Security BSides Jeddah
Table of Contents

Security BSides Jeddah, a community-driven platform for organizing events for and by members of the information security community, is an event-building framework. The goal of the project is to broaden the range of conversation beyond the confines of time and space. It provides opportunities for people to present and take part in an intimate atmosphere that fosters collaboration. It is a lively event that includes demos, discussions, and interaction with participants. It is the place where the next-big-thing is being discussed. Register here. For more free events, click here. Join us for the panel discussion to discuss the “Future Challenges of CISOs” with top cybersecurity executives who will share their perspectives. We will be live at 20:00 (GMT +3)
The event will be streamed live on YouTube. The URL for the event will also be posted to our Twitter and LinkedIn accounts.
From Las Vegas (2009), to Jeddah (2021).
What they have to say about Security BSides
These events are corporate sponsored, centrally organized (though locally managed) and do not coincide with major conferences. However, the goal is to not draw people away from such events. Many people attend Black Hat, RSA Conference and SOURCE Boston to make new friends, even if they don’t attend the conference. Security B-Sides gives them another way to spend their day. They can either attend or present on the ‘next best thing” material.
HelpNet Security
Cybersecurity experts’ opinions:
“BSides” means community, conversation and content. BSides provides the building blocks for each of these things and more.
Jack Daniel “BSides is the TedX for security conferences. It brings a brand, format, and community to areas where it would be difficult to put on a conference.
Stephan Chenette “The perfect mix between professional talks, and relaxed atmosphere. There is something for everyone!
John Kozlowski
Schedule
10:00 – 10:45

Abdulrahman Al NimariReverse Engineering Binaries to the Max using GHIDRA
Since its March 2019 release by the NSA, Ghidra has been a game-changer. It is an open-source software-reverse engineering framework. It is feature-rich, customizable, and scalable. It is used extensively by IR and Malware Analysis teams in Cyber Security. We will demonstrate how to use the tool correctly and show you some of the advanced features that make it stand out from other tools.

Abdulrahman M Al SafahIdeas for Enhancing OT/ICS Cybersecurity Hiring
These topics briefly discuss the hiring process for End Users, Vendors, and Cybersecurity service companies and organizations. How to improve this process in light of the current shortage of experities on the market.
11:30 – 12:15

Rian SaatyDeep Diving into Kerberos and Its Attacks
The talk will begin by briefly explaining Windows OS authentication mechanisms like NTLMv1 and NTLMv2 as well as some of its flaws. The talk will then move on to the Kerberos protocol. This is the most mature and current authentication protocol that Microsoft has used up until now. The talk will also cover some of the most interesting attack vectors against Kerberos using real-world examples. 12:15 – 12:00
Break
12:45 – 13:30

Mohammad H AbdulaalHardware Development in Red Teaming Ops. – The Basics of Hardware Attacks: Rolling Code Circumvention.
This talk will provide an overview of the important role that hardware plays in cybersecurity. Red Teaming Operations is a major use of in-house developed apparatus. This talk will begin by showcasing some of the in-house developed apparatus. Examples include cable implants and USB Rubber Duckies. The presentation will also briefly address the basics of Hardware Penetration Testing. We will also show you how to bypass rolling code systems towards the end of the talk.