NYC Area Security Folks – Come to SOS!

Every year the NYU School of Engineering hosts Cyber Security Awareness Week (CSAW) – the largest student-run security event in the country. This year, we're trying something new that combines two of my favorite things: security and open source.

The inaugural Security: Open Source (SOS) workshop, held this November 10 at NYU Tandon will feature the creators of some really cool new security tools talking about their projects. It's happening the day before one of the best CTF challenges out there, so we're expecting an audience that's not afraid of technical detail :)

What will you hear about at SOS? Here some of the cool speakers and topics:

  • Félix Cloutier will tell us about his open-source decompiler, fcd. This is a great example of incorporating cutting edge academic research into an open-source tool that anyone can use. Félix is also a former CSAW CTF competititor.
  • Mike Arpaia, co-founder of Kolide, will talk about osquery, a new open-source operating system instrumentation framework and toolset he created while at Facebook. Mike will talk about his experience managing an open-source security project and how to make it successful.
  • Patrick Hulin from MIT Lincoln Laboratory will talk about a new differential debugging technique he's devised. Patrick is one of the lead developers on PANDA, and he'll talk about how he used another great open-source tool, Mozilla rr, to automatically do root-cause debugging on devilishly tricky record/replay bugs.
  • Jamie Levy, one of the core developers on the Volatility memory forensics framework, will talk about taking memory forensics to the next level. Jamie is one of the most talented forensic investigators and developers I know and this should be a great talk!
  • Jonathan Salwan and Romain Thomas from Quarkslab will present a deep dive on Triton, their exciting binary analysis platform that combines symbolic execution and dynamic taint analysis, and demonstrate how it can be used to defeat virtualization-based obfuscation techniques.
  • Ryan Stortz from Trail of Bits will talk about how they took the DARPA Cyber Grand Challenge test programs and ported them to run on OS X and Linux. This opens up some really cool possibilities for using them to evaluate the effectiveness of different security tools!
  • Andrew Dutcher of UCSB will talk about angr, their Python-based binary analysis platform that aims to bring together tons of state-of-the-art analyses under one roof. They've recently used it to get third place in the DARPA Cyber Grand Challenge, and it's become a popular tool for CTF players around the world.
SOS will take place in the Pfizer Auditorium at the NYU Tandon School of Engineering in Brooklyn from 10:30am-5:30pm on November 10, the day before the CSAW CTF.

So what are you waiting for? Go register!

Comments

Popular posts from this blog

Someone’s Been Messing With My Subnormals!

Decrypting LSA Secrets

SysKey and the SAM