If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

Stop wasting time looking for files and revisions. Connect your Gmail, Drive, Dropbox, and Slack accounts and in less than 2 minutes, Dokkio will automatically organize all your file attachments. Learn more and claim your free account. View Edit

To edit this page, request access to the workspace. Already have an account? Log in! BSidesAugusta 2016 THIS PAGE IS FROM 2016 and is NOT the current page ! The most current site is located at www.BSidesAugusta.org What is BSides ?

Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening. Powered by Eventbrite Questions? Want to volunteer? Want to sponsor? Email us at BSidesAugusta [at] gmail.com Follow us on Twitter: @BSidesAugusta Hashtag: #bsidesaugusta Date: September 10, 2016 Location: Augusta University Harrison Education Commons Building 1301 R.A. Dent Blvd Augusta, GA 30901 Campus Map: BSidesAugusta on Augusta University Health Campus.pdf Preferred Hotel: DoubleTree by Hilton Hotel Augusta 2651 Perimeter Parkway Augusta, Georgia, 30909 706-855-8100 The DoubleTree by Hilton Hotel Augusta is offering a special rate for conference attendees for the nights of September 8, 9, and/or 10. To book the hotel at the special rate, click here . Alternatively, you can find the hotel's website via your favorite search engine and use Group Code BSD when booking. The code expires August 19, 2016. Parking: Parking for BSidesAugusta is annotated on the map (link) below. BSidesAugusta on Augusta University Health Campus.pdf Things to do/see while in Augusta. Things To Do and See In Augusta.pdf Dates: Call For Papers (CFP) open - 4/2

CFP close - 6/10

Speakers selected and notified - 6/28

Registration Opens - 6/30 at Noon

BSidesAugusta 2016 - 9/10 Schedule: Start End Super Bad I Got You It's Too Funky in Here Living in America 7:45 13:00 Check-in 8:30 9:00 Opening Remarks 9:00 9:30 Keynote - Rob Joyce 9:30 10:00 10:00 10:30 Aaron Guzman - Mobile Hacking Chris Sanders - Using Honeypots for Network Security Monitoring Josh Rykowski and Scott Hamilton - Gamification for the Win Wes Widner - A worm in the Apple - examining OSX malware 10:30 11:00 11:00 11:30 Tom Webb - Incident Response Awakens David Coursey - This one weird trick will secure your web server! ForgottenSec - IDS/IPS Choices: Benefits, Drawback and Configurations Michael Banks - You TOO can defend against MILLIONS of cyber attacks 11:30 12:00 Ryan O'Horo - Dr. Pentester or: How I Learned To Stop Worrying and Love the Blue Team Rob Gresham - This is not your Momma’s Threat Intelligence Jack Koons - Zero Days and Zero Trust - Microsegmentation and Security Keelyn Roberts - Finding Evil in DNS Traffic 12:00 12:30 LUNCH 12:30 13:00 Patrick Perry - Exploit Kits/ Machine Learning Adam Duby - Moving Target Defense: Evasive Maneuvers in Cyberspace Hunter Hardman - Adventures in RAT dev Tim Gurganus - Ransomware Threats to the Healthcare Industry 13:00 13:30 Brian Bell - Detection of malicious capabilities using YARA Martin Holste - Beyond Math: Practical Security Analytics Jake Williams - Linux privilege escalation for fun, profit, and all around mischief Tim Crothers and Ryan Borre - Using Ransomware Against Itself 13:30 14:00 14:00 14:30 Andrew Cole - Owning MS Outlook with Powershell Brad Duncan - Exploit Kits and Indicators of Compromise John Krautheim - How About a Piece of Pi - Experiences with Robots and Raspberry Pi Hacking Jacqueline Stokes, Danny Akacki, and Stephen Hinck - Hunting: Defense Against The Dark Arts 14:30 15:00 15:00 15:30 Alexander Rymdeko-Harvey - RAT Reusing Adversary Tradecraft Robert M. Lee and Jon Lavender - ICS/SCADA Threat Hunting Andrew Morris - Flaying out the Blockchain Ledger for Fun, Profit, and Hip Hop Paul Melson - Automating Malware Analysis for Threat Intelligence 15:30 16:00 16:00 16:30 Brandon McCrillis - Internet of Terrible Tom Ruff - Agilely Compliant yet Insecure

Jason Smith - Network Situational Awareness with Flow Data Jonathan Creekmore and Michael Edie - Hide and Seek with EMET 16:30 17:00 Lock Pick Village Chiron Pyramid CTF 8:00 * ALL-DAY * * ALL-DAY * 8:30 9:00 9:30 10:00 10:30 11:00 11:30 12:00 12:30 13:00 13:30 14:00 14:30 15:00 15:30 16:00 16:30 Keynote: Rob Joyce Chief, Tailored Access Operations National Security Agency Mr. Rob Joyce began serving as the Chief of the National Security Agency’s Tailored Access Operations (TAO) organization in April 2013. As the Chief of TAO, Rob leads an organization that provides unique, highly valued capabilities to the Intelligence Community and the Nation’s leadership. His organization is the NSA mission element charged with providing tools and expertise in computer network exploitation to deliver foreign intelligence. This information is used in a range of activities – from national policy-making to military operations that support our warfighters around the world, 24 hours a day. Rob has served at the NSA for over 26 years, holding various leadership positions within both NSA missions: the Information Assurance and Signals Intelligence Directorates. Prior to becoming the Chief of TAO, Rob served as the Deputy Director of the Information Assurance Directorate (IAD) at NSA, where he led efforts to harden, protect and defend the Nation’s most critical National Security systems and improve cybersecurity for the nation. Mr. Joyce began his career as an engineer and is a technologist at heart. He holds a Bachelors Degree in Electrical and Computer Engineering from Clarkson University in 1989 and earned a Masters Degree in Electrical Engineering from The Johns Hopkins University in 1993. He was elevated to the Senior Executive Service in 2001. Throughout his career with NSA, he has been the recipient of two Presidential Rank Awards, one meritorious and one at the distinguished level. Rob is a Scout Master and enjoys participating with the Boy Scouts in the annual World Championship of Punkin Chunkin, building a contraption to fling pumpkins for distance. Over the Christmas holidays, Rob runs a computerized light display synchronized to music, which is likely visible from the international space station. Sponsors: Diamond Sponsors Gold Sponsors

Silver Sponsors Bronze Sponsors Basic Support Our In-Kind Sponsors, providing us with contest prizes, and raffle give-away's. Event Recording: Events: Chiron’s Pyramid Capture the Flag (CTF) competition is an individually played and highly challenging cybersecurity experience hosted within a contained virtual network using player’s own laptops or the limited laptops provided. Registration will be open all day. Players will be able to access the Pyramid throughout the day for any period of time, allowing opportunities to attend talks and other events at the conference. Each player will be provided a Chiron Linux "attack" VM on a USB stick that contains 20 additional CTF challenges for players to work on from anywhere. Access to the scoreboard and Pyramid of 15 target hosts will be provided through a wired connection to a closed network. The Pyramid hosts are visualized on one or more projector screens that reflect the captured status in real-time. There are 4 levels on the Pyramid that increase in difficulty and represent deeper networked hosts. Scoring will be recorded across three categories: most hosts captured, highest level on the pyramid, and most flags captured. Prizes will be presented in-person to winners in each category at the end of the competition. Top 5 finalists in each category are also provided a set of coveted Chiron swag for their notable achievements.

FALE (@lockFALE) came together around a common idea of general curiosity and persuasion of the public’s “right to know”. Formally founded in early 2010, the individuals involved in the initial organization already had a history in and love for the practice of locksport and of having a better understanding of the mechanisms we rely on so heavily to keep us secure. Beginning with four members meeting monthly, we have quickly progressed to bi-monthly meetings. We talk locks, picks, general security and a smattering of other topics when meeting, all towards the end of a better knowledge of and ability to communicate the effectiveness (or lack thereof) of so many security measures in place in current society. We hope that through these conversations and our efforts publicly we will help to educate the larger community on the proper use and understanding of locks and security measures encountered daily.





Augusta Locksports (@PickAugusta) was started in 2011 by Rory Rezzelle (@roryrezzelle) out of a desire to learn and educate others on physical security and it’s failings. Meetings started with just a handful of others who would meet monthly at a restaurant to pick locks, talk about life, and just enjoy a night out. Augusta Locksports began helping at local security conventions and the interest in our group began to grow. In 2015, Augusta Locksports became an incorporated nonprofit organization and have begun teaching at more events, holding our own contests, and helping show how effective the security you rely on daily actually is in the world. FALE and Augusta Locksports will be hosting a Lockpick Village where folks can come by to talk about physical security, learn to pick locks or talk about advanced picking techniques and tips. Plenty of locks and spare picks to play with, so be sure to stop by! Organizers: Doug Burks | @dougburks

Mark Baggett | @markbaggett

Lawrence Abrams | @vpnpoker

Mike McDargh | @mmcdargh

Phil Plantamura | @philplantamura

Joanne Sexton

Ron Martin Building "muscle memory" with Rekall BSidesAugusta 2016 Tip: To turn text into a link, highlight the text, then click on a page or file from the list above. Printable version