Aaron Bedra
Senior Engineer at DRW
Aaron Bedra is a Senior Engineer at DRW, where he works at the intersection trading and technology. He has served as a Chief Security Officer, Chief Technology Officer, and Principal Engineer/Architect. He has worked professionally on programming languages, most notably Clojure and ClojureScript. Aaron is the creator of Repsheet, an open source threat intelligence toolkit. He is the co-author of Programming Clojure, 2nd and 3rd Edition and a contributor to Functional Programming: A PragPub Anthology.Presentations
Threat Intelligence Fundamentals
9:00 AM MDT
This course will cover the foundations of threat intelligence. It will consist of a combination of lecture and lab where we will work through the concepts of detecting indicators of attack and compromise, and building automation to process and eliminate it. This is a fully immersive, hands on workshop that will include a number of techniques, tools, and code.
It will cover the following topics:
- Threat Identification
- Threat Containment and Control
- Bot Detection and Search Engine Verification
- Indicators of Attack vs Indicators of Compromise
- Fingerprinting
- Production Deployment of Threat Intelligence Systems
Attendees will leave with a fully functional threat intelligence proof of concept system. This PoC can be used to design further capabilities or to evaluate larger commercial systems. Be prepared for an exciting day of code, modeling, and automation.
Adaptive Threat Modeling
1:00 PM MDT
Security should always be built with an understanding of who might be attacking and how capable they are. Typical threat modeling exercises are done with a static group of threat actors applied in “best guess” scenarios. While this is helpful in the beginning, the real data eventually tells the accurate story. The truth is that your threat landscape is constantly shifting and your threat model should dynamically adapt to it. This adaptation allows teams to continuously examine controls and ensure they are adequate to counter the current threat actors. It helps create a quantitative risk driven approach to security and should be a part of every security teams tools.
Join Aaron as he demonstrates how to look at web traffic to analyze the threat landscape and turn request logs into data that identifies threat actors by intent and categorizes them in a way that can be fed directly into quantitative risk analysis. Aaron will show how important this data is in driving risk analysis and creating an effective and appropriate security program.
Secrets Management
2:45 PM MDT
We've all got secrets, but nobody seems to know where to put them. This long standing issue has plagued system design for ages and still has many broken implementations. While many consider this an application concern, the foundations rest in the design of the system. Join Aaron for an in-depth workshop that will cover the following secret management solutions:
- Locally encrypted secrets with Ansible Vault
- HSM backed local secrets with SOPS
- AWS Secrets Manager
- Hashicorp Vault
Additionally, this workshop will demonstrate tools for discovering sensitive information checked in to your project.
This is a two session workshop and is best received by attending both sessions.
Secrets Management
4:30 PM MDT
We've all got secrets, but nobody seems to know where to put them. This long standing issue has plagued system design for ages and still has many broken implementations. While many consider this an application concern, the foundations rest in the design of the system. Join Aaron for an in-depth workshop that will cover the following secret management solutions:
- Locally encrypted secrets with Ansible Vault
- HSM backed local secrets with SOPS
- AWS Secrets Manager
- Hashicorp Vault
Additionally, this workshop will demonstrate tools for discovering sensitive information checked in to your project.
This is a two session workshop and is best received by attending both sessions.