IANS Information Security ForumMinneapolis - April 26 - 27, 2017                                                        Shall We Play a Hacker? Simulating the Adversary for Better Security

The biggest problem of the security industry today is that despite $80B in annual cybersecurity spend, we still don’t know whether our defenses can stand up to a breach. How can we work smarter by putting ourselves in our adversary’s footsteps? How can we proactively identify critical gaps in security defenses? In this session, we will present a new technology that “simulates” hacker breach methods to continuously quantify risks, validate security controls and challenge your SOC teams. Join us to explore insights from real world deployments and the Hacker’s Playbook to better secure your organization.

THOTCON - Chicago's Hacking Conference, May 4th and 5th, 2017
 I'm In Your $PYTHONPATH, Backdooring Your Python Programs" 
Does the flap of a butterfly's wings in Brazil set off a tornado in Texas? I don't know, but a change of a shell variable can lead to a malicious Python code injected into any Python program running afterwards. In this talk, I'll release pyekaboo and demo how it can be used to hijack Python module(s) and then steal passwords/sensitive data, tamper with security tools, and turn any Python program that uses sockets into an interactive backdoor. In other words, a rootkit for Python. Last but not least, I'll discuss how to detect and mitigation this attack. Come, it will be fun!


Virtual event                                                                                                                                                    Breach Simulation Lunch and Learn


Schedule a SafeBreach Virtual Lunch and Learn! We’ll bring lunch, and a deep dive into breach simulations. All you have to do is bring yourself and your security team.