Registration Registration for workshops will open once the schedule is announced





So you’d like to present at a conference

Joe FitzPatrick (@securelyfitz)

So, you’d like to present at a conference? Awesome - but making that decision is just the first step of a long journey. This workshop is primarily intended for people who already have ideas of things to present, but need some help fine-tuning them and understanding the process. We’ll start off in a lecture format covering all the parts of preparing, submitting and presenting your work, answering a lot of questions you might ask yourself. We’ll proceed into an extended question and answer session. Think of your questions ahead of time, and perhaps even ask them before the workshop. Finally, we’ll use the remaining time to team up in groups to share our ideas and give each other feedback. Hopefully you’ll leave with a better idea of how to navigate the process, as well as a clearer idea of how to structure your submission and presentation.’


Capture The Flag (CTF) With Feedback

Jens Mache and Richard

Capture the flag (CTF) exercises can be great practice and fun. However, sometimes things get complicated. Even the best of us may sometimes be lost, move in the wrong direction or get frustrated. In this workshop, not only are we giving you an overview and access to several CTF exercises, you are also provided feedback and hints (in case you need some). This way, everybody who shows up and spends some time can successfully complete the CTF exercises. Short descriptions at https://edurange.org/scenarios.html

‘Jens’ certifications include SANS/ GIAC Certified Intrusion Analyst (GCIA), Penetration Tester (GPEN), Incident Handler (GCIH). Jens has been teaching security since 2007. Richard participated in the performance analysis of the Rijndael algorithm, which became AES. He has been teaching security and information assurance since 2003.


Resume Tuning Workshop

A. Skye and Ali .H

Help people write their resumes with a Cybersecurity focus, tune existing resumes to highlight in-demand skills, and discuss interviewing techniques that can help get people hired in the Cybersecurity industry.’

A. and Ali both like cake


Incident Response for Artificial Intelligence: Playtest New Tabletop Exercises with the AIRCTL Project for fun and stickers

Jonathan Reiter and Emily Soward

Learn how to respond to security incidents involving Artificial Intelligence (AI) with the AIRCTL Project team. Join this hands-on workshop about preparing for common incident response (IR) scenarios using tabletop exercises. We will facilitate playtesting of a pre-release AI-themed expansion to Backdoors and Breaches, the tabletop game by Black Hills Information Security. In three sections of instructor-guided learning, participants will learn how to run a realistic tabletop IR exercise for an environment where your job is to protect cutting edge AI technology and R&D assets. NO artificial intelligence experience needed to play!

Participants will attend an introductory briefing by the AIRCTL team on AI for security professionals, four common types of AI incidents, and the mechanics of the Backdoors & Breaches tabletop IR game.

Participants will then form teams, get guidance for your scenario, and breakout to roleplay as an Incident Responder or Incident Commander for a facilitated playtest of one of the common AI incident scenarios: R&D compromise, material breach via AI path, AI defacement & manipulation, AI exploitation.

Be prepared to commit at least one hour to the session to experience all segments. The intro briefing is 10 minutes with short Q&A. Each game scenario takes 30-60 minutes for play, depending on the IR team. Debrief discussion and exit survey will take roughly 20 minutes. An optional “all hands” debrief will follow.

Participants who playtest any of the AIRCTL Project IR scenarios and share their experiences and ideas as feedback will be eligible for playtester credit on the AIRCTL pages — we want to see the community win and appreciate your time with us has value. We will be sharing a limited number of printed game materials, which attendees can take home. The session will not be recorded but notes and photos with consent are welcome.’

Jonathan is a Principal Engineer at Dragos. In his day job he builds telemetry and detection systems for ICS sensor networks. He also has about a decade of experience architecting and benchmarking predictive systems, ranging from dynamic pricing systems to security event classifiers, at petabyte scale. Emily Soward is the Co-founder of the AIRCTL Project for AI Incident Management. She works as a Scientist and Global Tech Lead for AI Security & Privacy at Amazon Web Services (AWS) where she provides strategic and technical leadership for applied security internally and externally for AWS Customers. She has over a decade of AI R&D experience in engineering, scientific, and technical leadership roles, and got into Security and Privacy through her work in controls engineering and testing for AI systems in high-risk environments, including bringing complex AI systems under test and developing remediation and resiliency strategies. She has both taken AI systems to production and implemented controls for AI governance and ML operations across multiple regulated industries.