The document outlines a series of talks from a 2016 cybersecurity event featuring various experts discussing topics such as internet independence, bug bounty hunting, malware defense, and fraud detection. Key insights included the importance of user behavior in security, career advancement strategies, and the evolution of ransomware threats. Additionally, it highlights the use of open-source intelligence for personal data gathering and the effectiveness of fuzz testing in identifying software bugs.

1. 2016
Sponsored by
FROM
12 top talks

2. John Perry
Barlow
A Declaration of
the Independence of
Cyberspace
@jpbarlow
“I felt people needed to
know what space they were
in, in order to have a sense
of their rights,” he said,
recalling the time when he
realized the federal
government had
discovered the Internet.

3. Arne Swinnen
The Tales of a Bug
Bounty Hunter
@arneswinnen
A bug bounty hunter for
fun and profit, Arne
Swinnen explained how
he was able to rack up
nearly $10,000 from
responsibly disclosing
nine flaws in the popular
Instagram app.

4. Matthew Hathaway
&
alexandre sieira
Reverse
Engineering the
Wetware
@theway99
@alexandresieira
This duo drilled the idea
that information security
is really all about people,
and it’s important to
understand how users
think in order to better
understand your role as a
security practitioner.

5. ‘IrishMASMS’
Hackers Hiring
Hackers: How to
Hack the Job Search
and Hack Talent
@irishmasms
Ensure the experience on
your resume reflects your
background and the role
you are pursuing; be
careful with buzzwords;
don’t stretch the truth; and
always use a professional-
looking email address.

6. Kuba Sendor
A Year in the Wild:
Fighting Malware
at the Corp. Level
@jsendor
From the moment of the
threat detection, first
response throughout the
analysis, and the final
resolution, Yelp works to
catch as many incidents as
possible and properly
sanitize the environment
to cut potential problems
short.

7. Javvad Malik
Guest to Root: How
to Hack Your Own
Career Path and
Stand Out
@j4vv4d
“What are you doing to
get yourself noticed?”
Malik asked. “When you
leave a job, will you think
about the projects that
you worked on? Have you
left behind enough
legacy that they wouldn’t
mind having you back?”

8. Ethan Dodge
Digital
Intelligence
Gathering: Using
the Power of
OSINT
@_ETH0
Leveraging a variety of open
source intelligence, from
social media data to court
case and property records,
Dodge explained how he
was able to compile a
plethora of sensitive
information on a given
person.

9. Travis Smith
Sweet Security:
Deploying a
Defensive Raspberry
Pi
@mrtrav
IoT devices are often
shipped with outdated
operating systems and
unmaintained, vulnerable
code. Using a combination
of open-source and
commercial tools, Smith
demonstrated how to
protect networks that
provide access to the IoT.

10. Kevin
Bottomley
The Ransomware
Threat: Tracking
the Digital
Footprints
@k3v_b0t
Ransomware has evolved
significantly over the
years. Bottomley urged
attendees to keep
backups often and train
end-users about social
engineering techniques
through phishing
exercises. Never pay the
ransom!

11. James Addison
Fraud Detection &
Real-Time Trust
Decisions
As a Senior Software
Engineer at Lyft, Addison
explained common ways
in which fraudsters are
attacking online
commerce today,
including traditional
online storefront attacks,
and other challenges
faced in real-time
marketplaces.

12. Craig Young
Fuzz Smarter, Not
Harder: An Afl-Fuzz
Primer
@craigtweets
Fuzzers can test 24×7
(without rest or overtime
payment) to help identify
many bugs that may not
always be apparent from
reviewing code. Young
explained several fuzzing
techniques that bug hunters
everywhere can leverage.

13. Jeff Man
The Art of the Jedi
Mind Trick
@mrjeffman
“It’s easy to give a talk at a
conference where you’re
‘preaching to the choir’ and
everyone speaks your
language, but how do you
fare when you are trying to
give the message to your
boss, or your bosses’ boss,
or C-Level management?”
Man asked.

14. SunShine
BenBelkacem
SunShine BenBelkacem is a
Chicago-based graphic
facilitator, artist and writer.
Drawing on a keen
business sense and a
stunning design sensibility,
SunShine distills spoken
talks, meetings and
discussions into compelling
visual stories and
summaries.
@sunnyb Sponsored by

15. For the latest security news, trends
and insights, visit us at:
www.tripwire.com/blog
@TripwireInc
Don’t miss the next BSides event near
you! For more information, visit:
www.securitybsides.com
Background IMAGEs COURTESY OF SHUTTERSTOCK.COM