Optiv Source Zero Con

  • June 21 - 23, 2023
  • 11:00 a.m. - 5:00 p.m.  ET
  • Virtual

This box would be hidden by default but can be used to update attendees on date changes,
cancellations and other important bulletins.

Source Zero Con brings the cybersecurity community together to drive technical innovation with open minds. Whether you’re on the red team, blue team, or somewhere in between, we invite you to connect with industry professionals and thought leaders to explore the latest security concepts and capabilities. We encourage current and aspiring cybersecurity professionals to join our interactive discussions on emerging research in penetration testing, incident response, application security, cyber threat intelligence, and more. Gain the knowledge you need to build your professional network, engage with thought leaders, and tackle the latest threats at our free virtual conference. 

Learn Industry Insights

Connect with Technical Peers

Earn CPE Credits

Keynote Speakers

Keynote Speaker 1

Jason Lewkowicz


EVP & Chief Services Officer, Optiv

Keynote Speaker 2

Bill Young


Managing Partner, Threat & App Sec, Optiv

Optiv/Source Zero CTF Tournament 

CTF-2023.png

Register HERE!


Agenda

11:00 a.m.

Opening Keynote

11:30 a.m.

12:00 p.m.

The Nooks and Crannies of AppSec

12:00 p.m. - 12:45 p.m. ET John Tsangaris

Breaking Into The Cloud

12:00 p.m. - 1:00 p.m. ET Savannah Lazzara and Aaron Martin

12:30 p.m.

Is Your SBOM a Dud or Da Bomb

12:45 p.m. - 1:30 p.m. ET Doug Rogahn

1:00 p.m.

AI for Red Teamers (what it looks like when the matrix actually comes for you)

1:00 p.m. - 2:00 p.m. ET Tim Elrod

Gamification: How to make your TTX's not suck!

1:00 p.m. - 2:00 p.m. ET Sabastian Hague at Hack the Box

1:30 p.m.

Cyber Insurance: Why It's an Asset NOT a Liability in a Cyber Event

1:30 p.m. - 2:15 p.m. ET Dara Gibson

2:00 p.m.

Assessing iOS application

2:00 p.m. - 3:00 p.m. ET Vandan Pathak

The Key to Successful App Sec: Developer Buy-In

2:00 p.m. - 3:00 p.m. ET Eric Kim at Veracode

2:30 p.m.

LOLBins -The Quieter Way

2:15 p.m. - 3:00 p.m. ET Mattia Campagnano

3:00 p.m.

15 minute break

3:30 p.m.

Vertical Risk Reports and You: Practical Applications of Cyber Threat Intelligence

3:15 p.m. - 4:00 p.m. ET Nick Hyatt and Emily Lee

Hacking a Bird

3:15 p.m. - 4:00 p.m. ET Tim Fake

Overcoming your Cyber Risk Silos

3:15 p.m. - 4:00 p.m. ET Alex Babar at Brinqa and Pete Chestna at Checkmarx

4:00 p.m.

How to use AI for decision making for vulnerability remediation planning

4:00 p.m. - 4:45 p.m. ET David Halka

Top Cyber Security Threats to Healthcare Companies and How to Disrupt Them

4:00 p.m. - 5:00 p.m. ET Nikhil Ollukaren

4:30 p.m.

5:00 p.m.

11:00 a.m.

11:30 a.m.

Deliberate Engagements – Using USAF Ops Battle Rhythm for Pen Testing

11:00 a.m. - 11:45 a.m. ET John Quadrino

This Talk Is About Incident Response Processes

11:00 a.m. - 12:00 p.m. ET Curtis Fechner

State of Code Security – The AppSec Maturity Marathon

11:00 a.m. - 12:00 p.m. ET Stan Wisseman at OpenText

12:00 p.m.

Pre-Windows 2000 Backdoors and Bypasses

11:45 a.m. - 12:30 p.m. ET Garrett Foster

Security Risks with Low-Code and No-Code Application Development Platforms

12:00 p.m. - 1:00 p.m. ET Dan Sharp

Challenges in Automatically Testing for API Business Logic Vulnerabilities

12:00 p.m. - 1:00 p.m. ET Nir Meiron at Noname Security

12:30 p.m.

Gaining a Foothold: Penetration Testing as a Second Career

12:30 p.m. - 1:15 p.m. ET William Giles

1:00 p.m.

Ransomware: An Epidemic for the Digital Age

1:00 p.m. - 2:00 p.m. ET Matthew Waddell

Sleeping With One AI Open: An Introduction to Attacks Against Artificial Intelligence and Machine Learning

1:00 p.m. - 2:00 p.m. ET Eoin Wickens at HiddenLayer

The "I" in CTI: "Intelligence" or Just "Information". Re-applying Risk and Fundamentals Back Into Intelligence

1:15 p.m. - 2:00 p.m. ET Aamil Karimi

1:30 p.m.

2:00 p.m.

30 minute break

2:30 p.m.

Ghost in the Machine: Adversarial AI Attacks

2:30 p.m. - 3:30 p.m. ET Nikhil Ollukaren and Timothy Sotack

(Security) Culture Eats Strategy For Breakfast

2:30 p.m. - 3:30 p.m. ET Brendon Collins

The Cyber Security Industry Has a Data Problem

2:30 p.m. - 3:30 p.m. ET Mike Parkin and Tony Taylor at Vulcan at Vulcan

3:00 p.m.

3:30 p.m.

Managing Perspectives for Assessment Reports with Few or Zero Findings

3:30 p.m. - 4:15 p.m. ET Mayank Singh

Do you know what your API is doing?

3:30 p.m. - 4:15 p.m. ET Bryce Harty

Software Composition Analysis: Tools and Techniques

3:30 p.m. - 4:15 p.m. ET Rushyendra Reddy Induri

4:00 p.m.

Don't [You] Forget About [Me]... (or Forgotten Components of a Vulnerability Management Program)

4:15 p.m. 5:00 p.m. ET Vince Pascale

Automating Offensive Security Infrastructure

4:15 p.m. 5:00 p.m. ET Joe Berry

4:30 p.m.

5:00 p.m.

11:00 a.m.

11:30 a.m.

Developers Gone Wild

11:00 a.m. - 11:45 a.m. ET Tim Farley

Optiv Vulnerability Management Maturity Model

11:00 a.m. - 12:00 p.m. ET Luis Castillo

At War With Ransomware

11:00 a.m. - 12:00 p.m. ET David Bonvillain at Halcyon

Current State of Linux Rootkits

11:45 a.m. - 12:30 p.m. ET Phillip Haas

12:00 p.m.

12:30 p.m.

Securing Your AWS Cloud: Best Practices and Pentesting Techniques

12:30 p.m. - 1:15 p.m. ET Prasad Nadkarni

Filter Evasion (Workshop)

12:00 p.m. - 1:00 p.m. ET Tanner Scott

One Piece at a Time: A Guide to Building a CTI Program

12:00 p.m. - 1:00 p.m. ET Nick Hyatt

1:00 p.m.

Business Email Compromise (BEC) & Phishing Investigations in Office365

1:00 p.m. - 2:00 p.m. ET Justin Safa

1:30 p.m.

2:00 p.m.

15 minute break

Closing Keynote: Cyber Insurance - Panacea or a House of Cards?


Bill Young

2:30 p.m.

3:00 p.m.

Source Zero Con Sponsors

LogosEM-Reversed_Brinqa_175x65.png
HackTheBox_Marketo-Reversed_EM.png
EM-Halcyon_175x65.png
LogosEM-Reversed_HiddenLayer_175x65.png
Noname Security_175x65.png
opentext-reversed_175x65.png
EM-Reversed_Veracode_175x65.png
EM-Reversed_Veracode_175x65.png
Vulcan_175x65.png


Register for Source Zero Con