For the week of Feb 23 to Feb 28, San Francisco was no doubt the center of the security world, as infosec’s best and brightest descended on the city, ready to network, demo, and party at RSA and other meet-ups.
Although there are several events happening during the week, one stands out as something a hands-on security practitioner should never miss: BSides SF at DNA Lounge.
OpenDNS was well-represented at the event, with three members of our OpenDNS Security Labs presenting.
Thibault (@ThibaultReuille) and I (@pingpingya) gave a talk titled “Design to Discover” on Sunday. You can access the audio archives (expiring in a week) at DNALounge’s site. The video recording is still on it’s way, but if you can’t wait, check out a similar talk we gave at BayThreat earlier this year.
On Monday, Dhia Mahjoub (@DhiaLite) presented his talk on “Exploring Malicious Hot Spots in the ASN Space,” where he applied graph analysis and IP range tracking to not only quickly detect emerging infrastructures for Nuclear ExploitKit, but also showcase the possibility of predicting their movements and enforce containments in advance.
Throughout the two days, there were several great presentations. Below is my list of the best BSides SF had to offer:
– In a panel discussion lead by Jack Daniel from Tenable, analysts Wendy Nather and Javvad Malik provided insight on speaking to analysts (with a heaping helping of snark, of course).
– Assaf Rappaport of Adallom provided an in-depth look at the anatomy of the “Ice Dagger” attacks, in which he discussed the discovery and severity of an Office 365 token disclosure vulnerability he broke last December.
– Ryan Huber presented “Running at 99%: Surviving An Application DoS” (unfortunately, I wasn’t able to see his talk.) A quick search turned up a set of slideshare slides, which hopefully covers most of his BSides presentation.
– Jared DeMott, Principal Security Reseacher from Bromium labs, gave an awesome talk on bypassing EMET. As Microsoft EMET (Enhanced Mitigation Experience Toolkit) grows in popularity, the research Jared presented is critical to knowing its limitations in order to further enhance such exploit mitigation tools, and better protect against exploitation vectors.
– Adam Shostack talked about threat modeling with a Star Wars theme! Star Wars fans/security pros will definitely find it both informative and entertaining. If you missed his talk at BSides, or would like to see the talk one more time, he is going to present it at Air Mozilla event this week.
After the talks wrapped on Monday, all attendees were invited back to OpenDNS HQ for the official BSides SF afterparty, where food, drinks, and good times were had by all:
Hopefully everyone had a great week, and a safe trip home. See you next year!