Conference:  Defcon 31

Authors: Ricky Lawshae

2023-08-01

Beneath the mundane world of TCP/IP exists the magical and mysterious realm of ethernet. There are many different types of ethernet protocols in use today, known as ‘ethertypes’, that run the gamut from the boutique to the ubiquitous. In this talk, we will delve into some of the more interesting and obscure ethertypes that exist. We will discuss the network protocols themselves, where they can be found in the wild, what you can do with them, and how they could be abused in the wrong hands. We will explore wide-ranges of networking environments including industrial/facilities, transportation, and medical, and will include several live demos. Attendees will leave this talk with a greater understanding and appreciation for the unseen networking world that exists all around them.

Conference:  Defcon 31

Authors: Patrick Wardle Objective-See Foundation

2023-08-01

As the majority of malware contains networking capabilities, it is well understood that detecting unauthorized network access is a powerful detection heuristic. However, while the concepts of network traffic analysis and monitoring to detect malicious code are well established and widely implemented on platforms such as Windows, there remains a dearth of such capabilities on macOS. This talk aims to remedy this situation by delving deeply into a myriad of programmatic approaches capable of enumerating network state, statistics, and traffic, directly on a macOS host. We will showcase open-source implementations of relatively overlooked low-level APIs, private frameworks, and user-mode extensions that provide insight into all networking activity. And, by leveraging these techniques, you will learn how to efficiently and generically detect both known and unknown threats targeting macOS!

Conference:  Global AppSec San Francisco 2022

Authors: Sponsor: Apiiro

2022-11-17

You are invited to join us for our Global AppSec San Francisco Networking Reception in the Exhibitor Hall.Mingle with your peers in a relaxed, laid-back environment. Visit our exhibitor booths to learn about their newest products and services and get your "Passport" stamped for a chance to win some great prizes at the conclusion of the conference.Past hors-d'oeuvres and beverages will be provided.

Conference:  Cloud Native SecurityCon North America 2022

Authors: Tracy P Holmes, Raymond de Jong

2022-10-25

The presentation discusses how to enforce network policies using Psyllium and Kubernetes to ensure least privilege security between microservices.

• Psyllium and Kubernetes can be used to enforce network policies for microservices
• Least privilege security can be achieved by filtering HTTP requests and restricting API access
• L7 security policies can restrict access to required API resources
• Psyllium website provides resources and a helpful Slack community for beginners and contributors