{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2024.3.1"}, "schedule": {"url": "https://cfp.pacifichackers.com/hackthebay-2025/schedule/", "version": "0.23", "base_url": "https://cfp.pacifichackers.com", "conference": {"acronym": "hackthebay-2025", "title": "HackTheBay 2.0", "start": "2025-04-28", "end": "2025-04-28", "daysCount": 1, "timeslot_duration": "00:05", "time_zone_name": "America/Los_Angeles", "colors": {"primary": "#000000"}, "rooms": [{"name": "MAIN TRACK", "guid": "c7bc739b-5ded-5839-bbca-fa1b5799b305", "description": "MAIN TRACK", "capacity": 300}, {"name": "TRACK 2", "guid": "b6e3d7d0-87ca-5cd8-b21a-734946a2ddc9", "description": "TRACK 2", "capacity": 150}, {"name": "SOLDERING VILLAGE", "guid": "2751fe3d-5191-58b4-8075-11ef48fe1c6a", "description": "SOLDERING VILLAGE", "capacity": null}], "tracks": [{"name": "TALK", "color": "#04acd6"}, {"name": "WORKSHOP", "color": "#b91176"}, {"name": "KEYNOTE", "color": "#ff5000"}, {"name": "HAPPY HOUR", "color": "#7600ff"}, {"name": "OPENING CEREMONY", "color": "#d2d931"}, {"name": "CLOSING CEREMONY", "color": "#27e751"}], "days": [{"index": 1, "date": "2025-04-28", "day_start": "2025-04-28T04:00:00-07:00", "day_end": "2025-04-29T03:59:00-07:00", "rooms": {"MAIN TRACK": [{"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/BCDYXL/", "id": 35, "guid": "ce307a30-c13a-5740-92a0-c4c4c9e9d37c", "date": "2025-04-28T09:15:00-07:00", "start": "09:15", "logo": null, "duration": "00:15", "room": "MAIN TRACK", "slug": "hackthebay-2025-35-welcome-ceremony", "title": "WELCOME CEREMONY", "subtitle": "", "track": "OPENING CEREMONY", "type": "Lightning Talk", "language": "en", "abstract": "WELCOME CEREMONY", "description": "WELCOME CEREMONY", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/ZADCW7/", "id": 36, "guid": "2969806a-21af-5fd3-971f-41ab207a8180", "date": "2025-04-28T09:30:00-07:00", "start": "09:30", "logo": null, "duration": "00:30", "room": "MAIN TRACK", "slug": "hackthebay-2025-36-keynote", "title": "KEYNOTE", "subtitle": "", "track": "KEYNOTE", "type": "Keynote", "language": "en", "abstract": "OPENING KEYNOTE", "description": "OPENING KEYNOTE", "recording_license": "", "do_not_record": false, "persons": [{"guid": "957fbc83-becd-500a-90f3-7d8278a4b4f1", "id": 44, "code": "AXUV9A", "public_name": "Malcolm Harkins", "avatar": "https://cfp.pacifichackers.com/media/avatars/AXUV9A_7AzelKN.jpg", "biography": "Malcolm Harkins is Chief Security and Trust Officer at HiddenLayer. Harkins has more than two decades of experience in information security leadership roles at top technology companies, including Intel, Cylance, and others. He\u2019s written multiple books on risk management, information security, and IT and earned awards from the RSA Conference, ISC2, Computerworld, and the Security Advisor Alliance. Harkins has testified before the Federal Trade Commission and U.S. Senate Committee on Commerce, Science, and Transportation. Harkins is a Fellow with the Institute for Critical Infrastructure Technology, a non-partisan think tank providing cybersecurity expertise to the House of Representatives, Senate, and various federal agencies. He holds a bachelor\u2019s degree in economics from UC Irvine and an MBA from UC Davis. Harkins also previously taught at UCLA\u2019s Anderson School of Management and Susquehanna University.", "answers": []}, {"guid": "b49abccc-3759-5322-a637-ef8db762b21d", "id": 45, "code": "38HQBG", "public_name": "Eoin Wickens", "avatar": "https://cfp.pacifichackers.com/media/avatars/38HQBG_e4zr05l.jpg", "biography": "Eoin Wickens is the Director of Threat Intelligence at HiddenLayer and specializes in AI security, threat research, and malware reverse engineering. He has authored numerous articles on AI security, co-authored a book on cyber threat intelligence, and spoken at conferences such as the SANS AI Cybersecurity Summit, BSides SF, LABSCON, 44CON, and delivered the 2024 ACM SCORED opening keynote. Eoin also serves as a co-lead of the OpenSSF Model Signing Project, an initiative under the Open Source Security Foundation's AI/ML Working Group, aiming to build a more secure AI supply chain. Eoin lives off the coast of mainland Ireland, and when he's not out at sea, he\u2019s probably thinking about how to get back there.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/XEVY8W/", "id": 10, "guid": "965c5bfc-1c3d-5908-8cec-2a295a3dcfec", "date": "2025-04-28T10:00:00-07:00", "start": "10:00", "logo": "https://cfp.pacifichackers.com/media/hackthebay-2025/submissions/XEVY8W/pocketpwn_ZwEZEm8.jpg", "duration": "00:45", "room": "MAIN TRACK", "slug": "hackthebay-2025-10-from-pocket-to-pwn-how-we-hacked-a-multinational-corporation-for-200-with-just-what-s-in-our-pockets-and-theirs-", "title": "From pocket to Pwn: How we hacked a multinational corporation for $200 with just what\u2019s in our pockets (and theirs)", "subtitle": "", "track": "TALK", "type": "Talk", "language": "en", "abstract": "Not all Red Team engagements are spearphish > mimikatz > profit. If nothing else, this talk proves that some jobs still involve crawling around car parks at night and hiding in bushes with a high gain antenna to gain your objective.\r\n\r\nTraditionally, cyber incidents and Red Team operations focus on compromising Windows devices as an initial infection vector but for modern cloud native companies, this approach simply doesn\u2019t work.\r\n\r\nIn this talk, we will explore how we compromised an Electric Vehicle to infiltrate a corporate Smartphone, leveraging legitimate applications and protocols to move laterally and achieve full compromise of the environment.\r\n\r\nWe will demonstrate the chaining of low code (and in some cases ancient techniques), abstract attack vectors targeting atypical devices and platforms and the abuse of protocols and inbuilt applications to conduct a full scale breach of the environment.", "description": "When Red Teaming a multinational technology company with an extensive security budget we had to think outside the box in order to leverage new attack pathways to gain a foothold in their environment where typical Red Teaming methodologies simply weren\u2019t viable.\r\n\r\nUsing readily available hardware and almost no code, we were able to abuse both application protocols and inbuilt applications to gain persistent access via a chained attack across multiple devices to gain system level access to a customer environment.\r\n\r\nThis talk will focus on a modified real world scenario which included:\r\n\r\nDenial of BlueTooth service (conceptual due to legal implications)\r\nWireless BadUSB\r\nModified Metasploit for Android\r\nAbuse of Android Debugging Tool (ADB) to gain persistent reverse shell over Mobile Service (not USB)\r\nAbuse of ADB for real time screen recording and interaction\r\nNetwork enumeration via ADB\r\nUsing ADB as a pivot for further compromise of the environment\r\nExfiltration of VPN configuration and subsequent abuse of MFA\r\nUndetectable data exfiltration via mobile service\r\n\r\nThis talk highlights how devastating attacks are still easily possible with a very low price entry point and virtually undetectable by most Security Tools. This talk will feature a live demo (if the demo gods deem it so) and aim to encourage aspiring penetration testers to think outside of the (Windows) box when approaching their objectives.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "f8d961f5-7c04-5ca5-b4fc-af4971276b49", "id": 13, "code": "LT87D8", "public_name": "Tim Shipp", "avatar": "https://cfp.pacifichackers.com/media/avatars/LT87D8_FlRjcfk.jpeg", "biography": "Tim is a highly experienced Cybersecurity expert with over two decades in both offensive and defensive cybersecurity, having built & led Incident Response (IR), Red Team, and Blue Team operations and developed technological platforms to revolutionize Incident response at scale. \r\n\r\nA Major in the British Army Cyber Reserves, Tim serves as a Subject Matter Expert to the British Ministry of Defence (MoD) specializing in both defensive and offensive security.\r\n\r\nHaving led hundreds of engagements globally, Tim has a wealth of experience in both defending and exploiting every conceivable industry vertical along with an astute knowledge of what technologies and processes work and where gaps lay in existing solutions and security programs. \r\n\r\nPrior to Co-founding ThreatLight, Tim\u2019s career included significant technical and leadership positions in top cybersecurity and technology firms, such as Accenture, Cybereason, Symantec, Airbus and Thales, contributing to his broad knowledge and innovative approach in the field.", "answers": []}, {"guid": "7e87a039-1821-5921-954b-458fc9e60cde", "id": 35, "code": "3YHW3F", "public_name": "Lisa Landau", "avatar": "https://cfp.pacifichackers.com/media/avatars/3YHW3F_PyvQgvq.jpeg", "biography": "Lisa is a seasoned cybersecurity executive with nearly two decades of global experience in high-growth\r\nstartups, where she has built business units, delivery functions, and customer-facing teams from the\r\nground up. She has led go-to-market efforts and driven long-term customer value.\r\n\r\nA veteran of the Intelligence Directorate of the Israel Defense Forces, Lisa brings a mission-focused,\r\noutcome-driven mindset shaped by her exposure to high-stakes, complex environments.\r\n\r\nShe is the CEO and Co-founder of ThreatLight. Previously, she was a founding executive at Cybereason\r\nJapan, helping establish its presence and lead it to market leadership and later served as Global EVP of\r\nSecurity Services Strategy & Planning, leading the design and growth of Cybereason\u2019s Security services.\r\n\r\nBased in Tokyo since 2013, Lisa sits on the Advisory Board of ISIC Japan. Most recently she was named\r\none of The Most Inspiring Women in Cybersecurity 2025.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/VHU3FS/", "id": 28, "guid": "77c520d0-d293-53d6-bc49-edea0bbf9df1", "date": "2025-04-28T10:45:00-07:00", "start": "10:45", "logo": null, "duration": "00:45", "room": "MAIN TRACK", "slug": "hackthebay-2025-28-adversarial-intelligence-redefining-application-security-through-the-eyes-of-an-attacker", "title": "Adversarial Intelligence: Redefining Application Security through the eyes of an attacker", "subtitle": "", "track": "TALK", "type": "Talk", "language": "en", "abstract": "Unveil how attackers exploit overlooked vulnerabilities with one of the creators of Pegasus. This talk dives into real-world attack chains, runtime analysis, and adversarial intelligence, arming you with advanced techniques to expose and mitigate threats in cloud-native and distributed systems.\r\n\r\nThis presentation explores Adversarial Intelligence - an approach that views application security from an attacker\u2019s perspective. Drawing from vulnerability research experience at the NSO Group and building Pegasus, the speaker will highlight how overlooked low and medium vulnerabilities can be combined to execute successful attacks. By examining attack chains and application runtime behavior, attendees will see how gaps often missed by traditional methods are exposed. Attendees will learn about effective tools and techniques for detecting and mitigating these threats, especially in cloud-native and distributed systems. Designed for security practitioners and academics, this session provides a deeper understanding of defending against sophisticated attackers by adopting their mindset.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "88f26763-ee27-55ce-9f93-ab7017fd376e", "id": 51, "code": "P3L9EA", "public_name": "Aviv Mussinger", "avatar": "https://cfp.pacifichackers.com/media/avatars/P3L9EA_Tx6D4fg.jpeg", "biography": "Aviv Mussinger, an alumnus of the elite 8200 unit with a B.Sc. in Electrical Engineering and Computer Science from Tel Aviv University, is a seasoned innovator in tech. His R&D prowess spans designing units for Mellanox's first 1Gb switch to building high-frequency trading infrastructures. Notably, Aviv led the research and development at NSO Group, investigating the application layer for security flaws and building a solution around them. Now at Kodem, he leverages this expertise to bring an attacker's perspective to application security and build the world's first AI native application security platform.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/RJBHD8/", "id": 18, "guid": "b757912d-f9ef-5901-b4e4-c77d9dd45a02", "date": "2025-04-28T11:30:00-07:00", "start": "11:30", "logo": null, "duration": "00:45", "room": "MAIN TRACK", "slug": "hackthebay-2025-18-netsec-is-dead-modern-network-fingerprinting-for-real-world-defense", "title": "Netsec is dead(?): Modern Network Fingerprinting for Real-World Defense", "subtitle": "", "track": "TALK", "type": "Talk", "language": "en", "abstract": "As scanning and reconnaissance grows more diverse - from public platforms like Shodan and Censys to hidden probing by botnets and bulletproof hosting services\u2014security teams need better ways to understand who is on the other side of their network connections. This talk will show how network fingerprinting has developed over time, starting with tools like p0f and moving up to more advanced methods like JA4, JA4+, and MuonFP. We\u2019ll discuss how these modern fingerprints can help analysts recognize the tools and infrastructure used by attackers\u2014whether they are fast scanners, basic banner grabbers, or connections routed through VPNs and jump servers. You\u2019ll learn how to use these fingerprints to strengthen your defenses, protect critical infrastructure, and reduce your visibility to public scanners. We will also explain how to fit fingerprinting into security team workflows, noting both what it can and cannot do. Attendees will leave with a practical understanding of modern fingerprinting techniques and a few examples they can apply in their daily work.", "description": "Network reconnaissance is often overshadowed by other threats, like phishing, yet it remains a critical first step in the kill chain. Because edge infrastructure is typically exposed around the clock, adversaries have a 24/7 opportunity to gather information and use it for initial exploitation. \r\nIn this talk, we\u2019ll trace the evolution of network fingerprinting, starting with traditional methods like p0f, which relied on passive TCP/IP signature analysis, and advancing to modern suits (JA4, JA4+, MuonFP). By walking through each generation of fingerprinting, I\u2019ll show how visibility has expanded along with the trade-offs and limitations inherent in these methods.\r\n\r\nI\u2019ll present real-world scenarios that highlight how to spot fast scanners indexing massive numbers of hosts, how to detect covert traffic routed via jump boxes and VPNs, and how to block lower-level banner-grabbers. We\u2019ll also discuss how these fingerprints can be integrated into SOC workflows, from building prioritized alerts to automating responses in firewalls and IDS.\r\n\r\nFinally, we\u2019ll wrap up with a practical checklist of tools, including Arkime and eBPF-based detection, as well as firewall rule approaches to immediately strengthen defenses. Attendees will leave with the knowledge and resources to apply modern fingerprinting for continuous monitoring, streamlined threat hunting, and reduced exposure to both mass and targeted network scans.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "e169747a-7f2e-52db-93d1-7ba03802d499", "id": 20, "code": "QYVVZF", "public_name": "Vlad Iliushin", "avatar": "https://cfp.pacifichackers.com/media/avatars/QYVVZF_yParVwr.jpeg", "biography": "Vlad is the co-founder and cybersecurity expert at ELLIO and President of the Anti-Malware Testing Standards Organization (AMTSO).\r\n\r\nA true cybersecurity enthusiast, Vlad\u2019s passionate about network security, IoT, and cyber deception. Before ELLIO, he founded and led the Avast IoT Lab (now Gen Digital), developing security features and researching IoT threats. He has spoken at many conferences, including Web Summit and South by Southwest (SXSW), where he demonstrated IoT vulnerabilities", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/3ZM9CY/", "id": 27, "guid": "020b1c07-498a-5773-a0bc-b5b667ae13c5", "date": "2025-04-28T12:15:00-07:00", "start": "12:15", "logo": null, "duration": "00:45", "room": "MAIN TRACK", "slug": "hackthebay-2025-27-beyond-detection-building-a-living-security-knowledge-ecosystem-with-snarf", "title": "Beyond Detection: Building a Living Security Knowledge Ecosystem with SNARF", "subtitle": "", "track": "TALK", "type": "Talk", "language": "en", "abstract": "In today's rapidly evolving threat landscape, organizations struggle not with a lack of security tools, but with effectively managing the complex web of knowledge required for robust security operations. This talk introduces SNARF (Security Knowledge Automation and Response Framework), an innovative approach to organizing, connecting, and maintaining security knowledge across the entire security lifecycle. We'll explore why traditional documentation methods fail security teams, how disconnected knowledge silos create dangerous blind spots, and why security is never a \"set it and forget it\" proposition. Learn how integrating threats, detections, testing procedures, response protocols, and automation into a unified, version-controlled ecosystem dramatically improves security posture while reducing analyst burnout. Discover practical strategies for implementing a living security knowledge repository that evolves with your organization and the threat landscape, turning your security documentation from a liability into a strategic asset.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "60ca7e12-92d1-5492-b143-ff637941e599", "id": 28, "code": "NUGPGV", "public_name": "John Owen", "avatar": "https://cfp.pacifichackers.com/media/avatars/NUGPGV_DGkj87J.jpg", "biography": "Cybersecurity and data analytics expert with 15+ years of experience and background in Digital Forensics and Mathematics. As Principal Consultant and Director of Security & Data Analytics at Fulcrum Technology Solutions, John leads cybersecurity operations and detection engineering. His expertise includes SIEM/SOC operations, vulnerability management, and big data. Founder of Next Gen Cyber Ed, a non-profit supporting K-12 cybersecurity education.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/QNZ3XY/", "id": 37, "guid": "8535f0f1-a4c7-5986-990d-f33f027fcd30", "date": "2025-04-28T13:00:00-07:00", "start": "13:00", "logo": null, "duration": "00:30", "room": "MAIN TRACK", "slug": "hackthebay-2025-37-keynote", "title": "KEYNOTE", "subtitle": "", "track": "KEYNOTE", "type": "Keynote", "language": "en", "abstract": "KEYNOTE", "description": "KEYNOTE", "recording_license": "", "do_not_record": false, "persons": [{"guid": "930401ba-9478-5769-9998-d7d7b3311a4a", "id": 43, "code": "K7SRA7", "public_name": "Jake Williams (aka MalwareJake)", "avatar": "https://cfp.pacifichackers.com/media/avatars/K7SRA7_jPLvD4x.jpg", "biography": "Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in the technology and security industries. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence, and offensive methodologies. Today, Jake is an IANS faculty member, VP of R&D at Hunter Strategy, independent security consultant, and is performing security-focused research to benefit the broader community. He has twice won the DoD Cyber Crime Center (DC3) annual digital forensics challenge and is the recipient of the NSA Exceptional Civilian Service Award.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/HVWUVF/", "id": 34, "guid": "9cca347a-7dce-5874-a6c4-aac194bc9c86", "date": "2025-04-28T13:30:00-07:00", "start": "13:30", "logo": null, "duration": "00:30", "room": "MAIN TRACK", "slug": "hackthebay-2025-34-breaking-down-silos-unify-assets-minimize-attack-exposure", "title": "Breaking Down Silos: Unify Assets, Minimize Attack Exposure", "subtitle": "", "track": "TALK", "type": "Lightning Talk", "language": "en", "abstract": "Security is tasked with understanding all threat vectors and uses a wide range of tooling to do so (endpoint, identities, and networks). But different tools performing different functions create silos and in between those disjointed siloes lie risks. Risks that can be mitigated by a single view across all assets across all systems. This session seeks to explore a unification of assets to minimize attack exposure.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "6b118612-0be5-568b-9cc9-0955f58c3232", "id": 34, "code": "NLZXZS", "public_name": "Lucas Zaichkowsky", "avatar": "https://cfp.pacifichackers.com/media/avatars/NLZXZS_B81qdMd.jpeg", "biography": "As a Senior Solutions Engineer at Axonius, Lucas has worked with several multinational F500 organizations to obtain situational awareness on asset visibility and defensive posturing. Previously he represented notable Data Forensics and Incident Response organizations where he worked with commercial enterprises, the defense industrial base, and government institutions to deploy measures designed to defend against the world's most sophisticated attack groups.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/SC9GX8/", "id": 30, "guid": "f72b781f-8d80-544a-bee3-b8c4a6ee7ef2", "date": "2025-04-28T14:00:00-07:00", "start": "14:00", "logo": "https://cfp.pacifichackers.com/media/hackthebay-2025/submissions/SC9GX8/Screenshot_2025-03-31_at_4.51.26PM.jpeg_p2BW4oo.png", "duration": "00:45", "room": "MAIN TRACK", "slug": "hackthebay-2025-30-sast-ai", "title": "SAST AI", "subtitle": "", "track": "TALK", "type": "Talk", "language": "en", "abstract": "Secure static code analysis with AI and patterns.", "description": "Will discuss deeply what is SAST is.\r\n(Static Application Security Testing) and how using AI and pattern matching find source code vulnerabilities.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "8c9cd207-8697-5e2b-8381-233ba733155c", "id": 31, "code": "CPGBYN", "public_name": "Bogdan Barchuk", "avatar": "https://cfp.pacifichackers.com/media/avatars/CPGBYN_GgcqhRj.jpg", "biography": "Bogdan's expertise includes penetration testing, vulnerability assessments, and securing Active Directory environments. He holds more than 20 cybersecurity certifications, such as CEH, OSCP, and CISM, reflecting his deep commitment to the industry. Barchuk is also active in the cybersecurity community, sharing insights and participating in events like OWASP, Pacific hackers, DEF CON and Black Hat", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/LYFTBR/", "id": 22, "guid": "1aa22209-2fe7-52f9-8174-1a43e70a11b0", "date": "2025-04-28T14:45:00-07:00", "start": "14:45", "logo": "https://cfp.pacifichackers.com/media/hackthebay-2025/submissions/LYFTBR/APi-hck_s2TFvY9.png", "duration": "00:45", "room": "MAIN TRACK", "slug": "hackthebay-2025-22-exploitation-techniques-in-apis-restful-soap-graphql-and-grpc-", "title": "Exploitation Techniques in APIs: RESTful, SOAP ,GraphQL and gRPC,", "subtitle": "", "track": "TALK", "type": "Talk", "language": "en", "abstract": "This talk will cover key exploitation techniques for RESTful, SOAP, GraphQL, and gRPC APIs, based on the OWASP API Security Top 10. It will include practical demonstrations of vulnerabilities like injection flaws, broken authentication, and data exposure using tools like Burp Suite and custom scripts. The session will also highlight the Open-Sec framework for structured API penetration testing.", "description": "This talk will explore key attack and exploitation techniques for RESTful, SOAP, GraphQL, and gRPC APIs, based on the OWASP API Security Top 10 framework. We'll cover practical methods to identify and exploit vulnerabilities such as injection flaws, broken authentication, and data exposure. The focus will be on real-world attack scenarios using tools like Burp Suite and custom scripts.\r\n\r\nWe'll dive into specific vulnerabilities for each API type: manipulating RESTful tokens, exploiting GraphQL query injection, compromising gRPC protobuf-based requests, and executing XML external entity (XXE) attacks on SOAP. The session will provide step-by-step demonstrations of these techniques, highlighting how to chain them for maximum impact.\r\n\r\nFinally, we'll discuss the Open-Sec framework and how to apply it to API penetration testing. This structured approach\u2014covering reconnaissance, scanning, testing, and analysis\u2014will help identify and exploit complex vulnerabilities, offering actionable insights to improve API security.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "693ce317-d1e5-5766-b7e8-9344d8850edc", "id": 25, "code": "LAWCVS", "public_name": "Toshiro Nagata Bolivar", "avatar": "https://cfp.pacifichackers.com/media/avatars/LAWCVS_7snbd8x.png", "biography": "Toshiro Nagata Bolivar is an Offensive Security Lead at Open-Sec and a professor at the Catholic University of Santa Mar\u00eda (UCSM). He has extensive experience in cybersecurity and holds multiple industry-recognized certifications, including Certified Red Team Operator (CRTO), Certified Network Defender (CND), DevSecOps Engineer (ECDE) from EC-Council, eLearnSecurity Certified Professional Penetration Tester (eCPPTv2), Web Application Penetration Tester (eWPT), Junior Penetration Tester (eJPT), Certified API Security Analyst (CASA), and Multi-Cloud Red Teaming Analyst (MCRTA), among others.\r\n\r\nAt Open-Sec, Toshiro specializes in offensive security, penetration testing, and vulnerability analysis, focusing on API security and the OWASP framework. His expertise includes web and infrastructure penetration testing in both internal and external networks, threat intelligence analysis, and real-world red teaming engagements. He is also involved in research on DLL Hijacking and API security exploitation, including advanced testing of RESTful, GraphQL, SOAP, and gRPC APIs.\r\n\r\nAs a professor at UCSM, Toshiro teaches cybersecurity, network infrastructure, and system security, contributing to the development of the next generation of security professionals. His work bridges the gap between theory and practice, applying real-world offensive security techniques to academic training and research.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/9NBABQ/", "id": 45, "guid": "49a87378-16c0-51c0-9b98-74ee25b6a202", "date": "2025-04-28T15:30:00-07:00", "start": "15:30", "logo": null, "duration": "00:30", "room": "MAIN TRACK", "slug": "hackthebay-2025-45-rules-writers-and-threat-hunters-in-the-age-of-ai", "title": "Rules Writers and Threat Hunters in the Age of AI", "subtitle": "", "track": "TALK", "type": "Lightning Talk", "language": "en", "abstract": "This presentation introduces LogLMs, transformer-based foundation models specifically pre-trained on log sequences. LogLMs understand the 'language' of logs, enabling it to identify anomalies and deviations from normal behavior across diverse protocols and usage patterns. Unlike rules-based systems, LogLMs adapt to changing environments through active learning and federated fine-tuning. This approach provides holistic security, including anomaly detection, threat hunting, real-time alerts, compliance, and forensics. We will see how a LogLM, deployed as TEMPO, detects novel attacks, and empowers forensic analysis.", "description": "To Be Determined", "recording_license": "", "do_not_record": false, "persons": [{"guid": "b7637be3-1eac-5834-bb4c-4e899f6a4696", "id": 42, "code": "3VCSM3", "public_name": "Eric Zietlow", "avatar": "https://cfp.pacifichackers.com/media/avatars/3VCSM3_DN4XRrh.jpeg", "biography": "Eric is a seasoned professional with extensive experience in the tech industry, spanning from full stack development to Solutions Architecture. Throughout his career, he has gained hands-on expertise working on cutting-edge distributed systems projects. Leveraging his diverse background, Eric has recently transitioned into the AI Security space, where he tackles new and complex challenges. Outside of work, he enjoys spending time with his family, 3D printing with his son and indulging in his passion for cooking, especially barbecue.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/J9FZJB/", "id": 12, "guid": "6af21f5f-d062-51c7-85b3-1c0c424cb0b8", "date": "2025-04-28T16:00:00-07:00", "start": "16:00", "logo": null, "duration": "00:45", "room": "MAIN TRACK", "slug": "hackthebay-2025-12-beyond-sast-advancing-vulnerability-detection-with-symbolic-execution", "title": "Beyond SAST: Advancing Vulnerability Detection with Symbolic Execution", "subtitle": "", "track": "TALK", "type": "Talk", "language": "en", "abstract": "Static analysis is crucial but limited in detecting vulnerabilities tied to dynamic data and runtime behavior. This session introduces symbolic execution to extend SAST\u2019s capabilities, showcasing how symbolic execution improves vulnerability detection through symbolic execution, illustrated with real-world examples and demonstrations.", "description": "Static Application Security Testing (SAST) is a vital tool for securing software, but its limitations, such as difficulty handling complex inputs, runtime behaviors, and dynamic data, can lead to missed vulnerabilities and false positives. This session explores these challenges and introduces symbolic execution, enhanced with artificial intelligence, as a game-changing solution. Symbolic execution goes beyond traditional static analysis by simulating all possible execution paths of a program, abstracting inputs symbolically to uncover hidden vulnerabilities like race conditions, memory safety violations, and edge case errors. We\u2019ll also discuss the limitations of symbolic execution, such as path explosion, and strategies to mitigate them.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "9c58a5eb-314c-5c53-9a9a-b535d5fae90c", "id": 55, "code": "MUJPDQ", "public_name": "Ulrich Lang", "avatar": "https://cfp.pacifichackers.com/media/avatars/MUJPDQ_7mq96p7.png", "biography": "Ulrich Lang received his PhD from the University of Cambridge Computer Laboratory (Security Group) on access policies for middleware in 2003 after having completed a master's degree in Information Security from Royal Holloway College (London) in 1997. With 20+ years in infosec, he is a renowned cybersecurity thought leader in OT security, binary analysis, trusted AI, access control policy etc. He was on the Board of Directors of the Cloud Security Alliance (Silicon Valley Chapter). He is responsible for the business and technical strategy, architecture and direction of ObjectSecurity and its product portfolio. He has published over 150 papers/presentations, 10+ patents, and has previously worked as a proposal evaluator, project evaluator, conference program committee, panel moderator, consultant, and book author.", "answers": []}, {"guid": "712e1867-d23a-5041-9f02-ef98609aad1d", "id": 16, "code": "QQ3ABR", "public_name": "Jason Kramer", "avatar": "https://cfp.pacifichackers.com/media/avatars/QQ3ABR_cUvEfYb.jpg", "biography": "Jason Kramer is a security researcher at ObjectSecurity, where he is dedicated to advancing the state of the art in binary vulnerability analysis, and secure and robust AI. With a bachelor's degree in computer science from San Diego State University, he is focused on ensuring trust, security, privacy, bias, and robustness of AI/ML models. Jason has led the development efforts of a commercial solution for the detection and repair of vulnerabilities in deep learning systems. His passion for improving the field has driven him to push the boundaries of what is possible and make a meaningful impact in the fields of cybersecurity and AI.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/VVD73L/", "id": 33, "guid": "72a20a73-f48a-55f9-98ed-a5333ce2c73e", "date": "2025-04-28T16:45:00-07:00", "start": "16:45", "logo": "https://cfp.pacifichackers.com/media/hackthebay-2025/submissions/VVD73L/Screenshot_2025-04-01_173941_jiLYKsu.png", "duration": "00:30", "room": "MAIN TRACK", "slug": "hackthebay-2025-33-gamehacking-101", "title": "GameHacking 101", "subtitle": "", "track": "TALK", "type": "Lightning Talk", "language": "en", "abstract": "Security within games is a popular yet somehow underserved topic. Video games offer various challenges for curious engineers to explore, including reverse engineering, anti-cheat systems, modding, DRM, etc. This talk aims to make these topics and discussions accessible to all levels of technical experience, both within and outside the gaming industry. We'll also examine the game we specifically created for the GameHacking.GG CTF was held at DEFCON32 last year. You can download and play the game we will be discussing from the website before attending this talk at: gamehacking.gg. Julian is leading the Game Hacking Village at DEFCON 33 this year and is looking for interested volunteers!", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "5733cfda-b0fe-5639-82d1-bb47ee4a2f3c", "id": 33, "code": "D8GRMN", "public_name": "Julian Dunning", "avatar": "https://cfp.pacifichackers.com/media/avatars/D8GRMN_BPFUkb3.png", "biography": "Julian has a storied career in cybersecurity, initially focusing on offensive security. He has developed several popular open-source security tools, including statistics-based password-cracking methods. Julian also co-founded Truffle Security, creators of the widely used open-source tool TruffleHog. Recently, he established a new DEFCON village called GameHacking.GG promotes interest and awareness in-game security.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/QLZMKV/", "id": 42, "guid": "dc9300d7-f273-55db-8cc0-cf8d9c134834", "date": "2025-04-28T17:15:00-07:00", "start": "17:15", "logo": null, "duration": "00:30", "room": "MAIN TRACK", "slug": "hackthebay-2025-42-keynote", "title": "KEYNOTE", "subtitle": "", "track": "KEYNOTE", "type": "Keynote", "language": "en", "abstract": "CLOSING KEYNOTE", "description": "CLOSING KEYNOTE", "recording_license": "", "do_not_record": false, "persons": [{"guid": "8dfb8ee9-f645-504a-8064-62d87e93432f", "id": 46, "code": "8WJTSZ", "public_name": "Sunil Gottumukkala", "avatar": "https://cfp.pacifichackers.com/media/avatars/8WJTSZ_G6tPtvq.png", "biography": "Sunil Gottumukkala is a cybersecurity executive and engineer with deep experience securing operating systems and cloud-scale infrastructure. He is the co-founder and CEO of Averlon, an agentic AI platform built to help security teams surface, prioritize, and resolve cloud vulnerabilities at scale. Previously, he was SVP of Cybersecurity at Salesforce, where he led efforts to protect global cloud infrastructure. Before that, he drove core OS security initiatives at Microsoft, helping harden the Windows platform. He brings a rare blend of deep technical expertise and executive leadership, with an MS in Computer Science from NJIT and an MBA from Wharton.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/M78KTL/", "id": 38, "guid": "2d443d94-df9d-5abc-ad71-53be39834246", "date": "2025-04-28T17:45:00-07:00", "start": "17:45", "logo": null, "duration": "00:20", "room": "MAIN TRACK", "slug": "hackthebay-2025-38-closing-ceremony", "title": "CLOSING CEREMONY", "subtitle": "", "track": "CLOSING CEREMONY", "type": "Lightning Talk", "language": "en", "abstract": "CLOSING CEREMONY", "description": "CLOSING CEREMONY", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}], "TRACK 2": [{"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/SH8SWT/", "id": 19, "guid": "5f22212a-691f-5d44-a378-82bde0b40051", "date": "2025-04-28T10:00:00-07:00", "start": "10:00", "logo": "https://cfp.pacifichackers.com/media/hackthebay-2025/submissions/SH8SWT/Talk_Attacking_AI_1_WMefnA6.png", "duration": "02:00", "room": "TRACK 2", "slug": "hackthebay-2025-19-attacking-ai", "title": "Attacking AI", "subtitle": "", "track": "WORKSHOP", "type": "Workshop", "language": "en", "abstract": "Attacking AI is a one of a kind session releasing case studies, tactics, and methodology from Arcanum\u2019s AI assessments in 2024 and 2025.", "description": "While most AI assessment material focuses on academic AI red team content, \u201cAttacking AI\u201d is focused on the task of assessing AI enabled systems. \r\n\r\nJoin Jason as he discusses his seven point methodology to assessing these systems and releases Arcanum\u2019s prompt injection taxonomy and other resources for aspiring testers.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "1eb9502a-ec44-5574-a47b-eac8357bc801", "id": 21, "code": "YNWTTG", "public_name": "Jason Haddix", "avatar": "https://cfp.pacifichackers.com/media/avatars/YNWTTG_eZexAgN.jpg", "biography": "Jason Haddix AKA jhaddix is the CEO and \u201cHacker in Charge\u201d at Arcanum Information Security and the field ciso for flare.io. Arcanum is a world class assessment and training company.\r\n\r\nJason has had a distinguished 20-year career in cybersecurity previously serving as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker, bug hunter and currently ranked 57th all-time on Bugcrowd\u2019s bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies. Jason has also authored many talks on offensive security methodology, including speaking at cons such as DEFCON, Bsides, BlackHat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, Toorcon and many more.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/WAUNKX/", "id": 2, "guid": "b03f5d0f-e276-593f-ba3e-4b2116f79ffe", "date": "2025-04-28T12:00:00-07:00", "start": "12:00", "logo": null, "duration": "00:45", "room": "TRACK 2", "slug": "hackthebay-2025-2-vulnerability-exploitation-in-the-cloud-a-cross-platform-graph-based-attack", "title": "Vulnerability Exploitation in the Cloud: A Cross-Platform Graph-Based Attack", "subtitle": "", "track": "TALK", "type": "Talk", "language": "en", "abstract": "Practical demonstration of how the attackers can use misconfigurations across major cloud platforms, including AWS, Azure, GCP and OCI. Attendees will gain invaluable insights into the multifaceted challenges posed by misconfigurations within these cloud environments. Leveraging the power of graph-mode visualization, we will dissect and map potential attack paths arising from misconfigurations, providing a visual narrative of the complex relationships at play using open-source tools through the neo4j/memgraph database to explain some possible attacks. \r\nThe heart of the discussion will revolve around practical mitigation approaches tailored to each cloud platform, ensuring a holistic defense strategy using open-source tools and free tools to help organizations increase their security posture. Real-world examples and case studies will illustrate the impact of misconfigurations and how a proactive approach, guided by graph-mode visualization, can significantly enhance security. \r\nBy the end of the presentation, participants will be well-equipped to navigate the nuanced landscape of misconfigurations in AWS, Azure, GCP and OCI. This knowledge will empower cloud security professionals to implement effective mitigation strategies, fortifying their cloud environments against evolving cyber threats across diverse platforms. Attendees will gain invaluable insights into the multifaceted challenges posed by misconfigurations within these cloud environments. Leveraging the power of graph-mode visualization, we will dissect and map potential attack paths arising from misconfigurations, providing a visual narrative of the complex relationships at play.", "description": "During this talk I intended to cover this:\r\n\r\n- Welcome - \r\n- What is HVT - \r\n- Difference between Attack Vector and Attack Path -\r\n- What is Chock Point \r\n- AWS IAM - \r\n- AWS Attacks ( Explanation and Demo) -\r\n   - Attack Methods\r\n   - CreatePolicyVersion\r\n   - Attaching Attack\r\n- Conclusions", "recording_license": "", "do_not_record": false, "persons": [{"guid": "f46dcde4-d4c8-5594-ada4-c0b9c6ae1bba", "id": 7, "code": "ZJZRU9", "public_name": "Filipi Pires", "avatar": "https://cfp.pacifichackers.com/media/avatars/ZJZRU9_ATRb2T3.jpeg", "biography": "I\u2019ve been working as Head of Identity Threat Labs and Global Product Advocate at senhasegura, Founder at Black&White Technology, Cybersecurity Advocate, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many countries such as US (Black Hat & Defcon), Canada, France, Spain, Germany, Poland, Black Hat MEA - Middle-East - and others, I\u2019ve served as University Professor in Graduation and MBA courses at Brazilian colleges, in addition, I'm Creator and Instructor of the Course - Malware Attack Types with Kill Chain Methodology (PentestMagazine), PowerShell and Windows for Red Teamers(PentestMagazine) and Malware Analysis - Fundamentals (HackerSec).", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/BGTZW8/", "id": 43, "guid": "530c4db6-ebff-5424-b67d-19a908aad127", "date": "2025-04-28T12:45:00-07:00", "start": "12:45", "logo": null, "duration": "00:30", "room": "TRACK 2", "slug": "hackthebay-2025-43-layered-security-for-kubernetes", "title": "Layered Security for Kubernetes", "subtitle": "", "track": "TALK", "type": "Lightning Talk", "language": "en", "abstract": "In this session, we will explore the different layers of security that can be applied or verified to enhance your security posture toward Kubernetes and containers. We will cover everything from the supply chain to production.", "description": "Security for Kubernetes", "recording_license": "", "do_not_record": false, "persons": [{"guid": "ecbc29ff-34c3-5b91-819f-060b2f25caa9", "id": 47, "code": "FF88YU", "public_name": "Brian Six", "avatar": "https://cfp.pacifichackers.com/media/avatars/FF88YU_bLMFGBl.jpg", "biography": "Brian is a Solutions Architect for SUSE.  He has been in the industry since the mid 90's helping customers understand the technology and how to best use it for their unique scenario.  Brian has presented at many conferences and provided sessions for a variety of technical seminars.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/RXUVVC/", "id": 44, "guid": "d1681793-bf0b-52db-b5e2-b4a14b19f96e", "date": "2025-04-28T13:15:00-07:00", "start": "13:15", "logo": null, "duration": "02:00", "room": "TRACK 2", "slug": "hackthebay-2025-44-tabletop-war-gaming", "title": "Tabletop War Gaming", "subtitle": "", "track": "WORKSHOP", "type": "Workshop", "language": "en", "abstract": "Come bring both your blue team and red team hats to interactively participate in attack scenarios.  Vote with your colleagues on the best approach the security team should take when presented with a potential security incident, and what the threat actor should do when encountering response activity. Join your peers as you test your incident response and attack strategies in a gamified lively discourse.", "description": "Tabletop War Gaming brought to you by Google - Mandiant", "recording_license": "", "do_not_record": false, "persons": [{"guid": "7f0a977d-3b63-55af-a244-46ddf50d631e", "id": 48, "code": "QZGFVV", "public_name": "Mike Lombardi", "avatar": "https://cfp.pacifichackers.com/media/avatars/QZGFVV_9keidSg.jpeg", "biography": "With over 15 years in the private sector, Mr. Lombardi has a solid background in\r\nnetworking and operating system administration. He has a thorough understanding of\r\nmalware, computer forensics, and tactics, techniques, and procedures that are leveraged\r\nby attackers. He is also deeply experienced in mobile forensics.\r\n\r\nPrior to joining Mandiant, Mr. Lombardi served as an independent consultant under his\r\nown company for 15 years. There he led client engagements on internal security\r\ninitiatives and served as a digital forensics expert in a broad range of intellectual\r\nproperty theft, network compromise, and internal investigations. Mr. Lombardi\r\nfrequently speaks at national and local security conferences on digital forensics and\r\nincident response.", "answers": []}, {"guid": "94196740-dc9d-5ffd-a09b-47766834681f", "id": 49, "code": "AWMJHS", "public_name": "Erik Barzdukas", "avatar": "https://cfp.pacifichackers.com/media/avatars/AWMJHS_gnBYtUq.jpeg", "biography": "With over 7 years of experience, Erik has strong experience across a variety of proactive assessments including\r\npenetration tests and application assessments. Erik is one of Mandiant\u2019s experts in mobile application security,\r\nhaving co-built and publically delivered Mandiant\u2019s Practical Mobile Application Security course at BlackHat USA in\r\n2022 and soon at BlackHat USA 2023 and BlackHat Asia 2023.\r\n\r\nErik also has extensive experience in embedded device assessessments across industries such as health care,\r\ntransportation, consumer goods, and financial technology. This includes public research and CVEs in IoT platforms\r\n(https://www.mandiant.com/resources/blog/mandiant-discloses-critical-vulnerability-affecting-iot-devices)", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/LXBZF8/", "id": 4, "guid": "7db1399b-67ad-528d-8142-e91473fa5bd2", "date": "2025-04-28T15:15:00-07:00", "start": "15:15", "logo": null, "duration": "00:30", "room": "TRACK 2", "slug": "hackthebay-2025-4-devops-and-threat-research-walk-into-a-bar-", "title": "Devops and threat research walk into a bar...", "subtitle": "", "track": "TALK", "type": "Lightning Talk", "language": "en", "abstract": "In the fast-paced world of cybersecurity, bringing context to new vulnerabilities quickly is more important than ever. As a Threat Researcher at Datadog, I've been involved in developing an approach to deploying honeypots using CI/CD pipelines. This method allows us to rapidly set up honeypots in real-world environments, tailored specifically to the technologies our customers use.", "description": "In my presentation, I'll discuss how we've integrated CI/CD pipelines to automate the deployment of both low and high-interaction honeypots. By tailoring these honeypots to mirror our customers' technology stacks, we've been able to gather more relevant threat data. I'll explain how we've used HASH (https://github.com/DataDog/HASH) to quickly deploy low-interaction honeypots and delve into how container technology allows us to deploy high-interaction honeypots capable of running any technology stack. Additionally, I'll highlight how the data we collect enhances our understanding of threats and enriches our customers' logs with valuable security insights. Our approach stands out because it combines DevOps methodologies with cybersecurity practices to create a dynamic and responsive honeypot deployment system. By integrating CI/CD pipelines, we're able to respond rapidly to emerging threats, deploying honeypots in real-time as new vulnerabilities surface. We customize these honeypots to reflect our customers' actual environments, making the data we collect more relevant. This integration also streamlines the entire process from deployment to data analysis, reducing manual effort and minimizing potential errors. I'll share recent case studies to illustrate the effectiveness of our approach. For example, I'll talk about how we quickly deployed honeypots to capture exploit attempts on a newly discovered Confluence vulnerabilities, Docker API exploitation, Log4J, and Redis exploitation. I'll also discuss how our high-interaction honeypots allowed us to monitor attackers' behavior after they gained initial access. Additionally, I'll highlight instances where the intelligence we gathered significantly improved our customers' ability to detect and respond to threats. These real-world examples will demonstrate the impact of our methods.", "recording_license": "", "do_not_record": true, "persons": [{"guid": "65ee44d6-4bab-5792-aef6-a43e57ab048f", "id": 8, "code": "78TYVU", "public_name": "Andy Giron", "avatar": "https://cfp.pacifichackers.com/media/avatars/78TYVU_vwlpomj.png", "biography": "Andy Giron is a Senior Security Researcher at Datadog by day, he focuses on threat cloud-landscape. By night he\u2019s an Incident Response instructor in California.", "answers": []}, {"guid": "753396ab-0e4f-5041-b078-514f9e7bd528", "id": 56, "code": "MGMXRK", "public_name": "Arthi Nagarajan", "avatar": "https://cfp.pacifichackers.com/media/avatars/MGMXRK_y2LJlEX.png", "biography": "Previously worked at AWS and Athinoula A. Martinos Center for Biomedical Imaging\r\nFan of research & software intersections\r\nBackground in Computer Science from Carnegie Mellon", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/UYWEQQ/", "id": 5, "guid": "d7e0ab8f-1b87-5693-b142-e6a4f306bbcd", "date": "2025-04-28T15:45:00-07:00", "start": "15:45", "logo": null, "duration": "02:00", "room": "TRACK 2", "slug": "hackthebay-2025-5-securing-critical-infrastructure", "title": "Securing Critical Infrastructure", "subtitle": "", "track": "WORKSHOP", "type": "Workshop", "language": "en", "abstract": "Critical infrastructure like water treatment plants and air traffic control towers are under constant attack by hostile nations, and securing them is a national priority. This workshop covers industrial automation systems, network security monitoring, and incident response. Participants will perform many hands-on projects configuring systems, attacking them, and defending them.", "description": "The workshop is structured as a CTF competition.  There will be demonstrations of the techniques, and help on the challenges will be available.\r\n\r\nWe will use Modbus and DNP networks, as well as normal IP-based networks.  Software used includes OpenPLC, FactoryIO, Splunk, Velociraptor, and Zeek.\r\n\r\nParticipants need a laptop capable of running virtual machines, or a few dollars to rent cloud servers.\r\n\r\nAll class materials are freely available on the Web and may be easily used in other classes.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "f162fa68-ae25-5a43-b925-1c5f4342796a", "id": 9, "code": "8LVUTK", "public_name": "Sam Bowne", "avatar": "https://cfp.pacifichackers.com/media/avatars/8LVUTK_At9aFNv.png", "biography": "Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, Black Hat USA, HOPE, BSidesSF, BSidesLV, RSA, and many other conferences and colleges. He founded Infosec Decoded, Inc., and does corporate training and consulting for several Fortune 100 companies, on topics including Incident Response and Secure Coding.", "answers": []}], "links": [], "attachments": [], "answers": []}], "SOLDERING VILLAGE": [{"url": "https://cfp.pacifichackers.com/hackthebay-2025/talk/JZAJRB/", "id": 47, "guid": "9641a34a-7c5e-5db4-86c0-0e37d938911b", "date": "2025-04-28T10:00:00-07:00", "start": "10:00", "logo": null, "duration": "07:00", "room": "SOLDERING VILLAGE", "slug": "hackthebay-2025-47-soldering-village", "title": "Soldering Village", "subtitle": "", "track": "WORKSHOP", "type": "Village", "language": "en", "abstract": "Do you want to learn how to solder? Are you afraid of thinking you are going to burn yourself? Don't be scared, we've got your back. Famous and renowned badge Maker Abhinav (Panda) Pandagale will teach you the basics of soldering. You are going to have a chance to solder a badge.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "2e7b7513-91bc-57ca-ac61-6288b7daef43", "id": 53, "code": "WYSW3X", "public_name": "Abhinav Pandagale", "avatar": "https://cfp.pacifichackers.com/media/avatars/WYSW3X_9bdyWvH.jpeg", "biography": "Founder at Hackerware", "answers": []}], "links": [], "attachments": [], "answers": []}]}}]}}}