fbpx Skip to main content



5 Enterprise Architectures Every Tech Executive Should Understand

Nathan Lasnoski


Jonathan Tomek & Cory Kujawski

Needle in the Hay: A Guide to Discovering Plaintext Credentials in Enterprise Environments

Ben Burkhart

ATT&CKing Unicorns

Matthew Lange & Gary Lobermier

The dangers of online speech

Ken Vedaa

A Hole In The Boat – How APIs Threaten Everything

Richard Bird

A World Without Passwords

Andy Jaw

Dragons Can Fly

Joe Cicero

Your Board Deck Sucks!: Why you can’t get buy-in for your security program

Walt Powell

A “Brazillian” Different Kinds of Malware and Why Your Organization Should Care

Jared Peck


Mr. Jeff Man

The Call’s Coming from Inside the House: Authentication Proxy Attacks: Detection, Response and Hunting

Chris Merkel

The importance of team-based cybersecurity tournaments

Andrew Paullin

Offensive Security & The Evolution of Attack Path Management

Joe Mondloch

How to save your SOC and what can you (or I) do to help?

Peter Wlodarczyk

Hacking and Defending APIs

Robert Wagner

Hunting Before Day Zero

Ryan LaBouve

Achieving a Threat-Informed Defense with MITRE ATT&CK

Ben Opel

Learning to Manipulate Safe Dials

Dustin Heywood (Evil_Mog)

Are they human or scripts? The level of human involvement behind RDP brute-force attacks

Andréanne Bergeron, Ph.D

Voiding your warranty, a wireless journey.

Eric Escobar

How to look good when followed by the FSB (KGB)

Rob Carson and Jay Carson

Preventing Zero Days, The Mandalorian Way

Anders Norremo & John Hochevar

How The Sausage is REALLY Made: CloudOps for Red Teamers

John Ventura

SQL Injection: A history’ OR 1=1; —

Will McCardell

Agile Security Teams

Naveen VK

Patch? We can’t patch! An Introduction to OT/ICS Systems

Luciano Moretti

Executives: Overcoming the CyberSecurity Poverty Line

Robert Wagner

Secret Handshake: A Mutual TLS Based C2 Communication Channel

John Conwell

Security Does Not Need To Be Fun: Ignoring OWASP To Have A Terrible Time

Dwayne McDaniel

AI for Red Team and Malware Development

Kirk Trychel

Evading EDR by DLL sideloading with C#

Gary Lobermier

You’ve Got Mail (and Misdirected Funds): A Demo of Business Email Compromise

Drew Hjelm

PCI DSS v4.0 Is Here – Now What?

Kyle Hinterberg

Physical Penetration Testing – Tales From Our Real-life Engagements

Ryan Zagrodnik & Chad Finkenbiner

Now anyone can become a cellular provider! How anyone can build their own cellular network and how I built one for Milwaukee

Russell From

Meet Security Planner (Or: How to Help Your Non-Technical Friends and Family Stay Safer Online)

Yael Grauer

What’s Right in Cybersecurity

Matteo Rebeschini

Extra description