Friday, April 9, 2021 - 11AM EDT live on YouTube

April 9th is a very special day for the SCYTHE herd, it is National Unicorn Day and out annual user conference: UniCon. We invite you to join the herd as we leave the past behind and leap boldly ahead into the new year.

Come hear the best from our customers and friends at our second annual UniCon. UniCon is a free conference for the entire purple team: security researchers, developers, red teamers, blue teamers, and digital forensics and incident responders. Don’t miss your chance to be a part of the most magical, exciting, and interactive Cyber Conference of the year.  

We look forward to making a better future, together.


JOIN US LIVE

Keynote Presenters

Olaf Hartong

Olaf Hartong is a Defensive Specialist and security researcher at FalconForce. He specialises in understanding the attacker tradecraft and thereby improving detection. He has a varied background in blue and purple team operations, network engineering, and security transformation projects. Olaf has presented at many industry conferences including Black Hat, DEF CON, DerbyCon, Splunk .conf, FIRST, MITRE ATT&CKcon, and various other conferences. Olaf is the author of various tools including ThreatHunting for Splunk, ATTACKdatamap and Sysmon-modular. He maintains a blog at https://olafhartong.nl

John Strand

John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.  He is a coveted speaker and much loved SANS teacher. John is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks.

UniCon21 Agenda

Time (Eastern Time)

Presentation

Presenter

11am
10 mins

Welcome to UniCon!

Bryson Bort and Jorge Orchilles, SCYTHE

11:10am
50 mins

Welcome Keynote and Fireside Chat:1-10-60 Detection Metrics

Dmitri Alperovitch and Bryson Bort

Gula Tech Foundation and Lauren Buitta from Girl Security

12:00pm
25 mins

Finding the Blindspots – Training, Tuning, and Showing Results

Ben Finke, OnDefend

12:30pm
25 mins

Cool, the Purple Team exercise is done: Now What?

Daniel DeCloss, PlexTrac

1pm

Keynote

Dave Kennedy, @HackingDave, TrustedSec

2pm
25 mins

Managed Detection and Response

Randy Pargman and Justin Schmitt, Binary Defense

2:30pm
25 mins

Syscalls in C# - brought to you by Dynamic Invoke!

Jean-François Maes, NVISO

3pm
50 mins
30min + 20 q&a

Panel - How to Conduct Security Assessments on Critical Infrastructure.

Megan Samford, Corey T Jackson, Jacob Kamieniak, Brian Wisniewski

from Schneider Electric, SACRO, LLC, GE, & United States Army Reserve Innovation Command

Gula Tech Foundation and Darold Kelly Jr. from the Black Cyber Association

4pm
25 mins

Big bad guys, compliance and a tiny budget

Urban Jonson, NMFTA

4:30pm
50 mins

Purple Teams and the CURES Act, why they're needed for providing patients their data

Mitch Parker, IU Health

Gula Tech Foundation and Kendra Parlock from Npower

5:30pm

Closing Fireside Chat - Boundary Protection to Mitigate Occupational Burnout

Magen Wu, Urbane Security & Elizabeth Wharton, SCYTHE

Capture the Flag

We have a brand new CTF that will debut. This one is for the entire Purple Team, whether you are Red Team, Security Operations, Hunt Team, or Digital Forensics and Incident Response. We all need to know what our payloads do before deploying them in an environment. We will create various synthetic malware and you will need to tell us what they do!

We’ve detected malicious activity on an endpoint after a recruiter downloaded a resume.doc which executed some sort of malware. We were able to take that endpoint offline before it could do any major damage (we think), but we’d like you to investigate what exactly the executable does. This CTF will be 3 levels and require you to run 3 different pieces of synthetic malware and analyze what it does. Level 1 and 2 are question/answer format while level 3 asks you to go way deeper. More details coming soon!

Special Appearances

Cyndi Gula, Gula Tech Adventures

Ron Gula, Gula Tech Adventures

Ron and Cyndi Gula created the Gula Tech Foundation to amplify the impact of cybersecurity nonprofit organizations. The Gula Tech Foundation operates a $1,000,000 competitive grant process for cybersecurity nonprofits multiple times a year. Each grant competition has a unique cybersecurity focus. Grant winners receive a financial donation and will have the opportunity to participate in an all-expenses-paid marketing program to elevate public awareness of their organization.

The January 2021 grant program focused on nonprofits which increase African American engagement with cybersecurity.
The three winners were Black Cybersecurity AssociationNPower Inc and Girlsecurity.

The winners will be given time to speak, and we look forward to learning from their experience.

We are honored to have Ron and Cyndi Gula take part in UniCon21, and grateful for the opportunity to learn from their leadership as they break down barriers in the community.