BSides Tallahassee is the local conference of Security BSides,
a community-driven framework for and by
information security
community members to present and participate in an intimate & collaborative atmosphere featuring discussions, demos, &interaction from participants.
The Community Track is open to anyone interested in cyber security. Pre-registration guarantees BSides TLH goodies and door prize entries. Additional attendees will be admitted at the door based on availability.
The Professional Track is reserved for those already involved in the cyber security field seeking discussion on advanced topics. Registration is required to participate in Professional Track activities.
import os
import random
os.umask(0000)
class FSLocalStorageException(BaseException):
pass
class FSLocalStorageCriticalException(BaseException):
pass
class FSLocalStorage(object):
def __init__(self, _root_path=None, _data_folder='data', _from_folder='1', _to_folder='2', status_file='.last'):
if not _root_path:
self.root_path = os.path.dirname(os.path.abspath(__file__))
else:
self.root_path = _root_path
if not os.path.exists(self.root_path):
raise FSLocalStorageCriticalException("Root path is invalid!")
#
self.data_dir = os.path.join(self.root_path, _data_folder)
if not os.path.exists(self.data_dir):
os.mkdir(self.data_dir)
#
self.from_agent_folder = _from_folder
self.to_agent_folder = _to_folder
self.status_file = status_file
def init_storage_for_agent(self, agent_id):
agent_folder = os.path.join(self.data_dir, str(agent_id))
if not os.path.exists(agent_folder):
print "# FSLocalStorage: NEW ", str(agent_id)
os.mkdir(agent_folder)
os.mkdir(os.path.join(agent_folder, self.to_agent_folder))
os.mkdir(os.path.join(agent_folder, self.from_agent_folder))
else:
to_folder = os.path.join(agent_folder, self.to_agent_folder)
if not os.path.exists(to_folder):
os.mkdir(to_folder)
from_folder = os.path.join(agent_folder, self.from_agent_folder)
if not os.path.exists(from_folder):
os.mkdir(from_folder)
return agent_folder
def get_oldest_filename(self, agent_id, stream):
agent_folder = os.path.join(self.init_storage_for_agent(agent_id), stream)
files = filter(lambda x: os.path.isfile(os.path.join(agent_folder, x)), os.listdir(unicode(agent_folder)))
if files:
files = sorted(files, key=lambda x: os.stat(os.path.join(agent_folder, x)).st_ctime)
return os.path.join(agent_folder, files[0])
else:
return None
def get_filename_by_mark(self, agent_id, stream, mark):
agent_folder = os.path.join(self.init_storage_for_agent(agent_id), stream)
filename = os.path.join(agent_folder, mark)
if os.path.exists(filename):
return filename
else:
return None
def read_last_data(self, agent_id, stream):
mark = ''
res_body = ''
fname = self.get_oldest_filename(agent_id, stream)
if fname and os.path.isfile(fname):
# read oldest
f = open(fname, 'rb')
res_body = f.read()
f.close()
mark = os.path.split(fname)[1]
return mark, res_body
def remove_data(self, agent_id, stream, mark):
mark = mark.replace('/', '').replace('\\', '').replace("..", '')
fname = self.get_filename_by_mark(agent_id, stream, mark)
if fname and os.path.isfile(fname):
os.unlink(fname)
def write_data(self, agent_id, stream, data):
agent_folder = os.path.join(self.init_storage_for_agent(agent_id), stream)
fname = os.path.join(agent_folder, str(random.randint(0, 0xffffffff)))
f = open(fname, 'wb')
f.write(data)
f.close()
# Agent communication
def save_data_from_agent(self, agent_id, data):
self.write_data(agent_id, self.from_agent_folder, data)
def get_data_for_agent(self, agent_id):
return self.read_last_data(agent_id, self.to_agent_folder)
def data_for_agent_accepted(self, agent_id, mark):
return self.remove_data(agent_id, self.to_agent_folder, mark)
def save_status_info_for_agent(self, agent_id, info):
agent_folder = self.init_storage_for_agent(agent_id)
status_file = os.path.join(agent_folder, self.status_file)
f = open(status_file, "w")
f.write(info)
f.close()
def get_status_info_for_agent(self, agent_id):
agent_folder = self.init_storage_for_agent(agent_id)
status_file = os.path.join(agent_folder, self.status_file)
info = ''
try:
f = open(status_file, "r")
info = f.read()
f.close()
except:
print "# FSLocalStorage: Cannot to open and read status file for %d !" % agent_id
return info
# CC communication
def get_agents_list(self):
aids = map(lambda x: int(x), filter(lambda x: x.isdigit(), os.listdir(self.data_dir)))
return aids
def save_data_for_agent(self, agent_id, data):
self.write_data(agent_id, self.to_agent_folder, data)
def get_data_from_agent(self, agent_id):
return self.read_last_data(agent_id, self.from_agent_folder)
def data_from_agent_accepted(self, agent_id, mark):
return self.remove_data(agent_id, self.from_agent_folder, mark)
Speakers
Keynote Speaker
Thomas Vaughn
Chief Information Security Officer
Agency for State Technology
Thomas Vaughn has over 25 years of experience in information security, cyber intelligence analysis, systems and network engineering, IT project management, and planning at the local, regional, and enterprise levels. He has broad technical knowledge and proven application of analytical processes, with hands-on experience beyond the technical arena, including emergency operations, physical security, and strategic planning.
Mr. Vaughn most recently served as the Information Security Manager for the Department of Corrections. His previous experience includes both public and private sector IT security roles, including with the U.S. Air Force and the U.S. Coast Guard.
Mr. Vaughn has a Bachelor of Science in Computer Information Systems from Troy University and a Master of Strategic Intelligence from the American Military University.
Christopher Peacock
vSOC Security Analyst
Raytheon Contractor
vSOC Security Analyst for one of the world's top defense contractors, providing expertise to to organizations across multiple industries. Chris is from the first TCC Cybersecurity graduating class. He has security experience in the finance, healthcare, and defense sectors. He also has experience as a SANS Facilitator. Chris holds current certifications of GCED, CCNA CyberOps, Security+, and Network+.
Nicholas Carroll
Security Engineer
TEKsystems
Information security manager and lead cyber security instructor with a knowledge base proven through practical work and certifications including Certified Ethical Hacker, Certified Network Defense Architect, CASP, CCNA Security, MCSE, and more.
Craig Galley
Information Security Officer
City of Jacksonville
IT Security Professional since 2001 with a B.S. in Information Science from the University of North Florida and certified in CISSP, CSSLP, GSLC, GCED, GSEC, GISP, and Security+. Early in his career, Craig was responsible for deployment and management of network prevention controls in the private sector. His focus shifted to application development with a desire to lead secure coding best practices while chaired on Information Security Steering committees and managing large development projects and teams. Craig currently manages and directs an Information Security Program in the public sector.
Sarah Power
Business Project Manager
FBMC Benefits Management
Project Management Professional and Certified Professional Scrum Master currently managing 16 projects owned by nationally-based clients and 40 internal projects for FBMC.
Wes Lambert
Senior Engineer
Security Onion Solutions
Senior Engineer at Security Onion Solutions, where he helps companies to implement enterprise security monitoring solutions and better understand their computer networks. Wes is a huge fan of open source software projects, and loves to solve problems and enhance organizational security using completely free and easily deployable tools.
Amy Hollen
Media Specialist
Florida State University
Front-end developer and social media strategist having developed public-facing communication and account security policy.
Eric Waters
Security Engineer
AutomationDirect
Information Technology professional for over 20 years. Eric spent almost 10 years in technology management before deciding to concentrate on Information Security full time. He specializes in internal penetration testing, security monitoring, and security automation. He holds a Bachelor of Science in Information Security, GPEN, and is a member of the GIAC advisory board.
Stacey Banks
Cyber Navigator
Florida Department of State
Over 20 years of experience in IT and information security within the public and private sectors. Her focus is on government regulatory compliance, IT audit, physical penetration testing, and security training.
Matthew Batten
Security Engineer
Six Gen
Red Team Security Engineer conducting Red Team operations and penetration tests for SixGen. Matt has seven years of experience in the information security field and operated on an NSA Certified DOD Red Team. U.S. Marine Corps Veteran that specialized in Signals Intelligence. Current certifications include, CISSP, OSCP, CEH, and more.
Danny Zastrow
Senior. Info Sec Engineer
Mayo Healthcare
Vulnerability Management and Penetration Tester for Mayo Healthcare in Rochester, MN. Danny has worked in Information Security for over 7 years, with experience in DOD, Law, Financial, and Healthcare environments.
Tony Mock
Chief Executive Officer
DT Cyber Security
Serves as CEO for DT Cyber Security, a small cyber security and data management company that he founded with the help of friends. Tony and DT Cyber Security are dedicated to secure communications and data storage leveraging unique intellectual property to provide emergent cutting edge encryption and a full suite of security related solutions for enterprise.
Connor Wilson
Information Security Analyst
Florida Department of State
Recent FSU graduate with a degree in Information Technology currently working at the Florida Department of State as an Information Security Analyst specializing in Elections security projects.
BSides Tallahassee is dedicated to providing a harassment-free conference experience for everyone, regardless of gender, gender identity and expression, age, sexual orientation, disability, physical appearance, body size, race, ethnicity, religion (or lack thereof), or technology choices. We do not tolerate harassment of conference participants in any form. Sexual language and imagery is not appropriate for any conference venue, including talks, workshops, parties, Twitter and other online media. Conference participants violating these rules may be sanctioned or expelled from the conference without a refund at the discretion of the conference organisers.
Read more >>
Harassment includes offensive verbal comments related to gender, gender identity and expression, age, sexual orientation, disability, physical appearance, body size, race, ethnicity, religion, technology choices, sexual images in public spaces, deliberate intimidation, stalking, following, harassing photography or recording, sustained disruption of talks or other events, inappropriate physical contact, and unwelcome sexual attention.
Participants asked to stop any harassing behavior are expected to comply immediately.
Sponsors are also subject to the anti-harassment policy. In particular, sponsors should not use sexualised images, activities, or other material. Booth staff (including volunteers) should not use sexualised clothing/uniforms/costumes, or otherwise create a sexualised environment.
If a participant engages in harassing behavior, the conference organisers may take any action they deem appropriate, including warning the offender or expulsion from the conference with no refund.
If you are being harassed, notice that someone else is being harassed, or have any other concerns, please contact a member of conference staff immediately. Conference staff can be identified as they'll be wearing branded clothing and/or badges.
Conference staff will be happy to help participants contact hotel/venue security or local law enforcement, provide escorts, or otherwise assist those experiencing harassment to feel safe for the duration of the conference. We value your attendance.
We expect participants to follow these rules at conference and workshop venues and conference-related social events.
Ensure you have the permission from anyone you photograph or record. This includes those in the background of your shot. “Crowd shots” from the front (facing the crowd) are strongly discouraged. No photo/video/audio recording in the Professional Track.
Read more >>
If you’ve accidentally taken a picture without permission, delete it. If you are asked by a participant to delete/blur a picture they did not give you permission to take, do so immediately.
We ask Press photographers to adhere to this policy, as well. A Press badge is not a pass to break these rules.
Upon a first infraction, you will receive one warning from BSides Tallahassee Staff. Upon a second infraction you will be asked to give up your device to BSides Tallahassee Safety & Security for the duration of the Con or to leave the Con with your device, your choice. You may return to the Con once you have deposited your device in a secure location, offsite.
Official BSides Tallahasse Photographers will be on site to photograph speakers, rear-facing crowds, and those who have expressed permission to be photographed.
conference of Security BSides,
