August 22, 2020
9:00am - 5:00pm
Tallahassee Community College
Test your hand at picking various difficulties of locks.
Come enjoy our digital playground.
Defensive / Technical A look at ways attackers implant themselves in cloud solutions and how to monitor for and remove them.10:00-11:00 / Room TBD
Players will be presented with a series of vulnerable code challenges that will ask them to identify the problem, locate the insecure code, and fix the vulnerability. Select from a range of software languages to complete the tournament, including Java EE, Java Spring, C# MVC, C# WebForms, Ruby on Rails, Python Django, Scala Play & Node.JS.
Make sure you bring your laptop!
Offensive / Technical Penetration Testers have to get creative when testing environments where prior findings have been remediated or you're presented with very little attack surface. Follow along to my stories of the unexpected methods I’ve used to pwn systems and provide more value to my clients. Some of these will never be picked up by a scanner, or ignored due to a lack of appreciation for their impact.10:30-11:30 / Room TBD
Defensive / Technical Most breaches begin with a phishing attack that could have been prevented with a strong user security awareness training program. You won't have to search the galaxy to find help turning your program from cosmic dust to JARVIS. Using a handful of tools and custom scripts, we further automated our awareness training program and integrated aspects of it into our risk management program. We will show how we did it and how your organization can too.11:00-12:00 / Room TBD
Register by April 1 for included lunch!
Offensive / History Did you know there was a “hacking” scene in Tallahassee in the late 1980s and 1990s? This talk intends to paint a picture of what is was like to be a hacker in Tallahassee during this period by telling stories about the "hacks" and the small group of people that were dedicated to the exploration of computer systems and networks.12:30-1:30 / Room TBD
Defensive / Science, Technology, Society & Compliance A presentation on original research into smart toy IoT vulnerabilities and penetration testing on smart toy products with a summary of the risks, vulnerabilities, and mitigations that can be deployed to better protect some of the most vulnerable users; children.1:30-2:30 / Room TBD
Defensive / Technical This talk will look at how one organization worked to handle the ever-changing needs of password security requirements and NIST password recommendations by creating automated scripts and using specialized software and hardware to conquer weak passwords.2:00-3:00 / Room TBD
Defensive / Managerial & Compliance A how-to for smaller orgs to put together the financial justification for starting a security program and hiring security personnel.2:30-3:30 / Room TBD
Offensive / Technical A brief look at common and uncommon physical security bypasses that afflict many organizations and a rousing collection of tales from professional penetration testers who sometimes find themselves covered in poo or being chased by SWAT teams in the name of security.3:00-4:00 / Room TBD
Defensive / Technical A walkthrough for how to operationalize the MITRE ATT&CK Framework and begin developing a threat hunting program.3:30-4:30 / Room TBD
Who will be crowned the Secure Code Warrior?
Must be present to win.
800.231.6075 x 700
Tallahassee Community College
2020 Venue Map
BSides Tallahassee is dedicated to providing a harassment-free conference experience for everyone, regardless of gender, gender identity and expression, age, sexual orientation, disability, physical appearance, body size, race, ethnicity, religion (or lack thereof), or technology choices. We do not tolerate harassment of conference participants in any form. Sexual language and imagery is not appropriate for any conference venue, including talks, workshops, parties, Twitter and other online media. Conference participants violating these rules may be sanctioned or expelled from the conference without a refund at the discretion of the conference organizers.Read more >>
Ensure you have the permission from anyone you photograph or record. This includes those in the background of your shot. “Crowd shots” from the front (facing the crowd) are strongly discouraged. No photo/video/audio recording in the Professional Track.Read more >>