Art into Science - 2020

A Conference for Defense

Agenda 2019


Planned 2019 Agenda

Track General Plan:

Time Activity
8:30 Registration/Breakfast
8:55 Call to order
9:00 Talk
9:30 Talk
10:00 Talk
10:30 Break & Announcements
11:00 Talk
11:30 Talk
12:00 Lunch
12:30 Lunch
13:00 Talk
13:30 Talk
14:00 Talk
14:30 Break
15:00 Talk
15:30 Talk
16:00 Talk
16:30 Discussion
17:00 Dismiss
Note: All presentations are alloted a maximum of 20 minutes for speaking and a maximum of 10 minutes for setup and transition. Track chairs may modify the schedules and shorten transistion times as required.

Operations Track, Mike Johnson Chair

Date Time Authors Paper
30-Jan-19 9:00 Ryan Moon Talkers gonna talk
30-Jan-19 9:30 Greg Olmstead and Justin Borland Phoenix evolved – The next stage of malware analysis
30-Jan-19 10:00 Andrew Morris Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
30-Jan-19 11:00 Ben Reardon (presented by John Althouse) HASSH – a Profiling Method for SSH Clients and Servers
30-Jan-19 11:30 Eric Capuano Effective Threat Hunting with Open-Source Solutions
30-Jan-19 13:00 Adam Murphy Nearly Real-Time Log Aggregation using Kinesis & Lambda
30-Jan-19 13:30 Michael Jenks Operationalizing MITRE ATT&CK: Our Story
30-Jan-19 14:00 Dan Hubbard and James Condon Practical guide to securing Kubernetes
30-Jan-19 15:00 John Bambenek Creating Authoritative Nameserver Reputation
30-Jan-19 15:30 Bill Woodcock and John Todd The Role of the Domain Name System in Improving Defense
30-Jan-19 16:00 Aashish Sharma and Craig Leres Continuous and Automated Defense of a Large Scale Open Research Network
31-Jan-19 9:00 Eric Loui Sprinting up the Pyramid of Pain
31-Jan-19 9:30 Arun Lakhotia Use a malware to catch a malware
31-Jan-19 10:00 Xena Olsen 24/7 CTI: Operationalizing Cyber Threat Intelligence
31-Jan-19 11:00 Jody Forness The NEW Cloud Ecosystem
31-Jan-19 11:30 Krassimir Tzvetanov OPSEC for investigators and researchers
31-Jan-19 13:00 Guangming Liu The art of the windows kernel fuzz
31-Jan-19 13:30 Ryan McGeehan Forecasting, Browsers, and “In The Wild” Exploitation
31-Jan-19 14:00 Jesse Bowling An Academic Exercise in Threat Intelligence
31-Jan-19 15:00 Guillaume Ross Osquery on Windows: Monitoring our Minimum Viable Security Configuration
31-Jan-19 15:30 Rob Ragan and Oscar Salazar Pose a Threat: How Perceptual Analysis Helps Bug Hunters
31-Jan-19 16:00 Alan Czarnecki Correlating Observed Indicators with MISP
1-Feb-19 9:00 Peter Smith Multidimensional Attack Path Analysis: Eliminating Network Blind Spots
1-Feb-19 9:30 Jose Hernandez How to make a stickier Honeypot (SSH*)
1-Feb-19 10:00 Brad Duncan Sanitizing Pcaps to Share with the Community
1-Feb-19 11:00 Mike Johnson Working session – see below

Philosophy Track, Sounil Yu Chair

Date Time Authors Paper
30-Jan-19 9:00 Sounil Yu Track intro
30-Jan-19 9:30 Bryson Bort Re-thinking how we think about cybersecurity
30-Jan-19 10:00 Aaron Shelmire Defensive Measures: Adversary Reactions in the Face of Adversity
30-Jan-19 11:00 Janusz Urbanowicz Deploying the Directive: Lessons and Observations
30-Jan-19 11:30 Will Lin Everyone is an investor: A VC’s perspective on how to invest your time with security startups
30-Jan-19 13:00 Kelly Shortridge Risk Quicksand in Information Security
30-Jan-19 13:30 Monty St John Concrete Thinking, Rapid Response
30-Jan-19 14:00 Julian Cohen Adversary-Based Risk Analysis
30-Jan-19 15:00 Jonathan M Spring Practicing a Science of Security: Reflections
30-Jan-19 15:30 Joseph Zadeh, Rod Soto and Xiaodan Li Profiling VIP Behavior in User Centric Data Streams
30-Jan-19 16:00 Gadi Evron Away with Cassandra: The long tail of new technology wave<
31-Jan-19 9:00 Christine Le Dancing in the Dark: Asset Management for Multi-Cloud Environments
31-Jan-19 9:30 Mark Jaster and Erin Kenneally Piloting an Information Market Game to Crowdsource DFIR and Controls Efficacy Assessments
31-Jan-19 10:00 Nancy Eckert Swarm Intelligence and Human Systems
31-Jan-19 11:00 Earl Crane Communicating the Security Challenge to Executives
31-Jan-19 11:30 Leigh Metcalf The Internet is a Hall of Mirrors
31-Jan-19 13:00   Working Sessions – see below
1-Feb-19 9:00   Working Sessions – see below


Working Sessions

Session Leader Time
Formalizing the Process of Science – general Philospy track sessions Sounil Yu 14:00 31 Jan – Close of conference
Best practice operations as drivers to science (Operations Track) Mike Johnson Morning of 1 Feb
Chronicling the advance of the science Leigh Metcalf 14:30 31 Jan or as arranged
Integrating philosphy and operations Dan Hubbard To be announced
Proving Future Risk Gadi Evron To be announced
Hackathon John Bambenak To be announced


Special thanks to our sponsors:
Dell, EA Security, Farsight Security, Reversing Labs, Cylance , and Bank of America!