WEBCAST OCT 19 – BSidesNYC 2024
On Saturday 19 October 2024 the BSidesNYC Conference convened at the John Jay College of Criminal Justice in NYC. BSidesNYC is an Information / Security conference that is 100% volunteer organized.
The event’s Red track was livestreamed by the Internet Society New York Chapter. Most Blue, Other, and Entrepreneur track sessions were also recorded, with a few exceptions.
FULL SCHEDULE https://bsidesnyc.org/schedule/
YOUTUBE PLAYLIST https://bit.ly/BSidesNYC2024
PLENARY
Launch (yt | mp4 | mp3 | srt | txt)
Huxley Barbee – void *huxley
Shweta Jain – Chair, Department of Mathematics and Computer Science · John Jay College
Keynote: When Do We Get to Play On Easy Mode? (yt | mp4 | mp3 | srt | txt)
Wendy Nather – Some Kind of Cyber Professional
Closing Ceremonies (yt | mp4 | mp3 | srt | txt)
MC – Huxley Barbee – void *huxley
RED TRACK
Building Burp Extensions with Kotlin (yt | mp4 | mp3 | srt | txt)
Nick Coblentz – Application Penetration Team Lead, Virtue Security
Breaking free from the chains of fate – Bypassing AWSCompromisedKeyQuarantineV2 Policy (yt | mp4 | mp3 | srt | txt | pdf)
Bleon Proko (gl4ssesbo1) – Security Engineer
Andrew Kraut (Opie) – Senior Researcher – Permiso P0 Labs
How I hacked a cloud production environment with external Terraform manipulation (yt | mp4 | mp3 | srt | txt)
Uri Aronovici – Co-Founder & CTO, ZEST Security
Discover the Unseen: Azure Vulnerability Exploitation (yt | mp4 | mp3 | srt | txt)
Scott Miller – Penetration Tester, Accenture
From HiatusRAT to Cuttlefish: advances in credential theft through the router (yt | mp4 | mp3 | srt | txt)
Danny Adamitis – Principal Information Security Engineer, Black Lotus Labs, Lumen Technologies
Ryan English – Information Security Engineer, Black Lotus Labs, Lumen Technologies
How We Impersonated Cloud Code by Google Cloud and Took Over GCP Accounts (yt | mp4 | mp3 | srt | txt)
Moshiko – Research Lead, Upwind Security
RE-Thinking: Modernizing the Malware Analyst (yt | mp4 | mp3 | srt | txt)
Joseph Edwards – Staff DFIR Investigator, SentinelOne
XZ Backdoor: Navigating the Complexities of Supply Chain Attacks Detected by Accident (yt | mp4 | mp3 | srt | txt)
DevSecYoad – DevOps Lead | Co-Founder & CEO at Myrror Security
BLUE TRACK
10 Things to Know Before You Work on Your Next M365 BEC (yt | mp4 | mp3 | srt | txt | pdf)
Ida Musheyev-Polishchuk – Senior Consultant, Stroz Friedberg
Natasha Vij – DFIR Consultant, Stroz Friedberg
Bridging the Gap: Developing Accessible Anti-Phishing Solutions (yt | mp4 | mp3 | srt | txt | pdf)
Lydia Stepanek – Owner and Lead Engineer, Pen Loop Consulting
Building Canaries with ELK and ElastAlert2 (yt | mp4 | mp3 | srt | txt)
Andrew Januszak – REN-ISAC
Keith Erekson – Lehigh University
Trusted Types: DOM XSS Protection at Scale (yt | mp4 | mp3 | srt | txt)
Jen Ozmen – Software Engineer, Web Security Team, Google
Youssef Attia – Software Engineer, Web Security Team, Google
CloudTail: Making Heads or Tails of Selectively Retaining Multi-Cloud Logs (w/o a SIEM!) (yt | mp4 | mp3 | srt | txt | pdf)
Ela Dogjani – Associate Threat Researcher, Permiso
Panel: Ctrl-Alt-Detected: Unraveling Threats with Detection Practitioners (yt | mp4 | mp3 | srt | txt)
Tammy Truong – Senior Threat Detection Engineer, Snowflake
Shannon McCormick – Senior Technical Staff, Salesforce
Christina Devlin – Security Manager, (ex-Twitch)
Moderator: Julie Agnes Sparks – Security Engineer, DataDog
Open & Secure: Novel Sandboxing Technique for Any Open Source Library (yt | mp4 | mp3 | srt | txt)
Gal Elbaz – Co-founder & CTO, Oligo Security
Protecting Snowflake and Critical Data Systems from Unauthorized Access (yt | mp4 | mp3 | srt | txt)
Shelley Wu – Project Manager, Opal Security
Stephen Spano – Software Engineer, Opal Security
Detection and Triage of Domain Persistence (yt | mp4 | mp3 | srt | txt | pdf)
Joshua Prager – Principal Consultant, Defensive Services, SpecterOps
Nico Shyne – Adversary Detection Consultant, SpecterOps
When Apps Attack: Hunting Traitorware and Rogue Microsoft 365 Apps at Scale (yt | mp4 | mp3 | srt | txt | pdf)
Matt Kiely – Principal Security Researcher, Huntress Labs
Christina Parry – Staff ThreatOps Developer, Huntress Labs
Fortifying Active Directory: Combatting Misconfigurations(yt | mp4 | mp3 | srt | txt | pdf)
Jeff Tomkiewicz – Offensive Security Engineer, Humana
OTHER TRACK
Quantum Computing and Its Impact on Cybersecurity (yt | mp4 | mp3 | srt | txt | pdf)
Rashmi Jyoti – Application Security Engineer, AWS
Caught in the Net: Using Infostealer Logs to Unmask CSAM Consumers (yt | mp4 | mp3 | srt | txt | pdf)
Mariya Gedrich – Threat Intelligence Analyst, Recorded Future
Cloud Warfare: Grappling and Strangling Scattered Spider (yt | mp4 | mp3 | srt | txt | pdf)
Andi Ahmeti – Associate Threat Researcher, Permiso Security
Abian Morina- Associate Threat Researcher, Permiso Security
The Life of an SBOM: Where does it go and what do organizations do to it and with it? (yt | mp4 | mp3 | srt | txt | pdf)
Anita D’Amico – President, Cotopaxi Consulting
Ken Zalevsky – CEO, Vigilant Ops
Challenges of GraphQL security in 2024 (yt | mp4 | mp3 | srt | txt | pdf)
Tristan Kalos – Co-founder / CEO, Escape
Antoine Carossio – Co-founder & CTO, Escape
Securing a Generative AI Implementation (yt | mp4 | mp3 | srt | txt | pdf)
Nandita Joshi – Senior Product Security Engineer, Zendesk
ENTERPRISE TRACK
Startup Survival Tips and Uncommon Sense for First-Time Tech Founders (yt | mp4 | mp3 | srt | txt | pdf)
Eldon Sprickerhoff – Strategic Advisor, Caledon Ventures
How to Talk So That They Will Listen: Selling Cybersecurity (yt | mp4 | mp3 | srt | txt | pdf)
May Brooks – CEO & Founder, Helena
Panel: So You Want to Be a Founder? (yt | mp4 | mp3 | srt | txt | pdf)
Jonathan DiVincenzo – CEO / Co-founder, Impart Security
Lee Weiner – CEO, TrojAI
Wesley Hales – Co-Founder / CEO, LeakSignal
Justin Shattuck – CSO, Resilience
Moderator: Brian McHenry – Global Head of Cloud Security Engineering, Check Point
Building Cyber Products Customers Love (yt | mp4 | mp3 | srt | txt | pdf)
Ross Haleliuk – Author of ‘Cyber for Builders: The Essential Guide to Building a Cybersecurity Startup
ARCHIVE
https://archive.org/details/bsidesnyc2024
TWITTER @BSidesNYC @JohnJayCollege #cybersecurity #InfoSec #BSidesNYC
MASTODON #BSidesNYC BLUESKY BSidesNYC
Reply