diff --git a/public/ht/colors.json b/public/ht/colors.json
index 16af73b..3eb4918 100644
--- a/public/ht/colors.json
+++ b/public/ht/colors.json
@@ -1 +1 @@
-{"colors":["#116F72","#19A8B0","#1c25a0","#33c756","#38B913","#3a9e1f","#465bbe","#47b4c1","#49bae3","#4a1885","#4cd5fe","#523a69","#53b574","#548E88","#57246b","#69814C","#6A85F7","#6cdf7a","#6fdce3","#736b2f","#7a70fd","#7f73c6","#814054","#8c9fc3","#93758d","#97826b","#9c47f2","#aa8266","#af2b52","#b48894","#b9c800","#bc76d7","#cb6c9a","#cb97d2","#cd4f7f","#d15103","#d28e91","#d3d44d","#d9f2ec","#dc4a29","#e78bea","#ec5658","#f6ae74"]}
\ No newline at end of file
+{"colors":["#17065e","#19A8B0","#2CB255","#33c756","#38B913","#3a9e1f","#420d40","#465bbe","#49bae3","#4a1885","#4cd5fe","#523a69","#53b574","#548E88","#57246b","#69814C","#6cdf7a","#6fdce3","#736b2f","#7a70fd","#7f73c6","#814054","#82B1B6","#93758d","#97826b","#9c47f2","#aa8266","#af2b52","#b48894","#b9c800","#bc76d7","#cb6c9a","#cb97d2","#cd4f7f","#d15103","#d28e91","#d39cf8","#d3d44d","#d9f2ec","#dc4a29","#e78bea","#ec5658","#f6ae74","#f92323"]}
\ No newline at end of file
diff --git a/public/ht/conferences/BSIDESHBG2024/events.json b/public/ht/conferences/BSIDESHBG2024/events.json
new file mode 100644
index 0000000..07d2f51
--- /dev/null
+++ b/public/ht/conferences/BSIDESHBG2024/events.json
@@ -0,0 +1 @@
+[{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","title":"Closing Ceremonies","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#17065e","updated_at":"2024-04-08T21:19+0000","name":"Misc","id":46261},"end_timestamp":{"seconds":1712955600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712610480,"nanoseconds":0},"speakers":[],"timeband_id":1159,"links":[],"end":"2024-04-12T21:00:00.000-0000","id":54275,"village_id":null,"tag_ids":[46261],"begin_timestamp":{"seconds":1712953800,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Main Stage","hotel":"","short_name":"Main Stage","id":46199},"begin":"2024-04-12T20:30:00.000-0000","updated":"2024-04-08T21:08:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#2CB255","name":"Talk","id":46249},"title":"Closing Keynote","end_timestamp":{"seconds":1712953800,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712609700,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54261],"name":"Catherine Ullman","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53570}],"timeband_id":1159,"links":[],"end":"2024-04-12T20:30:00.000-0000","id":54261,"begin_timestamp":{"seconds":1712950200,"nanoseconds":0},"tag_ids":[46249],"village_id":null,"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53570}],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Main Stage","hotel":"","short_name":"Main Stage","id":46199},"begin":"2024-04-12T19:30:00.000-0000","updated":"2024-04-08T20:55:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#2CB255","name":"Talk","id":46249},"title":"DARVO: The Psychological Manipulation of Ransomware Victims","end_timestamp":{"seconds":1712950200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712610180,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54273],"name":"Matt Dotts","affiliations":[{"organization":"Mid Penn Bank","title":"Information Security Awareness Officer"}],"links":[],"pronouns":null,"media":[],"id":53582,"title":"Information Security Awareness Officer at Mid Penn Bank"}],"timeband_id":1159,"links":[],"end":"2024-04-12T19:30:00.000-0000","id":54273,"begin_timestamp":{"seconds":1712948400,"nanoseconds":0},"village_id":null,"tag_ids":[46249],"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53582}],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46201},"updated":"2024-04-08T21:03:00.000-0000","begin":"2024-04-12T19:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","title":"Penetration Testing with AI!","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#2CB255","updated_at":"2024-04-08T21:19+0000","name":"Talk","id":46249},"end_timestamp":{"seconds":1712950200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712610060,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54268],"name":"Brandon Keath","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53580}],"timeband_id":1159,"links":[],"end":"2024-04-12T19:30:00.000-0000","id":54268,"village_id":null,"tag_ids":[46249],"begin_timestamp":{"seconds":1712948400,"nanoseconds":0},"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53580}],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46200},"updated":"2024-04-08T21:01:00.000-0000","begin":"2024-04-12T19:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#2CB255","name":"Talk","id":46249},"title":"Building bridges: mastering cross functional partnerships for vulnerability management success!","android_description":"","end_timestamp":{"seconds":1712947800,"nanoseconds":0},"updated_timestamp":{"seconds":1712610120,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54272],"name":"Kayla Underkoffler","affiliations":[{"organization":"HackerOne","title":"Lead Security Technologist"}],"links":[],"pronouns":null,"media":[],"id":53581,"title":"Lead Security Technologist at HackerOne"}],"timeband_id":1159,"links":[],"end":"2024-04-12T18:50:00.000-0000","id":54272,"village_id":null,"tag_ids":[46249],"begin_timestamp":{"seconds":1712944800,"nanoseconds":0},"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53581}],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46201},"spans_timebands":"N","updated":"2024-04-08T21:02:00.000-0000","begin":"2024-04-12T18:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#2CB255","updated_at":"2024-04-08T21:19+0000","name":"Talk","id":46249},"title":"Critical Infrastructure Protection: How Good/Bad Can It Get?","android_description":"","end_timestamp":{"seconds":1712947800,"nanoseconds":0},"updated_timestamp":{"seconds":1712610060,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54267],"name":"Joseph Price","affiliations":[{"organization":"Deloitte","title":""}],"links":[],"pronouns":null,"media":[],"id":53579,"title":"Deloitte"}],"timeband_id":1159,"links":[],"end":"2024-04-12T18:50:00.000-0000","id":54267,"village_id":null,"begin_timestamp":{"seconds":1712944800,"nanoseconds":0},"tag_ids":[46249],"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53579}],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46200},"begin":"2024-04-12T18:00:00.000-0000","updated":"2024-04-08T21:01:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","title":"Is your OPSEC making you a target","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#2CB255","updated_at":"2024-04-08T21:19+0000","name":"Talk","id":46249},"end_timestamp":{"seconds":1712944500,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712610060,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54266],"name":"Joel Prentice","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53577}],"timeband_id":1159,"links":[],"end":"2024-04-12T17:55:00.000-0000","id":54266,"village_id":null,"begin_timestamp":{"seconds":1712943000,"nanoseconds":0},"tag_ids":[46249],"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53577}],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46200},"spans_timebands":"N","begin":"2024-04-12T17:30:00.000-0000","updated":"2024-04-08T21:01:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#17065e","updated_at":"2024-04-08T21:19+0000","name":"Misc","id":46261},"title":"Resume Reviews","end_timestamp":{"seconds":1712950200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712610780,"nanoseconds":0},"speakers":[],"timeband_id":1159,"links":[],"end":"2024-04-12T19:30:00.000-0000","id":54281,"village_id":null,"tag_ids":[46261],"begin_timestamp":{"seconds":1712941200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Career Village","hotel":"","short_name":"Career Village","id":46203},"spans_timebands":"N","begin":"2024-04-12T17:00:00.000-0000","updated":"2024-04-08T21:13:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"Break Outside Central CDE\r\n\r\nFreshly Brewed Coffee\r\n\r\nDecaffeinated Coffee\r\n\r\nHerbal Teas\r\n\r\nAssorted Soft Drinks\n\n\n","title":"Afternoon Refreshments","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#17065e","updated_at":"2024-04-08T21:19+0000","name":"Misc","id":46261},"end_timestamp":{"seconds":1712944800,"nanoseconds":0},"android_description":"Break Outside Central CDE\r\n\r\nFreshly Brewed Coffee\r\n\r\nDecaffeinated Coffee\r\n\r\nHerbal Teas\r\n\r\nAssorted Soft Drinks","updated_timestamp":{"seconds":1712610660,"nanoseconds":0},"speakers":[],"timeband_id":1159,"links":[],"end":"2024-04-12T18:00:00.000-0000","id":54278,"begin_timestamp":{"seconds":1712941200,"nanoseconds":0},"tag_ids":[46261],"village_id":null,"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46202},"begin":"2024-04-12T17:00:00.000-0000","updated":"2024-04-08T21:11:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","title":"Infrastructure as Remote Code Execution: How to abuse Terraform to elevate access","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#2CB255","name":"Talk","id":46249},"end_timestamp":{"seconds":1712944200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712610120,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54271],"name":"Michael McCabe","affiliations":[{"organization":"Cloud Security Partners","title":"President"}],"links":[],"pronouns":null,"media":[],"id":53578,"title":"President at Cloud Security Partners"}],"timeband_id":1159,"links":[],"end":"2024-04-12T17:50:00.000-0000","id":54271,"tag_ids":[46249],"begin_timestamp":{"seconds":1712941200,"nanoseconds":0},"village_id":null,"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53578}],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46201},"spans_timebands":"N","updated":"2024-04-08T21:02:00.000-0000","begin":"2024-04-12T17:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","title":"EtherJack – A Plug-and-pray Leave Behind Device","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#2CB255","name":"Talk","id":46249},"android_description":"","end_timestamp":{"seconds":1712942700,"nanoseconds":0},"updated_timestamp":{"seconds":1712610000,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54265],"name":"Raymond Nutting","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53576}],"timeband_id":1159,"links":[],"end":"2024-04-12T17:25:00.000-0000","id":54265,"begin_timestamp":{"seconds":1712941200,"nanoseconds":0},"village_id":null,"tag_ids":[46249],"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53576}],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46200},"spans_timebands":"N","updated":"2024-04-08T21:00:00.000-0000","begin":"2024-04-12T17:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#17065e","name":"Misc","id":46261},"title":"Lunch Break (On your own)","android_description":"","end_timestamp":{"seconds":1712941200,"nanoseconds":0},"updated_timestamp":{"seconds":1712610540,"nanoseconds":0},"speakers":[],"timeband_id":1159,"links":[],"end":"2024-04-12T17:00:00.000-0000","id":54276,"begin_timestamp":{"seconds":1712937600,"nanoseconds":0},"village_id":null,"tag_ids":[46261],"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46202},"begin":"2024-04-12T16:00:00.000-0000","updated":"2024-04-08T21:09:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#2CB255","updated_at":"2024-04-08T21:19+0000","name":"Talk","id":46249},"title":"Discord OSINT: Using the power of Empathy Banana","end_timestamp":{"seconds":1712937300,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712610000,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54264],"name":"Zach Malinich","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53574}],"timeband_id":1159,"links":[],"end":"2024-04-12T15:55:00.000-0000","id":54264,"tag_ids":[46249],"begin_timestamp":{"seconds":1712935800,"nanoseconds":0},"village_id":null,"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53574}],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46200},"begin":"2024-04-12T15:30:00.000-0000","updated":"2024-04-08T21:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#2CB255","updated_at":"2024-04-08T21:19+0000","name":"Talk","id":46249},"title":"Cybersecurity, Constantinople, and You","android_description":"","end_timestamp":{"seconds":1712937600,"nanoseconds":0},"updated_timestamp":{"seconds":1712610780,"nanoseconds":0},"speakers":[],"timeband_id":1159,"links":[],"end":"2024-04-12T16:00:00.000-0000","id":54280,"tag_ids":[46249],"begin_timestamp":{"seconds":1712934000,"nanoseconds":0},"village_id":null,"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Career Village","hotel":"","short_name":"Career Village","id":46203},"begin":"2024-04-12T15:00:00.000-0000","updated":"2024-04-08T21:13:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","title":"Resiliency and Adaptation in Incident Response","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#2CB255","updated_at":"2024-04-08T21:19+0000","name":"Talk","id":46249},"end_timestamp":{"seconds":1712937000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712610120,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54270],"name":"Art Ocain","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53575}],"timeband_id":1159,"links":[],"end":"2024-04-12T15:50:00.000-0000","id":54270,"begin_timestamp":{"seconds":1712934000,"nanoseconds":0},"village_id":null,"tag_ids":[46249],"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53575}],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46201},"updated":"2024-04-08T21:02:00.000-0000","begin":"2024-04-12T15:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#2CB255","name":"Talk","id":46249},"title":"Vehicle Cybersecurity","android_description":"","end_timestamp":{"seconds":1712935500,"nanoseconds":0},"updated_timestamp":{"seconds":1712609820,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54263],"name":"Kevin Walter","affiliations":[{"organization":"Cyber Services LLC","title":"Founder"}],"links":[],"pronouns":null,"media":[],"id":53573,"title":"Founder at Cyber Services LLC"}],"timeband_id":1159,"links":[],"end":"2024-04-12T15:25:00.000-0000","id":54263,"tag_ids":[46249],"village_id":null,"begin_timestamp":{"seconds":1712934000,"nanoseconds":0},"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53573}],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46200},"spans_timebands":"N","updated":"2024-04-08T20:57:00.000-0000","begin":"2024-04-12T15:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","title":"Traditional CTF","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#d39cf8","name":"CTF","id":46262},"android_description":"","end_timestamp":{"seconds":1712950200,"nanoseconds":0},"updated_timestamp":{"seconds":1712611140,"nanoseconds":0},"speakers":[],"timeband_id":1159,"links":[],"end":"2024-04-12T19:30:00.000-0000","id":54283,"tag_ids":[46262],"begin_timestamp":{"seconds":1712930400,"nanoseconds":0},"village_id":null,"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46202},"spans_timebands":"N","updated":"2024-04-08T21:19:00.000-0000","begin":"2024-04-12T14:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"BSidesHBG is proud to bring the Trace Labs OSINT Search Party CTF to BSidesHBG 2024!\r\n\r\nYOU DO NOT NEED PRIOR OSINT EXPERIENCE TO PARTICIPATE IN THE CTF.\r\n\r\n**Please bring a laptop along to work on the CTF challenges.\r\n\r\n[ABOUT]\r\n\r\nThe Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons\r\n\r\n[TEAMS]\r\n\r\nContestants participate in teams of 1 to 4 persons.\r\n\r\n[FLAGS]\r\n\r\nThe Capture the Flag (CTF) event is a gamified version of what real trackers do. While the ultimate goals is to find the person, we do this through finding individual flags that often build a picture of where the missing person may be.\r\n\r\n[JUDGING]\r\n\r\nIn order to ensure all submissions are high value and contribute to the location of the missing person, our community comes together to support each event with a judge panel that vets each submission.\r\n\r\n[POINTS and SCORING]\r\n\r\nBeginners can score many low scoring easier flags while experts can go for the harder yet higher scoring points. At the end, all contestants get a badge of honor to show the community they participated in the event.\n\n\n","title":"TraceLabs OSINT Search Party CTF","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#17065e","updated_at":"2024-04-08T21:19+0000","name":"Misc","id":46261},"android_description":"BSidesHBG is proud to bring the Trace Labs OSINT Search Party CTF to BSidesHBG 2024!\r\n\r\nYOU DO NOT NEED PRIOR OSINT EXPERIENCE TO PARTICIPATE IN THE CTF.\r\n\r\n**Please bring a laptop along to work on the CTF challenges.\r\n\r\n[ABOUT]\r\n\r\nThe Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons\r\n\r\n[TEAMS]\r\n\r\nContestants participate in teams of 1 to 4 persons.\r\n\r\n[FLAGS]\r\n\r\nThe Capture the Flag (CTF) event is a gamified version of what real trackers do. While the ultimate goals is to find the person, we do this through finding individual flags that often build a picture of where the missing person may be.\r\n\r\n[JUDGING]\r\n\r\nIn order to ensure all submissions are high value and contribute to the location of the missing person, our community comes together to support each event with a judge panel that vets each submission.\r\n\r\n[POINTS and SCORING]\r\n\r\nBeginners can score many low scoring easier flags while experts can go for the harder yet higher scoring points. At the end, all contestants get a badge of honor to show the community they participated in the event.","end_timestamp":{"seconds":1712948400,"nanoseconds":0},"updated_timestamp":{"seconds":1712611020,"nanoseconds":0},"speakers":[],"timeband_id":1159,"end":"2024-04-12T19:00:00.000-0000","links":[{"label":"Register","type":"link","url":"https://forms.wix.com/f/7182023819748442757"},{"label":"Details","type":"link","url":"https://www.bsideshbg.com/osint-challenge"}],"id":54282,"village_id":null,"tag_ids":[46261],"begin_timestamp":{"seconds":1712930400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46202},"begin":"2024-04-12T14:00:00.000-0000","updated":"2024-04-08T21:17:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#2CB255","name":"Talk","id":46249},"title":"See Yourself in FED Cyber: Unlocking the Federal Process to Get You Hired!","android_description":"","end_timestamp":{"seconds":1712933400,"nanoseconds":0},"updated_timestamp":{"seconds":1712610780,"nanoseconds":0},"speakers":[],"timeband_id":1159,"links":[],"end":"2024-04-12T14:50:00.000-0000","id":54279,"village_id":null,"tag_ids":[46249],"begin_timestamp":{"seconds":1712930400,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Career Village","hotel":"","short_name":"Career Village","id":46203},"spans_timebands":"N","begin":"2024-04-12T14:00:00.000-0000","updated":"2024-04-08T21:13:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","color":"#2CB255","name":"Talk","id":46249},"title":"Incident response: How to fight fires without burning","android_description":"","end_timestamp":{"seconds":1712933400,"nanoseconds":0},"updated_timestamp":{"seconds":1712610060,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54269],"name":"Juan Giarrizzo","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53572}],"timeband_id":1159,"links":[],"end":"2024-04-12T14:50:00.000-0000","id":54269,"begin_timestamp":{"seconds":1712930400,"nanoseconds":0},"tag_ids":[46249],"village_id":null,"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53572}],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46201},"begin":"2024-04-12T14:00:00.000-0000","updated":"2024-04-08T21:01:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","title":"Practical Password Cracking: Hardware, Tools, Methods... and AI","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#2CB255","updated_at":"2024-04-08T21:19+0000","name":"Talk","id":46249},"android_description":"","end_timestamp":{"seconds":1712933400,"nanoseconds":0},"updated_timestamp":{"seconds":1712609820,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54262],"name":"Sean Smith","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53571}],"timeband_id":1159,"links":[],"end":"2024-04-12T14:50:00.000-0000","id":54262,"begin_timestamp":{"seconds":1712930400,"nanoseconds":0},"tag_ids":[46249],"village_id":null,"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53571}],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46200},"spans_timebands":"N","begin":"2024-04-12T14:00:00.000-0000","updated":"2024-04-08T20:57:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"Break Outside Central CDE\r\n\r\nFreshly Brewed Coffee\r\n\r\nDecaffeinated Coffee\r\n\r\nHerbal Teas\n\n\n","title":"Morning Refreshments","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#17065e","updated_at":"2024-04-08T21:19+0000","name":"Misc","id":46261},"android_description":"Break Outside Central CDE\r\n\r\nFreshly Brewed Coffee\r\n\r\nDecaffeinated Coffee\r\n\r\nHerbal Teas","end_timestamp":{"seconds":1712933100,"nanoseconds":0},"updated_timestamp":{"seconds":1712610600,"nanoseconds":0},"speakers":[],"timeband_id":1159,"links":[],"end":"2024-04-12T14:45:00.000-0000","id":54277,"village_id":null,"tag_ids":[46261],"begin_timestamp":{"seconds":1712929500,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46202},"spans_timebands":"N","begin":"2024-04-12T13:45:00.000-0000","updated":"2024-04-08T21:10:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","title":"Keynote","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#2CB255","updated_at":"2024-04-08T21:19+0000","name":"Talk","id":46249},"android_description":"","end_timestamp":{"seconds":1712930400,"nanoseconds":0},"updated_timestamp":{"seconds":1712609700,"nanoseconds":0},"speakers":[{"conference_id":138,"event_ids":[54260],"name":"Jeff Man","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53569}],"timeband_id":1159,"links":[],"end":"2024-04-12T14:00:00.000-0000","id":54260,"begin_timestamp":{"seconds":1712926800,"nanoseconds":0},"tag_ids":[46249],"village_id":null,"includes":"","people":[{"tag_id":46250,"sort_order":1,"person_id":53569}],"tags":"","conference_id":138,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Main Stage","hotel":"","short_name":"Main Stage","id":46199},"updated":"2024-04-08T20:55:00.000-0000","begin":"2024-04-12T13:00:00.000-0000"},{"conference":"BSIDESHBG2024","timezone":"America/New_York","link":"","description":"","type":{"conference_id":138,"conference":"BSIDESHBG2024","color":"#17065e","updated_at":"2024-04-08T21:19+0000","name":"Misc","id":46261},"title":"Registration","android_description":"","end_timestamp":{"seconds":1712926800,"nanoseconds":0},"updated_timestamp":{"seconds":1712610420,"nanoseconds":0},"speakers":[],"timeband_id":1159,"links":[],"end":"2024-04-12T13:00:00.000-0000","id":54274,"village_id":null,"tag_ids":[46261],"begin_timestamp":{"seconds":1712923200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":138,"links_antiquated":[],"location":{"conference_id":138,"conference":"BSIDESHBG2024","updated_at":"2024-04-08T21:19+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46202},"spans_timebands":"N","updated":"2024-04-08T21:07:00.000-0000","begin":"2024-04-12T12:00:00.000-0000"}]
\ No newline at end of file
diff --git a/public/ht/conferences/BSIDESVANCOUVER2024/events.json b/public/ht/conferences/BSIDESVANCOUVER2024/events.json
new file mode 100644
index 0000000..d12925b
--- /dev/null
+++ b/public/ht/conferences/BSIDESVANCOUVER2024/events.json
@@ -0,0 +1 @@
+[{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#420d40","name":"Misc","id":46275},"title":"After Party","end_timestamp":{"seconds":1716872400,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712618520,"nanoseconds":0},"speakers":[],"timeband_id":1161,"links":[],"end":"2024-05-28T05:00:00.000-0000","id":54290,"begin_timestamp":{"seconds":1716857100,"nanoseconds":0},"tag_ids":[46275],"village_id":null,"includes":"","people":[],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46209},"spans_timebands":"N","updated":"2024-04-08T23:22:00.000-0000","begin":"2024-05-28T00:45:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"title":"Closing Remarks","android_description":"","end_timestamp":{"seconds":1716856500,"nanoseconds":0},"updated_timestamp":{"seconds":1712618460,"nanoseconds":0},"speakers":[],"timeband_id":1161,"links":[],"end":"2024-05-28T00:35:00.000-0000","id":54289,"begin_timestamp":{"seconds":1716855600,"nanoseconds":0},"tag_ids":[46263],"village_id":null,"includes":"","people":[],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Tracks 1-4","hotel":"","short_name":"Tracks 1-4","id":46208},"spans_timebands":"N","begin":"2024-05-28T00:20:00.000-0000","updated":"2024-04-08T23:21:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Looking to quickly determine how many analysts your SOC needs? Wondering what the tradeoffs are between 5x8, 4x10, 2-2-3? Curious what's the right SlA & when to use an on-call? If so then this is the track for you.\n\n\n","title":"SOC Staffing and Scheduling - Justifying Headcount and Meeting the Mission","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"end_timestamp":{"seconds":1716855600,"nanoseconds":0},"android_description":"Looking to quickly determine how many analysts your SOC needs? Wondering what the tradeoffs are between 5x8, 4x10, 2-2-3? Curious what's the right SlA & when to use an on-call? If so then this is the track for you.","updated_timestamp":{"seconds":1712622420,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54320],"name":"Chris Hamilton","affiliations":[],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ch4m1l70n/"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/ch_breakthrough"}],"pronouns":null,"media":[{"hash_sha256":"78edf8640981af8ae54eeeb5984eb8b4791f5f73f75d20a495064f148bd79a28","filetype":"image/jpeg","hash_md5":"166a48c552f133c1dfb0f4f2d0253137","name":"ChrisHamilton.jpg","hash_crc32c":"3e14d3ce","filesize":154145,"asset_id":522,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FChrisHamilton.jpg?alt=media","person_id":53591}],"id":53591}],"timeband_id":1161,"links":[],"end":"2024-05-28T00:20:00.000-0000","id":54320,"village_id":null,"begin_timestamp":{"seconds":1716854400,"nanoseconds":0},"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53591}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"updated":"2024-04-09T00:27:00.000-0000","begin":"2024-05-28T00:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Deep dive into both candidate and hiring manager perspectives during interviews. What levers can you pull as a hiring manager to increase your offer acceptance rate?\r\n\r\nFour main challenges candidates face that will make them turn you down.\r\n\r\nFour areas to focus on so you and your team can crush it. \n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"Security recruitment: Four challenges candidates face and four areas you can improve to impress candidates","end_timestamp":{"seconds":1716853800,"nanoseconds":0},"android_description":"Deep dive into both candidate and hiring manager perspectives during interviews. What levers can you pull as a hiring manager to increase your offer acceptance rate?\r\n\r\nFour main challenges candidates face that will make them turn you down.\r\n\r\nFour areas to focus on so you and your team can crush it.","updated_timestamp":{"seconds":1712622360,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54319],"name":"Pablo Vidal Bouza","affiliations":[{"organization":"Rippling","title":"Head of Security Operations"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/pablo-vidal-bouza-60064528/"}],"media":[{"hash_sha256":"87e280aadb43b986cd1847ab2aa064978a98e74e239d1df239cfc21d7848b473","filetype":"image/jpeg","hash_md5":"7b19ba597a7d891b7e0ffbfa0367b048","name":"PabloVidalBouza.jpg","hash_crc32c":"0a718b3f","filesize":17550,"asset_id":544,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FPabloVidalBouza.jpg?alt=media","person_id":53607}],"id":53607,"title":"Head of Security Operations at Rippling"}],"timeband_id":1161,"links":[],"end":"2024-05-27T23:50:00.000-0000","id":54319,"village_id":null,"begin_timestamp":{"seconds":1716852600,"nanoseconds":0},"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53607}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"spans_timebands":"N","updated":"2024-04-09T00:26:00.000-0000","begin":"2024-05-27T23:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Rest APIs have been the backbone of webapps for over a decade now, and it’s treated us well. Inevitably, a challenger has approached and is gradually becoming the new industry standard. That is GraphQL, a query a language for your API. But shifts in tech trends also bring another inevitability, new and interesting ways to hack stuff. GraphQL is a growing target, and the pentesting tools have yet to keep up, leaving the criminals with more time and opportunity to probe and exploit vulnerabilities in your web apps. Burp Suite has been the defacto tool for Application Security professionals running DAST scans and penetration tests against web apps, and it’s amazing Active Scan feature badly needed to be able to parse GraphQL. Our new plugin for Burp Suite allows the Active Scanner to competently point it’s library of payloads at a GraphQL API, giving the defenders a chance to detect vulnerabilities before the criminals do.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"title":"We Taught Burp to Speak GraphQL: Automated Security Scanning of Your GraphQL API With Burp","android_description":"Rest APIs have been the backbone of webapps for over a decade now, and it’s treated us well. Inevitably, a challenger has approached and is gradually becoming the new industry standard. That is GraphQL, a query a language for your API. But shifts in tech trends also bring another inevitability, new and interesting ways to hack stuff. GraphQL is a growing target, and the pentesting tools have yet to keep up, leaving the criminals with more time and opportunity to probe and exploit vulnerabilities in your web apps. Burp Suite has been the defacto tool for Application Security professionals running DAST scans and penetration tests against web apps, and it’s amazing Active Scan feature badly needed to be able to parse GraphQL. Our new plugin for Burp Suite allows the Active Scanner to competently point it’s library of payloads at a GraphQL API, giving the defenders a chance to detect vulnerabilities before the criminals do.","end_timestamp":{"seconds":1716855600,"nanoseconds":0},"updated_timestamp":{"seconds":1712621760,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54308],"name":"Jared Meit","affiliations":[],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jared-meit-069ba014/"}],"id":53595,"media":[{"hash_sha256":"f67c9ce85d706a1e755128a4cea823181edc417f531f29c888ad734039623520","filetype":"image/jpeg","hash_md5":"0817c30737d291a609ffea2934e78365","name":"JaredMeit.jpg","hash_crc32c":"5ff969f9","filesize":235222,"asset_id":529,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FJaredMeit.jpg?alt=media","person_id":53595}]}],"timeband_id":1161,"links":[],"end":"2024-05-28T00:20:00.000-0000","id":54308,"tag_ids":[46263],"village_id":null,"begin_timestamp":{"seconds":1716852600,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53595}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 3","hotel":"","short_name":"Track 3","id":46206},"updated":"2024-04-09T00:16:00.000-0000","begin":"2024-05-27T23:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"The advent of Generative Artificial Intelligence (AI) has ushered in a new era of creativity and innovation, but with it comes the imperative to address the pressing security and privacy concerns. This presentation, titled \"Ransom Meets Random,\" delves into a concise analysis of the intricate relationship between security, privacy, and Generative AI technologies.\r\n\r\nThe talk commences by exploring the dynamic landscape of generative models, shedding light on their transformative capabilities in content creation, text generation, and image synthesis. As these AI systems continue to evolve, it becomes crucial to understand the inherent risks and vulnerabilities associated with their deployment. The discussion emphasizes the potential exploitation of generative models in the context of ransom attacks, where malicious actors may leverage AI-generated content to manipulate or compromise sensitive information.\r\n\r\nFurthermore, the presentation examines the unpredictable nature of generative AI, discussing its challenges to maintaining user privacy. The talk navigates through the blurred lines between authentic and AI-generated content, unraveling the implications for individuals and organizations. Ethical considerations and regulatory perspectives are also addressed to foster a comprehensive understanding of the societal impact of generative AI.\r\n\r\nAttendees will gain insights into the current state of security measures within generative technologies and explore potential strategies to safeguard against emerging threats. By the end of the session, participants will be equipped with a nuanced understanding of the delicate balance between the innovative potential of generative AI and the imperative to fortify security and privacy frameworks in this rapidly evolving landscape.\n\n\n","title":"Ransom Meets Random: A Brief Analysis of Security and Privacy in Generative AI","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"end_timestamp":{"seconds":1716855600,"nanoseconds":0},"android_description":"The advent of Generative Artificial Intelligence (AI) has ushered in a new era of creativity and innovation, but with it comes the imperative to address the pressing security and privacy concerns. This presentation, titled \"Ransom Meets Random,\" delves into a concise analysis of the intricate relationship between security, privacy, and Generative AI technologies.\r\n\r\nThe talk commences by exploring the dynamic landscape of generative models, shedding light on their transformative capabilities in content creation, text generation, and image synthesis. As these AI systems continue to evolve, it becomes crucial to understand the inherent risks and vulnerabilities associated with their deployment. The discussion emphasizes the potential exploitation of generative models in the context of ransom attacks, where malicious actors may leverage AI-generated content to manipulate or compromise sensitive information.\r\n\r\nFurthermore, the presentation examines the unpredictable nature of generative AI, discussing its challenges to maintaining user privacy. The talk navigates through the blurred lines between authentic and AI-generated content, unraveling the implications for individuals and organizations. Ethical considerations and regulatory perspectives are also addressed to foster a comprehensive understanding of the societal impact of generative AI.\r\n\r\nAttendees will gain insights into the current state of security measures within generative technologies and explore potential strategies to safeguard against emerging threats. By the end of the session, participants will be equipped with a nuanced understanding of the delicate balance between the innovative potential of generative AI and the imperative to fortify security and privacy frameworks in this rapidly evolving landscape.","updated_timestamp":{"seconds":1712621400,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54302],"name":"Sourabh Aggarwal","affiliations":[],"links":[{"description":"","title":"","sort_order":0,"url":"https://itedconsultant.com/"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ersourabhaggarwal/"}],"pronouns":null,"id":53610,"media":[{"hash_sha256":"1db93a5d046263c540b70087b7632003adee5b7b33503a56422a117d33492688","filetype":"image/jpeg","hash_md5":"31f54fa44c6ac4b5c682b5a0ca5622af","name":"SourabhAggarwal.jpg","hash_crc32c":"4c186618","filesize":284217,"asset_id":547,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FSourabhAggarwal.jpg?alt=media","person_id":53610}]}],"timeband_id":1161,"links":[],"end":"2024-05-28T00:20:00.000-0000","id":54302,"village_id":null,"tag_ids":[46263],"begin_timestamp":{"seconds":1716852600,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53610}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46205},"begin":"2024-05-27T23:30:00.000-0000","updated":"2024-04-09T00:10:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"What's the one place that will let anyone walk in off the street and start using a computer? The library!  But what if you want to do more than search the catalog for books?  \r\n\r\nThis presentation will cover two types of hacking that you can do at the library.  The first type involves how to gain control of an otherwise locked down public PC.  Libraries encourage everyone to learn, they probably just didn't intend for it to be so hands on!\r\n\r\nThe second part of this presentation will cover how a widely used library web service was tested for vulnerabilities.  This software was found to contain a large variety of vulnerability classes, and is a great example of what can be uncovered through a software security assessment.  All of the findings were remotely exploitable 0day vulnerabilities, and this software was used by hundreds of libraries.\n\n\n","title":"Hacking Libraries (The Kind That Loan Books)","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"end_timestamp":{"seconds":1716855600,"nanoseconds":0},"android_description":"What's the one place that will let anyone walk in off the street and start using a computer? The library!  But what if you want to do more than search the catalog for books?  \r\n\r\nThis presentation will cover two types of hacking that you can do at the library.  The first type involves how to gain control of an otherwise locked down public PC.  Libraries encourage everyone to learn, they probably just didn't intend for it to be so hands on!\r\n\r\nThe second part of this presentation will cover how a widely used library web service was tested for vulnerabilities.  This software was found to contain a large variety of vulnerability classes, and is a great example of what can be uncovered through a software security assessment.  All of the findings were remotely exploitable 0day vulnerabilities, and this software was used by hundreds of libraries.","updated_timestamp":{"seconds":1712620680,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54296],"name":"Wesley Wineberg","affiliations":[],"links":[],"pronouns":null,"id":53615,"media":[{"hash_sha256":"99d40c874dedbcea8aa4b996ec4ce18980456b1ac31a2bdec933c483de1b05a7","filetype":"image/png","hash_md5":"69c60edb1a306697427b6b463b9f46d1","name":"WesleyWineberg.png","hash_crc32c":"1c0f51bc","asset_id":551,"filesize":2336298,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FWesleyWineberg.png?alt=media","person_id":53615}]}],"timeband_id":1161,"links":[],"end":"2024-05-28T00:20:00.000-0000","id":54296,"tag_ids":[46263],"village_id":null,"begin_timestamp":{"seconds":1716852600,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53615}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46204},"spans_timebands":"N","updated":"2024-04-08T23:58:00.000-0000","begin":"2024-05-27T23:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Learn to leverage the expertise of your internal SMEs to provide comprehensive security awareness & training, ensuring a diverse range of perspectives and up-to-date insights. Together you can foster a culture of security, promoting security best practices and staying ahead of emerging threats.\r\n\r\nAttendees will come away with a deeper understanding of the importance of fostering a culture of security within an organization, and how to effectively develop and deliver security training content that engages and empowers employees. Whether you work at a large-scale organization, mid-size company or a start-up, you will learn insights and practical tips on how to leverage existing resources, such as internal experts and online training tools, to create effective security training programs that fit the specific needs of your organization. Our goal is to inspire all organizations, regardless of size, to prioritize security and build a strong security culture.\n\n\n","title":"Cultural Change: How to Work Together for Better Security","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"android_description":"Learn to leverage the expertise of your internal SMEs to provide comprehensive security awareness & training, ensuring a diverse range of perspectives and up-to-date insights. Together you can foster a culture of security, promoting security best practices and staying ahead of emerging threats.\r\n\r\nAttendees will come away with a deeper understanding of the importance of fostering a culture of security within an organization, and how to effectively develop and deliver security training content that engages and empowers employees. Whether you work at a large-scale organization, mid-size company or a start-up, you will learn insights and practical tips on how to leverage existing resources, such as internal experts and online training tools, to create effective security training programs that fit the specific needs of your organization. Our goal is to inspire all organizations, regardless of size, to prioritize security and build a strong security culture.","end_timestamp":{"seconds":1716852000,"nanoseconds":0},"updated_timestamp":{"seconds":1712622300,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54318],"name":"Stephanie Calabrese","affiliations":[],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/stephcalabrese/"}],"media":[{"hash_sha256":"b99fb657f404f231130467bc869d0bc1490f54d22f44e057a13264ff4b483c66","filetype":"image/jpeg","hash_md5":"083954f4b2e6011161d2873d5dc172a6","name":"StephanieCalabrese.jpg","hash_crc32c":"12bdb829","filesize":34552,"asset_id":548,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FStephanieCalabrese.jpg?alt=media","person_id":53611}],"id":53611}],"timeband_id":1161,"links":[],"end":"2024-05-27T23:20:00.000-0000","id":54318,"village_id":null,"begin_timestamp":{"seconds":1716850800,"nanoseconds":0},"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53611}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"updated":"2024-04-09T00:25:00.000-0000","begin":"2024-05-27T23:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Cryptocurrencies were once primarily associated with illicit activities due to their decentralized and seemingly anonymous nature. However, most of them operate on a pseudonymous basis, making crypto investigations a crucial aspect of modern cybersecurity. This involves a detailed analysis of blockchain transactions to trace the movement of funds. In this talk, we will explore the latest advances in crypto forensics and how to unveil the real-world entities behind cryptocurrency-related crimes. The goal is to equip the audience with the knowledge and skills needed to navigate the complex landscape of cryptocurrency investigations.\n\n\n","title":"Deanonymizing the Blockchain: What Cybersecurity Experts Should Know About Cryptocurrency Investigations","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"android_description":"Cryptocurrencies were once primarily associated with illicit activities due to their decentralized and seemingly anonymous nature. However, most of them operate on a pseudonymous basis, making crypto investigations a crucial aspect of modern cybersecurity. This involves a detailed analysis of blockchain transactions to trace the movement of funds. In this talk, we will explore the latest advances in crypto forensics and how to unveil the real-world entities behind cryptocurrency-related crimes. The goal is to equip the audience with the knowledge and skills needed to navigate the complex landscape of cryptocurrency investigations.","end_timestamp":{"seconds":1716852000,"nanoseconds":0},"updated_timestamp":{"seconds":1712621160,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54301],"name":"Artem Ponomarov","affiliations":[{"organization":"","title":"Cryptocurrency Security Expert"}],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/artem-ponomarov/"}],"pronouns":null,"id":53619,"media":[{"hash_sha256":"428ee2eadf0a80b3e0dfb173dd72faab1efdb4f1b55f2c80d94acff90734a8d5","filetype":"image/jpeg","hash_md5":"1bdeb7e3b547777264ae736c2291ee91","name":"ArtemPonomarov.jpeg","hash_crc32c":"fda9e9c7","filesize":37243,"asset_id":517,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FArtemPonomarov.jpeg?alt=media","person_id":53619}],"title":"Cryptocurrency Security Expert"}],"timeband_id":1161,"links":[],"end":"2024-05-27T23:20:00.000-0000","id":54301,"village_id":null,"begin_timestamp":{"seconds":1716850800,"nanoseconds":0},"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53619}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46205},"spans_timebands":"N","updated":"2024-04-09T00:06:00.000-0000","begin":"2024-05-27T23:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Blockchain technology can have a revolutionary effect on many important industries like finance and health. A security vulnerability in a smart contract can lead to a hack that would be more damaging than the biggest heists in history. We have proven DevSecOps methods in the classic software building industry that we can leverage to develop blockchain projects and improve smart contracts qualities and security. Moreover, there is a lack of consensus and guidance regarding leveraging DevSecOps in developing blockchain projects. This talk will list common smart contract vulnerabilities and how we can avoid them by building a secure CI/CD pipeline and following best security practices.\n\n\n","title":"Blockchain DevSecOps","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"android_description":"Blockchain technology can have a revolutionary effect on many important industries like finance and health. A security vulnerability in a smart contract can lead to a hack that would be more damaging than the biggest heists in history. We have proven DevSecOps methods in the classic software building industry that we can leverage to develop blockchain projects and improve smart contracts qualities and security. Moreover, there is a lack of consensus and guidance regarding leveraging DevSecOps in developing blockchain projects. This talk will list common smart contract vulnerabilities and how we can avoid them by building a secure CI/CD pipeline and following best security practices.","end_timestamp":{"seconds":1716850200,"nanoseconds":0},"updated_timestamp":{"seconds":1712622240,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54317],"name":"Iman Sharafaldin","affiliations":[],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/imansharaf/"}],"pronouns":null,"id":53594,"media":[{"hash_sha256":"16955a7745c6638442322bbb47e43eb58b6299790e16593fcdb3b62d77af11d3","filetype":"image/jpeg","hash_md5":"c60573e836c4cdd504609068e7762332","name":"ImanSharafaldin.jpg","hash_crc32c":"f148d541","asset_id":527,"filesize":77677,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FImanSharafaldin.jpg?alt=media","person_id":53594}]}],"timeband_id":1161,"links":[],"end":"2024-05-27T22:50:00.000-0000","id":54317,"village_id":null,"tag_ids":[46263],"begin_timestamp":{"seconds":1716849000,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53594}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"begin":"2024-05-27T22:30:00.000-0000","updated":"2024-04-09T00:24:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"As modern software development practices evolve, CI/CD pipelines have emerged as a potent, yet under-secured frontier. This has resulted in a shift in focus from attackers, who are exploiting the traditionally overlooked vulnerabilities in the development pipelines. In this presentation, we'll dive into the top CI/CD security risks as identified by OWASP. We'll look at how each attack can be performed, explore potential impacts, and the motives of bad actors. This talk will provide you with pragmatic strategies to strengthen your CI/CD security posture. Join us to transform your CI/CD pipeline from a potential vulnerability into a cornerstone of your security infrastructure.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"Beyond Code: Reinforcing CI/CD Pipelines Against Emerging Threats","end_timestamp":{"seconds":1716852000,"nanoseconds":0},"android_description":"As modern software development practices evolve, CI/CD pipelines have emerged as a potent, yet under-secured frontier. This has resulted in a shift in focus from attackers, who are exploiting the traditionally overlooked vulnerabilities in the development pipelines. In this presentation, we'll dive into the top CI/CD security risks as identified by OWASP. We'll look at how each attack can be performed, explore potential impacts, and the motives of bad actors. This talk will provide you with pragmatic strategies to strengthen your CI/CD security posture. Join us to transform your CI/CD pipeline from a potential vulnerability into a cornerstone of your security infrastructure.","updated_timestamp":{"seconds":1712621700,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54307],"name":"Farshad Abasi","affiliations":[],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/farshadabasi/"}],"id":53592,"media":[{"hash_sha256":"74583cfacf40b7b0b59858b58079c123804f21a09d4fad549b1e77c05ba67687","filetype":"image/jpeg","hash_md5":"9cc28c1adafdc46bc628b2621461e275","name":"FarshadAbasi.jpg","hash_crc32c":"410856ed","filesize":126839,"asset_id":524,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FFarshadAbasi.jpg?alt=media","person_id":53592}]}],"timeband_id":1161,"links":[],"end":"2024-05-27T23:20:00.000-0000","id":54307,"tag_ids":[46263],"village_id":null,"begin_timestamp":{"seconds":1716849000,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53592}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 3","hotel":"","short_name":"Track 3","id":46206},"spans_timebands":"N","begin":"2024-05-27T22:30:00.000-0000","updated":"2024-04-09T00:15:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"20,000 Leagues Under Accounting, your syndicate has established a foothold. What happens next is up to you. Come play Phishing Expedition, a choose your own adventure style phishing game, where participants take on the role of a fictional organized crime syndicate, attacking fictional organizations. Spend your collective cash wisely on the right infrastructure, payloads, and OSINT to gain access, compromise new hosts, and (hopefully) earn big profits from ill-gotten data. \n\n\n","title":"Phishing Expedition: a group-based, choose your own adventure style phishing game","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"android_description":"20,000 Leagues Under Accounting, your syndicate has established a foothold. What happens next is up to you. Come play Phishing Expedition, a choose your own adventure style phishing game, where participants take on the role of a fictional organized crime syndicate, attacking fictional organizations. Spend your collective cash wisely on the right infrastructure, payloads, and OSINT to gain access, compromise new hosts, and (hopefully) earn big profits from ill-gotten data.","end_timestamp":{"seconds":1716852000,"nanoseconds":0},"updated_timestamp":{"seconds":1712620620,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54295],"name":"A.J. Leece","affiliations":[{"organization":"Syntax Security Solutions","title":"Founder and Managing Director"}],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"http://www.linkedin.com/in/anthony-leece"},{"description":"","title":"Website","sort_order":0,"url":"https://www.security-selfawareness.com/"}],"pronouns":null,"media":[{"hash_sha256":"6ac92dadf638ea6556d2e28be1bfa3834a00c6fcf3e3b7011e7d271107a808d7","filetype":"image/png","hash_md5":"8b9263f6ad00248869710f8d1ab197d9","name":"AJLeece.png","hash_crc32c":"6c998405","filesize":1957841,"asset_id":510,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FAJLeece.png?alt=media","person_id":53585}],"id":53585,"title":"Founder and Managing Director at Syntax Security Solutions"}],"timeband_id":1161,"links":[],"end":"2024-05-27T23:20:00.000-0000","id":54295,"begin_timestamp":{"seconds":1716849000,"nanoseconds":0},"village_id":null,"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53585}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46204},"spans_timebands":"N","begin":"2024-05-27T22:30:00.000-0000","updated":"2024-04-08T23:57:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"This talk covers an introduction to catfishing, providing a real-life example. It outlines the Signs of a Catfish, focusing on Red Flags and Warning Signs. The role of OSINT is highlighted, showcasing techniques to unmask catfishers.\r\n\r\nIntroduction to Catfishing, Case example, Signs of a Catfish, Red Flags and Warning Signs , How can OSINT help?, OSINT techniques to unmask catfishers, Prevent Catfishing / Education \n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"Unveiling Deception - Catching a Catfish","end_timestamp":{"seconds":1716848400,"nanoseconds":0},"android_description":"This talk covers an introduction to catfishing, providing a real-life example. It outlines the Signs of a Catfish, focusing on Red Flags and Warning Signs. The role of OSINT is highlighted, showcasing techniques to unmask catfishers.\r\n\r\nIntroduction to Catfishing, Case example, Signs of a Catfish, Red Flags and Warning Signs , How can OSINT help?, OSINT techniques to unmask catfishers, Prevent Catfishing / Education","updated_timestamp":{"seconds":1712622180,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54316,54329],"name":"Ritu Gill","affiliations":[{"organization":"","title":"Intelligence Analyst"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ritugill-osinttechniques/"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/OSINTtechniques"},{"description":"","title":"Website","sort_order":0,"url":"https://www.osinttechniques.com/"},{"description":"","title":"Website (2)","sort_order":0,"url":"https://www.forensicosint.com/"}],"media":[{"hash_sha256":"e79fdeed84a6a69df3a01b1fb3ccd5824491c23cd530e0ffcb9574897c073cb2","filetype":"image/jpeg","hash_md5":"7cecce00d074bc221de8c4e5ad4a94f8","name":"RituGill.jpg","hash_crc32c":"827ef50a","filesize":36727,"asset_id":545,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FRituGill.jpg?alt=media","person_id":53608}],"id":53608,"title":"Intelligence Analyst"}],"timeband_id":1161,"links":[],"end":"2024-05-27T22:20:00.000-0000","id":54316,"tag_ids":[46263],"begin_timestamp":{"seconds":1716847200,"nanoseconds":0},"village_id":null,"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53608}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"spans_timebands":"N","updated":"2024-04-09T00:23:00.000-0000","begin":"2024-05-27T22:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"On the clearweb, hundreds of sites operate in the open which have been used to fuel the spread of Fentanyl and it’s precursors. These operators have stepped out of the shadows of the darkweb to increase the accessibility to their highly addictive drugs.\r\n\r\nSit down for this talk and discover how to identify a seller, track them down across the web, and find the links back to shell corporations based out of the United States. I will demonstrate all of this using real world examples; by following this guide you too will be able to use these OSINT tactics to take down a drug network.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"A How To Guide: Hunting Clearweb Fentanyl Distributors","android_description":"On the clearweb, hundreds of sites operate in the open which have been used to fuel the spread of Fentanyl and it’s precursors. These operators have stepped out of the shadows of the darkweb to increase the accessibility to their highly addictive drugs.\r\n\r\nSit down for this talk and discover how to identify a seller, track them down across the web, and find the links back to shell corporations based out of the United States. I will demonstrate all of this using real world examples; by following this guide you too will be able to use these OSINT tactics to take down a drug network.","end_timestamp":{"seconds":1716846600,"nanoseconds":0},"updated_timestamp":{"seconds":1712622120,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54315],"name":"Julian B","affiliations":[],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/julianb34/"}],"media":[{"hash_sha256":"962d5e3483bb21d8210e76ea17644de5824a4193c5676f86f6e9558346f8a7dc","filetype":"image/png","hash_md5":"cdcd18c6fee309d38662525a38e646e6","name":"JulianB.png","hash_crc32c":"7618146e","asset_id":533,"filesize":845071,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FJulianB.png?alt=media","person_id":53598}],"id":53598}],"timeband_id":1161,"links":[],"end":"2024-05-27T21:50:00.000-0000","id":54315,"village_id":null,"tag_ids":[46263],"begin_timestamp":{"seconds":1716845400,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53598}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"spans_timebands":"N","updated":"2024-04-09T00:22:00.000-0000","begin":"2024-05-27T21:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"As a security community and hackers, our major focus is usually on vulnerabilities affecting operating systems and software running on devices. Not so often do we put a light on protocols we have been using for years or practices we have been following. Then eventually, one day, we may realize that some expensive security solutions we trust for our security may extensively rely on some simple assumptions at core. In this presentation, starting with a real-life incident example, Ali will shed light on how common IDS/IPS detection engines rely on the fact that, malicious or not, all networking applications would follow the same logic flow at the socket programming level. Then, by thinking outside of the box, Ali will demonstrate how, by making a small change in the application, malicious traffic can avoid being detected by IDS/IPS engines and therefore bypass Next Generation Firewall’s Layer 7 Application Policy rules. A PoC tool written by Ali will be used to demonstrate a successful reverse shell connection and file exfiltration being performed over some well-known NGFWs despite their Layer 7 application block policies in effect. Following the demo, there will be some suggestions for defenders on how to detect such suspicious traffic as well as how to remediate this issue. The PoC tool will be published following the presentation.\n\n\n","title":"Bypassing Next Generation Firewalls’ Layer 7 Application Policy","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"android_description":"As a security community and hackers, our major focus is usually on vulnerabilities affecting operating systems and software running on devices. Not so often do we put a light on protocols we have been using for years or practices we have been following. Then eventually, one day, we may realize that some expensive security solutions we trust for our security may extensively rely on some simple assumptions at core. In this presentation, starting with a real-life incident example, Ali will shed light on how common IDS/IPS detection engines rely on the fact that, malicious or not, all networking applications would follow the same logic flow at the socket programming level. Then, by thinking outside of the box, Ali will demonstrate how, by making a small change in the application, malicious traffic can avoid being detected by IDS/IPS engines and therefore bypass Next Generation Firewall’s Layer 7 Application Policy rules. A PoC tool written by Ali will be used to demonstrate a successful reverse shell connection and file exfiltration being performed over some well-known NGFWs despite their Layer 7 application block policies in effect. Following the demo, there will be some suggestions for defenders on how to detect such suspicious traffic as well as how to remediate this issue. The PoC tool will be published following the presentation.","end_timestamp":{"seconds":1716848400,"nanoseconds":0},"updated_timestamp":{"seconds":1712621640,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54306],"name":"Ali Efe","affiliations":[{"organization":"IBM X-Force Red","title":"Penetration Tester"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ali-efe-63821339/"}],"media":[{"hash_sha256":"af596739f370dd1128b7d782d11549cbe8a58380db12e59ebdf9cfd785d92044","filetype":"image/jpeg","hash_md5":"bfd54b7dfb118a9ac3e27a0c7b2b56a1","name":"AliEfe.jpg","hash_crc32c":"a346d00e","asset_id":512,"filesize":49639,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FAliEfe.jpg?alt=media","person_id":53587}],"id":53587,"title":"Penetration Tester at IBM X-Force Red"}],"timeband_id":1161,"links":[],"end":"2024-05-27T22:20:00.000-0000","id":54306,"tag_ids":[46263],"begin_timestamp":{"seconds":1716845400,"nanoseconds":0},"village_id":null,"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53587}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 3","hotel":"","short_name":"Track 3","id":46206},"updated":"2024-04-09T00:14:00.000-0000","begin":"2024-05-27T21:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Transformers architecture powers most of the recent developments in AI space, especially the recent wave of LLMs. However, the transformers architecture is quite complex and not very well understood. I want to take a deep dive into the architecture and explain how it works. From security point of view, if more security practitioners understand the architecture better, it will help in finding security loopholes.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"Deep dive into Transformers architecture","android_description":"Transformers architecture powers most of the recent developments in AI space, especially the recent wave of LLMs. However, the transformers architecture is quite complex and not very well understood. I want to take a deep dive into the architecture and explain how it works. From security point of view, if more security practitioners understand the architecture better, it will help in finding security loopholes.","end_timestamp":{"seconds":1716848400,"nanoseconds":0},"updated_timestamp":{"seconds":1712621040,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54300],"name":"Japneet Singh","affiliations":[{"organization":"Lacework","title":"Software Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/japneetsingh/"}],"media":[{"hash_sha256":"8afb252f710fb4111bba51fa9a2673cc4ece1f0fa0ba97a4df47340f66ce25db","filetype":"image/jpeg","hash_md5":"925f41254c0395ff7e285295a6886702","name":"JapneetSingh.jpg","hash_crc32c":"511551c1","asset_id":528,"filesize":81156,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FJapneetSingh.jpg?alt=media","person_id":53618}],"id":53618,"title":"Software Engineer at Lacework"}],"timeband_id":1161,"links":[],"end":"2024-05-27T22:20:00.000-0000","id":54300,"village_id":null,"begin_timestamp":{"seconds":1716845400,"nanoseconds":0},"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53618}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46205},"spans_timebands":"N","updated":"2024-04-09T00:04:00.000-0000","begin":"2024-05-27T21:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Previously, we discovered a bug that could bypass the PIN2Drive feature for Tesla vehicles. We were rewarded by Tesla and entered the Tesla Hall of Fame. Additionally, we disclosed a creative bug named Rolling-Pwn, which affects Honda vehicles globally. Vehicle bug bounty hunting is the new trend. In this talk, I will provide advice on vehicle bug bounty hunting and present the successes and failures of our vehicle bug hunting stories over the past few years.\n\n\n","title":"Behind the Dashboard: Tales of a Car Bug Bounty Hunter","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"end_timestamp":{"seconds":1716848400,"nanoseconds":0},"android_description":"Previously, we discovered a bug that could bypass the PIN2Drive feature for Tesla vehicles. We were rewarded by Tesla and entered the Tesla Hall of Fame. Additionally, we disclosed a creative bug named Rolling-Pwn, which affects Honda vehicles globally. Vehicle bug bounty hunting is the new trend. In this talk, I will provide advice on vehicle bug bounty hunting and present the successes and failures of our vehicle bug hunting stories over the past few years.","updated_timestamp":{"seconds":1712620560,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54294],"name":"Kevin Chen","affiliations":[],"pronouns":null,"links":[{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/kevin2600"}],"media":[{"hash_sha256":"2d1f7c55f05a30d49681a09f7569f494edc78b3bbd91a5f62658f85e8d0cc888","filetype":"image/png","hash_md5":"362248645906a02d36a9fbf64293fe3c","name":"KevinChen.png","hash_crc32c":"0060e073","asset_id":535,"filesize":341604,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FKevinChen.png?alt=media","person_id":53599}],"id":53599}],"timeband_id":1161,"links":[],"end":"2024-05-27T22:20:00.000-0000","id":54294,"village_id":null,"tag_ids":[46263],"begin_timestamp":{"seconds":1716845400,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53599}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46204},"spans_timebands":"N","updated":"2024-04-08T23:56:00.000-0000","begin":"2024-05-27T21:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Often when folks think of security research, they think of things like reverse engineering, tracking threat actors, or pentesting. While these are all valid, there’s one side of security research that is often forgotten or misunderstood – Internet Measurement, or evidence-based science. In order to improve the world, we need to quantify it first, and that’s where Internet Measurement comes into play.\r\n\r\nIn this talk, I’ll use my 8 years of hands-on experience to dive deep into the world of Internet Measurement and show attendees why we should care MORE about Internet Measurement as a security research tool. To start, I’ll discuss the details of three very different measurement projects: evaluating attacker behavior in a niche market, quantifying Internet Scanning completeness, and improving vulnerability notifications. In discussing these projects, I’ll clarify the questions we were trying to answer, how we thought about our measurements, and the impact the outcomes had. Most importantly, I’ll hypothesize what we would have missed had the work NOT happened. \r\n\r\nBy discussing these three disparate projects, I hope attendees will walk away understanding what Internet Measurement is, why it’s so useful in the world of security, and how security practitioners can apply these lessons to their own environments. We don’t know what we don’t know and the unknown can seem daunting. Internet Measurement is a way for us to step into (and through) that unknown.\n\n\n","title":"What we Mean When We Say Internet Measurement, and why it Matters so much for Security","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"android_description":"Often when folks think of security research, they think of things like reverse engineering, tracking threat actors, or pentesting. While these are all valid, there’s one side of security research that is often forgotten or misunderstood – Internet Measurement, or evidence-based science. In order to improve the world, we need to quantify it first, and that’s where Internet Measurement comes into play.\r\n\r\nIn this talk, I’ll use my 8 years of hands-on experience to dive deep into the world of Internet Measurement and show attendees why we should care MORE about Internet Measurement as a security research tool. To start, I’ll discuss the details of three very different measurement projects: evaluating attacker behavior in a niche market, quantifying Internet Scanning completeness, and improving vulnerability notifications. In discussing these projects, I’ll clarify the questions we were trying to answer, how we thought about our measurements, and the impact the outcomes had. Most importantly, I’ll hypothesize what we would have missed had the work NOT happened. \r\n\r\nBy discussing these three disparate projects, I hope attendees will walk away understanding what Internet Measurement is, why it’s so useful in the world of security, and how security practitioners can apply these lessons to their own environments. We don’t know what we don’t know and the unknown can seem daunting. Internet Measurement is a way for us to step into (and through) that unknown.","end_timestamp":{"seconds":1716844800,"nanoseconds":0},"updated_timestamp":{"seconds":1712622120,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54314],"name":"Ariana Mirian","affiliations":[{"organization":"Censys","title":"Senior Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/arianamirian/"},{"description":"","title":"Mastodon (infosec.exchange)","sort_order":0,"url":"https://infosec.exchange/@amirian"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/arimirian"},{"description":"","title":"Website","sort_order":0,"url":"http://arianamirian.com/"}],"media":[{"hash_sha256":"f48cd226c6756003059e5a442382035099f34f2b19a34f043717167e9afc79d4","filetype":"image/jpeg","hash_md5":"9e24d89d9d29cfe8c36d9c1abd50538b","name":"ArianaMirian.jpg","hash_crc32c":"98b52647","asset_id":516,"filesize":37401,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FArianaMirian.jpg?alt=media","person_id":53590}],"id":53590,"title":"Senior Security Researcher at Censys"}],"timeband_id":1161,"links":[],"end":"2024-05-27T21:20:00.000-0000","id":54314,"begin_timestamp":{"seconds":1716843600,"nanoseconds":0},"village_id":null,"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53590}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"spans_timebands":"N","updated":"2024-04-09T00:22:00.000-0000","begin":"2024-05-27T21:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"You are the proverbial bad guy, and need to exfiltrate data out of a company. What are the various techniques you can employ to fly under the radar of all software modules designed to prevent you from doing that? If you are a blue teamer and need to guard your defenses against exfiltration, what are the various techniques you can employ to prevent this?\n\n\n","title":"Techniques to exfiltrate data","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"android_description":"You are the proverbial bad guy, and need to exfiltrate data out of a company. What are the various techniques you can employ to fly under the radar of all software modules designed to prevent you from doing that? If you are a blue teamer and need to guard your defenses against exfiltration, what are the various techniques you can employ to prevent this?","end_timestamp":{"seconds":1716843000,"nanoseconds":0},"updated_timestamp":{"seconds":1712622000,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54313],"name":"Sundar Krishnamurthy","affiliations":[],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/sundar-krishnamurthy-cissp-b32b761/"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/sundarnut"}],"pronouns":null,"media":[{"hash_sha256":"0bf278a0e5bf789d445e90593cefa51801bc62ee713d34e0faa3e816b0282729","filetype":"image/jpeg","hash_md5":"62af8c8428d779abaa738e6938239932","name":"SundarKrishnamurthy.jpg","hash_crc32c":"1c53f9d0","filesize":79689,"asset_id":549,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FSundarKrishnamurthy.jpg?alt=media","person_id":53612}],"id":53612}],"timeband_id":1161,"links":[],"end":"2024-05-27T20:50:00.000-0000","id":54313,"village_id":null,"tag_ids":[46263],"begin_timestamp":{"seconds":1716841800,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53612}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"spans_timebands":"N","updated":"2024-04-09T00:20:00.000-0000","begin":"2024-05-27T20:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Alex and Brad's fascination with drones further catalyzed this integration, giving birth to \"The Raccoon Squad\". This initiative features two groundbreaking devices: the 'Flying Raccoon', representing airborne reconnaissance and intrusion, and the 'Sneaky Raccoon', epitomizing ground-level stealth operations. Through this exploration, we gain insights into the future of integrated security solutions that seamlessly blend digital prowess with tangible, real-world applications.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"Guardians of Cybersecurity: Deploying IoT devices via Drones and Dropboxes","end_timestamp":{"seconds":1716844800,"nanoseconds":0},"android_description":"Alex and Brad's fascination with drones further catalyzed this integration, giving birth to \"The Raccoon Squad\". This initiative features two groundbreaking devices: the 'Flying Raccoon', representing airborne reconnaissance and intrusion, and the 'Sneaky Raccoon', epitomizing ground-level stealth operations. Through this exploration, we gain insights into the future of integrated security solutions that seamlessly blend digital prowess with tangible, real-world applications.","updated_timestamp":{"seconds":1712621580,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54305],"name":"Alex Thines","affiliations":[],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/alexander-thines-34256315b/"}],"pronouns":null,"media":[{"hash_sha256":"d95a8fd5829f620863da58428f599d4cf683e84e3f244ede70e196998c9694b8","filetype":"image/jpeg","hash_md5":"0163cebd2b775aa4ae8889627a204b4c","name":"AlexThines.jpg","hash_crc32c":"d95526b5","asset_id":511,"filesize":95583,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FAlexThines.jpg?alt=media","person_id":53586}],"id":53586},{"conference_id":139,"event_ids":[54305],"name":"Brad \"Sno0ose\" Ammerman","affiliations":[],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/bradammerman/"}],"media":[{"hash_sha256":"e6e63b107319e207df98e838c2f280365a8dcf4c9071842a491bb62740c21000","filetype":"image/png","hash_md5":"16bcfbb9448fc46e2cd83788912ea4e0","name":"BradAmmerman.png","hash_crc32c":"f3338efd","asset_id":519,"filesize":44781,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FBradAmmerman.png?alt=media","person_id":53621}],"id":53621}],"timeband_id":1161,"links":[],"end":"2024-05-27T21:20:00.000-0000","id":54305,"village_id":null,"tag_ids":[46263],"begin_timestamp":{"seconds":1716841800,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53586},{"tag_id":46264,"sort_order":1,"person_id":53621}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 3","hotel":"","short_name":"Track 3","id":46206},"spans_timebands":"N","begin":"2024-05-27T20:30:00.000-0000","updated":"2024-04-09T00:13:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"As businesses increasingly rely on AI for innovation and efficiency, cyber threats leveraging AI capabilities have become more sophisticated and pervasive than ever before. In this talk, Michael Argast, Co-founder and CEO of Kobalt.io, will delve into the dynamic realm of Cybersecurity Attack and Defense amidst the Rise of AI, and will go through common and popular attack trends and compromises. Ideal for staff, IT, and technical teams, this session aims to empower you with essential knowledge and practical strategies to safeguard your digital assets effectively.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"Cybersecurity Attack and Defense with the Rise of AI","android_description":"As businesses increasingly rely on AI for innovation and efficiency, cyber threats leveraging AI capabilities have become more sophisticated and pervasive than ever before. In this talk, Michael Argast, Co-founder and CEO of Kobalt.io, will delve into the dynamic realm of Cybersecurity Attack and Defense amidst the Rise of AI, and will go through common and popular attack trends and compromises. Ideal for staff, IT, and technical teams, this session aims to empower you with essential knowledge and practical strategies to safeguard your digital assets effectively.","end_timestamp":{"seconds":1716844800,"nanoseconds":0},"updated_timestamp":{"seconds":1712620980,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54299],"name":"Michael Argast","affiliations":[{"organization":"Kobalt.io","title":"Co-founder and CEO"}],"links":[{"description":"","title":"Facebook","sort_order":0,"url":"https://web.facebook.com/kobaltcyber/"},{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/company/kobaltio"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/kobaltio"},{"description":"","title":"YouTube","sort_order":0,"url":"https://www.youtube.com/@kobalt.io.cybersecurity"}],"pronouns":null,"id":53603,"media":[{"hash_sha256":"82191e066a3aabd821055efcdb2e2a6835fc28cc6a0c525d9f7236bc8e5334b5","filetype":"image/png","hash_md5":"d72ebc412c23d7e13f6e5c1a02a4f224","name":"MichaelArgast.png","hash_crc32c":"d2bb463f","filesize":663881,"asset_id":540,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FMichaelArgast.png?alt=media","person_id":53603}],"title":"Co-founder and CEO at Kobalt.io"}],"timeband_id":1161,"links":[],"end":"2024-05-27T21:20:00.000-0000","id":54299,"village_id":null,"tag_ids":[46263],"begin_timestamp":{"seconds":1716841800,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53603}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46205},"spans_timebands":"N","begin":"2024-05-27T20:30:00.000-0000","updated":"2024-04-09T00:03:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"The macOS sandbox is a powerful tool for application security, and hardens macOS office to a point where they're not wildly used as an entry vector. Or are they? In this talk we will dive into sandbox escape mechanisms on macOS, as well as present a few technique for potential generic sandbox escapes.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"The sand castle - the state of the macOS sandbox through the lense of Office macros","android_description":"The macOS sandbox is a powerful tool for application security, and hardens macOS office to a point where they're not wildly used as an entry vector. Or are they? In this talk we will dive into sandbox escape mechanisms on macOS, as well as present a few technique for potential generic sandbox escapes.","end_timestamp":{"seconds":1716844800,"nanoseconds":0},"updated_timestamp":{"seconds":1712620560,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54293],"name":"Jonathan Bar Or","affiliations":[],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/jonathan-bar-or-89876474"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/yo_yo_yo_jbo"}],"pronouns":null,"id":53596,"media":[{"hash_sha256":"eee4082d6c588a3d7636efefb56b460a54f6ff9a3dc71570de7752079fe82ded","filetype":"image/jpeg","hash_md5":"2db3dfc020242055d9f1bf4b4881e37e","name":"JonathanBarOr.jpg","hash_crc32c":"d24aadbf","asset_id":531,"filesize":48011,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FJonathanBarOr.jpg?alt=media","person_id":53596}]}],"timeband_id":1161,"links":[],"end":"2024-05-27T21:20:00.000-0000","id":54293,"village_id":null,"begin_timestamp":{"seconds":1716841800,"nanoseconds":0},"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53596}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46204},"spans_timebands":"N","updated":"2024-04-08T23:56:00.000-0000","begin":"2024-05-27T20:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#420d40","updated_at":"2024-04-09T04:42+0000","name":"Misc","id":46275},"title":"Lunch","android_description":"","end_timestamp":{"seconds":1716841200,"nanoseconds":0},"updated_timestamp":{"seconds":1712618460,"nanoseconds":0},"speakers":[],"timeband_id":1161,"links":[],"end":"2024-05-27T20:20:00.000-0000","id":54288,"tag_ids":[46275],"village_id":null,"begin_timestamp":{"seconds":1716838200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46209},"spans_timebands":"N","begin":"2024-05-27T19:30:00.000-0000","updated":"2024-04-08T23:21:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"There are numerous families of malware out there, each with its own unique features. Some can steal sensitive data and exfiltrate it using specific protocols, some can introduce additional malware into the system, some can encrypt or destroy files, and many more. Despite their differences, these various malware families can collaborate in a symphonic manner to deliver a powerful infection. I've started referring to this as a “malware symphony” to describe how different types of malware contribute to the symphony of infections, much like instruments in an orchestra. One such example is CrackedCantil, which I named after Cracked Software and the Cantil Viper. In this particular malware campaign that originated from Cracked Software, at least nine different malware types were involved, including PrivateLoader, Smoke, Lumma, RedLine, RisePro, Amadey, Stealc, Socks5Systemz, and STOP. Here, the Loaders (PrivateLoader, Smoke) introduced several notorious malware into the system. The Infostealers (Lumma, RedLine, RisePro, Amadey, Stealc) exfilterated various sensitive information before the ransomware encrypted the files. The Proxy Bot malware (Socks5Systemz) transformed the system into a proxy bot, and the Ransomware (STOP) encrypted the files, demanding a ransom for their recovery. The full analysis can be found here: https://any.run/cybersecurity-blog/crackedcantil-breakdown/ This talk will delve into the malware symphonies, exploring how they are orchestrated to wreak havoc on systems.\n\n\n","title":"Decomposing a Malware Symphony: When Malware Work Together to Deliver a Powerful Infection","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"end_timestamp":{"seconds":1716838200,"nanoseconds":0},"android_description":"There are numerous families of malware out there, each with its own unique features. Some can steal sensitive data and exfiltrate it using specific protocols, some can introduce additional malware into the system, some can encrypt or destroy files, and many more. Despite their differences, these various malware families can collaborate in a symphonic manner to deliver a powerful infection. I've started referring to this as a “malware symphony” to describe how different types of malware contribute to the symphony of infections, much like instruments in an orchestra. One such example is CrackedCantil, which I named after Cracked Software and the Cantil Viper. In this particular malware campaign that originated from Cracked Software, at least nine different malware types were involved, including PrivateLoader, Smoke, Lumma, RedLine, RisePro, Amadey, Stealc, Socks5Systemz, and STOP. Here, the Loaders (PrivateLoader, Smoke) introduced several notorious malware into the system. The Infostealers (Lumma, RedLine, RisePro, Amadey, Stealc) exfilterated various sensitive information before the ransomware encrypted the files. The Proxy Bot malware (Socks5Systemz) transformed the system into a proxy bot, and the Ransomware (STOP) encrypted the files, demanding a ransom for their recovery. The full analysis can be found here: https://any.run/cybersecurity-blog/crackedcantil-breakdown/ This talk will delve into the malware symphonies, exploring how they are orchestrated to wreak havoc on systems.","updated_timestamp":{"seconds":1712622000,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54312],"name":"Lena Yu","affiliations":[],"links":[{"description":"","title":"","sort_order":0,"url":"http://linkedin.com/in/lenaaaa"},{"description":"","title":"Website","sort_order":0,"url":"http://lambdamamba.com/"}],"pronouns":null,"id":53600,"media":[{"hash_sha256":"7411c082116338a072ed01314605c7609317f967ccbdfb502126527653b850fd","filetype":"image/png","hash_md5":"19766cc1d195d6bc458606f165a639a3","name":"LenaYu.png","hash_crc32c":"c2d74954","asset_id":537,"filesize":2886653,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FLenaYu.png?alt=media","person_id":53600}]}],"timeband_id":1161,"links":[],"end":"2024-05-27T19:30:00.000-0000","id":54312,"tag_ids":[46263],"begin_timestamp":{"seconds":1716837000,"nanoseconds":0},"village_id":null,"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53600}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"spans_timebands":"N","begin":"2024-05-27T19:10:00.000-0000","updated":"2024-04-09T00:20:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"All conference talks we hear about vulnerability hunting and exploitations are so cool -- so much so that it appears as if you would never get there unless you have been hacking since 14 years old. Will you not ever find cool bugs if you do not like setting up fuzzers or grinding with disassemblers? You are mistaken. In this talk, I will introduce the mindset that will slowly but organically yield the discovery of vulnerabilities without daunting learning curves or too many emotional rollercoasters often associated with “vulnerability research.” That is, let us do “security research” instead. As a case, I will discuss how I found vulnerabilities in the Windows Hypervisor. Throughout it, we will review the hardware-assisted virtualization technology the hypervisor relies on and Windows’ unique security boundary that is less scrutinized. Finally, the talk gives a few ideas to extend this work for more bug discoveries. You should attend this talk if you want to start bug hunting casually and naturally. You may not find bugs immediately, but bugs may find you soon.\n\n\n","title":"Do not find bugs; bugs find you","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"end_timestamp":{"seconds":1716836400,"nanoseconds":0},"android_description":"All conference talks we hear about vulnerability hunting and exploitations are so cool -- so much so that it appears as if you would never get there unless you have been hacking since 14 years old. Will you not ever find cool bugs if you do not like setting up fuzzers or grinding with disassemblers? You are mistaken. In this talk, I will introduce the mindset that will slowly but organically yield the discovery of vulnerabilities without daunting learning curves or too many emotional rollercoasters often associated with “vulnerability research.” That is, let us do “security research” instead. As a case, I will discuss how I found vulnerabilities in the Windows Hypervisor. Throughout it, we will review the hardware-assisted virtualization technology the hypervisor relies on and Windows’ unique security boundary that is less scrutinized. Finally, the talk gives a few ideas to extend this work for more bug discoveries. You should attend this talk if you want to start bug hunting casually and naturally. You may not find bugs immediately, but bugs may find you soon.","updated_timestamp":{"seconds":1712621940,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54311],"name":"Satoshi Tanda","affiliations":[],"links":[{"description":"","title":"","sort_order":0,"url":"http://www.linkedin.com/in/satoshitanda/"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/standa_t"}],"pronouns":null,"media":[{"hash_sha256":"6b5a69eca4a1659b6cefd3b2bc80c5a86f4cfd654f9423e4cbf3bb64951bafcf","filetype":"image/jpeg","hash_md5":"8af4530dc3d513e1a325ba740f163266","name":"SatoshiTanda.jpg","hash_crc32c":"d9930134","filesize":15865,"asset_id":546,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FSatoshiTanda.jpg?alt=media","person_id":53609}],"id":53609}],"timeband_id":1161,"links":[],"end":"2024-05-27T19:00:00.000-0000","id":54311,"begin_timestamp":{"seconds":1716835200,"nanoseconds":0},"village_id":null,"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53609}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"begin":"2024-05-27T18:40:00.000-0000","updated":"2024-04-09T00:19:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"A Machine Learning Approach to Threat Hunting in Endpoint and Network Logs The talk will introduce Jupyter Notebooks for large-scale threat hunting. Rather than looking at vast data in a traditional tabular format, we will explore the effectiveness of visualizations, emphasizing graphs, to identify and investigate outliers. The primary area of focus would be Anomaly Detection applied to substantial volume of data to generate Alerts for SOC based on Windows Sysmon Endpoint Logs and Zeek/Suricata Logs.\r\n\r\nIn this talk, we will identify the anomalies in an environment without ingesting the data into a SIEM or an intelligent application, simply by using a Jupyter Notebook The potential of extracting patterns and deriving meaningful insights from data is vast. And hence, Introducing a detection engineering strategy using Machine Learning and Visualizations to Hunt for Threats in Endpoint and Network Logs. Furthermore, the same strategy could be extended to Hunt for threats in Cloud Environments such as AWS and Azure. The capability of detecting Outliers in an environment within few minutes and converting those into highly effective Alerts with minimal True Positives will be explored in this presentation.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"Give me the damn Model for Threat Hunting","android_description":"A Machine Learning Approach to Threat Hunting in Endpoint and Network Logs The talk will introduce Jupyter Notebooks for large-scale threat hunting. Rather than looking at vast data in a traditional tabular format, we will explore the effectiveness of visualizations, emphasizing graphs, to identify and investigate outliers. The primary area of focus would be Anomaly Detection applied to substantial volume of data to generate Alerts for SOC based on Windows Sysmon Endpoint Logs and Zeek/Suricata Logs.\r\n\r\nIn this talk, we will identify the anomalies in an environment without ingesting the data into a SIEM or an intelligent application, simply by using a Jupyter Notebook The potential of extracting patterns and deriving meaningful insights from data is vast. And hence, Introducing a detection engineering strategy using Machine Learning and Visualizations to Hunt for Threats in Endpoint and Network Logs. Furthermore, the same strategy could be extended to Hunt for threats in Cloud Environments such as AWS and Azure. The capability of detecting Outliers in an environment within few minutes and converting those into highly effective Alerts with minimal True Positives will be explored in this presentation.","end_timestamp":{"seconds":1716838200,"nanoseconds":0},"updated_timestamp":{"seconds":1712621580,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54304],"name":"Kai Iyer","affiliations":[{"organization":"EY's Cyber Threat Management","title":"Senior Security Engineer"}],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/anoop-krishnan47"}],"pronouns":null,"media":[{"hash_sha256":"b604e275b36c9840499dee52ffda9068d1c1600921146fa9136bff372ca608e0","filetype":"image/jpeg","hash_md5":"823e499661faa78f89aeb59ee0156b1f","name":"KaiIyer.jpg","hash_crc32c":"b267462d","asset_id":534,"filesize":126167,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FKaiIyer.jpg?alt=media","person_id":53620}],"id":53620,"title":"Senior Security Engineer at EY's Cyber Threat Management"}],"timeband_id":1161,"links":[],"end":"2024-05-27T19:30:00.000-0000","id":54304,"begin_timestamp":{"seconds":1716835200,"nanoseconds":0},"village_id":null,"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53620}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 3","hotel":"","short_name":"Track 3","id":46206},"begin":"2024-05-27T18:40:00.000-0000","updated":"2024-04-09T00:13:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Your metrics are boring and dangerous. Recycled slides with meaningless counts of alerts, incidents, true and false positives… SNOOZE. Even worse, it’s motivating your team to distort the truth and subvert progress. This talk is your wake-up call to rethink your detection and response metrics.\r\n\r\nMetrics tell a story. But before we can describe the effectiveness of our capabilities, our audience first needs to grasp what modern detection and response is and its value. So, how do we tell that story, especially to leadership with a limited amount of time?\r\n\r\nMeasurements help us get results. But if you’re advocating for faster response times, you might be encouraging your team to make hasty decisions that lead to increased risk. So, how do we find a set of measurements, both qualitative and quantitative, that incentivizes progress and serves as a north star to modern detection and response?\r\n\r\nMetrics help shape decisions. But legacy methods of evaluating and reporting are preventing you from getting the support and funding you need to succeed. At the end of this talk, you’ll walk away with a practical framework for developing your own metrics, a new maturity model for measuring detection and response capabilities, data gathering techniques that tell a convincing story using micro-purple testing, and lots of visual examples of metrics that won’t put your audience to sleep.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"The Fault in Our Metrics: Rethinking How We Measure Detection & Response","android_description":"Your metrics are boring and dangerous. Recycled slides with meaningless counts of alerts, incidents, true and false positives… SNOOZE. Even worse, it’s motivating your team to distort the truth and subvert progress. This talk is your wake-up call to rethink your detection and response metrics.\r\n\r\nMetrics tell a story. But before we can describe the effectiveness of our capabilities, our audience first needs to grasp what modern detection and response is and its value. So, how do we tell that story, especially to leadership with a limited amount of time?\r\n\r\nMeasurements help us get results. But if you’re advocating for faster response times, you might be encouraging your team to make hasty decisions that lead to increased risk. So, how do we find a set of measurements, both qualitative and quantitative, that incentivizes progress and serves as a north star to modern detection and response?\r\n\r\nMetrics help shape decisions. But legacy methods of evaluating and reporting are preventing you from getting the support and funding you need to succeed. At the end of this talk, you’ll walk away with a practical framework for developing your own metrics, a new maturity model for measuring detection and response capabilities, data gathering techniques that tell a convincing story using micro-purple testing, and lots of visual examples of metrics that won’t put your audience to sleep.","end_timestamp":{"seconds":1716838200,"nanoseconds":0},"updated_timestamp":{"seconds":1712620920,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54298],"name":"Allyn Stott","affiliations":[{"organization":"AirBNB","title":"Senior Staff Engineer"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/whyallyn/"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/whyallyn"}],"id":53588,"media":[{"hash_sha256":"1f62b1663d33b86da30adf1de5fc58091c3eaba10dd97c6c50142df15dfac2b8","filetype":"image/png","hash_md5":"e57f78dcb82d2c70353c792accaf11b7","name":"AllynStott.png","hash_crc32c":"769de7a2","filesize":102307,"asset_id":513,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FAllynStott.png?alt=media","person_id":53588}],"title":"Senior Staff Engineer at AirBNB"}],"timeband_id":1161,"links":[],"end":"2024-05-27T19:30:00.000-0000","id":54298,"begin_timestamp":{"seconds":1716835200,"nanoseconds":0},"village_id":null,"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53588}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46205},"updated":"2024-04-09T00:02:00.000-0000","begin":"2024-05-27T18:40:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"In the realm of writing secure Python code, it's not only about functionality and performance; it's equally vital to shield your application and users from potential threats and vulnerabilities. Given Python's immense popularity, it becomes even more essential that we acquire the skills to build secure, dependable, and robust applications. Join me in this talk as we embark on a shared journey to master the art of secure Python coding. Together, let's empower ourselves to create a safer digital world.\n\n\n","title":"Top Tips for Python Security","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"android_description":"In the realm of writing secure Python code, it's not only about functionality and performance; it's equally vital to shield your application and users from potential threats and vulnerabilities. Given Python's immense popularity, it becomes even more essential that we acquire the skills to build secure, dependable, and robust applications. Join me in this talk as we embark on a shared journey to master the art of secure Python coding. Together, let's empower ourselves to create a safer digital world.","end_timestamp":{"seconds":1716838200,"nanoseconds":0},"updated_timestamp":{"seconds":1712620140,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54292],"name":"Tanya Janca","affiliations":[],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/tanya-janca"}],"pronouns":null,"media":[{"hash_sha256":"ac9033eae00890acc387652d960cdb16ad35ece53a71f04fa8e9b9371b0e5998","filetype":"image/jpeg","hash_md5":"cc8c2f592f089312ac8cc1e58aaa363c","name":"TanyaJanca.jpg","hash_crc32c":"e39eeea5","asset_id":550,"filesize":275264,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FTanyaJanca.jpg?alt=media","person_id":53613}],"id":53613}],"timeband_id":1161,"links":[],"end":"2024-05-27T19:30:00.000-0000","id":54292,"begin_timestamp":{"seconds":1716835200,"nanoseconds":0},"village_id":null,"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53613}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46204},"spans_timebands":"N","begin":"2024-05-27T18:40:00.000-0000","updated":"2024-04-08T23:49:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"The only thing that’s clear about prioritizing vulnerabilities is that we have not figured it out as an industry. We’ve got CVSS, EPSS, CISA KEV, and more scoring systems to work with – these have not solved our challenges. This talk looks at the updates in CVSS4 that offer a new path forward. What has changed, why, and how can we utilize the updated system to work smarter at prioritizing vulnerabilities within our organizations? This new approach provides opportunities to customize the scoring more to the actual environments we work in, influencing the final score for a vulnerability. Supplemental metrics provide further context that does not impact the scoring. We’ll start with an overview of the current systems before diving into the new changes, taking a look at some practical examples of recent vulnerabilities.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"title":"Zero Trust in a Zero-Office World: Rethinking IAM for the Remote-First Enterprise","end_timestamp":{"seconds":1716834600,"nanoseconds":0},"android_description":"The only thing that’s clear about prioritizing vulnerabilities is that we have not figured it out as an industry. We’ve got CVSS, EPSS, CISA KEV, and more scoring systems to work with – these have not solved our challenges. This talk looks at the updates in CVSS4 that offer a new path forward. What has changed, why, and how can we utilize the updated system to work smarter at prioritizing vulnerabilities within our organizations? This new approach provides opportunities to customize the scoring more to the actual environments we work in, influencing the final score for a vulnerability. Supplemental metrics provide further context that does not impact the scoring. We’ll start with an overview of the current systems before diving into the new changes, taking a look at some practical examples of recent vulnerabilities.","updated_timestamp":{"seconds":1712621880,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54310],"name":"Femi Ogunji","affiliations":[],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/femiogunji/"}],"id":53593,"media":[{"hash_sha256":"958c7912ef57f284a3c7cac612cd83f28cf23715c55cea8e76bbfb134446e9bc","filetype":"image/jpeg","hash_md5":"12c7ea9b2ded9355778d59a58e6b6a0a","name":"FemiOgunji.jpg","hash_crc32c":"365af308","asset_id":525,"filesize":227599,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FFemiOgunji.jpg?alt=media","person_id":53593}]}],"timeband_id":1161,"links":[],"end":"2024-05-27T18:30:00.000-0000","id":54310,"village_id":null,"tag_ids":[46263],"begin_timestamp":{"seconds":1716833400,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53593}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"begin":"2024-05-27T18:10:00.000-0000","updated":"2024-04-09T00:18:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"The only thing that’s clear about prioritizing vulnerabilities is that we have not figured it out as an industry. We’ve got CVSS, EPSS, CISA KEV, and more scoring systems to work with – these have not solved our challenges. This talk looks at the updates in CVSS4 that offer a new path forward. What has changed, why, and how can we utilize the updated system to work smarter at prioritizing vulnerabilities within our organizations? This new approach provides opportunities to customize the scoring more to the actual environments we work in, influencing the final score for a vulnerability. Supplemental metrics provide further context that does not impact the scoring. We’ll start with an overview of the current systems before diving into the new changes, taking a look at some practical examples of recent vulnerabilities.\n\n\n","title":"What’s up with CVSS4?","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"android_description":"The only thing that’s clear about prioritizing vulnerabilities is that we have not figured it out as an industry. We’ve got CVSS, EPSS, CISA KEV, and more scoring systems to work with – these have not solved our challenges. This talk looks at the updates in CVSS4 that offer a new path forward. What has changed, why, and how can we utilize the updated system to work smarter at prioritizing vulnerabilities within our organizations? This new approach provides opportunities to customize the scoring more to the actual environments we work in, influencing the final score for a vulnerability. Supplemental metrics provide further context that does not impact the scoring. We’ll start with an overview of the current systems before diving into the new changes, taking a look at some practical examples of recent vulnerabilities.","end_timestamp":{"seconds":1716832800,"nanoseconds":0},"updated_timestamp":{"seconds":1712621820,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54309],"name":"Zach Wasserman","affiliations":[{"organization":"Fleet","title":"Co-founder and Technology Evangelist"}],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/zacharywasserman/"}],"pronouns":null,"media":[{"hash_sha256":"88ed53e6d21931470ee7594404652213c5aba6e0c2eaa8033c77b9c253b13ee2","filetype":"image/jpeg","hash_md5":"ae6d658326a6f62b7c7e99a339536cb7","name":"ZachWasserman.jpg","hash_crc32c":"9466bd3e","asset_id":552,"filesize":177672,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FZachWasserman.jpg?alt=media","person_id":53616}],"id":53616,"title":"Co-founder and Technology Evangelist at Fleet"}],"timeband_id":1161,"links":[],"end":"2024-05-27T18:00:00.000-0000","id":54309,"tag_ids":[46263],"village_id":null,"begin_timestamp":{"seconds":1716831600,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53616}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 4","hotel":"","short_name":"Track 4","id":46207},"updated":"2024-04-09T00:17:00.000-0000","begin":"2024-05-27T17:40:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"In an era where AI-driven chatbots seamlessly integrate into our daily lives, it’s high time that we understand the risks caused by vulnerabilities associated with it. Join us on an exciting journey as we break down the complexities of AI chatbot hacking and explore the potential threats hidden below the surface. In this tech talk, we will begin with the basics of AI, then shift into the common vulnerabilities of AI chat bots, and finally deep dive into the top two vulnerable categories. Through a live hacking lab and real-world attack scenarios, we will demonstrate how an attacker leverages AI chatbot vulnerabilities to compromise user privacy, spread misinformation, and perpetrate social engineering attacks. Furthermore, we will discuss some security measures aimed at minimizing these risks, thereby fostering a more secure digital environment accessible to everyone. By the end of this talk, participants will have developed a deeper awareness of the challenges in securing AI chatbots and will be empowered with practical strategies to fortify their systems effectively. Whether you're a cybersecurity professional, AI enthusiast, or simply curious about tech and security, this talk will inform, inspire, and spark a passion for keeping AI communication safe.\n\n\n","title":"Beyond Interactions: Hacking Chatbots Like a Pro","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"android_description":"In an era where AI-driven chatbots seamlessly integrate into our daily lives, it’s high time that we understand the risks caused by vulnerabilities associated with it. Join us on an exciting journey as we break down the complexities of AI chatbot hacking and explore the potential threats hidden below the surface. In this tech talk, we will begin with the basics of AI, then shift into the common vulnerabilities of AI chat bots, and finally deep dive into the top two vulnerable categories. Through a live hacking lab and real-world attack scenarios, we will demonstrate how an attacker leverages AI chatbot vulnerabilities to compromise user privacy, spread misinformation, and perpetrate social engineering attacks. Furthermore, we will discuss some security measures aimed at minimizing these risks, thereby fostering a more secure digital environment accessible to everyone. By the end of this talk, participants will have developed a deeper awareness of the challenges in securing AI chatbots and will be empowered with practical strategies to fortify their systems effectively. Whether you're a cybersecurity professional, AI enthusiast, or simply curious about tech and security, this talk will inform, inspire, and spark a passion for keeping AI communication safe.","end_timestamp":{"seconds":1716834600,"nanoseconds":0},"updated_timestamp":{"seconds":1712621460,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54303],"name":"Mohankumar Vengatachalam","affiliations":[],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/vimokumar/"}],"id":53604,"media":[{"hash_sha256":"37032918bd858310aa55210f0ba23a132f41d97ad0f1696a5999504d4aa68127","filetype":"image/jpeg","hash_md5":"76a15a8698fb5e987be464ee257d6b30","name":"MohankumarVengatachalam.jpg","hash_crc32c":"99f8a8bc","asset_id":541,"filesize":468011,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FMohankumarVengatachalam.jpg?alt=media","person_id":53604}]},{"conference_id":139,"event_ids":[54303],"name":"Naveen Konrajankuppam Mahavishnu","affiliations":[{"organization":"","title":"Security Researcher"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/naveenkm94/"}],"id":53605,"media":[{"hash_sha256":"85ccd73f8016f7cc54caf21b314cf66fd552e5e5423cf1b13ce26ff4a4881846","filetype":"image/jpeg","hash_md5":"73a63ab5055ee0d6dadd2999acd394a3","name":"NaveenKonrajankuppamMahavishnu.jpg","hash_crc32c":"98550c4b","asset_id":542,"filesize":33918,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FNaveenKonrajankuppamMahavishnu.jpg?alt=media","person_id":53605}],"title":"Security Researcher"}],"timeband_id":1161,"links":[],"end":"2024-05-27T18:30:00.000-0000","id":54303,"tag_ids":[46263],"begin_timestamp":{"seconds":1716831600,"nanoseconds":0},"village_id":null,"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53604},{"tag_id":46264,"sort_order":1,"person_id":53605}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 3","hotel":"","short_name":"Track 3","id":46206},"begin":"2024-05-27T17:40:00.000-0000","updated":"2024-04-09T00:11:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Join Lia Sana, Senior Information Security Architect and Mahtab Rae, Information Security Architect, Fraser Health Authority, as they delve into the application of Artificial Intelligence (AI) in healthcare settings, with a particular emphasis on its governance and control. They will discuss the transformative potential of AI in revolutionizing healthcare delivery, diagnosis, and patient care, as well as, explore the critical aspect of governance and control mechanisms necessary to ensure the ethical and responsible use of AI in this sensitive sector.\r\n\r\nThis presentation will illustrate the Healthcare AI applications with real-world use cases, demonstrating how AI can be leveraged to improve patient outcomes, streamline operations, and enhance decision-making processes in healthcare. These examples will provide a practical perspective on the integration of AI in healthcare, making the discussion more relatable and comprehensible. In addition, the presentation will address the associated risks of AI application in healthcare, such as data privacy concerns, potential bias in AI algorithms, and the need for human oversight. It will underscore the importance of robust internal control systems to mitigate these risks and ensure the safe and effective use of AI.\r\n\r\nDrawing from industry standards and generally accepted responsible AI practices, the presentation will provide a comprehensive overview of the current best practices in AI governance. It will offer insights into how these practices can be adopted and adapted in a healthcare setting to ensure that AI is used responsibly and ethically.\n\n\n","title":"AI in a Healthcare Setting: Opportunities and Risks","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"end_timestamp":{"seconds":1716834600,"nanoseconds":0},"android_description":"Join Lia Sana, Senior Information Security Architect and Mahtab Rae, Information Security Architect, Fraser Health Authority, as they delve into the application of Artificial Intelligence (AI) in healthcare settings, with a particular emphasis on its governance and control. They will discuss the transformative potential of AI in revolutionizing healthcare delivery, diagnosis, and patient care, as well as, explore the critical aspect of governance and control mechanisms necessary to ensure the ethical and responsible use of AI in this sensitive sector.\r\n\r\nThis presentation will illustrate the Healthcare AI applications with real-world use cases, demonstrating how AI can be leveraged to improve patient outcomes, streamline operations, and enhance decision-making processes in healthcare. These examples will provide a practical perspective on the integration of AI in healthcare, making the discussion more relatable and comprehensible. In addition, the presentation will address the associated risks of AI application in healthcare, such as data privacy concerns, potential bias in AI algorithms, and the need for human oversight. It will underscore the importance of robust internal control systems to mitigate these risks and ensure the safe and effective use of AI.\r\n\r\nDrawing from industry standards and generally accepted responsible AI practices, the presentation will provide a comprehensive overview of the current best practices in AI governance. It will offer insights into how these practices can be adopted and adapted in a healthcare setting to ensure that AI is used responsibly and ethically.","updated_timestamp":{"seconds":1712620740,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54297],"name":"Lia Sana","affiliations":[{"organization":"Fraser Health Authority","title":"Senior Information Security Architect"}],"links":[],"pronouns":null,"id":53601,"media":[{"hash_sha256":"2924d54b287a167d89896305b40c951685a1dcae187a731ff7c26b83d5a469dd","filetype":"image/jpeg","hash_md5":"ee3f780e2334278b881919d1420826e3","name":"LiaSana.jpg","hash_crc32c":"eb93179b","asset_id":538,"filesize":164546,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FLiaSana.jpg?alt=media","person_id":53601}],"title":"Senior Information Security Architect at Fraser Health Authority"},{"conference_id":139,"event_ids":[54297],"name":"Mahtab Rae","affiliations":[{"organization":"Fraser Health Authority","title":"Information Security Architect"}],"links":[],"pronouns":null,"id":53602,"media":[{"hash_sha256":"f9936e5cbb46a78c60e65d5e2b6abc06c36633a097ea58584f7846f2db924ecd","filetype":"image/jpeg","hash_md5":"8eb5601f9a49d3637e1bb30737193294","name":"MahtabRae.jpg","hash_crc32c":"c03b4449","filesize":28161,"asset_id":539,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FMahtabRae.jpg?alt=media","person_id":53602}],"title":"Information Security Architect at Fraser Health Authority"}],"timeband_id":1161,"links":[],"end":"2024-05-27T18:30:00.000-0000","id":54297,"village_id":null,"begin_timestamp":{"seconds":1716831600,"nanoseconds":0},"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53601},{"tag_id":46264,"sort_order":1,"person_id":53602}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 2","hotel":"","short_name":"Track 2","id":46205},"spans_timebands":"N","begin":"2024-05-27T17:40:00.000-0000","updated":"2024-04-08T23:59:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"We prefer to avoid ISO 27001 accredited corporations” said no current or future customer ever. ISO compliance can be a catalyst for new sales, improved customer relationships and increased platform confidentiality, integrity and availability.  This talk by two seasoned security professionals will demonstrate how to use open source tools and techniques to build existing business practices into the ISO 27001 framework.\n\n\n","title":"From Zero to ISO27k","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"end_timestamp":{"seconds":1716834600,"nanoseconds":0},"android_description":"We prefer to avoid ISO 27001 accredited corporations” said no current or future customer ever. ISO compliance can be a catalyst for new sales, improved customer relationships and increased platform confidentiality, integrity and availability.  This talk by two seasoned security professionals will demonstrate how to use open source tools and techniques to build existing business practices into the ISO 27001 framework.","updated_timestamp":{"seconds":1712620140,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54291],"name":"Josh Sokol","affiliations":[],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/joshsokol"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/joshsokol"}],"id":53597,"media":[{"hash_sha256":"9209bd3986ed99a2144cc86b3c1f6fbc41b7376993b2ae51663caa383df2a89e","filetype":"image/jpeg","hash_md5":"df03445797d1ceb2813a2d734a28a3dd","name":"JoshSokol.jpg","hash_crc32c":"2fc6af5f","filesize":324591,"asset_id":532,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FJoshSokol.jpg?alt=media","person_id":53597}]}],"timeband_id":1161,"links":[],"end":"2024-05-27T18:30:00.000-0000","id":54291,"village_id":null,"begin_timestamp":{"seconds":1716831600,"nanoseconds":0},"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53597}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Track 1","hotel":"","short_name":"Track 1","id":46204},"updated":"2024-04-08T23:49:00.000-0000","begin":"2024-05-27T17:40:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#420d40","updated_at":"2024-04-09T04:42+0000","name":"Misc","id":46275},"title":"Mix and Mingle","end_timestamp":{"seconds":1716831000,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712618400,"nanoseconds":0},"speakers":[],"timeband_id":1161,"links":[],"end":"2024-05-27T17:30:00.000-0000","id":54287,"village_id":null,"begin_timestamp":{"seconds":1716829200,"nanoseconds":0},"tag_ids":[46275],"includes":"","people":[],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Tracks 1-4","hotel":"","short_name":"Tracks 1-4","id":46208},"spans_timebands":"N","begin":"2024-05-27T17:00:00.000-0000","updated":"2024-04-08T23:20:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"Opening Keynote","android_description":"","end_timestamp":{"seconds":1716829200,"nanoseconds":0},"updated_timestamp":{"seconds":1712618400,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54286],"name":"Micah Lee","affiliations":[],"links":[],"pronouns":null,"media":[],"id":53617}],"timeband_id":1161,"links":[],"end":"2024-05-27T17:00:00.000-0000","id":54286,"begin_timestamp":{"seconds":1716826200,"nanoseconds":0},"village_id":null,"tag_ids":[46263],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53617}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Tracks 1-4","hotel":"","short_name":"Tracks 1-4","id":46208},"spans_timebands":"N","begin":"2024-05-27T16:10:00.000-0000","updated":"2024-04-08T23:20:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"","title":"Intro","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#82B1B6","updated_at":"2024-04-09T04:42+0000","name":"Talk","id":46263},"end_timestamp":{"seconds":1716826200,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712618340,"nanoseconds":0},"speakers":[],"timeband_id":1161,"links":[],"end":"2024-05-27T16:10:00.000-0000","id":54285,"village_id":null,"begin_timestamp":{"seconds":1716825600,"nanoseconds":0},"tag_ids":[46263],"includes":"","people":[],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Tracks 1-4","hotel":"","short_name":"Tracks 1-4","id":46208},"begin":"2024-05-27T16:00:00.000-0000","updated":"2024-04-08T23:19:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#420d40","updated_at":"2024-04-09T04:42+0000","name":"Misc","id":46275},"title":"Registration","end_timestamp":{"seconds":1716825600,"nanoseconds":0},"android_description":"","updated_timestamp":{"seconds":1712618280,"nanoseconds":0},"speakers":[],"timeband_id":1161,"links":[],"end":"2024-05-27T16:00:00.000-0000","id":54284,"begin_timestamp":{"seconds":1716822000,"nanoseconds":0},"village_id":null,"tag_ids":[46275],"includes":"","people":[],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46209},"updated":"2024-04-08T23:18:00.000-0000","begin":"2024-05-27T15:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"This workshop is designed to teach participants techniques and methodologies for discovering and analyzing digital infrastructure utilized by cyber adversaries. It will focus on leveraging publicly available, open-source intelligence (OSINT) tools and resources to systematically uncover and map the network assets of potential cyber threats.\r\n\r\nWe will start with a brief discussion of the types of digital assets (such as servers, domains and IP addresses) commonly used by adversaries and their purposes in cyber operations. We will then introduce some of the free and open source tools that are readily available to conduct tactical threat hunting. We’ll conclude with several exercises using multiple tools for participants to gain proficiency discovering active adversary infrastructure and turning it into actionable intelligence.\r\n\r\nThe workshop will include hands-on exercises using free and open source tools such as Shodan, Censys, and urlscan.io to identify and analyze malicious infrastructure linked to a range of malware (stealer, botnet, RAT, etc.) families and command-and-control (C2) frameworks such as Cobalt Strike.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#f92323","updated_at":"2024-04-09T04:42+0000","name":"Training","id":46276},"title":"Precision Threat Hunting: Unveiling Adversary Infrastructure using Free and Open Source Tools with Greg","end_timestamp":{"seconds":1716766200,"nanoseconds":0},"android_description":"This workshop is designed to teach participants techniques and methodologies for discovering and analyzing digital infrastructure utilized by cyber adversaries. It will focus on leveraging publicly available, open-source intelligence (OSINT) tools and resources to systematically uncover and map the network assets of potential cyber threats.\r\n\r\nWe will start with a brief discussion of the types of digital assets (such as servers, domains and IP addresses) commonly used by adversaries and their purposes in cyber operations. We will then introduce some of the free and open source tools that are readily available to conduct tactical threat hunting. We’ll conclude with several exercises using multiple tools for participants to gain proficiency discovering active adversary infrastructure and turning it into actionable intelligence.\r\n\r\nThe workshop will include hands-on exercises using free and open source tools such as Shodan, Censys, and urlscan.io to identify and analyze malicious infrastructure linked to a range of malware (stealer, botnet, RAT, etc.) families and command-and-control (C2) frameworks such as Cobalt Strike.","updated_timestamp":{"seconds":1712636520,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54330],"name":"Greg Leah","affiliations":[{"organization":"PrecisionSec","title":"Founder"}],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/greg-leah/"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/powershellcode"}],"pronouns":null,"media":[{"hash_sha256":"42f3aeb9bc028fcb89f5341d6cdd22f072106a6996553db89673a4fa4bb42e32","filetype":"image/jpeg","hash_md5":"6a5b42f87a5ade2e2b77ccc15a202bc0","name":"GregLeah.jpg","hash_crc32c":"66a974ed","asset_id":526,"filesize":30905,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FGregLeah.jpg?alt=media","person_id":53632}],"id":53632,"title":"Founder at PrecisionSec"}],"timeband_id":1160,"links":[],"end":"2024-05-26T23:30:00.000-0000","id":54330,"begin_timestamp":{"seconds":1716759000,"nanoseconds":0},"tag_ids":[46276],"village_id":null,"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53632}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Room 2945","hotel":"","short_name":"Room 2945","id":46211},"spans_timebands":"N","begin":"2024-05-26T21:30:00.000-0000","updated":"2024-04-09T04:22:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"* Introduction to OSINT: Understand its importance and considerations.\r\n\r\n* Search Techniques: Learn methods for gathering data efficiently.\r\n\r\n* Geolocation and Image Analysis: Explore extracting intelligence from images and geolocation data.\r\n\r\n* Saving Online Content: Discover tools and techniques for archiving and organizing online information.\r\n\r\n* OSINT Resources: Explore valuable online tools for OSINT.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#f92323","updated_at":"2024-04-09T04:42+0000","name":"Training","id":46276},"title":"The Art of OSINT: Techniques and Tools Revealed with Ritu","android_description":"* Introduction to OSINT: Understand its importance and considerations.\r\n\r\n* Search Techniques: Learn methods for gathering data efficiently.\r\n\r\n* Geolocation and Image Analysis: Explore extracting intelligence from images and geolocation data.\r\n\r\n* Saving Online Content: Discover tools and techniques for archiving and organizing online information.\r\n\r\n* OSINT Resources: Explore valuable online tools for OSINT.","end_timestamp":{"seconds":1716764400,"nanoseconds":0},"updated_timestamp":{"seconds":1712636460,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54316,54329],"name":"Ritu Gill","affiliations":[{"organization":"","title":"Intelligence Analyst"}],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/ritugill-osinttechniques/"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/OSINTtechniques"},{"description":"","title":"Website","sort_order":0,"url":"https://www.osinttechniques.com/"},{"description":"","title":"Website (2)","sort_order":0,"url":"https://www.forensicosint.com/"}],"pronouns":null,"media":[{"hash_sha256":"e79fdeed84a6a69df3a01b1fb3ccd5824491c23cd530e0ffcb9574897c073cb2","filetype":"image/jpeg","hash_md5":"7cecce00d074bc221de8c4e5ad4a94f8","name":"RituGill.jpg","hash_crc32c":"827ef50a","asset_id":545,"filesize":36727,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FRituGill.jpg?alt=media","person_id":53608}],"id":53608,"title":"Intelligence Analyst"}],"timeband_id":1160,"links":[],"end":"2024-05-26T23:00:00.000-0000","id":54329,"village_id":null,"tag_ids":[46276],"begin_timestamp":{"seconds":1716757200,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53608}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Room 2250","hotel":"","short_name":"Room 2250","id":46214},"spans_timebands":"N","updated":"2024-04-09T04:21:00.000-0000","begin":"2024-05-26T21:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"The course \"Unveiling cyber-criminal actions: The Art of Battlefield Forensics and Incident Response\" covers essential topics in digital forensics, emphasizing the importance of understanding intake/collection processes and their impact on case outcomes. It highlights the significance of acquiring memory and detecting encryption. Specialization options and methods for diving deeper into the field are discussed.\r\n\r\nStudents learn about file systems, metadata, evidence formats, and scene management for effective evidence acquisition. Acquisition hardware and software, including live response and dead box methods, are explored. Various acquisition methodologies, such as accessing devices and interacting with data, are covered. Hands-on labs demonstrate live response, dead box acquisition, and triage collection.\r\n\r\nFurther topics include memory acquisition, encryption checking, host-based live acquisition, dead box acquisition, rapid triage with tools like KAPE, file and stream recovery, advanced data carving, and OSINT for threat intelligence gathering. Throughout the course, students gain practical skills in evidence acquisition and analysis critical for digital forensic investigations.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#f92323","updated_at":"2024-04-09T04:42+0000","name":"Training","id":46276},"title":"Unveiling Cyber-Criminal Actions: The Art of Battlefield Forensics and Incident Response with Anna and Neumann","end_timestamp":{"seconds":1716768000,"nanoseconds":0},"android_description":"The course \"Unveiling cyber-criminal actions: The Art of Battlefield Forensics and Incident Response\" covers essential topics in digital forensics, emphasizing the importance of understanding intake/collection processes and their impact on case outcomes. It highlights the significance of acquiring memory and detecting encryption. Specialization options and methods for diving deeper into the field are discussed.\r\n\r\nStudents learn about file systems, metadata, evidence formats, and scene management for effective evidence acquisition. Acquisition hardware and software, including live response and dead box methods, are explored. Various acquisition methodologies, such as accessing devices and interacting with data, are covered. Hands-on labs demonstrate live response, dead box acquisition, and triage collection.\r\n\r\nFurther topics include memory acquisition, encryption checking, host-based live acquisition, dead box acquisition, rapid triage with tools like KAPE, file and stream recovery, advanced data carving, and OSINT for threat intelligence gathering. Throughout the course, students gain practical skills in evidence acquisition and analysis critical for digital forensic investigations.","updated_timestamp":{"seconds":1712636280,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54328],"name":"Anna Truss","affiliations":[{"organization":"DefSec LLC","title":"Founder and CEO"}],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/annatruss"}],"media":[{"hash_sha256":"15507eef9228427e2f7c04f74fd397f70360d5fc83a8fa204298b22c8215a9e3","filetype":"image/jpeg","hash_md5":"24245d9c92c6e167148fccd4fd2ddc54","name":"AnnaTruss.jpg","hash_crc32c":"79658b62","asset_id":515,"filesize":114806,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FAnnaTruss.jpg?alt=media","person_id":53629}],"id":53629,"title":"Founder and CEO at DefSec LLC"},{"conference_id":139,"event_ids":[54328],"name":"Neumann Lim","affiliations":[{"organization":"Odlum Brown","title":"Manager"}],"links":[{"description":"","title":"","sort_order":0,"url":"https://ca.linkedin.com/in/neumannlim"}],"pronouns":null,"media":[{"hash_sha256":"e5a703171a3a78b97c92e39749a39834a6d3b23e9726db9334861c23dca84463","filetype":"image/jpeg","hash_md5":"db7bd61915e4237471bac28877eb2e32","name":"NeumannLim.jpg","hash_crc32c":"37350941","filesize":18311,"asset_id":543,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FNeumannLim.jpg?alt=media","person_id":53630}],"id":53630,"title":"Manager at Odlum Brown"}],"timeband_id":1160,"links":[],"end":"2024-05-27T00:00:00.000-0000","id":54328,"village_id":null,"tag_ids":[46276],"begin_timestamp":{"seconds":1716752700,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53629},{"tag_id":46264,"sort_order":1,"person_id":53630}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Room 2245","hotel":"","short_name":"Room 2245","id":46212},"spans_timebands":"N","begin":"2024-05-26T19:45:00.000-0000","updated":"2024-04-09T04:18:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Docker has gained immense popularity among development and SRE teams for allowing consistency across development/test/prod environments, and enabling immutable infrastructure and higher compute density. As security professionals, it helps to understand how Docker works to be able to secure our workloads. At the same time, there are a number of use cases where Docker makes our lives easier as well.\r\n\r\nIn this workshop we'll get our feet wet with Docker:\r\n\r\n- Explore the basics of Docker and how it works\r\n\r\n- Work through  a number of security-relevant use cases: exploring different OS distros, running containerized security tools, building custom images, scanning Docker images for CVEs and secrets, image structure and manual introspection.\r\n\r\nPre-requisites:\r\n\r\n- Laptop with Docker installed. Docker Desktop recommended, but Docker Engine should work too.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#f92323","updated_at":"2024-04-09T04:42+0000","name":"Training","id":46276},"title":"Docker for Security Use Cases Workshop with Amiran","android_description":"Docker has gained immense popularity among development and SRE teams for allowing consistency across development/test/prod environments, and enabling immutable infrastructure and higher compute density. As security professionals, it helps to understand how Docker works to be able to secure our workloads. At the same time, there are a number of use cases where Docker makes our lives easier as well.\r\n\r\nIn this workshop we'll get our feet wet with Docker:\r\n\r\n- Explore the basics of Docker and how it works\r\n\r\n- Work through  a number of security-relevant use cases: exploring different OS distros, running containerized security tools, building custom images, scanning Docker images for CVEs and secrets, image structure and manual introspection.\r\n\r\nPre-requisites:\r\n\r\n- Laptop with Docker installed. Docker Desktop recommended, but Docker Engine should work too.","end_timestamp":{"seconds":1716768000,"nanoseconds":0},"updated_timestamp":{"seconds":1712635560,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54322,54323],"name":"Amiran Alavidze","affiliations":[],"links":[],"pronouns":null,"id":53622,"media":[{"hash_sha256":"04a679a2715c7dc96e870f4a7700a77cb2f1dc3dd7a29e1ee2c55e94539e8294","filetype":"image/png","hash_md5":"262115617a7cb515893e29e1e01844a6","name":"AmiranAlavidze.png","hash_crc32c":"84a6a6b1","filesize":98259,"asset_id":514,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FAmiranAlavidze.png?alt=media","person_id":53622}]}],"timeband_id":1160,"links":[],"end":"2024-05-27T00:00:00.000-0000","id":54323,"village_id":null,"begin_timestamp":{"seconds":1716752700,"nanoseconds":0},"tag_ids":[46276],"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53622}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Room 2270","hotel":"","short_name":"Room 2270","id":46210},"spans_timebands":"N","begin":"2024-05-26T19:45:00.000-0000","updated":"2024-04-09T04:06:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"CodeQL is an open-source static analysis tool that can be used to find vulnerabilities, anti-patterns, code smells, and other interesting patterns in your codebases. Code patterns are abstracted into language specific queries that can be used to scan across many repositories for QA, research, and variant hunt purposes with the option to integrate as part of your CI/CD pipeline. CodeQL is powerful and extensible, with many included queries as well as a query language that allows a query author to write their own. In this workshop we’ll write queries for three C# vulnerabilities: BinaryFormatter deserialization of untrusted data, use of the weak hash SHA1, and creation of a Weak RSA Key. This workshop focuses on C# but the concepts are applicable to any other language that CodeQL supports. \r\n\r\nBy the end of this presentation, participants will be able to author their own queries, become familiar with the features of the CodeQL VSCode extension, and understand how to model dataflow in CodeQL.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#f92323","name":"Training","id":46276},"title":"CodeQL  with Chanel","end_timestamp":{"seconds":1716753600,"nanoseconds":0},"android_description":"CodeQL is an open-source static analysis tool that can be used to find vulnerabilities, anti-patterns, code smells, and other interesting patterns in your codebases. Code patterns are abstracted into language specific queries that can be used to scan across many repositories for QA, research, and variant hunt purposes with the option to integrate as part of your CI/CD pipeline. CodeQL is powerful and extensible, with many included queries as well as a query language that allows a query author to write their own. In this workshop we’ll write queries for three C# vulnerabilities: BinaryFormatter deserialization of untrusted data, use of the weak hash SHA1, and creation of a Weak RSA Key. This workshop focuses on C# but the concepts are applicable to any other language that CodeQL supports. \r\n\r\nBy the end of this presentation, participants will be able to author their own queries, become familiar with the features of the CodeQL VSCode extension, and understand how to model dataflow in CodeQL.","updated_timestamp":{"seconds":1712636160,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54327],"name":"Chanel Young","affiliations":[{"organization":"Microsoft Security","title":"Software Engineer"}],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/chanelyoung99/"}],"pronouns":null,"id":53628,"media":[{"hash_sha256":"fb07eff0225073926092da7783d4d2793a19473e6e454645c364c94d25e22c20","filetype":"image/png","hash_md5":"509ca90ae1455cccfece2d5a6745b9ae","name":"ChanelYoung.png","hash_crc32c":"50efae90","asset_id":521,"filesize":1038243,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FChanelYoung.png?alt=media","person_id":53628}],"title":"Software Engineer at Microsoft Security"}],"timeband_id":1160,"links":[],"end":"2024-05-26T20:00:00.000-0000","id":54327,"begin_timestamp":{"seconds":1716746400,"nanoseconds":0},"tag_ids":[46276],"village_id":null,"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53628}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Room 2250","hotel":"","short_name":"Room 2250","id":46214},"begin":"2024-05-26T18:00:00.000-0000","updated":"2024-04-09T04:16:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"This workshop provides an in-depth exploration of Digital Forensics and Incident Response (DFIR) through interactive, cloud-based labs. Participants will have access to a wide array of logs, including system, network, and memory data, to explore and investigate. The session emphasizes practical skills in analyzing and responding to cybersecurity threats using tools like Elasticsearch and Kibana. Attendees will experience the power of interactive dashboards and visualizations, along with the ability to search through raw data in Elasticsearch. This hands-on approach ensures a comprehensive understanding of digital forensics, equipping participants to tackle real-world security challenges effectively.\r\n\r\nWorkshop participants will require a laptop that can support a modern web browser. Tools utilized as part of the workshop will be cloud-based and accessed through the browser.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#f92323","updated_at":"2024-04-09T04:42+0000","name":"Training","id":46276},"title":"Practical Intrusion Analysis: Investigating Real-World Intrusions with Kostas","android_description":"This workshop provides an in-depth exploration of Digital Forensics and Incident Response (DFIR) through interactive, cloud-based labs. Participants will have access to a wide array of logs, including system, network, and memory data, to explore and investigate. The session emphasizes practical skills in analyzing and responding to cybersecurity threats using tools like Elasticsearch and Kibana. Attendees will experience the power of interactive dashboards and visualizations, along with the ability to search through raw data in Elasticsearch. This hands-on approach ensures a comprehensive understanding of digital forensics, equipping participants to tackle real-world security challenges effectively.\r\n\r\nWorkshop participants will require a laptop that can support a modern web browser. Tools utilized as part of the workshop will be cloud-based and accessed through the browser.","end_timestamp":{"seconds":1716768000,"nanoseconds":0},"updated_timestamp":{"seconds":1712635980,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54326],"name":"Kostas","affiliations":[],"pronouns":null,"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/kostastsale/"},{"description":"","title":"Twitter","sort_order":0,"url":"https://twitter.com/kostastsale"}],"media":[{"hash_sha256":"8f30a8e2b6250a91e8985673dc1b47c19082b9f884e823efa78cf09f9ae980f9","filetype":"image/jpeg","hash_md5":"b73093fdb733a6f473d14c543141e446","name":"Kostas.jpg","hash_crc32c":"fbd56f35","asset_id":536,"filesize":34976,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FKostas.jpg?alt=media","person_id":53627}],"id":53627}],"timeband_id":1160,"links":[],"end":"2024-05-27T00:00:00.000-0000","id":54326,"village_id":null,"tag_ids":[46276],"begin_timestamp":{"seconds":1716744600,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53627}],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Room 2200","hotel":"","short_name":"Room 2200","id":46213},"spans_timebands":"N","updated":"2024-04-09T04:13:00.000-0000","begin":"2024-05-26T17:30:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"If your workload already lives on AWS, then there is a high chance that some temporary AWS credentials have been securely distributed to perform needed tasks. But what happens when your workload is on premises? In this workshop, learn how to use AWS Identity and Access Management (IAM) Roles Anywhere. Start from the basics and create the necessary steps to learn how to use your applications outside of AWS in a safe way using IAM Roles Anywhere in practice.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#f92323","updated_at":"2024-04-09T04:42+0000","name":"Training","id":46276},"title":"Cloud Access Control with Colin and Brad","end_timestamp":{"seconds":1716750000,"nanoseconds":0},"android_description":"If your workload already lives on AWS, then there is a high chance that some temporary AWS credentials have been securely distributed to perform needed tasks. But what happens when your workload is on premises? In this workshop, learn how to use AWS Identity and Access Management (IAM) Roles Anywhere. Start from the basics and create the necessary steps to learn how to use your applications outside of AWS in a safe way using IAM Roles Anywhere in practice.","updated_timestamp":{"seconds":1712635860,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54325],"name":"Colin Igbokwe","affiliations":[{"organization":"","title":"Sr. Security Solution Architect"}],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/cigbokwe/"}],"pronouns":null,"id":53625,"media":[{"hash_sha256":"e1206d4c29b40addbdaeb9b0a72f33ed27afde37a63ab80e9f90c753717df5f4","filetype":"image/png","hash_md5":"0b6a0055bac3351fadd6a4e2f8a1a544","name":"ColinIgbokwe.png","hash_crc32c":"275d5419","asset_id":523,"filesize":152754,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FColinIgbokwe.png?alt=media","person_id":53625}],"title":"Sr. Security Solution Architect"},{"conference_id":139,"event_ids":[54325],"name":"Brad Burnett","affiliations":[{"organization":"","title":"Security Specialist Solutions Architect"}],"links":[{"description":"","title":"LinkedIn","sort_order":0,"url":"https://www.linkedin.com/in/brad-burnett/"}],"pronouns":null,"media":[{"hash_sha256":"c959900e70e50c861711026b13845c1a93b3c63ff589b842d626168b582a64f1","filetype":"image/png","hash_md5":"f55e36f450e3afecea23e9588c60f149","name":"BradBurnett.png","hash_crc32c":"d269e001","asset_id":520,"filesize":87965,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FBradBurnett.png?alt=media","person_id":53626}],"id":53626,"title":"Security Specialist Solutions Architect"}],"timeband_id":1160,"links":[],"end":"2024-05-26T19:00:00.000-0000","id":54325,"tag_ids":[46276],"village_id":null,"begin_timestamp":{"seconds":1716742800,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53626},{"tag_id":46264,"sort_order":1,"person_id":53625}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Room 2245","hotel":"","short_name":"Room 2245","id":46212},"updated":"2024-04-09T04:11:00.000-0000","begin":"2024-05-26T17:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Threat Modeling is the best way to discover and remediate threats in your system before they are even created. If done correctly, it is one of the most impactful security programs that you can run within your organization.\r\n\r\nIn the Security Industry, threat modeling has been misunderstood and many security folks are afraid to carry out a threat model. While it is commonly performed by Application Security or Cloud Security professionals, threat modeling can be done by anyone.\r\n\r\nThis hands-on workshop will cover the threat modeling workflow and common classes of vulnerabilities in a way that is easy to understand. You will also walk through many hands-on threat modeling examples to ensure that you will be empowered to discover threats in your systems.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#f92323","updated_at":"2024-04-09T04:42+0000","name":"Training","id":46276},"title":"Threat Modeling 101 - Burn Risks, Not Hope with Jeevan and Bhawandeep","android_description":"Threat Modeling is the best way to discover and remediate threats in your system before they are even created. If done correctly, it is one of the most impactful security programs that you can run within your organization.\r\n\r\nIn the Security Industry, threat modeling has been misunderstood and many security folks are afraid to carry out a threat model. While it is commonly performed by Application Security or Cloud Security professionals, threat modeling can be done by anyone.\r\n\r\nThis hands-on workshop will cover the threat modeling workflow and common classes of vulnerabilities in a way that is easy to understand. You will also walk through many hands-on threat modeling examples to ensure that you will be empowered to discover threats in your systems.","end_timestamp":{"seconds":1716758100,"nanoseconds":0},"updated_timestamp":{"seconds":1712635680,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54324],"name":"Jeevan Singh","affiliations":[{"organization":"Rippling","title":"Director of Security Engineering"}],"links":[],"pronouns":null,"media":[{"hash_sha256":"436c8baaf54e77f6773cc8cbebe1327953b2a367c596a56ba8d55ad7e02c8ad4","filetype":"image/jpeg","hash_md5":"343f00456bd6e55a3a610eb0755011fc","name":"JeevanSingh.jpg","hash_crc32c":"5c9a8d00","asset_id":530,"filesize":190322,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FJeevanSingh.jpg?alt=media","person_id":53623}],"id":53623,"title":"Director of Security Engineering at Rippling"},{"conference_id":139,"event_ids":[54324],"name":"Bhawandeep Kambo","affiliations":[{"organization":"Twilio","title":"Product Security Engineer"}],"links":[],"pronouns":null,"id":53624,"media":[{"hash_sha256":"a1d3cf34296af21bc6951f9af0862a71767da0dd4d9f9ad16f3b6a052f415069","filetype":"image/jpeg","hash_md5":"6873ad540eb501dff89c594f02b04b2a","name":"BhawandeepKambo.jpg","hash_crc32c":"bd503a16","asset_id":518,"filesize":159057,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FBhawandeepKambo.jpg?alt=media","person_id":53624}],"title":"Product Security Engineer at Twilio"}],"timeband_id":1160,"links":[],"end":"2024-05-26T21:15:00.000-0000","id":54324,"begin_timestamp":{"seconds":1716742800,"nanoseconds":0},"tag_ids":[46276],"village_id":null,"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53624},{"tag_id":46264,"sort_order":1,"person_id":53623}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Room 2945","hotel":"","short_name":"Room 2945","id":46211},"updated":"2024-04-09T04:08:00.000-0000","begin":"2024-05-26T17:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"Threat modelling is considered to be a critical component of Secure Software Development Lifecycle (S-SDLC) as evidenced by the fact that it’s included in most S-SDLC methodologies (see Microsoft SDL or OWASP Secure Software Development Lifecycle Project, for example). There’s a ton of information available on threat modelling, though most of it seems to be focused on explaining the importance of it, or where it should fit within S-SDLC, not so much on practical aspects of how it can be done. This workshop presents a practical collaborative approach to threat modelling with focus on applicability to Agile teams of various scales. We’ll spend a bit of time on threat modelling overview, but the majority of the workshop will be dedicated to going through an example threat modelling session and creating a sample threat model. You might be interested in this workshop if you are a security engineer, software engineer, engineering manager, or product manager. There are no prerequisites, but you are expected to actively participate.\n\n\n","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","color":"#f92323","updated_at":"2024-04-09T04:42+0000","name":"Training","id":46276},"title":"Practical Threat Modelling with Amiran","end_timestamp":{"seconds":1716750000,"nanoseconds":0},"android_description":"Threat modelling is considered to be a critical component of Secure Software Development Lifecycle (S-SDLC) as evidenced by the fact that it’s included in most S-SDLC methodologies (see Microsoft SDL or OWASP Secure Software Development Lifecycle Project, for example). There’s a ton of information available on threat modelling, though most of it seems to be focused on explaining the importance of it, or where it should fit within S-SDLC, not so much on practical aspects of how it can be done. This workshop presents a practical collaborative approach to threat modelling with focus on applicability to Agile teams of various scales. We’ll spend a bit of time on threat modelling overview, but the majority of the workshop will be dedicated to going through an example threat modelling session and creating a sample threat model. You might be interested in this workshop if you are a security engineer, software engineer, engineering manager, or product manager. There are no prerequisites, but you are expected to actively participate.","updated_timestamp":{"seconds":1712635500,"nanoseconds":0},"speakers":[{"conference_id":139,"event_ids":[54322,54323],"name":"Amiran Alavidze","affiliations":[],"links":[],"pronouns":null,"id":53622,"media":[{"hash_sha256":"04a679a2715c7dc96e870f4a7700a77cb2f1dc3dd7a29e1ee2c55e94539e8294","filetype":"image/png","hash_md5":"262115617a7cb515893e29e1e01844a6","name":"AmiranAlavidze.png","hash_crc32c":"84a6a6b1","asset_id":514,"filesize":98259,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESVANCOUVER2024%2FAmiranAlavidze.png?alt=media","person_id":53622}]}],"timeband_id":1160,"links":[],"end":"2024-05-26T19:00:00.000-0000","id":54322,"village_id":null,"tag_ids":[46276],"begin_timestamp":{"seconds":1716742800,"nanoseconds":0},"includes":"","people":[{"tag_id":46264,"sort_order":1,"person_id":53622}],"tags":"","conference_id":139,"links_antiquated":[],"spans_timebands":"N","location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Room 2270","hotel":"","short_name":"Room 2270","id":46210},"updated":"2024-04-09T04:05:00.000-0000","begin":"2024-05-26T17:00:00.000-0000"},{"conference":"BSIDESVANCOUVER2024","timezone":"America/Los_Angeles","link":"","description":"","type":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","color":"#82B1B6","name":"Talk","id":46263},"title":"Workshop Registration","android_description":"","end_timestamp":{"seconds":1716742800,"nanoseconds":0},"updated_timestamp":{"seconds":1712619600,"nanoseconds":0},"speakers":[],"timeband_id":1160,"links":[],"end":"2024-05-26T17:00:00.000-0000","id":54321,"village_id":null,"tag_ids":[46263],"begin_timestamp":{"seconds":1716739200,"nanoseconds":0},"includes":"","people":[],"tags":"","conference_id":139,"links_antiquated":[],"location":{"conference_id":139,"conference":"BSIDESVANCOUVER2024","updated_at":"2024-04-09T04:42+0000","parent_id":0,"name":"Unspecified","hotel":"","short_name":"Unspecified","id":46209},"spans_timebands":"N","updated":"2024-04-08T23:40:00.000-0000","begin":"2024-05-26T16:00:00.000-0000"}]
\ No newline at end of file
diff --git a/public/ht/index.json b/public/ht/index.json
index 27aba15..e945fed 100644
--- a/public/ht/index.json
+++ b/public/ht/index.json
@@ -1 +1 @@
-[{"end_timestamp_str":"2024-04-22T03:59:59+00:00","end_date":"2024-04-21","supportdoc":"The Help & Support document for this conference has not yet been defined.","enable_merch":false,"kickoff_timestamp":{"seconds":1713621600,"nanoseconds":0},"code":"BSIDESCHARM2024","maps":[],"start_timestamp":{"seconds":1713585600,"nanoseconds":0},"timezone":"America/New_York","link":"","description":"","kickoff_timestamp_str":"2024-04-20T14:00:00+00:00","enable_merch_cart":false,"conference_id":137,"start_timestamp_str":"2024-04-20T04:00:00+00:00","end_timestamp":{"seconds":1713758399,"nanoseconds":0},"home_menu_id":121,"codeofconduct":"Our “Code of Conduct” is “Be Excellent to Each Other”.\r\n\r\nWe expect the best behavior from our attendees, speakers, sponsors, staff, and other participants to create a safe and positive environment for everyone.\r\n\r\nWe have no tolerance for verbal, physical, or sexual harassments against any individual.\r\n\r\nSpeakers and presenters appreciate legitimate questions and alternate points of view. This is how we all learn. Asking questions of a speaker during their talk, to get clarity or debate a point, is acceptable and encouraged. However, heckling speakers, engaging in any disruptive behavior, or interfering with a presentation or training is unacceptable behavior and will be considered harassment which could become grounds for you being asked to leave the conference.\r\n\r\nYou will not engage in any form of harassing, offensive, discriminatory, or threatening speech or behavior, including (but not limited to) relating to race, gender, gender identity and expression, national origin, religion, disability, marital status, age, sexual orientation, military or veteran status, or other protected category.\r\n\r\nIf you witness activity that violates the letter or spirit of this Code of Conduct, please alert a staff member. Staff are designated as the Board, Organizers, and Volunteers.\r\n\r\nIf someone asks YOU to stop a certain kind of behavior, please stop.\r\n\r\nBSidesCharm has the right, and duty, to remove any harmful influence from the event for the safety of others.","name":"BSidesCharm 2024","tagline_text":null,"id":137,"start_date":"2024-04-20","updated_at":{"seconds":1712085403,"nanoseconds":760253000},"hidden":false},{"end_timestamp_str":"2024-04-06T04:59:59+00:00","end_date":"2024-04-05","supportdoc":"The Help & Support document for this conference has not yet been defined.","enable_merch":false,"kickoff_timestamp":{"seconds":1712293200,"nanoseconds":0},"code":"BSIDESOK2024","maps":[],"start_timestamp":{"seconds":1712120400,"nanoseconds":0},"timezone":"America/Chicago","link":"","description":"","kickoff_timestamp_str":"2024-04-05T05:00:00+00:00","enable_merch_cart":false,"conference_id":136,"start_timestamp_str":"2024-04-03T05:00:00+00:00","end_timestamp":{"seconds":1712379599,"nanoseconds":0},"codeofconduct":"Everyone deserves to attend a learning event, community or professional, with a reasonable expectation of good behavior. The BSidesOK Team expects that while attending this conference you treat everyone with the love and respect you wish to receive. This applies to all attendees, speakers, volunteers, vendors, and anyone in between. We feel that if you do that, then this conference will once again run smoothly and we will all have a good time.\r\n\r\nDon’t be an ass!\r\n\r\nIf you experience or witness behavior conflicting with our code of conduct, please contact a volunteer or venue staff. Both BSidesOK volunteers and the venue staff will be happy to assist. Reporting can also be done by emailing info@bsidesok.com. All email reports are treated with the utmost sensitivity and are solely reviewed by the BSidesOK team.\r\n\r\n– The BSidesOK Team","home_menu_id":120,"name":"BSidesOK 2024","tagline_text":null,"id":136,"start_date":"2024-04-03","hidden":false,"updated_at":{"seconds":1712082181,"nanoseconds":100105000}},{"end_date":"2024-04-13","end_timestamp_str":"2024-04-14T03:59:59+00:00","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1712894400,"nanoseconds":0},"enable_merch":false,"code":"BSIDESPR2024","maps":[],"start_timestamp":{"seconds":1712894400,"nanoseconds":0},"timezone":"America/Puerto_Rico","link":"","description":"","kickoff_timestamp_str":"2024-04-12T04:00:00+00:00","enable_merch_cart":false,"conference_id":135,"end_timestamp":{"seconds":1713067199,"nanoseconds":0},"start_timestamp_str":"2024-04-12T04:00:00+00:00","codeofconduct":"# Scope\r\n\r\nThis Code of Conduct (CoC) will be in effect for the duration and the entirety of all BSidesPR events and related ancillary events, including, but not limited to the following: pre-event organizational meetings, evening receptions, breakout sessions, etc. Violations of this CoC outside these spaces may affect a person's ability to participate within them. BSidesPR will work synergistically alongside other institutional policies (e.g., violations of BSidesPR CoC may have consequences at the level of the host institution as well) but will supersede any less comprehensive or less inclusive policy.\r\n\r\nThis CoC applies to every individual or organization directly or tangentially involved with BSidesPR, including but not limited to event organizers, staff, volunteers, sponsors, vendors (catering, etc) facilities, and attendees. \r\n\r\n# Code of Conduct\r\n\r\nBy participating in BSidesPR, attendees agree to:\r\n\r\n- Act respectfully and courteously to each and every fellow attendee, supporting each other in endeavors to connect, learn, and contribute during conference proceedings, while acknowledging and respecting personal boundaries and comfort levels.\r\n- Refrain from demeaning, discriminatory, or harassing behavior and speech.\r\n  - Harassment includes, but is not limited to: deliberate intimidation; stalking, unwanted photography or recording (see Photography and Media policy); sustained or willful disruption of talks or other sessions; inappropriate physical contact; use of sexual or discriminatory imagery, comments, or jokes; unwelcome sexual attention or any behavior that makes attendees feel unwelcome or afraid.\r\n  - Discriminatory speech includes, but is not limited to: racist, misogynist, homophobic, transphobic, abelist, or anti-neurodivergent comments or jokes; or non-inclusive speech centered on an individual’s personal appearance, educational level, professional background, or technical skillset. \r\n- Contribute to the atmosphere of safety and security by looking out for one another and promptly reporting (see below) any dangerous situations or someone in distress. We rely on you to be part of the solution. We encourage you to speak up in the moment and/or report behavior that does not conform with this CoC.\r\n\r\n# Reporting\r\n\r\nAttendees who feel unsafe, uncomfortable, and/or have experienced or witnessed an incident of harassment or discrimination are encouraged to report the event. BSidesPR has a number of mechanisms in place to facilitate a report.\r\n\r\n- Attendees may email BSidesPR which will also be frequently monitored.\r\n- Attendees may report directly to any BSidesPR staff member, whom, if not trained in incident response prior to the event, will forward concerns immediately to a trained staff member.\r\n- In the event that an attendee wishes to make an anonymous complaint, they may do so using.  Anonymous complaints are taken seriously and acted on to the best of BSidesPR's ability. However, submitting anonymously without a certain level of detail with respect to parties involved may inhibit organizers’ ability to take specific action. Please be aware that all efforts will be taken to maintain anonymity, but that anonymity cannot be guaranteed in all cases.\r\n- We understand that each person may process a situation differently and that the decision to make a report can be a difficult one for a variety of reasons. While reports made in close proximity to the incident allow for us to respond that much quicker, attendees are encouraged to make a report no matter how much time may have elapsed from the event itself.\r\n\r\n# Violations\r\n\r\nBSidesPR does not tolerate harassment, discrimination, or any other CoC violations. Any attendee who violates the CoC will be subject to any lawful action deemed appropriate by event organizers, including but not limited to verbal and written warning, expulsion from event, or attendance ban from future events. \r\n\r\nAction based on violations will be undertaken by event organizers trained in incident response unless requiring escalation to law enforcement as required by law.\r\n\r\n# Non-Discrimination\r\n\r\nBSidesPR does not and shall not discriminate on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status, in any of its activities or operations. These activities include, but are not limited to, the appointment to and termination from its Board of Directors, hiring and firing of staff or contractors, selection of volunteers, selection of vendors, and providing of services.\r\n\r\nUpdated 11 December 2023\r\n\r\n# Non-Solicitation\r\n\r\nSolicitation is any form of requesting money, support or participation for products, groups, organizations or causes which are unrelated to our company. These include but are not limited to:\r\n\r\n- Seeking funds or donations for a non-profit organization\r\n- Asking for signatures for a petition\r\n- Selling merchandise or services\r\n- Requesting support for a political candidate\r\n- Engaging in religious proselytism\r\n\r\nDistribution refers to disseminating literature or material for commercial or political purposes.\r\n\r\nUpdated 11 December 2023\r\n\r\n# Resources Utilized\r\n\r\n- Ashe Dryden's Code of Conduct FAQ\r\n- Aurora and Gardiner, How to Respond to Code of Conduct Reports\r\n\r\nLanguage was adapted from the following Codes of Conduct (under Creative Commons licenses as per sources):\r\n\r\n- Open Con (CC BY 4.0)\r\n- SRCCON (CC BY-SA 4.0)","home_menu_id":119,"name":"BSides Puerto Rico 2024","tagline_text":null,"id":135,"start_date":"2024-04-12","updated_at":{"seconds":1709763704,"nanoseconds":259782000},"hidden":false},{"end_timestamp_str":"2024-02-18T06:59:59+00:00","end_date":"2024-02-17","supportdoc":"The Help & Support document for this conference has not yet been defined.","enable_merch":false,"kickoff_timestamp":{"seconds":1708099200,"nanoseconds":0},"code":"CACTUSCON2024","maps":[],"start_timestamp":{"seconds":1708066800,"nanoseconds":0},"timezone":"America/Denver","link":"","description":"","kickoff_timestamp_str":"2024-02-16T16:00:00+00:00","enable_merch_cart":false,"conference_id":132,"end_timestamp":{"seconds":1708239599,"nanoseconds":0},"start_timestamp_str":"2024-02-16T07:00:00+00:00","home_menu_id":116,"codeofconduct":"# Short Version\r\n\r\nCactusCon is dedicated to providing a harassment-free experience for everyone, regardless of gender, sexual orientation, disability, physical appearance, body size, race, or religion. We do not tolerate harassment of event participants in any form. Sexual language and imagery is not appropriate for any event venue, including talks. Event participants violating these rules may be sanctioned or expelled from the event without a refund at the discretion of the event organizers. This policy applies to all official CactusCon spaces, including our online platforms.\r\n\r\n# Long Version\r\n\r\n## Harassment\r\n\r\nHarassment includes offensive verbal or written comments related to gender, gender identity and expression, sexual orientation, disability, mental illness, physical appearance, body size, race, or religion. Additionally, CactusCon does not permit sexual images in public spaces, deliberate intimidation, stalking, following, harassing photography or recording, sustained disruption of talks or other events, inappropriate physical contact, or unwelcome sexual attention. Participants asked to stop any harassing behavior are expected to comply immediately.\r\n\r\n## Presenters & Sponsors\r\n\r\nPresenters, volunteers, and sponsors are also subject to the anti-harassment policy. In particular, presenters should not use sexualized images, activities, or other material. Sponsor staff (including volunteers) should not use sexualized clothing/uniforms/costumes, or otherwise create a sexualized environment.\r\n\r\n## Participants\r\n\r\nIf a participant engages in harassing or interruptive behavior, the event organizers may take any action they deem appropriate, including warning the offender or expulsion from the event with no refund.\r\n\r\n## Reporting\r\n\r\nIf you are being harassed by an attendee at CactusCon, there are multiple ways you can report: CactusCon volunteers will be available throughout the event space and can be identified by a GREEN CactusCon shirt and VOLUNTEER badge. Additionally, CactusCon senior staff can be identified by a Black STAFF hoodie and matching badge. Please seek out our volunteers or staff to report incidents. Event staff will be happy to help participants contact hotel/venue security or local law enforcement, provide escorts, or otherwise assist those experiencing harassment to feel safe for the duration of the event. We value your attendance. As always, in case of emergency, dial 911.\r\n\r\nFor those attending the conference on Discord, you can contact a moderator directly by sending !mod in #⁠help-and-support-🆘 or in a private DM to @Hacktar. This will open a private conversation with our moderator team. Additionally, you can ping @Moderator in a channel to get a moderator's attention. If you feel more comfortable discussing your concern with a member of our staff, please ping @CactusCon Staff or look for anyone with that role.\r\n\r\nThis Code of Conduct was forked from the example policy from the (Geek Feminism wiki, created by the Ada Initiative and other volunteers)[http://geekfeminism.wikia.com/wiki/Conference_anti-harassment/Policy], which is under a (Creative Commons Zero)[http://creativecommons.org/choose/zero/] license.","name":"CactusCon 12 (2024)","id":132,"tagline_text":null,"start_date":"2024-02-16","hidden":false,"updated_at":{"seconds":1708181362,"nanoseconds":824829000}},{"end_date":"2024-02-17","end_timestamp_str":"2024-02-17T21:59:59+00:00","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1708079400,"nanoseconds":0},"enable_merch":false,"code":"DISOBEY2024","maps":[],"start_timestamp":{"seconds":1708034400,"nanoseconds":0},"timezone":"Europe/Helsinki","link":"https://disobey.fi/2024/program","description":"","kickoff_timestamp_str":"2024-02-16T10:30:00+00:00","enable_merch_cart":false,"conference_id":134,"start_timestamp_str":"2024-02-15T22:00:00+00:00","end_timestamp":{"seconds":1708207199,"nanoseconds":0},"home_menu_id":118,"codeofconduct":"The Code of Conduct document for this conference has not yet been defined.","name":"Disobey 2024","tagline_text":null,"id":134,"start_date":"2024-02-16","hidden":false,"updated_at":{"seconds":1708098172,"nanoseconds":756350000}},{"end_timestamp_str":"2024-08-12T06:59:59+00:00","end_date":"2024-08-11","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1723219200,"nanoseconds":0},"enable_merch":false,"code":"DEFCON32","maps":[],"start_timestamp":{"seconds":1723100400,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2024-08-09T16:00:00+00:00","enable_merch_cart":false,"conference_id":133,"end_timestamp":{"seconds":1723445999,"nanoseconds":0},"start_timestamp_str":"2024-08-08T07:00:00+00:00","home_menu_id":117,"name":"DEF CON 32","tagline_text":null,"id":133,"start_date":"2024-08-08","hidden":false,"codeofconduct":"DEF CON provides a forum for open discussion between participants, where radical viewpoints are welcome and a high degree of skepticism is expected. However, insulting or harassing other participants is unacceptable. We want DEF CON to be a safe and productive environment for everyone. It’s not about what you look like but what’s in your mind and how you present yourself that counts at DEF CON.\r\n\r\nWe do not condone harassment against any participant, for any reason. Harassment includes deliberate intimidation and targeting individuals in a manner that makes them feel uncomfortable, unwelcome, or afraid.\r\n\r\nParticipants asked to stop any harassing behavior are expected to comply immediately. We reserve the right to respond to harassment in the manner we deem appropriate, including but not limited to expulsion without refund and referral to the relevant authorities.\r\n\r\nThis Code of Conduct applies to everyone participating at DEF CON - from attendees and exhibitors to speakers, press, volunteers, and Goons.\r\n\r\nAnyone can report harassment. If you are being harassed, notice that someone else is being harassed, or have any other concerns, you can contact a Goon, go to the registration desk, or info booth.\r\n\r\nConference staff will be happy to help participants contact hotel security, local law enforcement, or otherwise assist those experiencing harassment to feel safe for the duration of DEF CON.\r\n\r\nRemember: The CON is what you make of it, and as a community we can create a great experience for everyone.\r\n\r\n- The Dark Tangent\r\nhttps://www.defcon.org/html/links/dc-policy.html","updated_at":{"seconds":1707594043,"nanoseconds":295365000}},{"end_timestamp_str":"2023-12-30T22:59:59+00:00","end_date":"2023-12-30","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1703665800,"nanoseconds":0},"enable_merch":false,"code":"37C3","maps":[],"start_timestamp":{"seconds":1703631600,"nanoseconds":0},"timezone":"Europe/Berlin","link":"","description":"","kickoff_timestamp_str":"2023-12-27T08:30:00+00:00","enable_merch_cart":false,"conference_id":131,"start_timestamp_str":"2023-12-26T23:00:00+00:00","end_timestamp":{"seconds":1703977199,"nanoseconds":0},"home_menu_id":115,"codeofconduct":"The Code of Conduct document for this conference has not yet been defined.","name":"37C3","tagline_text":null,"id":131,"start_date":"2023-12-27","hidden":false,"updated_at":{"seconds":1703974788,"nanoseconds":426368000}},{"end_timestamp_str":"2023-12-09T04:59:59+00:00","end_date":"2023-12-08","supportdoc":"The Help & Support document for this conference has not yet been defined.","enable_merch":false,"kickoff_timestamp":{"seconds":1702044000,"nanoseconds":0},"code":"BSIDESPHILLY2023","maps":[{"file":"Philly_Netrality_Map_5th.pdf","filename":"Philly_Netrality_Map_5th.pdf","name":"Map","description":"Map","name_text":"Map","id":74,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESPHILLY2023%2FPhilly_Netrality_Map_5th.pdf?alt=media"}],"start_timestamp":{"seconds":1702011600,"nanoseconds":0},"timezone":"America/New_York","link":"","description":"","kickoff_timestamp_str":"2023-12-08T14:00:00+00:00","enable_merch_cart":false,"conference_id":130,"end_timestamp":{"seconds":1702097999,"nanoseconds":0},"start_timestamp_str":"2023-12-08T05:00:00+00:00","codeofconduct":"The Code of Conduct document for this conference has not yet been defined.","home_menu_id":114,"name":"BSides Philly 2023","id":130,"tagline_text":null,"start_date":"2023-12-08","hidden":false,"updated_at":{"seconds":1701910596,"nanoseconds":230590000}},{"end_timestamp_str":"2023-11-11T05:59:59+00:00","end_date":"2023-11-10","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1699627500,"nanoseconds":0},"enable_merch":false,"code":"BSIDESCHI2023","maps":[],"start_timestamp":{"seconds":1699596000,"nanoseconds":0},"timezone":"America/Chicago","link":"","description":"","kickoff_timestamp_str":"2023-11-10T14:45:00+00:00","enable_merch_cart":false,"conference_id":128,"end_timestamp":{"seconds":1699682399,"nanoseconds":0},"start_timestamp_str":"2023-11-10T06:00:00+00:00","codeofconduct":"# Code of Conduct \r\n\r\nBSides Chicago volunteers and staff are dedicated to providing a harassment-free experience for our speakers and participants. BSides Chicago is a working conference intended for professional collaboration and networking within the security community. This conference exists to encourage the open exchange of ideas and expression and requires an environment that recognizes the inherent worth of every person and group. \r\n\r\nWhile at the BSides Chicago conference or related social events harassment of any form should not be engaged in by any participants, to include attendees, members, speakers, sponsors, volunteers, and anyone else. The terms of this Code of Conduct are non-negotiable. This Code of Conduct may be revised at any time by BSides Chicago. Your agreement to abide by this policy and its terms is indicated by registration for or attendance at BSides Chicago.\r\n\r\n## EXPECTED BEHAVIOR\r\n\r\nAll BSides Chicago participants are expected to behave appropriately and this Code of Conduct. This involves not tolerating harassment in any form, including, but not limited to, offensive verbal comments related to gender, gender identity and expression, age, sexual orientation, disability, physical appearance, body size, race, ethnicity, religion, technology choices, sexual images in public spaces, deliberate intimidation, stalking, following, harassing photography or recording, sustained disruption of talks or other events, inappropriate physical contact, and unwelcome sexual attention.\r\n\r\nSponsors and speakers are also subject to the anti-harassment policy. In particular, they should not use sexualized images, activities, or other material. Staff (including volunteers) should not use sexualized clothing/uniforms/costumes, or otherwise create a sexualized environment. Speakers should not use sexual images, language, or any language or images that would constitute harassment as defined above in their talks.\r\n\r\nParticipants (or those who plan to participate) should conduct themselves at all times in a manner that comports with both the letter and spirit of this policy prohibiting abusive behavior and harassment, to include before, during or after the event.  This applies to statements made in on-line publications, social media postings, text messages, and all other forms of electronic communication.\r\n\r\nIf you are at a BSides Chicago event and are being harassed, notice someone else being harassed, or have any other concerns, please contact a member of the conference staff or hotel staff immediately. Conference staff can be identified by staff branded badges.\r\n\r\n## UNACCEPTABLE BEHAVIOR\r\n\r\nAll forms of harassment, which includes: the use of abusive, offensive or degrading language, harassing photography or recording, inappropriate physical contact, intimidation, stalking, unwelcome sexual advances or requests for sexual favors and sexual imagery. Any reports of harassment at this conference will be promptly responded to. Participants are expected to stop any harassing behavior immediately if asked. Anyone who witnesses or is subjected to unacceptable behavior should notify a conference organizer at once.\r\n\r\n## CONSEQUENCES OF UNACCEPTABLE BEHAVIOR\r\n\r\nIf a participant engages in harassing behavior, the conference organizers may take any action they deem appropriate, including warning the offender or expulsion from the conference with no refund. BSides Chicago reserves the right to exclude any participant found to be engaging in harassing behavior from participating in any further BSides Chicago events.\r\n\r\nIf a participant (or individual wishing to participate in a BSides Chicago event), through postings on social media or other on-line publications or another form of electronic communication, engages in conduct that violates this policy, whether before, during or after a BSides Chicago event, BSides Chicago may take appropriate corrective action, which could include imposing a temporary or permanent ban on an individual’s participation in future BSides Chicago events.\r\n\r\n## WHAT TO DO IF YOU WITNESS OR ARE SUBJECT TO UNACCEPTABLE BEHAVIOR\r\n\r\nIf you are being harassed, notice that someone else is being harassed, or have any other concerns, please contact a member of conference staff immediately. Conference staff can be identified by t-shirts/staff badges onsite; and an organizer can be found at the event registration counter at any time. You are also encouraged to contact our staff at BSides Chicago at security@bsideschicago.org.\r\n\r\n## INCIDENT RESPONSE\r\n\r\nOur staff has been briefed on our code of conduct and has agreed to abide by the listed Acceptable Behavior. As referenced above, if a participant engages in harassing behavior, the conference organizers may take any action they deem appropriate, ranging from issuance of a warning to the offending individual to expulsion from the conference with no refund, depending on the circumstances. BSides Chicago reserves the right to exclude any participant found to be engaging in harassing behavior from participating in any further BSides Chicago events, trainings or other activities.\r\n\r\nConference staff will also provide support to victims, including, but not limited to:\r\n- Assisting those experiencing harassment to ensure that they feel safe for the conference duration\r\n- Briefing key event staff for response/victim assistance\r\n- Contacting hotel/venue security or local law enforcement\r\n- Providing an escort","home_menu_id":112,"name":"BSidesChicago 2023","tagline_text":null,"id":128,"start_date":"2023-11-10","hidden":false,"updated_at":{"seconds":1699479219,"nanoseconds":940445000}},{"end_timestamp_str":"2023-11-05T04:59:59+00:00","end_date":"2023-11-04","supportdoc":"The Help & Support document for this conference has not yet been defined.","enable_merch":false,"kickoff_timestamp":{"seconds":1699106400,"nanoseconds":0},"code":"BSIDESDFW2023","maps":[],"start_timestamp":{"seconds":1699074000,"nanoseconds":0},"timezone":"America/Chicago","link":"","description":"","kickoff_timestamp_str":"2023-11-04T14:00:00+00:00","enable_merch_cart":false,"conference_id":129,"start_timestamp_str":"2023-11-04T05:00:00+00:00","end_timestamp":{"seconds":1699160399,"nanoseconds":0},"codeofconduct":"Behave yourselves!\r\n\r\nSecurity BSides Dallas - Fort Worth was founded to facilitate the exchange of information and the development of relationships. We welcome and encourage the expression and debate of ideas. We also recognize that we do not have to agree in order to listen to, and/or understand, a given point of view. However, there is a language and a behaviour that is appropriate and expected in achieving that discourse.\r\n\r\n- Harassment and/or abusive behaviour will not be tolerated.\r\n- Any participant that experiences and/or witnesses inappropriate behaviour is expected to report said behaviour to event staff.\r\n- Any participant that experiences and/or witnesses inappropriate behaviour is encouraged to ask the offending individual to stop.\r\n- Any participant asked to stop a behaviour is expected to comply immediately.\r\n\r\nEvent organizers reserve the right to respond to observed and/or reported behaviour in a manner deemed appropriate, including but not limited to expulsion without refund and referral to the relevant authorities.\r\n\r\nIt is our goal to ensure that the event is welcoming, enjoyable, and safe for all participants.\r\nBe exemplary for each other. See something, say something.","home_menu_id":113,"name":"BSidesDFW 2023","tagline_text":null,"id":129,"start_date":"2023-11-04","updated_at":{"seconds":1698962570,"nanoseconds":704527000},"hidden":false}]
\ No newline at end of file
+[{"end_date":"2024-05-27","end_timestamp_str":"2024-05-28T06:59:59+00:00","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1716825600,"nanoseconds":0},"enable_merch":false,"code":"BSIDESVANCOUVER2024","maps":[],"start_timestamp":{"seconds":1716706800,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2024-05-27T16:00:00+00:00","enable_merch_cart":false,"conference_id":139,"start_timestamp_str":"2024-05-26T07:00:00+00:00","end_timestamp":{"seconds":1716879599,"nanoseconds":0},"home_menu_id":123,"codeofconduct":"Simple Expectations\r\n\r\nWritten By The Community, For The Community\r\n\r\nBSides Vancouver is dedicated to providing an awesome event for all communities and community members and this means a harassment-free conference experience for everyone. We do not tolerate harassment in any form, and expect all of our conference participants to abide by our common ethos defined below:\r\n\r\n- Be an ADULT.\r\n- Be respectful, polite, honourable, tolerant and a positive contributor to our event and community.\r\n- Do not be crass, rude, ignorant or demeaning (Do unto others as you would have them do unto you).\r\n- Do not break any laws.\r\n- If you are unclear how to act respectfully in public: DO NOT ATTEND BSides Vancouver.\r\n\r\nEnforcement, Consequences, and Reporting\r\n\r\nIf an individual believes someone has violated this Code of Conduct or broken any laws, we ask them to make the conference organizers aware of the issue immediately so it can be dealt with appropriately (rather than post about it online / after the event).\r\n\r\nConference participants violating these simple rules may be sanctioned or expelled from the conference without a refund at the sole discretion of the conference organizers.\r\n\r\nPoints of Contact\r\n\r\nThe following can be contacted in regard to any issues related to the conference:\r\n\r\n- Event organizers (identified by BSides volunteer badges)\r\n\r\nYou may also send us your concerns online using the contact form at https://www.bsidesvancouver.com/code-of-conduct and someone will reply to you within 48 hours.","name":"BSides Vancouver 2024","id":139,"tagline_text":null,"start_date":"2024-05-26","updated_at":{"seconds":1712637740,"nanoseconds":278257000},"hidden":false},{"end_date":"2024-04-12","end_timestamp_str":"2024-04-13T03:59:59+00:00","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1712926800,"nanoseconds":0},"enable_merch":false,"code":"BSIDESHBG2024","maps":[],"start_timestamp":{"seconds":1712894400,"nanoseconds":0},"timezone":"America/New_York","link":"","description":"","kickoff_timestamp_str":"2024-04-12T13:00:00+00:00","enable_merch_cart":false,"conference_id":138,"start_timestamp_str":"2024-04-12T04:00:00+00:00","end_timestamp":{"seconds":1712980799,"nanoseconds":0},"codeofconduct":"The Code of Conduct document for this conference has not yet been defined.","home_menu_id":122,"name":"BSidesHBG 2024","tagline_text":null,"id":138,"start_date":"2024-04-12","hidden":false,"updated_at":{"seconds":1712611210,"nanoseconds":497034000}},{"end_timestamp_str":"2024-04-22T03:59:59+00:00","end_date":"2024-04-21","supportdoc":"The Help & Support document for this conference has not yet been defined.","enable_merch":false,"kickoff_timestamp":{"seconds":1713621600,"nanoseconds":0},"code":"BSIDESCHARM2024","maps":[],"start_timestamp":{"seconds":1713585600,"nanoseconds":0},"timezone":"America/New_York","link":"","description":"","kickoff_timestamp_str":"2024-04-20T14:00:00+00:00","enable_merch_cart":false,"conference_id":137,"start_timestamp_str":"2024-04-20T04:00:00+00:00","end_timestamp":{"seconds":1713758399,"nanoseconds":0},"home_menu_id":121,"codeofconduct":"Our “Code of Conduct” is “Be Excellent to Each Other”.\r\n\r\nWe expect the best behavior from our attendees, speakers, sponsors, staff, and other participants to create a safe and positive environment for everyone.\r\n\r\nWe have no tolerance for verbal, physical, or sexual harassments against any individual.\r\n\r\nSpeakers and presenters appreciate legitimate questions and alternate points of view. This is how we all learn. Asking questions of a speaker during their talk, to get clarity or debate a point, is acceptable and encouraged. However, heckling speakers, engaging in any disruptive behavior, or interfering with a presentation or training is unacceptable behavior and will be considered harassment which could become grounds for you being asked to leave the conference.\r\n\r\nYou will not engage in any form of harassing, offensive, discriminatory, or threatening speech or behavior, including (but not limited to) relating to race, gender, gender identity and expression, national origin, religion, disability, marital status, age, sexual orientation, military or veteran status, or other protected category.\r\n\r\nIf you witness activity that violates the letter or spirit of this Code of Conduct, please alert a staff member. Staff are designated as the Board, Organizers, and Volunteers.\r\n\r\nIf someone asks YOU to stop a certain kind of behavior, please stop.\r\n\r\nBSidesCharm has the right, and duty, to remove any harmful influence from the event for the safety of others.","name":"BSidesCharm 2024","tagline_text":null,"id":137,"start_date":"2024-04-20","updated_at":{"seconds":1712085403,"nanoseconds":760253000},"hidden":false},{"end_timestamp_str":"2024-04-06T04:59:59+00:00","end_date":"2024-04-05","supportdoc":"The Help & Support document for this conference has not yet been defined.","enable_merch":false,"kickoff_timestamp":{"seconds":1712293200,"nanoseconds":0},"code":"BSIDESOK2024","maps":[],"start_timestamp":{"seconds":1712120400,"nanoseconds":0},"timezone":"America/Chicago","link":"","description":"","kickoff_timestamp_str":"2024-04-05T05:00:00+00:00","enable_merch_cart":false,"conference_id":136,"start_timestamp_str":"2024-04-03T05:00:00+00:00","end_timestamp":{"seconds":1712379599,"nanoseconds":0},"codeofconduct":"Everyone deserves to attend a learning event, community or professional, with a reasonable expectation of good behavior. The BSidesOK Team expects that while attending this conference you treat everyone with the love and respect you wish to receive. This applies to all attendees, speakers, volunteers, vendors, and anyone in between. We feel that if you do that, then this conference will once again run smoothly and we will all have a good time.\r\n\r\nDon’t be an ass!\r\n\r\nIf you experience or witness behavior conflicting with our code of conduct, please contact a volunteer or venue staff. Both BSidesOK volunteers and the venue staff will be happy to assist. Reporting can also be done by emailing info@bsidesok.com. All email reports are treated with the utmost sensitivity and are solely reviewed by the BSidesOK team.\r\n\r\n– The BSidesOK Team","home_menu_id":120,"name":"BSidesOK 2024","tagline_text":null,"id":136,"start_date":"2024-04-03","hidden":false,"updated_at":{"seconds":1712082181,"nanoseconds":100105000}},{"end_date":"2024-04-13","end_timestamp_str":"2024-04-14T03:59:59+00:00","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1712894400,"nanoseconds":0},"enable_merch":false,"code":"BSIDESPR2024","maps":[],"start_timestamp":{"seconds":1712894400,"nanoseconds":0},"timezone":"America/Puerto_Rico","link":"","description":"","kickoff_timestamp_str":"2024-04-12T04:00:00+00:00","enable_merch_cart":false,"conference_id":135,"end_timestamp":{"seconds":1713067199,"nanoseconds":0},"start_timestamp_str":"2024-04-12T04:00:00+00:00","codeofconduct":"# Scope\r\n\r\nThis Code of Conduct (CoC) will be in effect for the duration and the entirety of all BSidesPR events and related ancillary events, including, but not limited to the following: pre-event organizational meetings, evening receptions, breakout sessions, etc. Violations of this CoC outside these spaces may affect a person's ability to participate within them. BSidesPR will work synergistically alongside other institutional policies (e.g., violations of BSidesPR CoC may have consequences at the level of the host institution as well) but will supersede any less comprehensive or less inclusive policy.\r\n\r\nThis CoC applies to every individual or organization directly or tangentially involved with BSidesPR, including but not limited to event organizers, staff, volunteers, sponsors, vendors (catering, etc) facilities, and attendees. \r\n\r\n# Code of Conduct\r\n\r\nBy participating in BSidesPR, attendees agree to:\r\n\r\n- Act respectfully and courteously to each and every fellow attendee, supporting each other in endeavors to connect, learn, and contribute during conference proceedings, while acknowledging and respecting personal boundaries and comfort levels.\r\n- Refrain from demeaning, discriminatory, or harassing behavior and speech.\r\n  - Harassment includes, but is not limited to: deliberate intimidation; stalking, unwanted photography or recording (see Photography and Media policy); sustained or willful disruption of talks or other sessions; inappropriate physical contact; use of sexual or discriminatory imagery, comments, or jokes; unwelcome sexual attention or any behavior that makes attendees feel unwelcome or afraid.\r\n  - Discriminatory speech includes, but is not limited to: racist, misogynist, homophobic, transphobic, abelist, or anti-neurodivergent comments or jokes; or non-inclusive speech centered on an individual’s personal appearance, educational level, professional background, or technical skillset. \r\n- Contribute to the atmosphere of safety and security by looking out for one another and promptly reporting (see below) any dangerous situations or someone in distress. We rely on you to be part of the solution. We encourage you to speak up in the moment and/or report behavior that does not conform with this CoC.\r\n\r\n# Reporting\r\n\r\nAttendees who feel unsafe, uncomfortable, and/or have experienced or witnessed an incident of harassment or discrimination are encouraged to report the event. BSidesPR has a number of mechanisms in place to facilitate a report.\r\n\r\n- Attendees may email BSidesPR which will also be frequently monitored.\r\n- Attendees may report directly to any BSidesPR staff member, whom, if not trained in incident response prior to the event, will forward concerns immediately to a trained staff member.\r\n- In the event that an attendee wishes to make an anonymous complaint, they may do so using.  Anonymous complaints are taken seriously and acted on to the best of BSidesPR's ability. However, submitting anonymously without a certain level of detail with respect to parties involved may inhibit organizers’ ability to take specific action. Please be aware that all efforts will be taken to maintain anonymity, but that anonymity cannot be guaranteed in all cases.\r\n- We understand that each person may process a situation differently and that the decision to make a report can be a difficult one for a variety of reasons. While reports made in close proximity to the incident allow for us to respond that much quicker, attendees are encouraged to make a report no matter how much time may have elapsed from the event itself.\r\n\r\n# Violations\r\n\r\nBSidesPR does not tolerate harassment, discrimination, or any other CoC violations. Any attendee who violates the CoC will be subject to any lawful action deemed appropriate by event organizers, including but not limited to verbal and written warning, expulsion from event, or attendance ban from future events. \r\n\r\nAction based on violations will be undertaken by event organizers trained in incident response unless requiring escalation to law enforcement as required by law.\r\n\r\n# Non-Discrimination\r\n\r\nBSidesPR does not and shall not discriminate on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status, in any of its activities or operations. These activities include, but are not limited to, the appointment to and termination from its Board of Directors, hiring and firing of staff or contractors, selection of volunteers, selection of vendors, and providing of services.\r\n\r\nUpdated 11 December 2023\r\n\r\n# Non-Solicitation\r\n\r\nSolicitation is any form of requesting money, support or participation for products, groups, organizations or causes which are unrelated to our company. These include but are not limited to:\r\n\r\n- Seeking funds or donations for a non-profit organization\r\n- Asking for signatures for a petition\r\n- Selling merchandise or services\r\n- Requesting support for a political candidate\r\n- Engaging in religious proselytism\r\n\r\nDistribution refers to disseminating literature or material for commercial or political purposes.\r\n\r\nUpdated 11 December 2023\r\n\r\n# Resources Utilized\r\n\r\n- Ashe Dryden's Code of Conduct FAQ\r\n- Aurora and Gardiner, How to Respond to Code of Conduct Reports\r\n\r\nLanguage was adapted from the following Codes of Conduct (under Creative Commons licenses as per sources):\r\n\r\n- Open Con (CC BY 4.0)\r\n- SRCCON (CC BY-SA 4.0)","home_menu_id":119,"name":"BSides Puerto Rico 2024","tagline_text":null,"id":135,"start_date":"2024-04-12","updated_at":{"seconds":1709763704,"nanoseconds":259782000},"hidden":false},{"end_timestamp_str":"2024-02-18T06:59:59+00:00","end_date":"2024-02-17","supportdoc":"The Help & Support document for this conference has not yet been defined.","enable_merch":false,"kickoff_timestamp":{"seconds":1708099200,"nanoseconds":0},"code":"CACTUSCON2024","maps":[],"start_timestamp":{"seconds":1708066800,"nanoseconds":0},"timezone":"America/Denver","link":"","description":"","kickoff_timestamp_str":"2024-02-16T16:00:00+00:00","enable_merch_cart":false,"conference_id":132,"end_timestamp":{"seconds":1708239599,"nanoseconds":0},"start_timestamp_str":"2024-02-16T07:00:00+00:00","home_menu_id":116,"codeofconduct":"# Short Version\r\n\r\nCactusCon is dedicated to providing a harassment-free experience for everyone, regardless of gender, sexual orientation, disability, physical appearance, body size, race, or religion. We do not tolerate harassment of event participants in any form. Sexual language and imagery is not appropriate for any event venue, including talks. Event participants violating these rules may be sanctioned or expelled from the event without a refund at the discretion of the event organizers. This policy applies to all official CactusCon spaces, including our online platforms.\r\n\r\n# Long Version\r\n\r\n## Harassment\r\n\r\nHarassment includes offensive verbal or written comments related to gender, gender identity and expression, sexual orientation, disability, mental illness, physical appearance, body size, race, or religion. Additionally, CactusCon does not permit sexual images in public spaces, deliberate intimidation, stalking, following, harassing photography or recording, sustained disruption of talks or other events, inappropriate physical contact, or unwelcome sexual attention. Participants asked to stop any harassing behavior are expected to comply immediately.\r\n\r\n## Presenters & Sponsors\r\n\r\nPresenters, volunteers, and sponsors are also subject to the anti-harassment policy. In particular, presenters should not use sexualized images, activities, or other material. Sponsor staff (including volunteers) should not use sexualized clothing/uniforms/costumes, or otherwise create a sexualized environment.\r\n\r\n## Participants\r\n\r\nIf a participant engages in harassing or interruptive behavior, the event organizers may take any action they deem appropriate, including warning the offender or expulsion from the event with no refund.\r\n\r\n## Reporting\r\n\r\nIf you are being harassed by an attendee at CactusCon, there are multiple ways you can report: CactusCon volunteers will be available throughout the event space and can be identified by a GREEN CactusCon shirt and VOLUNTEER badge. Additionally, CactusCon senior staff can be identified by a Black STAFF hoodie and matching badge. Please seek out our volunteers or staff to report incidents. Event staff will be happy to help participants contact hotel/venue security or local law enforcement, provide escorts, or otherwise assist those experiencing harassment to feel safe for the duration of the event. We value your attendance. As always, in case of emergency, dial 911.\r\n\r\nFor those attending the conference on Discord, you can contact a moderator directly by sending !mod in #⁠help-and-support-🆘 or in a private DM to @Hacktar. This will open a private conversation with our moderator team. Additionally, you can ping @Moderator in a channel to get a moderator's attention. If you feel more comfortable discussing your concern with a member of our staff, please ping @CactusCon Staff or look for anyone with that role.\r\n\r\nThis Code of Conduct was forked from the example policy from the (Geek Feminism wiki, created by the Ada Initiative and other volunteers)[http://geekfeminism.wikia.com/wiki/Conference_anti-harassment/Policy], which is under a (Creative Commons Zero)[http://creativecommons.org/choose/zero/] license.","name":"CactusCon 12 (2024)","id":132,"tagline_text":null,"start_date":"2024-02-16","hidden":false,"updated_at":{"seconds":1708181362,"nanoseconds":824829000}},{"end_date":"2024-02-17","end_timestamp_str":"2024-02-17T21:59:59+00:00","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1708079400,"nanoseconds":0},"enable_merch":false,"code":"DISOBEY2024","maps":[],"start_timestamp":{"seconds":1708034400,"nanoseconds":0},"timezone":"Europe/Helsinki","link":"https://disobey.fi/2024/program","description":"","kickoff_timestamp_str":"2024-02-16T10:30:00+00:00","enable_merch_cart":false,"conference_id":134,"start_timestamp_str":"2024-02-15T22:00:00+00:00","end_timestamp":{"seconds":1708207199,"nanoseconds":0},"home_menu_id":118,"codeofconduct":"The Code of Conduct document for this conference has not yet been defined.","name":"Disobey 2024","tagline_text":null,"id":134,"start_date":"2024-02-16","hidden":false,"updated_at":{"seconds":1708098172,"nanoseconds":756350000}},{"end_timestamp_str":"2024-08-12T06:59:59+00:00","end_date":"2024-08-11","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1723219200,"nanoseconds":0},"enable_merch":false,"code":"DEFCON32","maps":[],"start_timestamp":{"seconds":1723100400,"nanoseconds":0},"timezone":"America/Los_Angeles","link":"","description":"","kickoff_timestamp_str":"2024-08-09T16:00:00+00:00","enable_merch_cart":false,"conference_id":133,"end_timestamp":{"seconds":1723445999,"nanoseconds":0},"start_timestamp_str":"2024-08-08T07:00:00+00:00","home_menu_id":117,"name":"DEF CON 32","tagline_text":null,"id":133,"start_date":"2024-08-08","hidden":false,"codeofconduct":"DEF CON provides a forum for open discussion between participants, where radical viewpoints are welcome and a high degree of skepticism is expected. However, insulting or harassing other participants is unacceptable. We want DEF CON to be a safe and productive environment for everyone. It’s not about what you look like but what’s in your mind and how you present yourself that counts at DEF CON.\r\n\r\nWe do not condone harassment against any participant, for any reason. Harassment includes deliberate intimidation and targeting individuals in a manner that makes them feel uncomfortable, unwelcome, or afraid.\r\n\r\nParticipants asked to stop any harassing behavior are expected to comply immediately. We reserve the right to respond to harassment in the manner we deem appropriate, including but not limited to expulsion without refund and referral to the relevant authorities.\r\n\r\nThis Code of Conduct applies to everyone participating at DEF CON - from attendees and exhibitors to speakers, press, volunteers, and Goons.\r\n\r\nAnyone can report harassment. If you are being harassed, notice that someone else is being harassed, or have any other concerns, you can contact a Goon, go to the registration desk, or info booth.\r\n\r\nConference staff will be happy to help participants contact hotel security, local law enforcement, or otherwise assist those experiencing harassment to feel safe for the duration of DEF CON.\r\n\r\nRemember: The CON is what you make of it, and as a community we can create a great experience for everyone.\r\n\r\n- The Dark Tangent\r\nhttps://www.defcon.org/html/links/dc-policy.html","updated_at":{"seconds":1707594043,"nanoseconds":295365000}},{"end_timestamp_str":"2023-12-30T22:59:59+00:00","end_date":"2023-12-30","supportdoc":"The Help & Support document for this conference has not yet been defined.","kickoff_timestamp":{"seconds":1703665800,"nanoseconds":0},"enable_merch":false,"code":"37C3","maps":[],"start_timestamp":{"seconds":1703631600,"nanoseconds":0},"timezone":"Europe/Berlin","link":"","description":"","kickoff_timestamp_str":"2023-12-27T08:30:00+00:00","enable_merch_cart":false,"conference_id":131,"start_timestamp_str":"2023-12-26T23:00:00+00:00","end_timestamp":{"seconds":1703977199,"nanoseconds":0},"home_menu_id":115,"codeofconduct":"The Code of Conduct document for this conference has not yet been defined.","name":"37C3","tagline_text":null,"id":131,"start_date":"2023-12-27","hidden":false,"updated_at":{"seconds":1703974788,"nanoseconds":426368000}},{"end_timestamp_str":"2023-12-09T04:59:59+00:00","end_date":"2023-12-08","supportdoc":"The Help & Support document for this conference has not yet been defined.","enable_merch":false,"kickoff_timestamp":{"seconds":1702044000,"nanoseconds":0},"code":"BSIDESPHILLY2023","maps":[{"file":"Philly_Netrality_Map_5th.pdf","filename":"Philly_Netrality_Map_5th.pdf","name":"Map","description":"Map","name_text":"Map","id":74,"sort_order":1,"url":"https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/BSIDESPHILLY2023%2FPhilly_Netrality_Map_5th.pdf?alt=media"}],"start_timestamp":{"seconds":1702011600,"nanoseconds":0},"timezone":"America/New_York","link":"","description":"","kickoff_timestamp_str":"2023-12-08T14:00:00+00:00","enable_merch_cart":false,"conference_id":130,"end_timestamp":{"seconds":1702097999,"nanoseconds":0},"start_timestamp_str":"2023-12-08T05:00:00+00:00","codeofconduct":"The Code of Conduct document for this conference has not yet been defined.","home_menu_id":114,"name":"BSides Philly 2023","id":130,"tagline_text":null,"start_date":"2023-12-08","hidden":false,"updated_at":{"seconds":1701910596,"nanoseconds":230590000}}]
\ No newline at end of file