- 138
- 11 623
BSidesCharm
United States
Приєднався 30 кві 2021
BSidesCharm is a regional Security B-Sides held in the Baltimore region of Maryland. It operates under the umbrella principles of Security B-Sides as a larger community project within information security. The goal of BSides is to offer small, intimate events where all participants can engage each other to help develop connections, friendships, and network with different industry professionals.
We recognize the value in engaging a smaller audience and being the big fish in a small pond. Every organization will have different goals and priorities which is why we offer different levels of participation for every individual, group, or organization. We specifically designed several different options for any sized organization to participate and support this event.
We recognize the value in engaging a smaller audience and being the big fish in a small pond. Every organization will have different goals and priorities which is why we offer different levels of participation for every individual, group, or organization. We specifically designed several different options for any sized organization to participate and support this event.
BSidesCharm 2024 Keynote - Melanie Ensign - Influencing Business Decisions
Melanie Ensign is the Founder and CEO of Discernible Inc, a specialized communications consultancy for security and privacy teams. After managing security, privacy, and engineering communications for some of the world’s most notable brands including Uber, Facebook, and AT&T, she now coaches teams around the world to increase their influence with business leaders and reduce risk. She counsels executives and technical teams alike on how to cut through internal politics, dysfunctional inertia, and meaningless metrics. Previously, Melanie led the press department for DEF CON as a volunteer for 10 years. A certified rescue scuba diver, she brings lessons from navigating unexpected, high-risk underwater incidents to her professional work.
Переглядів: 38
Відео
BSidesCharm 2024 - Closing Ceremonies
Переглядів 115 місяців тому
Join us as we wrap up our 2024 events and present CTF contest winners!
BSidesCharm 2024 Keynote - Caroline Wong - Humans of InfoSec
Переглядів 775 місяців тому
Caroline Wong is the Chief Strategy Officer at Cobalt. As CSO, Caroline leads the Security, Community, and Pentest Operation teams at Cobalt. She brings a proven background in communications, cybersecurity, and experience delivering global programs to the role. Caroline’s close and practical information security knowledge stems from her broad experience as a Cigital consultant, a Symantec produ...
BSidesCharm 2024 - Beyond Booze: Rethinking Networking Events for a Healthier Security Culture
Переглядів 235 місяців тому
Working in security can be stressful, and substances are often used as coping mechanisms. This is especially prominent at networking events, which almost always involve alcohol. But it doesn’t have to be that way. I’ll share tips for employers and event organizers who want to make their events more inclusive, and some un-scary steps individuals can take to move towards a more sober lifestyle. P...
BSidesCharm 2024 - Defenders can use ATT&CK! Oh really? - Lex Crumpton
Переглядів 435 місяців тому
As a defender, what does “I use ATT&CK” really mean? In this talk, we will share how defenders like you can translate the adversary perspective provided by ATT&CK into knowledge on how to detect and protect against cyber threats. We will also explore using ATT&CK to identify defensive gaps, develop analytics, and measure/improve your SOC maturity. Presenter: Lex Crumpton Alexia “Lex” Crumpton i...
BSidesCharm 2024 - CI/CD Talent Development Pipeline
Переглядів 305 місяців тому
Using the CI/CD pipeline analog, let us apply it to the concept of talent development and pipelining new candidates to integrate into the workforce as we continuously develop others. This concept can be used at both the micro stages of particular companies or the macro stages of workforce development at the state or national level. Presenter: Chris Foulon Christophe Foulon, founder and cybersec...
BSidesCharm 2024 - Cloud IAM Strategy for Multicloud and Hybrid Environments: Risks and Gaps
Переглядів 795 місяців тому
As companies move beyond single-cloud migrations into multicloud, cloud-savvy threat actors continually adapt. Much of the extensive damage resulting from these breaches is compounded by the theft and abuse of highly privileged credentials. In this talk, we’ll discuss the multicloud attack surface, and walk through strategic and technical do’s and don’ts of cloud-focused IAM. Presenter: Cassand...
BSidesCharm 2024 - Everything You Didn’t Want to Know About CVE - Paul Asadoorian
Переглядів 885 місяців тому
In the past year (or so), many events have highlighted issues with vulnerability disclosure and CVE. This makes the defender’s jobs difficult as evaluating and prioritizing remediation for vulnerabilities is a complex and time-consuming task. In this talk, I will discuss in detail several different events that exemplify the shortcomings of vulnerability disclosure and specifically the CVE proce...
BSidesCharm 2024 - Scaling the Security Wall: Agile Threat Modeling for Complex Systems
Переглядів 475 місяців тому
This talk advocates for a paradigm shift in threat modeling to tackle complexities in large-scale systems. It emphasizes the drawbacks of traditional security measures and proposes threat modeling as a cost-effective solution. Challenges posed by cloud architectures and rapid development are discussed, alongside strategies for integrating scalable threat modeling into the SDLC. Presenter: Vinee...
BSidesCharm 2024 - Hackers in Jurassic Park: When Attackers Find a Way - Kevin Johnson
Переглядів 395 місяців тому
Kevin Johnson of Secure Ideas delves into the world of cybersecurity, through the lens of hacking stories. Just as ‘Jurassic Park’ unveiled the consequences of bringing dinosaurs back to life, this presentation uncovers the methods used by cyber attackers to breach seemingly impregnable digital fortresses. Our journey takes us through a series of true tales from the front lines of cybersecurity...
BSidesCharm 2024 - Top Ways I Still Hack Your Company (and How to Defend Against Them)
Переглядів 615 місяців тому
In this technical deep-dive, we explore the landscape of current vulnerabilities and weaknesses based on extensive field experience penetration testing. This session focuses on persistent vulnerabilities that continue to challenge application and network security defenses into 2024. We’ll dissect common penetration test successes, shedding light on enduring issues like auth flaws and network po...
BSidesCharm 2023 - Driving Your Own Vulnerability: How to Navigate the Road of BYOD Attacks
Переглядів 665 місяців тому
Preventing attacks that use Bring Your Own Vulnerable Drivers pose a unique threat to Windows security, but what makes a driver vulnerable, and how prevalent are vulnerable device drivers? In addition to answering these questions, this talk provides categories of vulnerabilities that are unique to Windows drivers and provides real world case studies to illustrate the theoretical concepts. Dana...
BSidesCharm 2024 - The Fellowship of the Ring0
Переглядів 315 місяців тому
Unveiling the Driver Risk Scores (DRS) threat detection system. Using research from loldrivers.io we know which drivers are vulnerable, and we know not all vulnerabilities are created equal. How can you quickly and accurately determine the risk that a device driver creates by either having built-in vulnerabilities or malicious behavior? The Driver Risk Score harnesses seven vital traits that in...
BSidesCharm 2024 - Identifying and Securing Psychologically Vulnerable Users
Переглядів 255 місяців тому
As studies show 4% of users cause 80% of the loss, it is critical to identify those users who put the organization most at risk. A study was performed that allowed for the determination of psychological traits that led to susceptibility. This presentation shows how this study data can be used to both better secure the organization and make red teams more useful. Presenter: Ira Winkler Ira Winkl...
BSidesCharm 2024 - Network Segmentation without a Network Engineer
Переглядів 1195 місяців тому
Create a network segmentation strategy by solely utilizing the Windows Host-Based Firewall. Using Group Policy as an orchestrator for centralized management, firewall rules can be deployed to endpoint firewalls to limit the ports and protocols that are allowed to communicate between security zones. These security zones will be based upon Active Directory User and Computer Security Group members...
BSidesCharm 2024 - The Current State of Microsoft Identity Security: Common Security Issues
Переглядів 3075 місяців тому
BSidesCharm 2024 - The Current State of Microsoft Identity Security: Common Security Issues
BSidesCharm 2024 - From Aspire to Hire: Navigating Your First Cyber Job
Переглядів 185 місяців тому
BSidesCharm 2024 - From Aspire to Hire: Navigating Your First Cyber Job
BSidesCharm 2024 - Protect Your Most Sensitive Users With This One Weird Trick!
Переглядів 1105 місяців тому
BSidesCharm 2024 - Protect Your Most Sensitive Users With This One Weird Trick!
BSidesCharm 2024 - Using Bloodhound as a Defender: Tips from the Red Team
Переглядів 1395 місяців тому
BSidesCharm 2024 - Using Bloodhound as a Defender: Tips from the Red Team
BSidesCharm 2024 - Who’s going to secure the code our army of robots are going to be writing?
Переглядів 275 місяців тому
BSidesCharm 2024 - Who’s going to secure the code our army of robots are going to be writing?
BSidesCharm 2024 - Securing generative AI: threats, old and new
Переглядів 385 місяців тому
BSidesCharm 2024 - Securing generative AI: threats, old and new
BSidesCharm 2024 - Getting Started in ICS - Not just for engineers
Переглядів 365 місяців тому
BSidesCharm 2024 - Getting Started in ICS - Not just for engineers
BSidesCharm 2024 - Sysmon or it Didn’t Happen
Переглядів 655 місяців тому
BSidesCharm 2024 - Sysmon or it Didn’t Happen
BSidesCharm 2024 - Purple Teaming 301 - Free Attack Simulation and Control Validation via Atomic Red
Переглядів 505 місяців тому
BSidesCharm 2024 - Purple Teaming 301 - Free Attack Simulation and Control Validation via Atomic Red
BSidesCharm 2023 - Keynote: AI with a Security Mindset - Elissa Shevinsky
Переглядів 210Рік тому
BSidesCharm 2023 - Keynote: AI with a Security Mindset - Elissa Shevinsky
BSidesCharm 2023 - Protecting Yourself From Supply Chain Attacks-Trust Is Overrated- Paul Asadoorian
Переглядів 51Рік тому
BSidesCharm 2023 - Protecting Yourself From Supply Chain Attacks-Trust Is Overrated- Paul Asadoorian
BSidesCharm 2023 - Blackbox Containers: Container Security in the Enterprise - Kenny Parsons
Переглядів 96Рік тому
BSidesCharm 2023 - Blackbox Containers: Container Security in the Enterprise - Kenny Parsons
BSidesCharm 2023 - Hack Your Brain: Using IR skills to help recover from grief - Marc Muher
Переглядів 30Рік тому
BSidesCharm 2023 - Hack Your Brain: Using IR skills to help recover from grief - Marc Muher
BSidesCharm 2023 - Stop the Leak! Adversarial Thinking in Cybersecurity with PRE-ATT&CK- Nick Ascoli
Переглядів 82Рік тому
BSidesCharm 2023 - Stop the Leak! Adversarial Thinking in Cybersecurity with PRE-ATT&CK- Nick Ascoli
BSidesCharm 2023 - Ten Ways to Frustrate Attackers in 2023 - Justin Palk
Переглядів 146Рік тому
BSidesCharm 2023 - Ten Ways to Frustrate Attackers in 2023 - Justin Palk
Thanks for the forecast! Could you help me with something unrelated: I have a SafePal wallet with USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). How can I transfer them to Binance?
This was great, experience oozes from that guy
Looking forward to the rest of the presentations
Yeah - around 3 mins the audio clears up. This is hidden gem for sure.
Jake if the root CA should be “offline”, no NIC, cut cable, etc… what is the recommended continuous operation maintenance for that system in a given enterprise deployment?
Good thought process and thanks for the open source tool