When: Friday, 24 May, 2013, 9AM to Midnight

Where: 238 Santa Fe Dr, Denver, CO (Arts District)

Cost: Free

 

Registration is now open! Get Your Con Ticket Now!

Registration closes when all tickets are gone or day of the event Friday, May 24th, 2013

 

Call For Papers is now closed. http://j.mp/BSDenCFP2013

 

Want to sponsor? Questions? Want to volunteer?  Email us at bsidesdenver@gmail.com

Follow us on Twitter: @BsidesDenver

 

Twitter hashtag = #BSidesDen

 

 

Schedule of Events

 

Time	Presenter	Discussion	Abstract
9 - 9:30	ALL	Coffee, breakfast, meet, and greet	WAKE UP YOU HEATHENS!!    Get your #BSidesDen game going with some of the organizing committee's favorite local vendors including coffee by Ozo Coffee Roasters, Santiagos Burrito's and Moe's Bagels.
9:30 - 10:20	Fred Thiele @fgthiele	Product is f*%&ing hard!	Building a product is hard. It's even harder when you transition from a bootstrapped services company to a self-funded product company. The old saying of "no one cares about your product" is more than appropriate. In this talk I'll be sharing our experience as a company transitioning from a cash cow security consulting business to a money burning product company. Learn about how we came up with the idea, refined, funded, built and marketed it to the masses. There are a ton of great lessons learned out of this process.
10:30 - 11:20	Justin Harvey John Jackson Stephen Roberts Joe Bonnell	Panel Discussion: We See Dead Bits	Wake up and smell the coffee..followed by the scotch!  The informative, weird, and just plain scary observations of a forensics investigators.
11:30 - 12:20	David Willson, @titaninfosec	Active Defense: Can you do it legally; should you?	Active Defense is growing in popularity and there appears to be no middle ground, either you are for it or against it.  Also, there is no clear definition.  My definition includes hack back at one end of the spectrum.  When asked if it is legal most emphatically say "No."  Despite people's emotions over this issue there are some legal avenues that can be approached.  Active Defense, additionally, is a holistic approach.  This talk gets into many of the issues and usually ends up in a firestorm of questions, accusations, and commentary.
12:20 - 1:00	Argue amongst yourselves...	BBQ from Breck Brewery, with a side of controversy.	Audience discussion to continue previous talk. Trust us, it will happen..
1:00 - 1:50	Steve Winterfeld	Your cyber metrics suck so why should you get more money?	If you can’t measure it then it is doesn’t matter.  But measuring is not enough – if you measure the wrong thing you will do more damage than not measuring at all. This talk will help you understand how to build a program that will provide relevant information to technicians and managers to make smart decisions. It will address security, compliance, governance, Return On security Investments (ROsI) and most importantly (if you want to keep your budget) Enterprise Risk Posture metrics.  It will address both small and large organizations should develop metrics based on the decision the targeted audience needs to make. Doing a great job is not enough – making ‘them’ understand the risks they have accepted and providing ‘them’ information to make smart choices requires developing a program they can understand.
2:00 - 2:50	David Schwartzberg @DSchwartzberg	Zeus C&C for Tech Support	Inspired by Adam Johnson's presentation at GrrCON 2011 titled "ZeuS - Inside Command and Control" on how to build a ZeuS bot Exploit Kit Command & Control. I thought it would be fun to use this newly gained knowledge to build a C&C in an effort to provide tech support for my family members. Have you been in that situation where everyone you know comes to you with their computer problems? Just because you have a knack for technology, people you know seem to think that you enjoy fixing all their problems, most self-inflicted. Welp, here's your chance to help them and have some real fun. This mostly hand's on demonstration will walk through setting up your very own C&C and configuring the basic settings to get you started. When ready to rock, you will learn how to fun while fixing their problems. Live malware will be used during this presentation so make sure you turn off your WiFi.
3:00 - 3:50	Francisco Anonymous John Jackson Pyr0 Brian Martin	Panel Discussion: Stump the Panel
4:00 - 4:50	Danny Chrastil @DisK0nn3cT	Show me your Cookies! -- Session Hijacking Made Easy	Session Hijacking; we know about it, we can talk about it, but its one PITA to demonstrate to clients. This presentation will discuss in depth the different attacks against user session cookies including: breaking the httponly attribute, employing javascript libraries, creating stealthy attacks, etc. It will also introduce CookieCatcher, an opensource web based application to assist in session hijacking and managing stolen user cookies.
5:00 - 5:50	Joshua Corman Andrew Johnson ??? Brian Martin	Panel Discussion: Absolutely everything is pwnd.	This discussion will explore the implications assuming that *everything* is pwnd. What are the implications for privacy, and intellectual property? How does this realization change your mindset as to what you do, and why you do it?
6:00 - 6:50	ALL	Dinner: Don't Debate Where You Eat?	Each table will have a topic. You choose where to sit, promote and defend your ideas on the topic.
7:00 - 7:50	ALL	Mandatory Keg Time	In case you didn't start in with the rest of us earlier!!
8:00 - onward	ALL	Entertainment	Whomp Truck!!!

 

 

Sponsors

Interested in sponsoring? Email us at bsidesdenver@gmail.com.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Sidebars

In addition to great panelists and presenter discussions, BSides Denver is happy to announce the additional activities as part of the event this year!

 

CTF - Jeopardy Style!

 

- Local and Remote

    - each will be seperate... meaning remote people wont compete with local

    - Local will register on the day of the event in person

    - Remote can register now, competition unlocks on day of event (May 24) ctf.bsidesdenver.com 

 

- Requirements: bring your own computer. no VM required 

 

CTF local winners:

@Syndrowm

Mantis

@Heinzarelli

 

CTF remote winners:

@essobi 

@digiphilo 

@sno0ose

 

 

- Categories:

    - Web

    - Forensics

    - Crypto

    - Misc

- Prizes For Local Winners

1st Prize - Hak5 Pineapple + Raspberry Pi

2nd Prize - Hak5 Rubber Ducky + Raspberry Pi

3rd Prize - Hak5 Rubber Ducky

 

-Prizes for Remote Winners

1st - $50 Amazon Gift Card + Hak5 LAN Trap + Twitter props

2nd - $25 Amazon Gift Card + Twitter props

3rd - $25 Amazon Gift Card + Twitter props

 

 

Lockpicking Village

You know the drill...no drills!

 

Video Interviews

In an effort to capture the thoughts of the community in a more lasting way, organizers have opted to include video interviews of participants in both formal and informal ways.

 

• Free style - Participants will be able to check out video cameras to conduct free style interviews of each other. 
• Formal - BSides organizers will also be seeking out folks to participate in a formal video interview, the results of which will be made into a "short" film to be posted on the interwebs.

 

 

Planners and Volunteers (We need volunteers!)

 

• Joe Bonnell (@jobobreck) - Organizer 
• Danny Chrastil (@DisK0nn3cT) - Organizer, CTF
• Jericho (@attrition.org)  - Organizer
• Lance Miller (@wireheadlance) - Organizer
• Jeff Pettorino (@jpettorino) - Organizer 
• Stig Ravdal (@stigmon) - Organizer 
• Robb Reck (@robbreck) - Organizer 
• PJ Torney - Organizer, Video and Streaming Production 

 

Volunteers

 

•  add yourself...

 

 

Parking Info

Parking is limited directly in front of the facility. For those driving there are a number of parking options available with the best options being along Santa Fe, or Kalamath (1 block west of SF). Additional parking options can be found along 1st, 2nd streets, and Inca (one block east of SF). Parking in unauthorized lots will likely result in being towed at owners expense.

 

Public Transit

The closest RTD light rail station is 10th & Osage, an easy 20-minute walk away.  You can also take RTD bus route 1 to Galapago & 2nd, then walk three blocks West to Santa Fe.

 

Local Hotel Info

The TownePlace Suites is approximately 1.2 miles from the con.

 

Tags for flickr, twitter, blog, etc.

Please use the tag #BSidesDenver for content related to this event