Art into Science: A Conference for Defense

When

25th to 27th of January, 2017
Starting at 9:00 AM

Where

Trinity Hall
311 E 5th St. Austin, TX ‎78701

Free but limited to 150 seats only

Register Now

Art into Science: A Conference for Defense
Art into Science is a conference for defense, organized by defenders.

Many conferences out there glorify the attacker, we want a conference which interests us.

ACoD goals:

Push the art to a science: Creating a professional discipline

To mature our practice, we need to be able to share our methodologies in a systematic and consistent way.

We have many professionals in the security industry, but do not have a professional discipline. We'd like to philosophically discuss concepts in security, push them forward, and model them.

Glorify the defense: Tools, techniques, and ideas people can leave the conference with and implement

Security conferences glorify the attacker, and accept attack-oriented talks. We'd like to put defense on a pedestal and take in talks that interest us - operational talks on defense.

As a field, we need practitioners to offer implementable ideas and or reference implementations to reduce the amount of work that someone has to do to implement what they learn.

ACoD is a working conference

In the "Glorify the defense" (operations) track we will have talks of interest on various investigations and case studies on the one hand, and tools and ideas used to defend our environments on the other.

The "Push the art into a science" (philosophy) track will be dedicated to working tracks, where the members introduce their own concepts, and then discuss specifics. Most importantly, finish the day with a summary that can be used to push our field into the future.

We want to get more out of ACoD: Often, the best value we as attendees get out of a conference is personal relationships that form. We'd like to generate more of this value.

Some of us are introverts, some are shy. Regardless, it is hard to meet too many people in conferences, and see how we can help each other. We will work to address this by building more discussion into the agenda, such as networking opportunities, small working groups, and other similar ideas, into the DNA of how the conference will run.

Hands On / Roll Up the Sleeves

For the actual conference meetings, attendees will commit to specific tracks and all attendees are expected to try to contribute. Once you’re in a track, stay in the track, get to know the people, share, and learn collectively.

Limited attendance

The congress will be limited to 150 attendees.

Length

Talks will all be between 15 and 30 minutes long.

Program Committee and Organization Team

Content committee

Kymberlee
Price

Senior Director of Researcher Operations, Bugcrowd

_dcy4179 Kymberlee Price is the senior director of researcher operations at Bugcrowd, where she draws on her 14+ years of experience specializing in application security incident response and investigations to direct the efforts of over 40,000 crowd members in web app, mobile app, and IoT penetration testing. Previously, Kymberlee pioneered the first security researcher outreach program in the software industry, served as a principal investigator in the Zotob criminal investigation, analyzed APTs at Microsoft, and spent four years on BlackBerry’s Security Response Team investigating product vulnerabilities, specializing in third-party library security. Kymberlee is a member of the Department of Commerce NTIA Working Group on Multi-Party Vulnerability Disclosure and speaks regularly on vulnerability management and product incident response at Black Hat USA, RSA, Kaspersky Security Analyst Summit, and other events.

Dan
Hubbard

VP R&D, OpenDNS

dan-hubbard Dan Hubbard is the Chief Technology Officer for OpenDNS. A pioneering force in Internet security for more than 20 years, Dan’s expertise spans from reputation systems to large scale data mining of the Internet and advanced classification systems. Dan joined OpenDNS to expand the company’s breadth and depth of knowledge of security and products, assist in delivering disruptive new technologies, and drive innovation company-wide. Prior to OpenDNS, Dan was the CTO at Websense, where he was responsible for research and development of existing and new technologies, investigating technology trends, and driving innovation globally across the company. Additionally, he conceived, built, and managed the Websense Security Labs. Dan has presented at almost every major security conference around the globe, appeared on several international media outlets, and is frequently quoted in the media.

Caleb
Sima

CapitalOne

John
Scimone

CISO, Sony

john-scimone John Scimone currently serves as the Global Chief Information Security Officer for the Sony Group family of companies, where he is responsible for leading Sony’s global information security and privacy strategy, policy, and operations. Prior to joining Sony, Mr. Scimone held a number of leadership positions at the U.S. Department of Defense, including as Director of Security Operations for the Secretary of Defense's communications office, where he oversaw the Secretary’s cyber and facility security programs. Mr. Scimone formerly served as a member of the Joint Task Force for Global Network Operations under United States Strategic Command, where he led the development of enterprise network security programs that protected information belonging to the DoD’s more than two million employees.

Stefano
Zanero

cutStefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and systems security. Besides teaching “Computer Security” and “Computer Forensics” at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 60 scientific papers and books. He is a Senior Member of the IEEE, the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Stefano co-founded the Italian chapter of ISSA (Information System Security Association). He has been named a Fellow of ISSA and sits in its International Board of Directors. A long time op-ed writer for magazines (among which “Computer World”), Stefano is also a co-founder and chairman of Secure Network, a leading information security consulting firm based in Milan and in London, and a co-founder of 18Months, a cloud-based ticketing solutions provider, and recently has co-founded BankSealer, a startup in the FinTech sector.

Rob
Fry

Senior Information Security Architect, Netflix

rob_fry Rob Fry is an accomplished architect, inventor and public speaker with 20 years experience primarily in large-scale Internet companies and the utility industry. In his current role, he specializes in security automation, threat detection, data analytics, machine learning, and building cloud security solutions. At Netflix he invented FIDO, a patented open source security orchestration platform, and while at Yahoo created the DUBS configuration and automation framework for production servers. In his free time, he enjoys working on advisory boards, CABs and engineering steering teams with a passion for helping create products in the cloud and security space by working with venture capitalists to develop stealth and startup companies.

Doron
Shikmoni

member_placeholder

John
Flynn

Chief Information Security Officer at Uber

screen-shot-2016-11-09-at-5-52-40-pm John "Four" Flynn is Chief Information Security Officer at Uber, where he's responsible for protecting the information and platforms that provide Uber's services to people all over the world. Prior to Uber, Four lead infrastructure security at Facebook and security operations at Google. He is the founder and former lead architect of Google's Innovative Intrusion Detection group which is credited with the successful detection of the renowned Aurora attack in 2009. Following his role as technical advisor for the Obama 2012 presidential campaign, Four now serves on the board of directors for the Automotive Security Review Board (ASRB) and is a technical adviser for Google Ventures.

Wendy
Nather

Research Director at the Retail Cyber Intelligence Sharing Center (R-CISC)

member_placeholder Wendy Nather is Research Director at the Retail Cyber Intelligence Sharing Center (R-CISC), advancing the state of resources and knowledge to help organizations defend their infrastructure from attackers. She was previously Research Director of the Information Security Practice at independent analyst firm 451 Research. Wendy led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation (now UBS), as well as for the Texas Education Agency. She speaks regularly on topics ranging from threat intelligence to identity and access management, risk analysis, incident response, data security, and societal and privacy issues. Wendy is co-author of The Cloud Security Rules, and was listed as one of SC Magazine's Women in IT Security "Power Players" in 2014.

Jerry
Dixon

low_resStefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and systems security. Besides teaching “Computer Security” and “Computer Forensics” at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 60 scientific papers and books. He is a Senior Member of the IEEE, the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Stefano co-founded the Italian chapter of ISSA (Information System Security Association). He has been named a Fellow of ISSA and sits in its International Board of Directors. A long time op-ed writer for magazines (among which “Computer World”), Stefano is also a co-founder and chairman of Secure Network, a leading information security consulting firm based in Milan and in London, and a co-founder of 18Months, a cloud-based ticketing solutions provider, and recently has co-founded BankSealer, a startup in the FinTech sector.

Chris
Roosenraad

img_2588Security on the Internet is no longer the work of one talented individual, or even a team of talented individuals. Security comes from collaboration, from working together with others (industry, academia, and government) to share information and best practices. With over 20 years of experience in building some of the largest broadband networks on Earth, Chris has built a career at creating these collaborations and bringing people from different backgrounds together to solve difficult and complex problems. Chris is the customer security lead at Charter Communications, chairman emeritus of MAAWG, & treasurer of the technology coalition against online child sexual exploitation. In the past, Chris taught computer science at Williams College, and has held senior engineering positions with broadband service providers in the US, Germany, and Singapore.

Allison
Nixon

Director of Security Research at Flashpoint

255443fAllison Nixon is the Director of Security Research at Flashpoint.

Adam
Meyers

adam-meyers Adam Meyers is a recognized expert in the security and intelligence communities. With more than 15 years of experience in the security space, Adam has extensive experience building and leading intelligence practices in both the public and private sector. Adam is a founding employee and VP of Intelligence at CrowdStrike Inc., a global provider of security technology and services focused on identifying advanced threats and targeted attacks. A sought-after thought-leader, Adam conducts speaking engagements and training classes around the world on the topics of threat intelligence, reverse engineering, and data breach investigations. At CrowdStrike, Adam is responsible for tracking over 70 criminal, state-sponsored, and nationalist cyber adversary groups around the world. He provides technical and strategic guidance to Fortune 100 organizations and government agencies on how stay protected and prevent damage from today’s sophisticated and destructive attackers. Adam’s team supports ongoing investigations into breaches targeting some of the largest companies and organizations in the world. This elite team focuses on categorizing and tracking the human actors and groups that conduct these attacks everyday. Prior to joining CrowdStrike, Adam was the Director of Cyber Security Intelligence at SRA International. During his tenure, he provided technical expertise and strategic guidance for both commercial sector customers, as well as civilian, military, and intelligence customers. He conducted penetration tests, vulnerability research, and breach investigations across the globe, traveling extensively throughout Africa and South/Central America supporting customers. Adam oversaw the operations of the Information Assurance Laboratory testing emerging technologies for effectiveness and looking for security lapses that could compromise the integrity of the system. Adam was a key technical lead supporting the US Department of State Cyber Threat Analysis Division, leading a team of reverse engineers and incident response experts and representing the division at intergovernmental meetings on cyber threat. Adam was responsible for the technical direction of the SRA Cyberlock product which was used by both commercial and government customers. Adam earned a Bachelors of Arts degree from the George Washington University where he studied Political Science, and Computer Science.

Sounil
Yu

Executive Director for Security Innovation, Major Financial Institution

45n75ydqhqvk7isp1uebwrbjwubhr4Sounil Yu is a Christian, husband and father with over 30 years of hands-on experience creating, breaking and fixing computer and network systems. As the Exec Director for Security Innovation at a major financial institution, he leads teams to execute innovation initiatives and crazy experiments that reduce risk and tackle hard challenges in infosec. Previously, he helped improve infosec at several institutions spanning from Fortune 100 companies with three letters on the stock exchange to secretive three letter agencies that are not. Although on occasion he is forced to write about himself in the third person, he would rather meet people in person to share experiences rather than writing it up in a short bio. He lives in Virginia with his wife and their four homeschooled children.

Marcus
Sachs

CISO, NERC

marc-sachs-1 Marcus Sachs is the Senior Vice President and Chief Security Officer of the North American Electric Reliability Corporation in Washington, D.C. where he is responsible for the oversight of the Electricity Information Sharing and Analysis Center (E-ISAC), and for directing security risk assessment and mitigation initiatives to protect critical electricity infrastructure across North America. He is a retired US Army officer, was a White House appointee in the George W. Bush administration, is the former director of the SANS Internet Storm Center, and previous to NERC was Verizon's Vice President for National Security Policy. He hold degrees in Civil Engineering, Science and Technology Commercialization, Computer Science, and is “All But Dissertation” on a Ph.D. in Public Policy.

Steve
Adegbite

Chief Information Security Officer(CISO) at E*TRADE Financial

dan-hubbard Steve Adegbite is the Chief Information Security Officer(CISO) at E*TRADE Financial responsible for ensuring the establishing, executing, and maintaining of the enterprise vision, strategy and program structure for the firm wide Information Security Program to supports the protection of E*TRADE information assets, technologies and services. Prior to joining E*Trade, he was the Senior Vice President in charge of the Enterprise Information Security Program Oversight and Strategy Organization at Wells Fargo & Co. Prior to joining Wells Fargo & Co., he was the Director, Cyber Security Strategies at Lockheed Martin Information Services and Global Services (IS&GS). Prior to that, Steve was the Chief Security Strategist for Adobe Systems Inc. within the Adobe Secure Software Engineering. Prior to joining Adobe, Steve worked in various positions in Microsoft’s Trust Worthy Computing (TWC) organization most notably on the Secure Windows Initiative (SWI) and Microsoft Security Response Center (MSRC) EcoStrat team. Before Steve joined the private sector, Steve was an officer in the United States Marine Corps where he served in Information Operations (IO) positions at the National Security Agency (NSA), the National Geospatial-Intelligence Agency (NGA) and the Defense Intelligence Agency (DIA), both as a government employee and as an associate consultant for Booz Allen Hamilton, a strategy and technology consulting firm. Steve serves as a appointed member of the Department of Homeland Security Advisory Council(DHS-HSAC) and as the Co-chair of the Cybersecurity sub-committee for DHS. Steve is longtime member of the US and International security community.

Heather
Adkins

Director of Information Security

argv Heather Adkins is a 14-year Google veteran and founding member of the Google Security Team. As Director of Information Security, she has built a global team responsible for maintaining the safety and security of Google’s networks, systems and applications. The Google Security Team, now numbering in the hundreds, is involved in every facet of the business, including launching new products, mergers and acquisitions, building security infrastructure, responding to security threats, and evangelism. She has an extensive background in systems and network administration with an emphasis on practical security, and has worked to build and secure some of the world’s largest infrastructure for web information systems. She now focuses her time primarily on the defense of Google’s computing infrastructure and working with both the Google Incident Response Team and outside entities to tackle some of the industry’s greatest security challenges.

Vincent
Weafer

Sr. Vice President, McAfee

vincent_weafer_05_lrg_web Vincent Weafer is vice president of McAfee Labs in the Intel Security Group at Intel Corporation. In his role leading the labs organization, he oversees a team of hundreds of researchers in dozens of countries, as well as millions of sensors around the globe, all dedicated to helping protect Intel customers from the latest cyber-threats. Weafer’s team focuses on advancing the research and intelligence-gathering capabilities required to provide the latest protection solutions in malware, host and network intrusion, e-mail, vulnerability and Web security. Weafer’s 30-year career in the IT industry encompasses roles spanning software development, systems engineering, development management and security research. He joined the Intel organization in 2011 with the acquisition of McAfee Inc., now a wholly owned subsidiary that operates as the Intel Security Group. Before joining McAfee in 2010, he spent 15 years with Symantec Corporation, culminating in his position as vice president for security response. Weafer holds a bachelor’s degree in electronic engineering from Dublin City University in Ireland and is a Certified Information Systems Security Professional. He has presented at numerous international security conferences and is the co-author of a book on Internet security published by Symantec Press. Weafer has also been invited to testify on multiple government committees, including the States Senate Committee on the Judiciary hearing on “Combating Cyber Crime and Identify Theft in the Digital Age;” the United States Sentencing Commission’s public hearing on Identity Theft and the Restitution Act of 2008; and the United States Senate Committee on Commerce, Science and Transportation on “Impact and Policy Implications of Spyware on Consumers and Businesses.”

Dug
Song

CEO, Duo Security

dug_song Dug has a history of leading successful products and companies to solve pressing security problems. Dug spent 7 years as founding Chief Security Architect at Arbor Networks, protecting 80% of the world’s Internet service providers, and growing to $120M+ annual revenue before its acquisition by Danaher. Before Arbor, Dug built the first commercial network anomaly detection system (acquired by NFR / Check Point), and managed security in the world’s largest production Kerberos environment (University of Michigan).

William
Salusky

Steve
Crocker

Shinkuro Inc.

steve-crocker-13-07-03-smaller Dr. Crocker is CEO and co-founder of Shinkuro, Inc. and Chair of the ICANN Board of Directors. Dr. Crocker has been involved in the Internet since its inception. In the late 1960s and early 1970s, while he was a graduate student at UCLA, he was part of the team that developed the protocols for the Arpanet and laid the foundation for today's Internet. He organized the Network Working Group, which was the forerunner of the modern Internet Engineering Task Force and initiated the Request for Comment (RFC) series of notes through which protocol designs are documented and shared. Dr. Crocker was the IETF’s first area director for security, and later served on the Internet Architecture Board. He has been involved with ICANN since 2002 when he chaired the newly formed Security and Stability Advisory Committee (SSAC). He has been on ICANN’s board since 2003 and been chair since 2011. Dr. Crocker’s honors include the 2002 IEEE Internet Award, an honorary doctorate from the University of San Martin de Porres in Lima, Perú and membership in the Internet Hall of Fame in 2012.

Danny
Quist

danny-quist Danny Quist, Ph.D. is the manager of Bechtel’s Global Security Operations and Engineering. In this capacity, he directs the global defense of the largest privately owned company in the US. Prior to management, Danny was a reverse engineer working on automated analysis and visualization. His interests include writing rootkits, data analysis, and visualization. He has given presentations at Blackhat, RSA, Defcon, Shmoocon, REcon, and DFRWS.

Paul
Vixie

Farsight

headshot-vixie bind, cron, isc, maps, mibh, paix, ops-t, dnscap, ncap, rrl, rpz, dlv, phd@Keio, rfc's 1876 (LOC), 1995 (NOTIFY), 2136 (UPDATE), 2671 (EDNS), RFC 2845 (TSIG)

Adam
Meyers

VP of Intelligence, Crowdstrike

adam Adam Meyers is a recognized expert in the security and intelligence communities. With more than 15 years of experience in the security space, Adam has extensive experience building and leading intelligence practices in both the public and private sector. Adam is a founding employee and VP of Intelligence at CrowdStrike Inc., a global provider of security technology and services focused on identifying advanced threats and targeted attacks. A sought-after thought-leader, Adam conducts speaking engagements and training classes around the world on the topics of threat intelligence, reverse engineering, and data breach investigations. At CrowdStrike, Adam is responsible for tracking over 70 criminal, state-sponsored, and nationalist cyber adversary groups around the world. He provides technical and strategic guidance to Fortune 100 organizations and government agencies on how stay protected and prevent damage from today’s sophisticated and destructive attackers. Adam’s team supports ongoing investigations into breaches targeting some of the largest companies and organizations in the world. This elite team focuses on categorizing and tracking the human actors and groups that conduct these attacks everyday. Prior to joining CrowdStrike, Adam was the Director of Cyber Security Intelligence at SRA International. During his tenure, he provided technical expertise and strategic guidance for both commercial sector customers, as well as civilian, military, and intelligence customers. He conducted penetration tests, vulnerability research, and breach investigations across the globe, traveling extensively throughout Africa and South/Central America supporting customers. Adam oversaw the operations of the Information Assurance Laboratory testing emerging technologies for effectiveness and looking for security lapses that could compromise the integrity of the system. Adam was a key technical lead supporting the US Department of State Cyber Threat Analysis Division, leading a team of reverse engineers and incident response experts and representing the division at intergovernmental meetings on cyber threat. Adam was responsible for the technical direction of the SRA Cyberlock product which was used by both commercial and government customers. Adam earned a Bachelors of Arts degree from the George Washington University where he studied Political Science, and Computer Science.

Hillar
Aarelaid

hillar-smallPROFFESSIONAL CAREER 1991 - 1996 Estonian Police: Various positions, finally head of information exchange unit Built up Estonian national police network and information system. 1996 - 2003 Commissioner for Data Protection and Freedom of Information Created Estonian Data Protection Agency 2003 - 2006 Estonian Police, CISO Designed Estonian Police's IT Security system. Ran project that led to networking of police cars to various national information systems. 2006 - 2013 CERT Estonia team manager Built up CERT-EE, Estonia's national and gov CERT, from scratch. In charge of CERT-EE during 2007 cyber attacks against Estonia. 2013 - 2016 Estonian Information System’s Authority: Advisor Areas: PKI, data exchange backbone, IP networks and critical infrastructure security 2016 - Estonian Central Criminal Police, Senior Superintendent Decorations: • Cavalier of the Order of the White Star (5th Class) • Ministry of Interior Service Cross • Ministry of Defence Service Cross

Mike
Johnson

Senior Director, Detection and Response at Salesforce

mike-1Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and systems security. Besides teaching “Computer Security” and “Computer Forensics” at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 60 scientific papers and books. He is a Senior Member of the IEEE, the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Stefano co-founded the Italian chapter of ISSA (Information System Security Association). He has been named a Fellow of ISSA and sits in its International Board of Directors. A long time op-ed writer for magazines (among which “Computer World”), Stefano is also a co-founder and chairman of Secure Network, a leading information security consulting firm based in Milan and in London, and a co-founder of 18Months, a cloud-based ticketing solutions provider, and recently has co-founded BankSealer, a startup in the FinTech sector.

Bertha
Marasky

bem_295x294Bertha is a senior security analyst for a Fortune 50 communications company. After years of computer systems administration, she shifted focus to security in the early 2000's. She has hands-on experience in incident response, digital forensics, malware analysis, threat hunting, threat intelligence and big data mining. She maintains multiple GIAC certifications and is a Splunk Certified Architect.

Kathy
Wang

Splunk

kathy-wang-red-small-1 Kathy Wang (Twitter: @wangkathy) is an internationally-recognized malware expert, who has researched, developed, evaluated, and operationalized various solutions for detecting and preventing client-side attacks used by advanced persistent threats (APT), as they target common platforms (e.g., browser, email, mobile phones). Prior to Splunk, Kathy has held past positions such as Director of Research and Development at ManTech International, and Principal Investigator of the Honeyclient Project at The MITRE Corporation, during which she pioneered a prototype that became the basis of current cutting-edge zero-day malware detection technologies. Kathy has spoken at many security conferences and panels internationally, including RSA, DEF CON, AusCERT, and REcon. She has co-authored a book, Beautiful Security, and holds a BS and MS in Electrical Engineering from The University of Michigan, Ann Arbor.

Joe
Stewart

joe-stewartJoe Stewart is the Director of Malware Research for Dell SecureWorks’ Counter Threat Unit℠ research team. As a leading expert on malware and Internet threats, he is a frequent commentator on security issues for leading media outlets such as The New York Times, MSNBC, Washington Post, USA Today and others. Stewart has presented his security research at conferences such as RSA, Black Hat, DEFCON, ShmooCon, RECON, Netsec, Hacker Halted USA, Air Force Cyber Space Symposium, AGORA, the Anti-Phishing Working Group, and many others.

Thomas
Dullien (Halvar Flake)

Google

thomas_dullien Thomas Dullien / Halvar Flake started work in reverse engineering and digital rights management in the mid-90s, and began to apply reverse engineering to vulnerability research shortly thereafter. He pioneered early windows heap exploitaiton, patch diffing / bindiffing and various other reverse engineering techniques. In 2004, he started zynamics, a company focused on reverse engineering technologies. He continued to publish about reverse engineering, ROP gadget search, and knowledge management technologies in relation to reverse engineering. In 2011, zynamics was acquired by Google, and Halvar spent the next few years working on defensive technologies that leveraged the then hot buzzwords "big data" and "machine learning". In summer 2015, Halvar received the lifetime achievement Pwnie, and decided to take a year off to travel, read, and surf.

Jose
Nazario

Fastly

jose_nazario-1 Dr. Jose Nazario is the Director of Security Research at Fastly and is a recognized expert on cyberthreats to ISPs, network subscribers, and enterprises from cybercrime and malware. Before his work at Fastly, Jose was a Senior Scientist at Soar Technology, Chief Scientist at Invincea Labs, and previously senior Manager of Security risk at Arbor Networks. He's a board member of the Cyber Conflict Studies Association, where he engages in work studying nation-state cyber conflict in the geopolitical realm. He has published several works and academic papers, including two books: “Secure Architectures with OpenBSD” and “Defense and Detection Strategies against Internet Worms.”

Dov
Yoran

Cisco

dave_yoran Dov Yoran is a Sr. Director for the Cisco Security Business Group and came as part of the ThreatGRID acquisition (2014). He was co-founder and CEO of ThreatGRID, the first unified malware analysis and threat intelligence solution that helps organizations defend against advanced cyber attacks. Prior to that, he was a co-founder and partner at MetroSITE Group, an advisory services firm to both emerging security companies and large enterprises. Previously, he held several leadership roles at Solutionary (now NTT), Symantec, Riptech (acquired by Symantec 2002) and Accenture. Dov is a Founding Member of the Cloud Security Alliance (CSA) and frequently speaks at industry conferences. He has a Masters in Science (MS) in Engineering Management with a concentration in Information Security Management from George Washington University and a Bachelor of Science (BS), cum laude, in Chemistry from Tufts University.

Stephen
Cobb

ESET

stephen-cobb Stephen Cobb has been a CISSP since 1996, helping companies large and small to manage their information security, with a focus on emerging threats and privacy issues. The author of several books and hundreds of articles on cybersecurity and data protection, Cobb heads a San Diego based research team for ESET North America. He is also conducting research on security and risk management in the Criminology Department of the University of Leicester in England.

David
Neuman

© Kate L Photography | www.kateLphotography.com David Neuman, Senior Director of Information Security Operations at Rackspace is responsible for global information security operations, strategy, architecture and engineering services. David oversees and coordinates security initiatives, working with executives, leaders and staff from human resources, global enterprise technology and every team in between. Prior to joining Rackspace, David was an Executive Director and COO for Ernst and Young’s Americas Cyber Security Practice. He operationalized four sub-competencies and developed five-year growth plans to meet $500 million in revenue goals. David also led the restructuring of information security services and over 200 security practitioners for all US regions to meet pipeline and sales ambitions. David served in the United States Air Force for 28 years where his leadership transformed the way the Department of Defense integrated information technology into military operations. He has authored papers on cyber defense coordination and attack countermeasures, a three-year Air Force plan for building a resilient and defensible information enterprise, and an operational plan for protection of the Air Force’s global mobility mission. His experience also includes information technology operations in Europe, the Pacific and Southwest Asia. David holds an M.A. degree in National Security and Strategic Studies from Naval War College, an M.S. degree in Security Administration from Bellevue University, and a B.S. degree in Computer Studies from the University of Maryland University College. His is also a Certified Information Systems Security Professional.

Larry
Whiteside Jr.

Vice President, Healthcare and Critical Infrastructure

larry Larry Whiteside Jr. currently serves as vice president of healthcare and critical infrastructure in the Office of the CISO at Optiv. In this role, Whiteside focuses on helping security executives in these focus areas develop a comprehensive security program that balances risk and aligns with the overall business goals. He is responsible for developing and delivering a comprehensive suite of strategic services and solutions to help executives improve their security strategies through innovation. Whiteside also is co-founder and executive vice president of the International Consortium of Minority Cybersecurity Professionals (ICMCP). Prior to Optiv, Whiteside served as the chief security officer at Lower Colorado River Authority (LCRA), an organization that supplies cost-effective electricity for Central Texas, manages water supplies and floods in the lower Colorado River basin, provides public parks, and supports community development in 58 Texas counties. In this role, Whiteside was responsible for the protection of all corporate personnel and assets, and led the Office of the CSO. Whiteside also worked at Comodo as corporate strategy advisor to the CEO, Lynx Technology Partners as CSO, Spectrum Health as CISO and director of enterprise operations, and Visiting Nurse Service of NY as CISO. Whiteside started his career as an officer in the United States Air Force and separated in 2002. He served as chief, information warfare/network security divisions and chief, network security division – single agency manager for the Air Force at the Pentagon. In recognition for his achievements, Whiteside received the Company Grade Officer of the Year award for his units in 1997 and 2000, and a nomination for the National Information Security Executive of the Year in 2009 and 2010. Whiteside received his Bachelor of Science degree in computer science at Huston-Tillotson University. He is an active member in various industry organizations such as Information System Security Association (ISSA), Cloud Security Alliance (CSA), Phi Beta Sigma Fraternity and multiple industry-based security committees dedicated to strengthening security in the public sector. Whiteside is a well-respected security expert, having briefed individuals at some of the highest levels of Department of Defense. He also is a thought leader in the industry with extensive experience presenting at conferences such as the Gartner Security Summit, RSA Conference and SC World Congress, and has been featured in many articles relating to information security and risk management.

Joel
Wilibanks

joe_wilibanks Joel has been in the Information Technology field for over 17 years, past 11 in security. In that time he has worked in various industries such as manufacturing, healthcare, media, consulting, local law enforcement, and US DoD. Joel focuses on architecting and building secure infrastructure and capabilities. Joel has held the position of Chief Architect for Booz Allen Hamilton's Cyber Security Network and Team Lead for PENTCIRT's Computer Network Defense Branch. He is currently the Managing Enterprise Architect - US East for Intel Security Professional Services. Joel holds an MS in Systems Security Engineering from Stevens Institute of Technology, a BS in Information Systems from Strayer University, and CISSP-ISSAP and CASP certifications.

Chris
Camacho

jackie_harris

Elias
Manousos

RiskIQ head shots Elias Manousos is a security technology expert and experienced executive with over 15 years of delivering enterprise security solutions. Prior to co-founding RiskIQ, Elias was VP of R&D at Securant Technologies (acquired by RSA), an Internet leader in authorization and single sign-on (SSO). At Securant, he was instrumental in pioneering the now commonplace technologies providing increased browser security. Elias bootstrapped RiskIQ from zero to 100 employees and more than 100 customers in just 5 years. Today eight of the 10 largest financial institutions in the U.S. and five of the nine leading Internet companies in the world rely on RiskIQ to protect their websites, mobile apps and customers from malware and fraud.

Viktor
Polic

viktor_polic Dr. Viktor Polic is adjunct faculty at Webster University in Geneva since 2002, teaching courses in Information Security and Telecommunications within Computer Science Department of the School of Business and Technology. Viktor also serves as a member of the Scientific Committee for Advanced Studies in Information Security at the Department of Management Studies of the Faculty of Economic and Social Sciences at the University of Geneva. As Information and Communication Technology professional Viktor has been working for United Nations and several of its specialized agencies since 1993. His current position is Chief of Information Security and Assurance Services at International Labour Organisation, a specialized agency of the United Nations. Viktor is member of International Information Systems Security Certification Consortium, Information Systems Audit and Control Association, and International Association for Cryptologic Research.

Toby
Kohlenberg

toby_kohlenberg_0605-2 Toby Kohlenberg is the Red Team Lead for Intel Information Security. Prior to leading a red team he worked in every aspect of defensive technical information security from incident response to architecture to policy. He is a member of the Shmoo Group and has spoken at a number of conferences around the world on a variety of topics.

Steve
Orrin

steve_orrin Steve Orrin is the Federal Chief Technologist for Intel Corp. Steve has held several architectural leadership positions at Intel and is the creator of Trusted Compute Pools Cloud Architecture and co-author of NIST’s IR-7904 "Trusted Geo-Location in the Cloud”. Steve was previously CSO for Sarvega, CTO of Sanctum, CTO and co-founder of LockStar, and CTO at SynData Technologies. Steve is a recognized expert and frequent lecturer on enterprise security and was named one of InfoWorld's Top 25 CTO's of 2004 and, in 2016, received ExecMosaic’s Top CTO Executives Award. He is a fellow at Center for Advanced Defense Studies and a Guest Researcher at the NIST’s NCCoE. Steve is a member of AFCEA, INSA, ISACA, OASIS, IACR, and is a co-Founder and Officer of WASC and is the Vice-Chair of the NSITC/IDESG Security Committee.

Rich
MacVarish

rich-macvarish Rich MacVarish is a Red Team member and CNO Developer at a major U.S. Defense contractor. He has 15 years in security operations, software and application security and penetration testing. Most recently Rich is working with the Air Force Research Lab on avionics and control system security. Previously Rich served as a Principal Security Advisor with Hewlett Packard Enterprise where his primary role was to Red Team new products and services. Prior to that he was a Senior Intrusion Engineer with a major U.S. Defense contractor performing vulnerability research, reverse engineering and operations support for the U.S. Defense and Intelligence community. Outside of technology Rich enjoys teaching combatives and creating conspiracy theories to share on social media.

Raffaele
Mautone

raffaele-mautone-3 Raffaele Mautone is the CIO of Duo, a hyper-growth company protecting organizations against data breaches by ensuring only legitimate users and appropriate devices have access to sensitive data and applications. In his various leadership roles, Raffaele has a consistent record of leading teams through successful acquisitions; strategic planning and implementation and deploying large, multi-tiered complex programs. In his previous role at FireEye his team delivered 50 large multi-million dollar projects in a short period of time. At McAfee Inc., as the Vice President of Worldwide Sales and Marketing Operations, his team deployed many applications and business process improvements needed to help with bookings, leads, new go-to-market programs and Master Data Management. Raffaele’s strategic thinking and effective leadership has been instrumental and paramount in his career as a IT, Sales and Operations professional. However, one of Raffaele’s greatest strengths is in team management, where he motivates his team and others to not only have a high-level of productivity, but encourages the development of strong internal cross-functional relationships critical for success.

Karel
Obluk

karel_obluk Karel is independent consultant and investor with strong IT background, with experience in top management positions. Over the past decade, he helped to grow one of the most successful AV companies AVG Technologies, publicly listed at NYSE (NYSE:AVGT), recently acquired by Avast. As an acting CEO and CTO, he proved not only his technical but also managerial and business skills. After leaving AVG, Karel has been primarily active as an investor and advisor, he was venture partner of Credo Ventures and more recently partner of Evolution Equity. In this role, he focuses on investments in technology companies that apply new innovative approaches to security, such as Cognitive Security - acquired by Cisco Systems (NASDAQ:CSCO), SecurityScorecard, OpenDNS (NASDAQ:CSCO), Onapsis, CarbonBlack, DFLabs, Fortscale or Cymmetria. Karel holds a doctorate and masters’ degree in computer science from the Brno University of Technology, Czech republic. He was awarded a Kauffman Fellowship by the Palo Alto based Society of Kauffman Fellows. Karel’s native language is Czech, he is fluent in English and Slovak and can also speak German, Russian and very limited French.

John
Bambenek

john_bambenek John Bambenek is a manager of threat systems at Fidelis Cybersecurity and an incident handler with the Internet Storm Center. He has been engaged in security for 17 years researching security threats. He is a published author of several articles. He has participated in many incident investigations spanning the globe. He speaks at conferences around the world and runs several private intelligence groups focusing on takedowns and disruption of criminal entities.

Inbar
Raz

inbar_raz Inbar has been teaching and lecturing about Internet Security and Reverse Engineering for nearly as long as he has been doing that himself. He started programming at the age of 9 on his Dragon 64. At 13 he got a PC, promptly started Reverse Engineering a year later, and through high-school he was a key figure in the Israeli BBS scene. He spent most of his career in the Internet and Data Security field, and the only reason he's not in jail right now is because hechose the right side of the law at an earlier age. Nowadays he commonly lectures about Ethical Hacking. Inbar specializes in outside-the-box approach to analyzing security and finding vulnerabilities. From late 2011 to late 2014, he was running the Malware and Security Research at Check Point, using his extensive experience of over 20 years in the Internet and Data security fields. He has presented at a number of conferences, including Kaspersky SAS, Hack.lu, CCC, Virus Bulletin, ZeroNights, ShowMeCon, BSidesTLV, several Law Enforcement events and Check Point events. These days, Inbar is the Principal Researcher at PerimeterX, researching and educating the public on Automated Attacks on Websites.

Tom
Brennan

aaa Tom is a elected member of the Global Board of Directors for OWASP Foundation. He has served the OWASP community since 2004 as starting as a project leader, chapter leader. He also contributes as an advisory member to the New Jersey Institute of Technology, County College of Morris and other organizations including International Legal and Technology Association (ILTA), Center for Internet Security (CIS). Tom is just as comfortable ripping through packet captures, hacking web applications or speaking before live audiences as demonstrated at BlackHat, Hackers on Planet Earth (HOPE), ICCS / FBI Infragard, NYS Technology Conference and United States Secret Service, Electronic Crime Task Force and frequently at NYC Metro Cyber Security meetings. Tom Brennan works for Intel Security/McAfee/Foundstone and is a proud United States Marine Corp Veteran who resides in Rockaway New Jersey with his family

Conference staff

Schedule

8:00 am - 9:00 am

Breakfast / Coffee


9:00 am - 9:30 am

Operations: A Cognitive Psychology Approach of Security Investigations

Chris Sanders

9:00 am - 9:30 am

Philosophy: The Cyber Defense Matrix: A Scientific Model for Cybersecurity

Sounil Yu

9:30 am - 10:00 am

Operations: Practical Advice for Cloud Security Monitoring

Eugene Kogan

9:30 am - 10:00 am

Philosophy: Forensics, decisions, and making the abstract concrete

Jonathan Spring

10:00 am - 10:30 am

Operations: TrustKit: A defensive library to protect communication on mobile apps (iOS & Android)

Alban Diquet

10:00 am - 10:30 am

Philosophy: The Gorgeousness of a design workshop: #PrivacyEngineering & #EthicsEngineering

Michelle Dennedy

10:30 am - 11:00 am

Operations: Q&A or Turbo Talk


10:30 am - 11:00 am

Philosophy: Fix digital identity? stop the bad guys

Paul Simmonds

11:00 am - 11:30 am

Operations: Applying a delayed 2fa to non-2fa enabled systems

Ben Walter

11:00 am - 11:30 am

Philosophy: Anticipating the Nature and LIkelihood of a Cyberterror Community

Max Kilger

11:30 am - 12:00 pm

Operations: Beyond Matching: Applying Data Science Techniques to IOC-based Detection

Alex Pinto

11:30 am - 12:00 pm

Philosophy: Future-proof the InfoSec Arms Race

Jesse Trucks

12:00 pm - 1:00 pm

Lunch


1:00 pm - 1:30 pm

Operations: Abusing Google and Facebook login: On the risks in trusting third-party logins

Ido Safruti

1:00 pm - 1:30 pm

Philosophy: The Medium Makes the Art / Vulnerabilities vs. Tactics

Trenton Ivey

1:30 pm - 2:00 pm

Operations: Decreasing Dwell Time

Aaron Shelmire

1:30 pm - 2:00 pm

Philosophy: Desperately Seeking Severity

Art Manion

2:00 pm - 2:30 pm

Operations: Q&A or Turbo Talk


2:30 pm - 3:00 pm

Operations: Drop packets really fast with BGP, uRPF and Exa-BGP

John Brown

3:00 pm - 3:30 pm

Break


3:30 pm - 4:00 pm

Operations: Effective Forensic Analysis and Incident Response with Volatility

Jared Smith

3:30 pm - 4:00 pm

Philosophy: Finding the Grey Sheep before they go Baaaaad

Tom Ottoson

4:00 pm - 4:30 pm

Operations: Q&A or Turbo Talk


4:00 pm - 4:30 pm

Philosophy: Applying “Risk Reduced per Unit Cost” to IT Adversarial Risk Management

Pete Lindstrom

4:30 pm - 5:00 pm

Operations: Scaling Red Team

Sacha Faust

4:30 pm - 5:00 pm

Philosophy: How can a protocol be concise if it has to be no more complex than deterministic context-free?

Falcon Darkstar Momot

5:00 pm - 5:30 pm

Philosophy: The Analogue Prism

Winn Schwartau

4:30 pm - 5:00 pm

Philosophy: Q&A or Turbo Talk or Discussion


4:00 pm - 4:30 pm

Philosophy: RESERVED


2:00 pm - 2:30 pm

Philosophy: Q&A or Turbo Talk or Discussion


10:30 am - 11:00 am

Philosophy: Q&A or Turbo Talk or Discussion


10:00 am - 10:30 am

Philosophy: Q&A or Turbo Talk or Discussion


2:00 pm - 2:30 pm

Philosophy: Structured Analytic Techniques: Moving from Art to Science in Analysis

Rich MacVarish

2:30 pm - 3:00 pm

Philosophy: Know Thyself: Optimizing Team Decision-Making

Kelly Shortridge

8:00 am - 9:00 am

Breakfast / Coffee


9:00 am - 9:30 am

Operations: Logging the next trillion events

Sam Wilson

9:30 am - 10:00 am

Operations: Detection, Bro

John B. Althouse

10:00 am - 10:30 am

Operations: Leveraging Apache Spot as a Defender Community

Alan Ross

10:30 am - 11:00 am

Operations: Q&A or Turbo Talk


11:00 am - 11:30 am

Operations: Location Independent Security Approach (LISA)

Bryan Zimmer

11:30 am - 12:00 pm

Operations: Hidden Treasure: Detecting Intrusions with ETW

Zac Brown

12:00 pm - 1:00 pm

Lunch


1:00 pm - 1:30 pm

Operations: Building the Easy Button: Five-ish Ways to Radically Automate SecOps with DevOps

Rich Mogull

1:30 pm - 2:00 pm

Operations: Meeting the Adversary: Active Defense Operations

Joe Slowik

2:00 pm - 2:30 pm

Operations: Mining public data repositories for security intelligence

Peleus Uhley

2:30 pm - 3:00 pm

Operations: Using Disposable Mailboxes to Defeat Commodity Malware

Brad Antoniewicz

3:00 pm - 3:30 pm

Operations: Break


3:30 pm - 4:00 pm

Operations: Synthetic data sets, a real benchmarking

Cesar Berho

4:00 pm - 5:00 pm

Operations: Q&A or Turbo Talk


1:30 pm - 5:00 pm

Philosophy: Working session and Turbo talks


3:30 pm - 4:00 pm

Operations: RESERVED


8:00 am - 9:00 am

Breakfast / Gadi talks


9:00 am - 9:30 am

Economics of Security


9:30 am - 10:00 am

The Third Rail

William Manning

10:00 am - 12:00 pm

Track reports and Takeouts


Talks on the schedule are in 30 minute blocks. Speakers need to allocate 25 minutes for speaking and 5 minutes for setting upo the next talk. Please plan accordingly. Easels will be available for takeout notes. Note that lunch is one hour. Times are subject to change.

We encourage attendees to submit presentations for both long (30 Minute) and short (10 - 15 minute) format Turbo talks. We have a lot of great submissions that we find interesting and are listing those here. Those who would like to propose Turbo Talk at the conference will be offered the opportunity to pitch their talk and will be selected and scheduled by popular vote.


Potential Turbo Talks:

Presenter Proposed topic
Dan Hubbard Leveraging the Fourth Estate
Collin Mulliner Deploying Device and App Attestation with Android's SafetyNet
Chris Roosenraad Welcome to the new world order
Joel Scambray Attack and Defense: Frenemies Forever
Kevin Dunn Plan to FAIL: Failure Planning & Worst Case Thinking

Please note, there are two, count them, two happy hours:

Wednesday night (Sponsored by Duo)
Thursday night (Sponsored by a private party)

CFP

Example topics of interest for submission

We invite you to participate in Art into Science and submit a talk to one of the two conference tracks.
Operational:
Threat intelligence, attacker profiles, detection systems, case studies, tools & techniques, insider threat, user behavior analytics, fraud mitigation.

Philosophical:
Anything that can be converted into a model or methodology, including but not limited to: risk models, knowledge sharing, economics, first principles, changing landscape

Talk and discussion guidelines

Discussion needs to be of a nature that:

  • Identifies first principles
  • Models the results
  • Makes sure the resulting models are useful and usable

Don’ts:

  • Stays away from statements such as “we should all use Linux” or “this wouldn’t happen if people patched their systems”.
  • Mentions of Sun Tzu not allowed in lectures, unless they are new previously unseen, 0day quotes.

Other more mundane topics of interest for the philosophy track

  • How do you hire and keep your security professionals?
  • Internal tool building. Build vs Buy. When to choose which and why.
  • Getting executive attention: Unlocking budget and success metrics.
  • Efficacy evaluation.

Diversity

We especially encourage women and members of other diverse groups to submit a talk and attend the conference.

P.S.

A total of 0 mentions of the term “cyber” counted in this page above this line.

Submit CFP

Click here and fill out the form!

Pricing & Registration

Entry is free but limited to 150 seats only.

Fill out your information

Registration is open, although with very few seats left - it's now a waiting list. Please register as soon as you can if you intend to attend the conference.
Those wanting to register for the event but not submit a presentation should add their names to the Eventbrite wait list and fill out the information "Submit CFP" form.

No tickets to display here! You will need to add some.

Homepage

Get in touch

  • Graphic river
  • Video hive
  • 3d ocean
  • Activeden

Location and Venue

Venue

Trinity Hall

311 E 5th St. Austin, TX ‎78701

Nearby Accomodation

JW Marriott

$299 + Tax per Night

#

Book Online

Marriott Residence Inn

Conference Rate is $179 + Tax per Night and includes Breakfast

#

Book Online

Hyatt Place

Conference Rate is $199 + Tax per Night and includes Breakfast

#

Book Online

W Hotel

$482 + Tax per Night

#

Book Online
Additional details

Contact us: contact@artintoscience.com