You are currently previewing your event registration page. To review payment & confirmation pages, please publish the event.

Register

Available QUANTITY PRICE
Electronic Taxidermy: Badger Hacking

Everyone loves conference badges. Electronic conference badgers are even better. This workshop will walk you through the hardware design of the circuit board, introduce you to the major components and what they do, and finally, help you get set up with the toolchain for developing and programing custom firmware on your Badger. Bring your laptop, conference badger, and patience.

Sale ended

Sale ended N/A
(Sold Out)
Free
Trust Academy... the future of security training

The info sec community has done an amazing job to date and finding and discovering the newest and latest security vulnerabilities and threats to stay ahead of malicious attackers. That being said we have done a horrible job of training the rest of the world how to defend against it. In particular the developer community. Instead of teaching them how to write secure code we have taught them how to hack. I will be showcasing the latest security training platform. It leverages cutting edge cloud platforms to create, deliver and maintain content as well as an embedded web based IDE to give developers in the browser hands on experience actually correcting and writing secure code. It's not just about the technology but the methodology. This platform uses modern day social and video conferencing tools to enable flip learning. This allows learners to digest the content at their own pace and depth and a smaller number of SME's and instructors to scale to a large audience to provide p

Sale ended

Sale ended N/A
(Sold Out)
Free
Don't be a monkey: Do Crypto Right!

This workshop has 2 parts: Part 1) Algorithm specification in Cryptol, followed by: Part 2) Protocol specification and reasoning with F* Part 1) Cryptographic code is notoriously difficult to write and debug. Since performance matters, optimization is important, but that makes it increasingly difficult to make sure that implementations haven't introduced any subtle bugs. Cryptol is an open source, domain-specific language for specifying cryptographic algorithms. In part 1 of this workshop, we'll teach you how to read and write Cryptol specifications, prove properties about them, and even how to use tools to verify that C or Java implementations match their specification. Part 2) The vast majority of deployed security protocols are written by monkeys. That's not to say that those monkeys do not have good intentions about the kinds of correctness and security properties their systems should have, though it is true that they rarely write those properties down (ba

Sale ended

Sale ended N/A
(Sold Out)
Free
Hands-on JTAG for fun and root shells

JTAG may be almost 30 years old with little change, but that doesn't mean most people really understand what it does and how. This workshop will start with a brief introduction to what JTAG really is, then quickly dive into some hands-on practice with finding, wiring, and finally exploiting a system via JTAG. For this workshop, we'll target a Raspberry Pi with an ARM microprocessor. In order to interact with the system, we'll use a JTAG interface cable from FTDI. We won't do any hardware modifications, but we will hook up wires in weird and wonderful ways to make the Raspberry Pi do things it otherwise shouldn't. Note: All equipment, including laptop, provided for the workshop!

Sale ended

Sale ended N/A
(Sold Out)
Free
UEFI firmware security for Blue Teams

UEFI has replaced BIOS on most Intel/AMD systems, and it also on many AMD systems. Security Researchers have been finding busy attacking it, inventing new ‘bootkits’, ‘firmworms’, and other firmware-level malware. In this 2-hour workshop, we’ll attempt to help show some of the security issues that need to be defended. It'll start with an overview of the UEFI architecture, then cover some NIST/NSA/other firmware security guidance, then focus on the available open source firmware security tools you can use to help detect firmware attacks, and system defects/failures, as well as some ideas how you might integrate firmware security into your long-term defense plans. Tools include: Intel CHIPSEC, UEFITool, UEFI Firmware Parser, and others. Focus is on UEFI-centric technology, not coreboot, U-Boot, or BIOS (though BIOS/UEFI have a big overlap in tool support); emphasis will be on Intel-based systems, not AMD or ARM. Prerequisites: Good with Python, bash/cmd shell, QEMU, basic PC hardwar

Sale ended

Sale ended N/A
(Sold Out)
Free
Fee
TOTAL

Event details

See http://www.bsidespdx.org/workshops for details about these workshops.

 

Don't worry if they're sold out - there might be room for walk-ins too.

 

Security Bsides Portland 2015 will be Friday, October 16, with an additional day of activities and workshops on Saturday, October 17. The final venue decision will be made shortly.

BSides PDX is a gathering of the most interesting infosec minds in Portland and the Pacific Northwest! Our passion about all things security has driven attendance from other parts of the country. Our goal is to provide an open environment for the InfoSec community to engage in conversations, learn from each other and promote knowledge sharing and collaboration. The Portland and greater Northwest information security community spans a broad spectrum of participation from CISOs, Fortune 100 company security experts, small business system admins, to independent security researchers.


Cancellation policy

Please cancel if you know you won't attend so others can reserve space

Location

Oregon Convention Center 777 NE Martin Luther King Jr Blvd, Portland, OR, 97232, United States Get Directions

Organizer

Comments