There was a large and enthusiastic audience for BSides Austin 2015!
Keynote, Wendy Nather, presenting “10 Crazy Ideas for Fixing Security.” Wendy discussed “new technologies that really aren’t”, and suggested we remember the past and move on. She discussed the “literary model of software development”, noting programmers are currently somewhat like artisans, suggesting a Manufacturing Model for software development. It’s less fun, but could alleviate security problems built in with the way we develop software now.
Keynote Jay McLaughlin, spoke on banking malware, and noted it is morphing into attacking enterprises. Attackers don’t attack financial institutions as much, since they are pretty tight from a security perspective, but they do attack online customers. Web injection attacks are a full blown business in the underground, and with these attacks, customers are fooled into trusting *what they think* is their banking sites.
The “Red Team Versus Blue Team” Panel, with six great experts! Blue teamers on the left - from the left to right, Marcus Carey, Antonio Herraiz, Kevin Johnson, Red teamers on the right - Michael Gough, Mano Paul and Josh Sokol.
The audience really got into the panel discussion – plenty of interaction and audience participation. One of the best questions came from a high school student, asking the panel’s advice on entering the security field as a red teamer or blue teamer. The response was to build IT skills first – build a PC, learn how operating systems work, become expert in command line across platforms.
Charisse Castagnoli from Websense and Kate Brew from AlienVault lead a spirited Game Show format talk around Social Engineering, “Blue Team Responses to people who ‘Hack like a Girl.” It was so fun!
Our social engineering scenarios for the talk were provided by the Spiceworks community. Thanks, SpiceHeads!!