Schedule

Registration Times:

Check-in table located on second floor in front of the conference theater

Tuesday – 7:00PM to 10:00PM
Wednesday – 7:00AM to 10:00AM, 3:00PM to 8:00PM
Thursday – 5:00PM to 10:00PM
Friday – 8:00AM to 11:00AM, 12:00PM to 3:00PM, 6:00PM to 8:00PM
Saturday – 8:00AM to 11:00AM
Sunday – T-shirt booth

Shuttle Times:

DerbyCon will provide shuttle service from the Louisville Airport (SDF). The shuttle will run at half hour increments (may vary based on traffic). Those looking to use the shuttle, go to the ARRIVALS in Louisville (upper floor) and go to the very end by Southwest. The shuttle is a 15 person bus and will be labeled DerbyCon.

Tips are appreciated.

Shuttle times:

Thursday: 9AM – Midnight
Friday: 9AM – 1:00PM
Sunday: 9AM – 8:00PM


Schedule of Events:

[tt_timetable event=’carlos-perez-thinking-purple,mubix-rob-fuller-writing-malware-while-the-blue-team-is-staring-at-you,tyler-halfpop-jacob-soo-macs-get-sick-too,will-schroeder-matt-nelson-a-year-in-the-empire,ben0xa-powershell-secrets-and-tactics,marcello-salvati-crackmapexec-owning-active-directory-by-using-active-directory,paul-coggin-exploiting-first-hop-protocols-to-own-the-network,nir-valtman-patrick-watson-breaking-payment-points-of-interaction-poi,ed-skoudis-internet-of-things-voice-control-ai-and-office-automation-building-your-very-own-j-a-r-v-i-s,christopher-hadnagy-mind-reading-for-fun-and-profit-using-disc,joe-desimone-hunting-for-exploit-kits,kevin-johnson-and-jason-gillam-next-gen-web-pen-testing-handling-modern-applications-in-a-penetration-test,michael-allen-beyond-the-cript-practical-ios-reverse-engineering,rockie-brockway-adam-hogan-adaptation-of-the-security-sub-culture,nick-landers-outlook-and-exchange-for-the-bad-guys,david-maloney-james-lee-brent-cook-tod-beardsley-lance-sanchez-metasploit-townhall,jduck,stephen-breen-chris-mallz-just-add-water-instant-privilege-escalation-on-all-versions-of-windows-with-potato,ken-johnson-chris-gates-devoops-redux,jayson-e-street-and-bad-mistakes-ive-made-a-few,zach-grace-brian-genz-better-network-defense-through-threat-injection-and-hunting,valerie-thomas-and-harry-regan-its-never-so-bad-that-it-cant-get-worse,michael-gough-from-commodity-to-advanced-apt-malware-are-automated-malware-analysis-sandboxes-as-useful-as-your-own-basic-manual-analysis,parker-schmitt-data-obfuscation-how-to-hide-data-and-payloads-to-make-them-not-exist-in-a-mathematically-optimal-way,arian-j-evans-james-pleger-top-10-2015-2016-compromise-patterns-observed-how-to-use-non-traditional-internet-datasets-to-detect-avoid-them,nick-cano-1000000-0-cloning-a-game-using-game-hacking-and-terabytes-of-data,ryan-voloch-and-peter-giannoutsos-to-catch-a-penetration-tester-top-siem-use-cases,matthew-dunwoody-nick-carr-no-easy-breach-challenges-and-lessons-from-an-epic-investigation,nyxgeek-hacking-lync-or-the-weakest-lync,nathan-clark-awsht-pay-as-you-go-mobile-penetration-testing,mark-mager-defeating-the-latest-advances-in-script-obfuscation,2903,opening-ceremonies-derbycon-team,lunch,key-note-jeffrey-snover-lee-holmes,jason-smith-go-with-the-flow-get-started-with-flow-analysis-quickly-and-cheaply,devon-greene-abusing-rtf-exploitation-evasion-and-exfiltration,aaron-lafferty-information-security-proposed-solutions-series-1-talent,alfredo-ramirez-dnssux-why-dnssec-makes-us-weaker,wartortell-nose-breathing-101-a-guide-to-infosec-interviewing,william-mclaughlin-android-patchwork-convincing-apps-to-do-what-you-want-them-to,spencer-mcintyre-is-that-a-penguin-in-my-windows,brent-white-tim-roberts-real-world-attacks-vs-check-box-security,natalie-vanatta-arrr-maties-a-map-to-the-legal-hack-back,michael-wharton-project-mvp-hacking-and-protecting-sharepoint,kevin-gennuso-responder-for-purple-teams,ken-toler-metaprogramming-in-ruby-and-doing-it-wrong,nancy-snoke-evolving-your-offices-security-culture,michael-schearer-confronting-obesity-in-infosec,patrick-mathieu-burpsmartbuster-a-smart-way-to-find-hidden-treasures,breaking-credit-card-tokenization-without-cryptanalysis,attacking-evilcorp-anatomy-of-a-corporate-hack,phishing-without-failure-and-frustration,new-shiny-in-metasploit-framework,embrace-the-bogeyman-tactical-fear-mongering-for-those-who-penetrate,how-to-social-engineer-your-way-into-your-dream-job,make-stehm-great-again,breaking-android-apps-for-fun-and-profit,attacking-adfs-endpoints-with-powershell,deploying-paws-as-part-of-a-strategy-to-limit-credential-theft-and-lateral-movement,living-off-the-land-2-a-minimalists-guide-to-windows-defense,i-dont-give-one-iota-introducing-the-internet-of-things-attack-methodology,five-year-checkup-the-state-of-insulin-pump-security,introducing-deepbluecli-a-powershell-module-for-hunt-teaming-via-windows-event-logs,attackers-hunt-sysadmins-its-time-to-fight-back,python-3-its-time,so-youve-inherited-a-security-department-now-what,business-developement-the-best-non-four-letter-dirty-word-in-infosec,point-of-sale-voyuer-threat-actor-attribution-through-pos-honeypots,anti-forensics-af,penetration-testing-trends,using-binary-ninja-for-modern-malware-analysis,scripting-myself-out-of-a-job-automating-the-penetration-test-with-apt2,dns-in-enterprise-ir-collection-analysis-and-response,reverse-engineering-all-the-malware-and-why-you-should-stop,the-90s-called-they-want-their-technology-back,tool-drop-2-0-free-as-in-pizza,the-art-of-war-attacking-the-organization-and-raising-the-defense,managed-to-mangled-exploitation-of-enterprise-network-management-systems,garbage-in-garbage-out-generating-useful-log-data-in-complex-environments,fuzzing-basics-how-to-break-software,hacking-for-homeschoolers-stem-projects-for-under-20,need-more-sleep-rest-could-help,uncovering-the-black-energy-malware,body-hacking-101-or-a-healthy-lifestyle-for-security-pros,were-a-shooting-gallery-now-what,malicious-office-doc-analysis-for-everyone,the-1337-gods-of-geek-mythology,open-source-intelligence-what-i-learned-by-being-an-osint-creeper,finding-your-balance,hashcat-state-of-the-union,establishing-a-foothold-with-javascript,overcoming-imposter-syndrome-even-if-youre-totally-faking-it,security-v-ops-bridging-the-gap,from-gaming-to-hacking-the-planet,sql-server-hacking-on-scale-using-powershell,dive-into-dsl-digital-response-analysis-with-elasticsearch,making-our-profession-more-professional,how-are-tickets-paid-for,security-automation-in-your-continuous-integration-pipeline,cruise-ship-security-or-hacking-the-high-seas,web-security-for-dummies,i-love-mybff-brute-force-framework,nobody-gets-fired-by-choosing-ibm-but-maybe-they-should,shackles-shims-and-shivs-understanding-bypass-techniques,dan-bougere-the-beginners-guide-to-ics,introducing-powershell-into-your-arsenal-with-psattack,hardening-aws-environments-and-automating-incident-response-for-aws-compromises,invoke-obfuscation-powershell-obfusk8tion-techniques-how-to-try-to-detect-them,mariadb-lock-it-down-like-a-chastity-belt,recharging-penetration-testing-to-maximize-value,yara-rule-qa-cant-i-write-code-to-do-this-for-me,mobile-device-forensics,iot-defenses-software-hardware-wireless-and-cloud,poetically-opaque-or-other-john-updike-quotes,java-rats-not-even-your-macs-are-safe,hashview-a-new-tool-aimed-to-improve-your-password-cracking-endeavors,static-pie-how-and-why,hack-yourself-building-a-pentesting-lab,the-advanced-persistent-pentester-all-your-networks-are-belong-2-us,hardware-hacking-the-easyware-way,finding-a-weak-link-attacking-windows-oem-kernel-drivers,abusing-linux-trust-relationships-authentication-back-alleys-and-forgotten-features,samsung-pay-tokenized-numbers-flaws-and-issues,fire-away-sinking-the-next-gen-firewall,introduction-to-assembly-logic-flows,packetko-data-exfiltration-via-port-knocking,ransomware-an-overview,the-beginners-guide-to-ics-how-to-never-sleep-soundly-again,quick-break,closing-ceremony,open,ransomware-an-overview-jamie-murdock,the-beginners-guide-to-ics-how-to-never-sleep-soundly-again-dan-bougere’ event_category=’friday,saturday,sunday’ columns=’track-1,track-2,track-3,track-4,track-5-stable-talks’ hour_category=’Friday,Saturday,Sunday’ filter_style=’tabs’ filter_kind=’event_category’ time_format=’g:i a’ hide_all_events_view=’1′ show_end_hour=’1′ event_layout=’3′ box_bg_color=’6fa375′ box_hours_txt_color=’000000′ box_hours_hover_txt_color=’000000′ filter_color=’353C40′ text_align=’left’ event_description_responsive=’description-1-and-description-2′ custom_css=’.tt_timetable .event .event_header {font-size:16px;font-weight:normal;}.tt_timetable th {font-size:18px;font-weight:normal;}’]