Briefings
The focus of the AI, ML, and Data Science track is to cover the subject in a way that provides value for security professionals. Topics for the track can range from attacking and defending systems implementing AI to applying AI for better attacks, defenses, or detections. Submissions for the track should have the AI/ML functionality playing a key role in the submission. Regardless of the topic, the content for the track should have a heavy focus on applied concepts that attendees can use after the conference is over.
The Application Security track encompasses presentations aimed at enhancing software security for security practitioners and development teams. We prioritize objective, data-driven research and case studies on secure development practices, accompanied by actionable recommendations. Topics include the Secure Development Lifecycle (SDLC), DevSecOps, software supply chain, and automated security testing. We seek scalable, empirically-supported ideas with demonstrated outcomes. Infrastructure-as-Code (IaC) submissions addressing code security are welcome.
The Cloud Security track highlights innovative strategies for both offensive and defensive measures in cloud environments. Presentations delve into cutting-edge techniques tailored to attack and defend cloud platforms, including major providers such as Azure, AWS, and GCP, along with cloud-native technologies like containers, orchestration systems, microservices, and serverless architectures. Topics encompass novel approaches to cloud identity and access management, data exfiltration, privilege escalation, lateral movement, and other emerging challenges in securing cloud infrastructures.
The Cryptography track aims to focus on practical, real-world advances in cryptography informed by an attacker's sensibility. A Cryptography Track talk will almost always be backed up with running code. We prize offensive cryptography and cryptanalysis but will host defensive and research cryptography when rooted in a context of real-world attacks. We're an especially good place to send new vulnerabilities in cryptographic protocols like TLS, cryptographic hardware like HSMs and smart cards, and cryptographic primitives like SHA-1.
A cyber-physical system (CPS) is any system where one, or more, computing elements monitor, manage, and control a physical process. Subjects for the track may include industrial control systems, industrial/enterprise/commercial and wearable IoT devices, various types of self-driving vehicles, satellite applications, solutions for smart homes/buildings/cities, and more. These systems are linked to threat models and attacker objectives that affect the underlying physical process. Vulnerabilities, attacks and defense recommendations need to encompass both physical and digital/cyber components of the CPS. Talks in this track can be directed at specific types/classes of cyber-physical systems, their parts or at the whole concept, focusing on the systemic offensive and defensive security issues. Note that the CPS topics with a prominent research component focused on, e.g., hardware/firmware or data, may fit better in other primary tracks such as Hardware/Embedded or AI, ML & Data Science.
The Defense and Enterprise Security track navigates the intricate landscape of cybersecurity defense strategies and enterprise security challenges. Sessions explore practical, effective, and scalable security isolation technologies, exploit mitigations, and tools aimed at disrupting attacker capabilities and diminishing their toolsets. Topics span compiler and platform-level defenses, enhanced visibility, management, visualization, and data processing along the kill chain. Additionally, this track delves into the complexities of enterprise security, covering the intricate interactions among networks, identity providers, servers, client endpoints, and data storage systems. Topics include attack chain analysis, targeted attacks, current risks, threats, and defense techniques tailored to modern enterprise IT environments.
The Emerging Tech track is dedicated to exploring the latest advancements and innovations in technology that are shaping the future of cybersecurity. Topics include cutting-edge technologies, tools, and techniques that have the potential to revolutionize cybersecurity practices. Sessions provide attendees with insights into the latest trends, best practices, and real-world applications of emerging technologies in cybersecurity.
The Exploit Development & Vulnerability Discovery track focuses on leading-edge, practical techniques for gaining code execution or similar unauthorized access to software. Successful submissions often share novel approaches to vulnerability discovery, new code execution techniques or mitigation bypasses. Submissions are welcome across a wide array of technology, including mobile devices, cloud and browsers; submissions that present attacks against 'hard' targets that lack known techniques are often the most successful. Submissions shouldn't be constrained to memory safety issues, but these often resonate with the audience.
The Hardware / Embedded track is centered around attacks on hardware, firmware, and embedded devices. We're also interested in the security (and insecurity) of things like exotic hardware, autonomous vehicles, IoT, robotics, medical devices, voting machines, and other unique hardware-centric targets. Purpose-built, modded, or otherwise hacked hardware that solves (or creates) new security problems is pretty cool, too.
The Malware & Human Factors track explores the intricate interplay between malicious software and human behavior in the realm of cybersecurity. This track delves into the human aspects of security, examining how individual decisions impact organizational security and how technology can influence these decisions. Discussions encompass various strategies for manipulating or influencing individuals or groups, including the use of disinformation or misinformation, as well as innovative approaches to leveraging generative AI. Additionally, talks delve into the defensive and offensive aspects of malware development, covering topics such as malware analysis, anti-analysis techniques, detection, remediation, malware development, execution techniques, and obfuscation.
The Management, Career & Community track offers a platform for sharing ideas and discussions on pertinent issues impacting both cybersecurity professionals and management. Topics encompass a broad spectrum, including strategic management, leadership & team management, security awareness, legal considerations, career development & professional growth, community engagement & inclusivity, communication, and mental health. Talks in this track aim to offer constructive solutions and innovative ideas.
The Mobile track encompasses everything mobile, including all layers of phones (OS, baseband, hardware, software, apps), mobile infrastructure, mobile device management, telecommunications protocols, GPS, etc. Talks in this track should cover a security feature, novel technique, new concept or research unique to the mobile space. Submissions where mobile is only one of many use cases, are generally not suitable for this track.
The Network Security & Platform Security track addresses the comprehensive defense of both network infrastructures and computing platforms against cyber threats. Sessions explore the realm of network defense with discussions on protecting users or assets across various network environments, encompassing traditional defense mechanisms such as NIDS, HIDS, IPS, Firewalls, VPNs, routers, switches, Wi-Fi, and emerging technologies like CAN Bus and ad-hoc networking. Delve into the security challenges affecting the full system platform stack, including hardware, firmware, hypervisors, and operating systems, covering topics such as software attacks, vulnerabilities, weaknesses in CPU architectures, microarchitectural and hardware-enabled attacks, platform roots of trust, and supply chain security issues. Join us for in-depth discussions, cutting-edge research, and practical strategies.
The Policy & Privacy track delves into the intersection of information security, policy, and privacy considerations. This track encompasses a broad spectrum of topics, including political, technological, and economic policies, technical standards, laws, and behavioral norms. We invite research and risk-based findings on the security impacts of policy or legislation, unintended consequences of policy or technical choices, metrics for assessing the balance between attackers and defenders, and proposed public policies against emerging security threats. Successful submissions will offer novel insights backed by research. Additionally, we explore privacy vulnerabilities and solutions, including privacy-by-design, attacks on privacy-preserving technology systems, and unique vulnerabilities arising from privacy considerations. Join us for discussions that shape the future of policy and privacy in cybersecurity.
"Reverse engineering is the process of extracting the knowledge or design blueprints from anything man-made and reproducing it or reproducing anything based on the extracted information." — Eldad Eilam
Talks in the Reverse Engineering track may include subjects such as vulnerability discovery, data visualization, advanced exploitation techniques, bypassing security and software protections, and reverse engineering of hardware, software, and protocols.
The Security Essentials & Lessons Learned track focuses on fundamental principles and insights derived from real-world experiences. This track is dedicated to exploring essential security practices, foundational concepts, and lessons learned from both successes and failures. We invite proposals covering a wide range of topics, including threat detection and response strategies, incident handling procedures, risk management frameworks, security awareness training, and compliance best practices, all focusing on practical knowledge and actionable insights.
The Threat Hunting & Incident Response track will consist of topics and techniques used to assist defenders in responding to a variety of security incidents in on-premise, hybrid, and cloud environments. These topics may include, but aren't limited to, identification of compromised systems, digital evidence collection, network, host, malware analysis, threat intelligence, detection engineering and threat hunting. Focus should be on techniques and procedures that can help defenders understand how an attack unfolded, if and when a breach occurred, and how it can be prevented in the future.