Title: The art of finding 0-days

By Adam Nichols, Grimm

Summary: Finding new vulnerabilities is still most of an art than a science.  Whether that is fortunate or unfortunate depends on your perspective.  DARPA’s Cyber Grand Challenge has brought some interesting developments in automation for both finding and fixing security issues, and progress is being made to get them to work on “real world” applications.  The rise of fuzzers with a feedback loop based on code coverage, such as AFL, have also been responsible for a huge number of bugs being exposed and fixed.  The discussion will begin by giving an overview of these technologies and their impact before the floor is opened for questions.

Title: Security Hidden in Plain Sight

By Christopher, Derobertis, IBM

Summary: Vehicles, medical devices, banks, infrastructure, toys, tools, and a whole lot more are becoming connected to you–and each other–in some digital way. Unfortunately, we don’t stop and consider the security and privacy implications of the Internet of Everything (IOE), from humdrum devices to snazzy tech. This discussion will briefly raise the points of potential risk related to IOE, and questions you should be asking yourself, about security hidden in plain sight. Don’t look now, but your teddy-bear might be spying on you!