Registration

Please Note: A BSides San Diego Badge is required to attend

Registration for tutorials is OPEN 

Since capacity is limited, we do attach a nominal $5 fee to advance registration to prevent speculative registrations and limit no-shows. We will not keep a wait-list, but empty seats will be made available first-come-first-served at the start of the workshop.

If for any reason, this fee is a barrier to your attending, use the coupon code ‘IPROMISETOATTEND’ to register for free.

Tutorials

Informing Detection via Intelligence 

by Joe Slowik @jfslowik

Oct 22nd 10:30am (90min)

Threat detection is hard! This talk will work to highlight how a combination of intelligence-driven research and analysis and iterative detection development can work for even the most ill-equipped or poorly-resourced organization. The central idea here is to emphasize how security shops can utilize publicly-available information to drive threat detection and response within their environments to achieve good or desirable outcomes. This discussion will be very frank in acknowledging that an approach focused on "backward-looking" indicators and what they mean will likely fail in the face of the latest and greatest APT, but emphasize how most organizations don't face such entities - and why focus on more fundamental tradecraft elements can be significantly more beneficial for what defenders are trying to achieve. 

Student Requirements: Students should bring a laptop 

Bio: Joe currently leads Threat Intelligence and Detection Engineering at Gigamon. Previously, Joe worked in CTI at DomainTool and Dragos, and performed various roles in US DOE and US Navy.