About the conference
Security BSides Sydney 2019 is the inaugural BSides conferene to be held in Sydney.
BSides is an Information Security conference that brings together the InfoSec community and provides a meeting place for like-minded professionals. BSides Sydney 2019 is a one day event with presentations on topics covering both the offensive and defensive sides of InfoSec. There will be a heavy focus on networking and collaboration between the members of the community.
BSides Sydney focuses on all aspects of IT Security
BSidesSydney seeks to be an open conference to everyone vested in computer security. These include industry leaders, information security professionals, government organisations, and even students and hobbyists who wish to expand their body of knowledge. People who attend have various backgrounds in different sectors and verticals. Their common goal is to educate themselves on technical computer security issues and connect with those who are having them.
We are looking for these topics:
Incident Response, Malware Analysis, Exploit Development, Threat Intelligence, Detection, Offensive security, Red/Blue/Purple teaming, Vulnerability research, IoT security, Digital forensics and Security Monitoring.
How does it work?
It is really simple. You submit your presentations through the form provided, we gather all the submissions and the panel picks the ones that fit the bill. You are notified once the final decision has been made. You accept the terms and your presentation is added to the schedule on this website and other media. Get in soon, it's first in - best dressed!Get Started now
Capt Jeffery Banner is the Chief of Weapons, Tactics, and Training for three National Cyber Protection Teams within USCYBERCOMMAND. As Chief, he leads teams that hunt for advanced persistent threats that are operating in networks in the United States and all over the world. Last fall he led a combined operation in Eastern Europe, working with several countries to provide cyber defense for partner nations. He is a graduate of the Air Force Weapons School, and has over 6 years of experience hunting cyber adversaries. He has been at the forefront of several new initiatives within USCYBERCOMMAND that changes the way that the military and government entities share information with the commercial and private sectors.
Michael Cohen is a Digital Forensic Researcher and Software Engineer. He has worked on such open source DFIR projects as Rekall and GRR. He founded Velocidex, specialising in development and implementation of opensource DFIR tools. He is the Principal Developer of Velociraptor. Velociraptor is a new open source surgical DFIR tool providing an unprecedented visibility into the state of the endpoint. Velociraptor is controlled completely via the Velociraptor Query Language (VQL) - an SQL like dialect. Using this language it is possible for users to customize and automate detection and response. This talk will demonstrate how Velociraptor can be used in a distributed DFIR investigation - both to efficiently triage and rapidly analyze forensic evidence.
Negar Shabab is an Application Security Consultant. Negar works on implementation of security practices into DevOps pipeline with a focus on automation. Before joining PS&C Group she was a senior malware analyst and security software developer. She has worked across the full life cycle of multiple security software products often working in senior and lead roles. She has extensive experience developing anti-malware software modules and security applications for the Windows operating systems. Negar is an active member of the Australian Women in Security Network (AWSN) which aims to support and inspire women in the Australian security industry. Currently Negar works as an application security consultant with PS&C Group.
Sergei Shevchenko has more than 18 years of professional experience reverse engineering malware and is a recognized expert in his field. His analysis of high-profile malware attacks, including previous years' Bangladesh Bank heist, attacks on Polish and other banks, recent cyber espionage within managed service providers and ransomware attacks affecting thousands of vital service organizations globally, is the go-to information source for risk and technology officers and their teams around the world. Sergei manages a global team of cyber-threat researchers at SophosLabs.
Adi is currently the CEO of Skylight Cyber, a boutique cyber security advisory based in Sydney. Previously, he served as the deputy director of an elite cyber technology department in the Israeli government, leading Israel’s finest engineers and security professionals through some of the world’s most complex cyber security challenges. In addition, he served as VP Product for XM Cyber, where he designed the world’s first fully automated red team solution, an achievement for which the company received the world economic forum technology pioneer award and numerous patents.
Alex Dib is a security researcher and consultant.
Alex comes from a mechanical/robotics background where he uses his acquired knowledge to conduct covert and overt physical security assessments specializing in physical access control systems. He has contributed to several open source projects such as the official Proxmark3 repository, Concierge, Wiegotcha and more. Alex is currently serving as a Security Consultant at NCC Group.
This talk will cover 3 attack vectors on the HID access control system; Long Range RFID cloning, networked door controller exploitation and a replay attack.
Gavin is currently serving as Professor of Physics, Macquarie University
Gavin Brennen grew up in Alaska and graduated from UAF with a degree in physics. He completed a PhD in quantum information at the University of New Mexico with a thesis proposing one of the first quantum computer architectures. Afterward he worked as a post-doc at the National Institute of Standards and Technology (NIST) in Gaithersburg, Maryland and as Senior Scientist at the Institute for Quantum Optics and Quantum Information (IQOQI) in Innsbruck Austria. In 2008, Gavin moved to Macquarie University, Sydney Australia where he is currently a Professor of Physics and director of the Centre for Quantum Engineering.
|01||Registration||N/A||Main Hall||8:00 AM|
|02||Event Opening||N/A||Main Hall||9:00 AM|
|03||Keynote - Hunt Forward||Jeff Banner||Main Hall||9:10 AM|
|04||Never before had Stierlitz been so close to failure||Sergei Shevchenko||Main Hall||10:10 AM|
|05||Quantum computers and their impact on cryptoeconomics||Gavin Brennen||Main Hall||11:00 AM|
|06||Break||N/A||Main Hall||11:30 PM|
|07||Attacking the HID Access Control System||Alex Dib||Main Hall||11:45 PM|
|08||Lunch Break||N/A||Lunch Hall||12:45 PM|
|09||Velociraptor - Digging Deeper!||Mike Cohen||Main Hall||1:45 PM|
|10||Adversarial Machine Learning - The Cylance Case Study||Adi Ashkenazy||Main Hall||2:45 PM|
|12||Afternoon Break||N/A||Main Hall||3:45 PM|
|11||Amazon Forensic Platform: Scaling your Digital Forensics||Pratik Mehta||Main Hall||4:00 PM|
|13||Software Supply Chain under Cyber Attack||Negar Shabab||Main Hall||5:00 PM|
|13||Expert Panel Q&A - Audience gets involved.||Expert Panel||Main Hall||5:30 PM||15||Event Closing||N/A||Main Hall||6:00 PM|
|16||Networking/Socialising||N/A||Main Hall||6:00 - 8:00 PM|
Round 1 | 3 June 2019
Round 2 | 1 July 2019
2 Sep 2019
1 July 2019
We have NO TOLERANCE for physical/verbal/sexual harassment of any human!
Our “Code of Conduct” is “Be Excellent to Each Other” AKA the Golden Rule. Failing that, it is “Do not be an Ass* or we will kick your ass out!”.
Why do we have an official anti-harassment policy for BSides Sydney? First, it is necessary (unfortunately). Harassment at events is incredibly common. Second, it sets expectations for behavior at the event. Simply having an anti-harassment policy can prevent harassment all by itself. Third, it encourages people to attend who have had bad experiences at other events. Finally, it gives event staff instructions on how to handle harassment quickly, with the minimum amount of disruption or bad press for the event.
Harassment includes offensive verbal comments related to gender, sexual orientation, disability, gender identity, age, race, religion, deliberate intimidation, stalking, following, harassing photography or recording, sustained disruption of talks or other events, inappropriate physical contact, and unwelcome sexual attention. Participants asked to stop any harassing behavior are expected to comply immediately.
Asking questions of a speaker during their talk, to get clarity or debate a point is NOT being an ass – heckling or haranguing the speaker IS. Harassment online or in electronic venues will be treated as seriously as physical harassment. If you are not sure, ask, or err on the side of basic decency and common courtesy. If what they are doing would not be acceptable to have done to you, your best friend, your worst enemy, your sister, niece, daughter, brother, nephew, son, mother, father, or any human being, do not let them treat anyone else that way – whether you know them or not. If someone asks you to stop – stop.
If a participant engages in harassing behavior, BSides Sydney organisers may take any action they deem appropriate, including warning the offender or expulsion from the event. If you are being harassed, notice that someone else is being harassed, or have any other concerns, please contact a member of conference staff immediately. Our Event Staff can usually be identified by special badges/attire. Please note, while we take all concerns raised seriously, we will use our discretion as to in determining when and how to follow up on reported incidents and may decline to take any further action and/or may direct the participant to other resources for resolution.
BSides Sydney staff will be happy to help participants contact venue/event security or local law enforcement, provide escorts, or otherwise assist those experiencing harassment to feel safe for the duration of the conference. We value your attendance.
We expect participants to follow these rules at all event venues and related social events.
*Staff/Volunteers reserves the right to determine what constitutes “Being an Ass”.