Las Vegas Convention Center, West Hall, Level 2, Rooms 228-230
New location for 2024!!! Not on the Vegas Strip.
Village Hours
| Day 1 | Friday, August 9, 10am - 6pm |
|---|---|
| Day 2 | Saturday, August 10, 10am - 6pm |
| Day 3 | Sunday, August 11, 10am - 1pm |
All times are in Pacific Time(GMT -7)
Day 1 - August 09, 2024
10:00
Harley Wilson
10:15
Winning big: AppSec Considerations From the Casino Industry
Talk All Audiences
Aleise McGowan
Tennisha Martin
11:00
Ofir Yakobi
Shir Sadon
Yossi Pik
Arsenal: CyberChef like Automation within BurpSuite - Let's get cooking with the CSTC
Arsenal All Audiences
Florian Haag
Matthias Göhring
Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian
POD
mcdwayne
Mário Leitão-Teixeira
Mind-Controlling Other Applications: An intro to intra-process hacking
Workshop Intermediate
ILOVEPIE
Securing Frontends at Scale: Paving our Way to the Post-XSS World
Talk Intermediate
jen-ozmen
Aaron Shim
11:45
Iggy
12:30
Hacking Corporate Banking for Fun and Profit
Talk All Audiences
niks
Charles Waterhouse
13:00
Arsenal: GraphQL Armor - Open Source GraphQL Security
Arsenal All Audiences
Tristan Kalos
Antoine Carossio
13:15
SDLC Nightmares - Defeating Secure Code Review GPT Hallucinations
Talk All Audiences
Wang Zhilong
Xinzhi Luo
14:00
Ian Hickey
14:45
Adam Shostack
15:00
Arsenal: Introducing RAVEN - Discovering and Analyzing CI/CD Vulnerabilities in Scale
Arsenal Intermediate
Elad Pticha
Oreen Livni
The Open Source Fortress: Finding Vulnerabilities in Your Codebase Using Open Source Tools
Workshop Intermediate
iosifache
Arsenal: HunterBounter - Swiss Army Knife for Bug Bounty
Arsenal Intermediate
Utku Yildirim
Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian
POD
mcdwayne
Activity: Hacking Developers’ Trust – Faking GitHub Contribution by Checkmarx
POD
Ori Ron
Tal Folkman
15:30
Fine Grained Authorisation with Relationship-Based Access Control
Talk Intermediate
Ben Dechrai
16:15
I've got 99 problems but a prompt injection ain't watermelon
Talk All Audiences
Chloé Messdaghi
Kasimir Schulz
17:00
When Chatbots Go Rogue – Lessons Learned from Building and Defending LLM Applications
Talk All Audiences
Javan Rasokat
Andra
Day 2 - August 10, 2024
10:00
Harley Wilson
10:15
Navigating the Cyber Security Labyrinth: Choose Your Own Security Adventure?
Talk All Audiences
punkcoder
11:00
AreTillery
kvprashant
Gaurav Joshi
HK
BOLABuster: Harnessing LLMs for Automating BOLA Detection
Talk All Audiences
Ravid Mazon
Jay Chen
Ankush
Activity: Vulnerability Hunt - The Snippets Edition
POD
Mário Leitão-Teixeira
Eugene Rojavski
11:40
Unlocking the Gates - Understanding Authentication Bypass Vulnerabilities
Talk All Audiences
Vikas Khanna
12:20
SheHacksPurple
13:00
Yossi Pik
Transforming AppSec: Protecting 'Everything as Code' & Emerging Tech
Panel All Audiences
Kunal Bhattacharya
Shahar Man
Trupti Shiralkar
Sara Attarzadeh
Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian
POD
mcdwayne
Jasper Insinger
14:00
Peiyu Wang
14:40
Engineers & Exploits: The Quest for Security
Talk Intermediate
Spyros Gasteratos
Andra
15:00
Injecting and Detecting Backdoors in Code Completion Models
Workshop Intermediate
Tal Folkman
Ori Ron
Yossi Pik
Activity: Spot the Secrets: Finding Secrets Throughout Your Environments by GitGuardian
POD
mcdwayne
Activity: API Security 101: Testing and Trivia by Akto.io
PODAnkita Gupta
Ankush Jain
15:20
Speed Bumps and Speed Hacks: Adventures in Car Manufacturers Security
Talk All Audiences
Paulo A. Silva
David Sopas
16:00
Cassie Crossley
16:40
0.0.0.0 Day: Exploiting Localhost APIs From The Browser
Talk Advanced
Avi Lumelsky
Gal Elbaz
17:20
Jason Haddix
Day 3 - August 11, 2024
10:00
Harley Wilson
10:15
The Immortal Retrofuturism of Mainframe Computers and How to Keep Them Safe
Talk Intro
Michelle Eggers
10:45
alevsk
11:00
Gridlock: The Dual-Edged Sword of EV and Solar APIs in Grid Security
Talk Intermediate
Vangelis Stykas
Arsenal: Kubescape - OSS security from left to right and everything in the middle
Arsenal Intermediate
Activity: Threat modelling fun session with OWASP Cornucopia
POD Intermediate
Konstantinos Papapanagiotou
Andra
Activity: Hacking Developers’ Trust – Faking GitHub Contribution by Checkmarx
POD
Ori Ron
Mário Leitão-Teixeira
Tal Folkman
11:45
Your CI/CD Pipeline Is Vulnerable, But It's Not Your Fault
Talk Intermediate
Elad Pticha
Oreen Livni
12:30
jgamblin
Thanks to our Sponsors
Gold Sponsors
Silver Sponsors
Hacker Fuel Sponsor
CTF Prize Sponsor
