and minimize risk of malware accessing sensitive info. I'll talk about the basic design and features of Qubes-OS, example use-cases (split-gpg/ssh, disposable VMs, ...), and provide insight and experience from 6 months of Qubes-OS as a primary system. If time allows and the audience shows interest, I can demo basic features/workflows on my personal machine.

View Details
2:15 - 3:15 PM

Wild and cultivated .onions - a ground survey. plus recipes and planting tips

Dave the Onion Eater

Instead of making you cry when cutting into them, these .onions fashion themselves as network services accessible only via the Tor network.

These Onion Services exist with self-authenticating .onion addresses. In addition, Onion Services present a number of security and privacy benefits not held by their "clearnet" counterparts.

This talk presents just some of the many use cases of Onion Services, including a survey of helpful ones you might find in the wild or cultivated, recipes with .onions that enhance security and privacy, and planting tips for those of you who wish to grow your own .onions, publically or privately.

It covers a wide look at Onion Services, from the basics (how connecting to one might work if you know its name), to current weaknesses, to notable patterns and tools in the .onion ecosystem, to set-up demos, and anything in between.

This talk should sufficiently motivate you to use existing Onion Services and prepare you to set up your own private .onions; furthermore, it should give you several leads to chase down if you care to set up a public .onion, depending upon your needs.

View Details
3:15 - 3:30 PM

Break 2

3:30 - 4:30 PM

Intro to Rootkit Design

Michael Grube

Rootkits are code designed specifically to persist and hide in systems for as long as possible. In this talk, we'll look at some hands-on examples covering the whole spectrum from Userland to Firmware infection. We'll also discuss methods for safely exfiltrating data from your target and communicating in a way that is hard to detect. We'll talk about wrapping up all of these approaches into a single threat that is ready to hide and do your bidding.

View Details
4:30 - 5:00 PM

Rekalling the Volatile past: A Brief Intro into Memory Forensics

Jessica Wilson

Live memory can be a treasure trove of indicators of compromise during an investigation. There are two major players in the memory forensics framework arena, Rekall and Volatility. In this talk I will compare and contrast the two, while giving a brief introduction on how to use both tools.

View Details
5:00 - 5:30 PM

We Don’t Always Go Lights and Sirens

Kendra Cooley · Duo Security

One of the most critical steps to Incident Response is the initial triage phase. The same can be said of the decision Paramedics make when responding to emergency calls. During this presentation we will review how to properly triage an incident based on the information available while relating the process back to real life emergencies.

View Details
5:30 - 6:00 PM

Red Team Dev/Ops: Orchestrating Red Team Operations with Ansible

Aaron Pohl

Have you ever been “caught” by the Blue Team in the middle of a pentest, had your VPS’s external IP blacklisted, and needed to quickly create a new system to catch your shells connecting back out? If you don’t have the process automated, you could be out hours or more while you’re right in the thick of it with a deadline to meet. Do you dream of simple, repeatable builds of tiered Red Team network infrastructure that can completely disappear when the engagement is complete? Are you curious what the CIA might have been doing with Ansible, as revealed by the Vault7 leaks? If so, come listen to some ideas and hear how you can build your own terrible machines to help make your job easier.

View Details
6:00 - 6:30 PM

Closing remarks