BSides Tallahassee is the local conference of Security BSides,
a community-driven framework
for and by information
security
community members to present and participate in an intimate & collaborative atmosphere featuring discussions, demos, & interaction from participants.

 FREE for everyone

 

 March 2, 2019

 9:00am - 5:00pm

 FSU Alumni Center

 Venue Map




Registration

Registration is FREE for all attendees.
Registration closes Feburary 15.



Community Track

The Community Track is open to anyone interested in cyber security. Pre-registration guarantees BSides TLH goodies and door prize entries. Additional attendees will be admitted at the door based on availability.


Professional Track

The Professional Track is reserved for those already involved in the cyber security field seeking discussion on advanced topics. Registration is required to participate in Professional Track activities.




	
import os
import random

os.umask(0000)


class FSLocalStorageException(BaseException):
    pass


class FSLocalStorageCriticalException(BaseException):
    pass


class FSLocalStorage(object):
    def __init__(self, _root_path=None, _data_folder='data', _from_folder='1', _to_folder='2', status_file='.last'):
        if not _root_path:
            self.root_path = os.path.dirname(os.path.abspath(__file__))
        else:
            self.root_path = _root_path
        if not os.path.exists(self.root_path):
            raise FSLocalStorageCriticalException("Root path is invalid!")
        #
        self.data_dir = os.path.join(self.root_path, _data_folder)
        if not os.path.exists(self.data_dir):
            os.mkdir(self.data_dir)
        #
        self.from_agent_folder = _from_folder
        self.to_agent_folder = _to_folder
        self.status_file = status_file

    def init_storage_for_agent(self, agent_id):
        agent_folder = os.path.join(self.data_dir, str(agent_id))
        if not os.path.exists(agent_folder):
            print "# FSLocalStorage: NEW ", str(agent_id)
            os.mkdir(agent_folder)
            os.mkdir(os.path.join(agent_folder, self.to_agent_folder))
            os.mkdir(os.path.join(agent_folder, self.from_agent_folder))
        else:
            to_folder = os.path.join(agent_folder, self.to_agent_folder)
            if not os.path.exists(to_folder):
                os.mkdir(to_folder)

            from_folder = os.path.join(agent_folder, self.from_agent_folder)
            if not os.path.exists(from_folder):
                os.mkdir(from_folder)
        return agent_folder

    def get_oldest_filename(self, agent_id, stream):
        agent_folder = os.path.join(self.init_storage_for_agent(agent_id), stream)
        files = filter(lambda x: os.path.isfile(os.path.join(agent_folder, x)), os.listdir(unicode(agent_folder)))
        if files:
            files = sorted(files, key=lambda x: os.stat(os.path.join(agent_folder, x)).st_ctime)
            return os.path.join(agent_folder, files[0])
        else:
            return None

    def get_filename_by_mark(self, agent_id, stream, mark):
        agent_folder = os.path.join(self.init_storage_for_agent(agent_id), stream)
        filename = os.path.join(agent_folder, mark)
        if os.path.exists(filename):
            return filename
        else:
            return None

    def read_last_data(self, agent_id, stream):
        mark = ''
        res_body = ''
        fname = self.get_oldest_filename(agent_id, stream)
        if fname and os.path.isfile(fname):
            # read oldest
            f = open(fname, 'rb')
            res_body = f.read()
            f.close()
            mark = os.path.split(fname)[1]
        return mark, res_body

    def remove_data(self, agent_id, stream, mark):
        mark = mark.replace('/', '').replace('\\', '').replace("..", '')
        fname = self.get_filename_by_mark(agent_id, stream, mark)
        if fname and os.path.isfile(fname):
            os.unlink(fname)

    def write_data(self, agent_id, stream, data):
        agent_folder = os.path.join(self.init_storage_for_agent(agent_id), stream)
        fname = os.path.join(agent_folder, str(random.randint(0, 0xffffffff)))
        f = open(fname, 'wb')
        f.write(data)
        f.close()

    # Agent communication
    def save_data_from_agent(self, agent_id, data):
        self.write_data(agent_id, self.from_agent_folder, data)

    def get_data_for_agent(self, agent_id):
        return self.read_last_data(agent_id, self.to_agent_folder)

    def data_for_agent_accepted(self, agent_id, mark):
        return self.remove_data(agent_id, self.to_agent_folder, mark)

    def save_status_info_for_agent(self, agent_id, info):
        agent_folder = self.init_storage_for_agent(agent_id)
        status_file = os.path.join(agent_folder, self.status_file)
        f = open(status_file, "w")
        f.write(info)
        f.close()

    def get_status_info_for_agent(self, agent_id):
        agent_folder = self.init_storage_for_agent(agent_id)
        status_file = os.path.join(agent_folder, self.status_file)
        info = ''
        try:
            f = open(status_file, "r")
            info = f.read()
            f.close()
        except:
            print "# FSLocalStorage: Cannot to open and read status file for %d !" % agent_id
        return info

    # CC communication
    def get_agents_list(self):
        aids = map(lambda x: int(x), filter(lambda x: x.isdigit(), os.listdir(self.data_dir)))
        return aids

    def save_data_for_agent(self, agent_id, data):
        self.write_data(agent_id, self.to_agent_folder, data)

    def get_data_from_agent(self, agent_id):
        return self.read_last_data(agent_id, self.from_agent_folder)

    def data_from_agent_accepted(self, agent_id, mark):
return self.remove_data(agent_id, self.from_agent_folder, mark)
	
	



Speakers

Thomas Vaughn

Keynote Speaker

Thomas Vaughn

Chief Information Security Officer

Agency for State Technology

Thomas Vaughn has over 25 years of experience in information security, cyber intelligence analysis, systems and network engineering, IT project management, and planning at the local, regional, and enterprise levels. He has broad technical knowledge and proven application of analytical processes, with hands-on experience beyond the technical arena, including emergency operations, physical security, and strategic planning.

Mr. Vaughn most recently served as the Information Security Manager for the Department of Corrections. His previous experience includes both public and private sector IT security roles, including with the U.S. Air Force and the U.S. Coast Guard.

Mr. Vaughn has a Bachelor of Science in Computer Information Systems from Troy University and a Master of Strategic Intelligence from the American Military University.

Christopher Peacock

Christopher Peacock

vSOC Security Analyst

Raytheon Contractor
vSOC Security Analyst for one of the world's top defense contractors, providing expertise to to organizations across multiple industries. Chris is from the first TCC Cybersecurity graduating class. He has security experience in the finance, healthcare, and defense sectors. He also has experience as a SANS Facilitator. Chris holds current certifications of GCED, CCNA CyberOps, Security+, and Network+.
Nicholas Carroll

Nicholas Carroll

Security Engineer

TEKsystems
Information security manager and lead cyber security instructor with a knowledge base proven through practical work and certifications including Certified Ethical Hacker, Certified Network Defense Architect, CASP, CCNA Security, MCSE, and more.
robot

Craig Galley

Information Security Officer

City of Jacksonville
IT Security Professional since 2001 with a B.S. in Information Science from the University of North Florida and certified in CISSP, CSSLP, GSLC, GCED, GSEC, GISP, and Security+. Early in his career, Craig was responsible for deployment and management of network prevention controls in the private sector. His focus shifted to application development with a desire to lead secure coding best practices while chaired on Information Security Steering committees and managing large development projects and teams. Craig currently manages and directs an Information Security Program in the public sector.
Sarah Power

Sarah Power

Business Project Manager

FBMC Benefits Management
Project Management Professional and Certified Professional Scrum Master currently managing 16 projects owned by nationally-based clients and 40 internal projects for FBMC.
Wes Lambert

Wes Lambert

Senior Engineer

Security Onion Solutions
Senior Engineer at Security Onion Solutions, where he helps companies to implement enterprise security monitoring solutions and better understand their computer networks. Wes is a huge fan of open source software projects, and loves to solve problems and enhance organizational security using completely free and easily deployable tools.
Amy Hollen

Amy Hollen

Media Specialist

Florida State University
Front-end developer and social media strategist having developed public-facing communication and account security policy.
Eric Waters

Eric Waters

Security Engineer

AutomationDirect
Information Technology professional for over 20 years. Eric spent almost 10 years in technology management before deciding to concentrate on Information Security full time. He specializes in internal penetration testing, security monitoring, and security automation. He holds a Bachelor of Science in Information Security, GPEN, and is a member of the GIAC advisory board.
Stacey Banks

Stacey Banks

Cyber Navigator

Florida Department of State
Over 20 years of experience in IT and information security within the public and private sectors. Her focus is on government regulatory compliance, IT audit, physical penetration testing, and security training.
Matthew Batten

Matthew Batten

Security Engineer

Six Gen
Red Team Security Engineer conducting Red Team operations and penetration tests for SixGen. Matt has seven years of experience in the information security field and operated on an NSA Certified DOD Red Team. U.S. Marine Corps Veteran that specialized in Signals Intelligence. Current certifications include, CISSP, OSCP, CEH, and more.
Danny Zastrow

Danny Zastrow

Senior. Info Sec Engineer

Mayo Healthcare
Vulnerability Management and Penetration Tester for Mayo Healthcare in Rochester, MN. Danny has worked in Information Security for over 7 years, with experience in DOD, Law, Financial, and Healthcare environments.
Tony Mock

Tony Mock

Chief Executive Officer

DT Cyber Security
Serves as CEO for DT Cyber Security, a small cyber security and data management company that he founded with the help of friends. Tony and DT Cyber Security are dedicated to secure communications and data storage leveraging unique intellectual property to provide emergent cutting edge encryption and a full suite of security related solutions for enterprise.
Connor Wilson

Connor Wilson

Information Security Analyst

Florida Department of State
Recent FSU graduate with a degree in Information Technology currently working at the Florida Department of State as an Information Security Analyst specializing in Elections security projects.

Schedule

Details to Follow

[ Subject to Change ]

  FSU Alumni Center
  Hallway Rendina Room* Grand Ballroom
  Sign-In & Guestbook Professional Track Stage Community Track Stage Cyber Range Lock Pick Village Silent Auction
9:00 AM Sign-In & Guestbook     Cyber Range Lock Pick Village Silent Auction
Opening Ceremony
10:00 AM Managing Risk in the Cloud  
Cybersecurity Career
11:00 AM Security Automation  for the Blue Team  
[TBD]
12:00 PM An Analyst An Onion, and A Lot More  
Google Hacking
1:00 PM Defending the Cyber Killchain  
People Hacking 101
2:00 PM Espionage is easy because your security compliance is S#!7 !!!  
Wifi, The Unfriendly Skys
3:00 PM  
  Movement After Initial Death by USB
4:00 PM   Keynote Speech & Closeing Ceremony      
         
5:00 AM Doors Close
  FSU Student Services Building
Room 201**
6:00 AM After Party

Meet & Greet

Pizza Party
7:00 AM
8:00 AM  
*Redina Room requires a Professional Track badge to enter.
**After Party in Room 201 requires BSides TLH badge to enter.



Thank you to our Sponsors

Become a Sponsor

TEK systems
Black Hills Information Security
No Starch Press



We ♥ our Volunteers

Become a Volunteer!

Rain Baker


Tracy Carroll


Byron Jackson


Russell DeHennis


Nathan Nye


Gunnar Skotnicki


Christopher Hagerty


Adam Corvin





Board Members

Nicholas Carroll

Chairman
ncarroll@c3d.network


Amy Hollen

Board Member
ahollen@c3d.network


Dan Barfield

Board Member


Michael LaRocco

Board Member


Steven Eddy

Board Member


Kevin Hilt Jr.

Board Member


Contact us

Info

 800.231.6075 x 700

 ncarroll@c3d.network

 FSU Alumni Center
2019 Venue Map

 @BSidesTLH

 @C3DNet

Code of Conduct & Photography Policy

BSides Tallahassee is dedicated to providing a harassment-free conference experience for everyone, regardless of gender, gender identity and expression, age, sexual orientation, disability, physical appearance, body size, race, ethnicity, religion (or lack thereof), or technology choices. We do not tolerate harassment of conference participants in any form. Sexual language and imagery is not appropriate for any conference venue, including talks, workshops, parties, Twitter and other online media. Conference participants violating these rules may be sanctioned or expelled from the conference without a refund at the discretion of the conference organisers.

Read more >>

Ensure you have the permission from anyone you photograph or record. This includes those in the background of your shot. “Crowd shots” from the front (facing the crowd) are strongly discouraged. No photo/video/audio recording in the Professional Track.

Read more >>

Capital City Cyber Defense Network
©2018-2019
Capital City Cyber Defense Network, 501(c)(3)