BSides Boise

Slide Deck 

Traditionally, a Security Operations Center is seen as a cost-center. It doesn't have to be this way. This talk will approach building a modern SOC that provides tangible (dollar) value to the business while also maintaining the standard of excellence security practitioners expect. It explores building a SOC from first principles in terms of capabilities, priorities, and processes that will lead to measurable outcomes you can use to prove the value provided.

Slide Deck

WiFi optimization and cabling to selecting the right router hardware, coupled with practical tips for securing and enhancing your network's performance. Additionally, we'll touch on integrating Home Assistant for home automation, ensuring your smart home is both efficient and secure. This condensed overview aims to provide attendees with a foundational understanding of home networking and the steps to take towards a smarter, more secure home environment.

Slide Deck

Join Shelby Spencer, a seasoned Red Teamer with over a decade of industry experience, in an informative talk at the upcoming security conference. This presentation delves into prevalent physical security vulnerabilities that are common within commercial environments, featuring live demonstrations of these exploits using a miniaturized security door. The talk focuses on high-impact, high-success, low-skill style attacks, and the session aims to equip physical red-teamers and businesses with crucial awareness of these attacks. In addition to showcasing attacks, Spencer will address proactive defensive measures that companies can adopt to thwart these threats. Don't miss this opportunity to enhance your understanding of practical security concerns and fortify your organization against potential breaches. 

Slide Deck

You are interested in cybersecurity. How do you get started? What kinds of informal learning are available? What about certifications? Are there formal cybersecurity education pathways that lead to degrees? Join me to learn about cybersecurity education pathways.

In this session, I will delve into how small businesses can practically apply AI technologies. Attendees will gain insights on adopting AI to improve efficiency and competitiveness, focusing on general strategies for easy integration and long-term benefits. I will also discuss overcoming common barriers to AI adoption in a small business setting. 

A brief presentation discussing the unique challenges of health care cybersecurity including the tension between HIPAA compliance and staff usability; older devices outside of mainstream patching and support; and the critical consideration of patient safety as a counterbalance to quarantining efforts.

Shadowscape researchers found and were able to successfully exploit a 0-day in Google Looker that allowed RLS bypassing. Would be interesting to share the approach and correspondence process between Google.