Talkin' Security - June 2019

Join us on Monday, june 24th for the sixth Talkin' Security event of the year

AGENDA

6:00 - 6:15pm: Networking

6:15 - 6:30pm: Introduction

6:30 - 7:15pm: Inon Shkedy - Testing and Hacking APIs

Speaker Bio: Inon Shkedy has 7 years of experience in application security. He started his career in a red team in a government organization for 5 years, and then moved to the Silicon Valley to learn more about startups, modern applications and APIs. Today he provides consultation to various companies, and leads the research for Salt Security in the field of API security.

Summary of the Talk: Most of the modern applications that have been developed in the last years deeply rely on APIs, including web, mobile and IOT apps. APIs are different than traditional web servers in many ways. This change might be confusing and challenging for pentesters and security researches.
Come to learn how to leverage the new battleground to your advantage and:

1. Understand the underlying implementation of the application from the API traffic
2. Detect potential vulnerable points in APIs
3. Perform a successful and effective pen test in modern applications

7:15 - 7:30pm: Networking

7:30 - 8:15: Kirby Linvill - “uncrackable” communications through physics: QKD

Speaker Bio: Kirby Linvill works for Accenture Labs on applications of quantum computing and other specialized forms of compute. He is a generalist with a degree in computer science who has worn many hats from developer to admin to architect to researcher. He is an budding hobbyist in the security space with the distinction of having exactly 0 professional security experience. He is an avid learner and is always happy to grow and share his current knowledge base. If you see him around, come say hi!

Summary of the Talk: Quantum Key Distribution (QKD) uses quantum mechanical phenomena to create shared One-Time Pads (OTPs) that can be used for uncrackable future communications (assuming the OTP is never reused). QKD is often also referred to as unhackable since the protocols often build in the ability to detect an eavesdropper on the quantum channel. This talk will cover some of the basic quantum distribution protocols, and the phenomena behind how they work, as well as their weaknesses (often in the physical implementations required for these protocols) that leave these methods hackable, if not crackable.

• What to bring
Brilliant ideas, positive energy and good jokes