B|Sides Edmonton
2024 Workshops
Certification Workshop
September 23, 2024 at 2:30:00 p.m.
8:30am-5:30pm
TBD
Certification Workshop
Certified AI Professional - Exam Preparation - Bruce Matichuk Data Governance & Stewardship Professional - Exam Prep - Rania Waseef
The morning session will present information on AI Certification and the afternoon session will be on Data Governance & Stewardship Professional - offered by ICCP through DAMA Edmonton and BSides Conference.
Bruce Matichuk and Rania Waseef are experts in their fields and will prepare you to take the 90 minute examination with 110 questions. You can take the exam on a pay-if-you-pass basis to set your benchmark and then you can retake the exam within 30 days of attending the event to see if you can improve your score.
Kai Iyer
Senior Security Engineer
EY Canada
September 24, 2024 at 3:00:00 p.m.
9:00am-12:30pm
PIC 234
Threat Hunting with Jupyter Notebooks
Are you interested in threat hunting and want to learn how automate detections and use visualizations to find threats quickly? This workshop will outline detection and threat-hunting strategies that a SOC could adopt promptly to look for threats in their Endpoint environment. We will introduce how to convert SIGMA logic detections mapped to the MITRE ATT&CK framework into Python using Jupyter Notebooks. Once these detections are built, you can parse large amounts of data from Sysmon and Windows Security Logs to create high-fidelity detections within your environment. We will view and mould this data using the tabular format and visualizations. Doing this will show how visualizations establish relationships between entities more distinctly to see any anomalies and threats. We will also discuss how you can extend this hunt to Network and Cloud Environments. As a final piece to this workshop, we will allow participants to try out the skills learned by answering questions about the anomalies and threats they find within the dataset. Although this talk will be technical, we welcome anyone with an interest in learning about threat hunting to attend.
Meaghan Neill
Threat Hunter/DFIR Analyst
EY Canada
September 24, 2024 at 3:00:00 p.m.
9:00am-12:30pm
PIC 234
Threat Hunting with Jupyter Notebooks
Are you interested in threat hunting and want to learn how automate detections and use visualizations to find threats quickly? This workshop will outline detection and threat-hunting strategies that a SOC could adopt promptly to look for threats in their Endpoint environment. We will introduce how to convert SIGMA logic detections mapped to the MITRE ATT&CK framework into Python using Jupyter Notebooks. Once these detections are built, you can parse large amounts of data from Sysmon and Windows Security Logs to create high-fidelity detections within your environment. We will view and mould this data using the tabular format and visualizations. Doing this will show how visualizations establish relationships between entities more distinctly to see any anomalies and threats. We will also discuss how you can extend this hunt to Network and Cloud Environments. As a final piece to this workshop, we will allow participants to try out the skills learned by answering questions about the anomalies and threats they find within the dataset. Although this talk will be technical, we welcome anyone with an interest in learning about threat hunting to attend.
Adam McMath
undisclosed
undisclosed
September 24, 2024 at 7:30:00 p.m.
1:30pm-4:05pm
PIC 234
All Thriller, No Filler: Crisis Communications Workshop
At some point in everyone’s life, we experience an incident or event that launches our stress levels past 100%. Maybe you’ve been there before: a data breach, a ransomware event, a car crash, or a medical emergency. Did you notice the first thing that always seems to fall apart is everyone’s collective communication?
If you’ve ever struggled with clarity during extreme stress, you’re normal! Amazing crisis communication doesn’t come naturally, it is the result of preparation and practice. That’s what this session is about!
In this workshop we’ll experiment with real risk definitions for the environment you work in; develop your own personalized set of quick/easy answers intended to buy you time to think under pressure; and practice delivering situation reports designed to communicate what you know, what you’re working on, and what you need. You'll practice how to influence without authority, and how to communicate what counts to peers, adversaries, executives, and media.
We don’t rise to the occasion; we fall to the level of our preparedness! Come to this workshop ready to work; and yes, it will involve some public speaking, but this will also be an exceptionally supportive audience for you to practice in.
I hope to see you there! -Adam “his best work is when the air is on fire” McMath