VIDEO: BSidesNYC 2024 Protecting Snowflake and Critical Data Systems from Unauthorized Access - Shelley Wu & Stephen Spano - Opal Security
https://www.youtube.com/watch?v=gzXMwnCc0S8&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #Snowflake #DataSecurity

VIDEO: BSidesNYC 2024 Panel - Ctrl-Alt-Detected: Unraveling Threats with Detection Practitioners - Julie Agnes Sparks, Datadog
- Tammy Truong, Snowflake Shannon McCormick, Salesforce - Christina Devlin
https://www.youtube.com/watch?v=fz9zbiPEwu4&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a
#BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #threatdetection

VIDEO: BSidesNYC 2024 - Open & Secure: Novel Sandboxing Technique for Any Open Source Library - Gal Elbaz - Oligo https://www.youtube.com/watch?v=U0j6V1CDLV4&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a @BSidesNYC #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #sandboxing

VIDEO: BSidesNYC 2024 - CloudTail: Making Heads or Tails of Selectively Retaining Multi-Cloud Logs - Ela Dogjani - Permiso
https://www.youtube.com/watch?v=zbm20JDznKI&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #CloudTail #Cloud

VIDEO: BSidesNYC 2024 - Trusted Types: DOM XSS Protection at Scale - Jen Ozmen & Youssef Attia - @google https://www.youtube.com/watch?v=rM_CqA1BQzY&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #TrustedTypes #DOMXSS #WebSecurity

VIDEO: BSidesNYC 2024 - Building canaries with ELK and ElastAlert2 - Andrew Januszak & Keith Erekson https://www.youtube.com/watch?v=IAQIOaYHKRM&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #elasticsearch #ELK #elastalert2

VIDEO: BSidesNYC 2024 - Bridging the Gap: Developing Accessible Anti-Phishing Solutions - Lydia Stepanek - Pen Loop Consulting https://www.youtube.com/watch?v=XlzOYh5HPOQ&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #TooPhishy

VIDEO: BSidesNYC 2024 - 10 Things to Know Before You Work on Your Next M365 BEC - Ida Musheyev-Polishchuk & Natasha Vij - Stroz Freiberg https://www.youtube.com/watch?v=lo-QSTgOczI&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #M365 #BEC

VIDEO: BSidesNYC 2024 - XZ Backdoor: Navigating the Complexities of Supply Chain Attacks Detected by Accident
Yoad Fekete - Myrror Security https://www.youtube.com/watch?v=N4Mxu2hJcwA&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #supplychain #XZbackdoor

VIDEO: BSidesNYC 2024 - RE-Thinking: Modernizing the Malware Analyst - Joseph Edwards - SentinelOne https://www.youtube.com/watch?v=YkU9m2aYKJ4&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a
#BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #Malware

VIDEO: BSidesNYC 2024 - How We Impersonated Cloud Code by Google Cloud and Took Over GCP Accounts - Moshiko Hassan - Upwind Security https://www.youtube.com/watch?v=ITtSFxy9RKs&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a
#BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #cloud #GCP

VIDEO: BSidesNYC 2024 - From HiatusRAT to Cuttlefish advances in credential theft through the router - Danny Adamitis & Ryan English - Black Lotus Labs

https://www.youtube.com/watch?v=Oi-x_YPtHZA&list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a

#BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #HiatusRAT #Cuttlefish #APTs

VIDEO: BSidesNYC 2024 - Discover the Unseen Azure Vulnerability Exploitation - Scott Miller - Accenture
https://youtu.be/58D3o9yx14o?list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a
@BSidesNYC #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #Azure

VIDEO: BSidesNYC 2024 - How I hacked a cloud production environment with external Terraform manipulation - Uri Aronovici
https://youtu.be/SAz9lFA3--g?list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a
#BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #Terraform #cloud

VIDEO: BSidesNYC 2024 - Breaking free from the chains of fate – Bypassing AWSCompromisedKeyQuarantineV2 Policy - Bleon Proko + Opie @akraut Permiso security
https://youtu.be/fYwG0s9uY0w?list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a
@BSidesNYC #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #AWS

VIDEO: BSidesNYC 2024 - Building Burp Extensions with Kotlin - Nick Coblentz - Virtue Security

https://youtu.be/F5h9oIkrPyk?list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a

#BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec #kotlin

VIDEO: BSidesNYC 2024 Keynote - When Do We Get to Play On Easy Mode - Wendy Nather

https://youtu.be/CyWCaxe7yi0?list=PLlg8We3ePxcMDrUFNWs7hyx3uJwnhK-_a

@wendynather @BSidesNYC #BSidesNYC #BsidesNYC2024 #bsidesnyc0x04 #cybersecurity #InfoSec

I love that any talk, no matter how exotic or new the proposed exploit, always gets around to the “yeaaaah don’t let employees work on personal devices, put additional restrictions on where creds can be used (like geography), rotate secrets” part by the end. Swiss cheese is not a cheese I like much, but I always like it as an approach to security 💖🌲#bsidesnyc0x04

Gal Elbaz Co-founder & CTO at Oligo Security presents “Open & Secure: Novel Sandboxing Technique for Any Open Source Library” at #bsidesnyc0x04.

Gal showcases a new approach built on eBPF and KRSI technologies, bringing the security benefits of sandboxing to any open-source library. Learn how this technique can help block exploits in your stack.

Bleon, Security Engineer, and Opie, Senior Researcher at Permiso Security, present “Breaking Free from the Chains of Fate - Bypassing AWSCompromisedKeyQuarantineV2 Policy” at #bsidesnyc0x04.

Explore the weaknesses of Amazon’s AWSCompromisedKeyQuarantineV2 policy and discover multiple ways to bypass it when leaked keys are found in the wild, along with insights on improving defender strategies.