westin-san-diegoToorCon San Diego’s Deep Knowledge Seminar sessions are aimed to provide the best information for decision makers and IT/IS professionals. Entrance to the seminars includes admission to all of the seminar talks on Friday Sept 1, 2017 and includes complementary continental breakfast, lunch, and Conference admission for the rest of the weekend. Online registration closes on Aug 25, 2017. Tickets can still be purchased at the door. Our pricing schedule is listed below:

Round Seminar Price
Round 1 $550 – SOLD OUT
Round 2 $750 – SOLD OUT
At Door $950


Friday – September 1st, 2017

Time Talk
8:30 Registration & Continental Breakfast
9:00 Explore firmware in different platforms with CHIPSEC framework
In this research, we’ve explored attack surface of hypervisor and firmware in two different platforms: arm and x86. We will explain different attack scenarios using interrupts and other interfaces, as well as interaction methods between firmware and hypervisor privilege levels. We will explore common vector attacks for both architectures.

Alex Bazhaniuk
Alex Bazhaniuk (@ABazhaniuk) is an independent security researcher. Previously, Alex was a member of the Advanced Threat Research and Security Center of Excellence teams at Intel and Intel Security. His primary interest is the security and exploitation of low-level platform hardware and firmware, and binary analysis automation. His work has been presented at a number of security conferences. He is also a co-founder of DCUA, the first DEFCON group and CTF team in Ukraine.

Yuriy Bulygin
Yuriy Bulygin (@c7zero) has been the chief threat researcher at Intel Security/McAfee and led the Advanced Threat Research team. Previously, Yuriy led microprocessor vulnerability analysis team at Intel. Yuriy is the author of open source CHIPSEC framework.

10:30 How to Hunt (Threats, not Bambi)
Threat Hunting is a fun way to turn the tables on attackers on your network by proactively looking for them instead of reacting to alerts. How can you get started in hunting? We’ll start with some hunting basics and then get into some things you CAN try at home (or at work) to find badness on computers or networks.

Adam Brand
Adam got hooked on hacking early with BBS’s, wardialing, and game patching, and somewhere along the way turned that into a career. He currently works for an infosec consulting firm, Protiviti, where one of his focus areas is threat hunting/breach assessments.

12:00 Lunch Provided
13:30 Combating Java Deserialization Vulnerabilities with LAOIS
Java Serialization is an important and useful feature of Core Java that allows developers to transform a graph of Java objects into a stream of bytes for storage or transmission and then back into a graph of Java objects. Unfortunately, the Java Serialization architecture is highly insecure and has led to numerous vulnerabilities, including remote code execution (RCE) and denial-of-service (DoS) attacks. Any Java program that deserializes a stream is susceptible to such vulnerabilities unless proper mitigations are taken. One such mitigation strategy is look-ahead deserialization or look-ahead object input streams (LAOIS). This presentation examines Java deserialization vulnerabilities and evaluates various LAOIS solutions including JDK Enhancement Proposal (JEP) 290.

Robert C. Seacord
Robert is a Technical Director with NCC Group where he works with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before they are deployed. Previously, Robert led the secure coding initiative in the CERT Division of Carnegie Mellon University’s Software Engineering Institute (SEI). Robert is also an adjunct professor in the School of Computer Science and the Information Networking Institute at Carnegie Mellon University. Robert is the author of six books, including The CERT C Coding Standard, Second Edition (Addison-Wesley, 2014), Secure Coding in C and C++, Second Edition (Addison-Wesley, 2013), The CERT Oracle Secure Coding Standard for Java (Addison-Wesley, 2012), and Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs (Addison-Wesley, 2014). Robert is on the Advisory Board for the Linux Foundation and an expert on the ISO/IEC JTC1/SC22/WG14 international standardization working group for the C programming language.

15:00 SDN and the future of network security
Software Defined Networking is no longer a fledgling technology. Google, Amazon, Facebook, and Verizon all rely on the scalability, programmability, flexibility, availability, and yes, security provided by SDN. So why is there so little discussion on the security risks, advantages, and current research on the topic?This talk will provide a brief introduction to SDN and security, demonstrate ways of compromising and securing a Software Defined Network and will illustrate new ways of using the power of open source SDN coupled with machine learning to maintain self-defending networks.

Jon Medina
Jon Medina CISSP, CCNP, GCED is a security nerd who has worked in networking and security capacities for everything from the Department of Defense, to the Fortune 500, to state and local government. He currently works for Protiviti providing security consulting for a wide variety of clients and industries. His interests outside of security include traveling, hockey, strange beers, and his bulldog. He’s spoken at Def Con, Shmoocon, BSides, and many other security events and conferences.

16:30 Disrupting the Mirai Botnet
The Mirai botnet has brought public awareness to the danger of poorly secured embedded devices. Its ability to propagate is fast and reliable. Its impact can be devastating and variants of it will be around for a long time. You need to identify it, stop it, and prevent its spread. I had the opportunity to become familiar with the structure, design, and weaknesses of Mirai and its variants. At this talk you’ll learn how to detect members of the botnet, mess with them through various means and setup a safe live fire lab environment for your own amusement. I will demonstrate how to join a C2 server, how to collect new samples for study, and some changes that have occurred since release of the source code. By the end you’ll be armed and ready to take the fight to these jerks. Unless you’re a botnet operator. Then you’ll learn about some of the mistakes you made.

Chuck McAuley
Chuck has been working in network security professionally for 15+ years. He currently is a Security Researcher at Ixia Communications, focused on Threat Intelligence and Exploit Research. Most of the time he lives in his cave in New Hampchusetts staring at PCAPs deciphering tea leaves. Sometimes he stumbles on something no one else has looked at and then talks about it.

18:00 Dinner Break
19:00 ToorCon Conference Reception