Loading…
CircleCityCon 2016 has ended
Back To Schedule
Saturday, June 11 • 11:00am - 12:00pm
Bootstrapping A Security Research Project

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

It has become increasingly common to see a headline in the mainstream media talking about the latest car, television, or other IoT device being hacked (hopefully by a researcher). In each report, blog, or presentation, we learn about the alarming lack of security and privacy associated with the device’s hardware, communications mechanisms, software/app, and hosting infrastructure in addition to how easy it might be for an attacker to take advantage of one, or multiple, threat vectors.

The truth is, anyone can perform this kind of research if given the right guidance. To many security professionals, however, the act of researching something isn’t the problem…it’s what to research, how to start, and when to stop. Academics think nothing of researching something until they feel it’s “done” (or their funding/tenure runs out). Security professionals, however, often do not have that luxury.

This session will discuss how to research, well, ANYTHING. Proven methods for starting, continuing, ending, leading, and collaborating on reproducible research will be discussed – taking into account real-world constraints such as time, money, and a personal life. We will also discuss how to generate data, design your experiments, analyze your results, and present (and in some cases defend) your research to the public.

Speakers
avatar for Andrew Hay

Andrew Hay

CISO, DataGravity
Andrew Hay is the CISO at DataGravity where he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy. Prior to that, Andrew was the Director of Research at OpenDNS... Read More →


Saturday June 11, 2016 11:00am - 12:00pm EDT
Track 2 – Cap 2