Personal tools

Contact Us 24/7 > 1 866.SIX FEET
Sections

Skip to content. | Skip to navigation

Home > About > News & Events > Calendar > Pythology One-Day Conference: Python Security Best Practices

Pythology One-Day Conference: Python Security Best Practices

>>>>>>>REGISTER ON EVENTBRITE! <<<<<<<
What
When
Feb 02, 2018
from 09:00 AM to 06:00 PM
Where
Launch Fishers
Contact Name
Add event to calendar
vCal
iCal

 

Speakers include:

Kevin Johnson: CEO, Secure Ideas

James Alexander: Systems Engineer, Leaf Software Solutions

Michael Taylor: Director of Product Architecture, Rook Security

Pradeep Gowda: Staff Engineer, Proofpoint

Nat Shere: Senior Information Security Consultant, Rook Security

Stephan Looney, IT Directorr: Automation/Platform Support/Monitoring, Sterling Talent Solutions

Chris Lee, Senior Engineer/Team Lead, Kinney Group, Inc

 

What Could Hurt: How Framework and Library Dependence is Weakening our Development

by: Kevin Johnson, Secure Ideas

When we look at the progress things like the OWASP Top 10 and other reports show we may begin to think the the fight to secure our systems and applications is well on its way to victory.  As we discuss topics like the latest and greatest technology stack and how it implements solutions for our security woes, are we sure we understand what we are being protected from and how it is doing that?

In this presentation, Kevin Johnson of Secure Ideas will discuss how security works, why we do the things we do and where platforms and libraries can be both good and bad.  This will be done through a series of real world examples directly from his testing and assessment of modern applications and the SDLC.

Attendees will be able to understand where it is important to understand fundamental security and technology topics and how to safely lean on the shoulders of others to improve everything.


Python Cryptography - Keeping Secrets from the NSA

by: James Alexander, Leaf Software Solutions

Intermediate, 45 minutes

In this session, we'll look at how we can manage secret data, and store it securely. Specific topics will include:

  • The differences between Hashes and Encrypted Fields
  • How to properly store Passwords
  • Characteristics of Encrypted data
  • An explanation of several encryption algorithms
  • Example implementations of all of the above in Python

 

Log Analysis for Security and Development

by: Michael Taylor, Rook Security

Intermediate to Expert, 1 hour

The creation and consumption of application logs can yield significant insights into the security posture and performance of your systems. Beginning with the design of a logging standard and ending with anomaly detection we will be discussion how modern security incident and event management (SIEM) tools analyze data. Additionally we will discuss how to mine that data using Python to generate alerts, create reactive decision paths, and identify underlying security concerns.

 

Intrusion Detection Systems

by: Pradeep Gowda, Proofpoint, Inc

Beginner, 30 minutes

A large chunk of sophisticated cyber attacks still happen behind secured firewalls. Having a firewall is not longer sufficient to prevent attacks on your infrastructure, data and business. Having an Intrusion Detection System monitor incoming and outgoing traffic is highly critical to a sophisticated security posture. In this session, we will learn:

  • Why we need Intrusion detection systems
  • How do they work
  • How to make IDS part of your overall security posture.
  • Open source intrusion detection systems.

 

Hacking with Python -- Automation During Penetration Testing

by: Nat Shere, Rook Security

Beginner/Intermediate, 30 minutes

Penetration tests simulate real-world hackers to perform security testing against applications and services. Python often plays an integral role in automating some of this testing, both for the security professional and for the hacker. Through real-world examples and stories, we will explore the function that Python and automation play in penetration tests, and in hacking in general. Examples will include, but are not limited to:

  • Brute forcing custom developed login pages
  • Automating open source reconnaissance to identify users' passwords
  • Automating SQL injection attacks for full database access
  • Creating a worm to hijack social media accounts
  • Using Social Engineering to execute Python-based malware on users' computers

 

Using Python to Get Started with Vulnerability Assessments

by: Stephan Looney and Chris Lee

Beginner/Intermediate, 45 Minutes

An introduction to using python to setup, start, and review the results of vulnerability scans.

Next Steps


Select a type of support:

Contact our sales team

First name:
Last name:
Email:
Phone Number:
Message:
Fight spam:
What is + ?
 
Call Us 1 866.SIX FEET
Sections