BSidesNYC2016 Recap

<p>Last Month Jason Trost and I presented some of our “<a href="https://www.slideshare.net/slideshow/embed_code/key/3SSGk4Mr11wtDG" target="_blank">https://www.slideshare.net/slideshow/embed_code/key/3SSGk4Mr11wtDG</a>”at the inaugural BSidesNYC.</p><p>BSidesNYC was held at the home of the nation’s first computer forensics’ graduate program, John Jay College. In the current world of security conferences, the BSides series are setting themselves apart as the sort of conferences where practitioners and analysts give presentations for other practitioners and analysts. Unique to the BSides events, the fact that the keynote speakers stay through the length of the conference attending talks speaks volumes to the quality material presented at the BSides conferences.</p><p>With the recent press focus on war based computer security themes, L0pht member Chris Wysopal keynoted the conference with a discussion of three approaches to our security problems grounded in years of experience: <a href="https://github.com/bsidesnyc/BSidesNYC2016/blob/master/Presentations/Chris%20Wysopal%20-%20Keynote.pdf" target="_blank">https://github.com/bsidesnyc/BSidesNYC2016/blob/master/Presentations/Chris%20Wysopal%20-%20Keynote.pdf </a>War, Accidents or Disease. His presentation took us through approaches that seem to be often overlooked today, posing questions of how best to respond to our current problems.</p><p>Dino Dai Zovi gave the second keynote presentation discussing heterogeneity, agility, and  in systems, and how this can help our systems resist attack.</p><p>Dmitry Bestuzhev from Kaspersky’s GReAT Latin America discussed <a href="https://securelist.com/blog/research/73305/targeted-mobile-implants-in-the-age-of-cyber-espionage/" target="_blank">https://securelist.com/blog/research/73305/targeted-mobile-implants-in-the-age-of-cyber-espionage/</a> Mobile Implants in the Age of Cyber-Espionage. The mobile espionage tools are focused on many of the same credential information and communication history that other espionage tools surgically remove, begging the paranoid to place tape over their mobile devices cameras in the same way we do for our laptops. In the mobile world the methods of hiding these tools may not use the same level of technical prowess to hide, but are arguably more effective because of the limited visibility a typical user has of the device’s operating system.</p><p>CrowdStrike’s Josh Liburdi presented methods for hunting malicious activity within your own organization in <a href="https://speakerdeck.com/jshlbrd/beyond-ids-practical-network-hunting" target="_blank">https://speakerdeck.com/jshlbrd/beyond-ids-practical-network-hunting</a> Beyond IDS: Practical Network Hunting. Although the specific approach used the powerful open source toolkits of Bro, Moloch and LaikaBoss the general techniques can be applied to the same data types no matter the collection technology. In conjunction with his talk CrowdStrike open sourced additions to Bro modules to assist hunting available on github.</p><p>BSides conferences are one of the few current venues that provide a platform to new up-comers. These talks are often the most interesting, providing unconventional ideas from fresh viewpoints.  Shape Security’s Clarence Chio gave such a talk about “Making &amp; Breaking Machine Learning Anomaly Detectors in Real Life”. He covered the basics of what Machine Learning can do, and some areas where it fails. Clarence proceeded to give qualified results from gaming the features used in classifier engines.</p><p>BSidesNYC was one of the highest quality BSides events I’ve ever had the pleasure of attending. I wouldn’t have believed anyone that this was the first time it had been put on. While the links to the presentations provide some insight into quality of the presentaitons given at the event, there was as much knowlege exchanged during the breaks. I can’t wait till next years event.</p>