0

Days

00

Hours

00

Minutes

00

Seconds

BOSTON, MA

Online Virtual Conference: June 3 - June 5, 2020
Use discount code COMMUNITY for FREE ticket!

REGISTER NOW SUBMIT TALK

Welcome to Virtual SOURCE Boston!

SOURCE is a different kind of security conference. We are one part CISO conference, one part Hacker conference, and one part Career and Personal Development event. In addition to great tech talks and business case studies, we are one of the few conferences to address people-related issues in security head-on.

We are assembling an outstanding selection of speakers across a variety of disciplines, and are looking forward to bringing everyone together. Come for the talks, stay for the conversations.

Event Highlights:
- World class InfoSec Talks
- Multi-speaker event
- Business, technical and people-related talks
- Excellent networking opportunities
- Public speaking workshop

This year we will be expanding to a 3-day conference format, so we will have more content, more people, more activities, more fun!

We have some great things in store for you!

Conference Schedule

Click To Select Day

Conference Day One

June 3, 2020

Conference Day Two

June 4, 2020

Conference Day Three

June 5, 2020

Setup, Slack Networking, Opening Remarks

10:30am - 11am EST

More Info

We will kick things off at 10:30am each day. This will provide time for people to get online, speakers to get set up, and a good opportunity for some networking on slack, where our virtual hallway con will take place. Please try to be online by 10:45am latest if you can.

Please do take advantage of the slack channel during the three days of the event. It will make this a much richer experience and than just having the conference be a bunch of talks to watch online (not that there’s anything wrong with that either).

But one of SOURCE’s key elements is interaction, and we have a great community that shows up at these events. Please take advantage of the opportunity!

Leveraging Culture to Optimize Information Security

11am - 11:45am EST Don McKeown, Information Security Manager for a provider of healthcare solutions that facilitate effective clinical decisions

More Info

Abstract:
One often overlooked foundation of an effective information security program is culture. This talk will teach you the fundamentals of building a program that effectively leverages culture to optimize security.

An effective information security culture is one in which there is a consistent, shared belief that security should be proactive rather than reactive, that risks can be openly discussed, and that security is a process that needs to continually be monitored, evaluated, and improved.

In such cultures, staff widely understand and believe in leadership’s stated risk appetite for the organization. To build a strong culture, the organization needs to set information security leadership appropriately in the organizational structure. Once the right leadership structure is in place, it needs to create a strategy and a tactical plan. To create a strategy, it needs to understand the organization’s risk tolerance, codify it as policy, and communicate it. Based on risk tolerance, it needs to create a roadmap that moves the organization from ad hoc and compliance-based cultures to one that’s risk-based. Tactically, security management needs to regularly drive buy-in for risk tolerance and policy. In addition, management needs to foster a culture that learns from incidents and failures rather than a culture that focuses on assigning blame.

Bio:
Don McKeown is currently an information security manager for a provider of healthcare solutions that facilitate effective clinical decisions. There he developed and teaches a threat modeling course, teaches code scanning, contributes to corporate application security advisory committees, and consults for technical and product teams. Previously he helped mature security programs at LogMeIn and athenahealth. Before focusing exclusively on information security, he contributed to several infrastructure teams over many years. He earned an MBA with Distinction from Bentley University and holds the CISSP, CRISC, and GIAC Security Leadership (GSLC) certifications. For more information, go to https://www.donmckeown.net/.

Interactive Session: Speed Networking

11:45am - 12:30am EST SOURCE Team

More Info

Speed networking has become a perennial favorite of the SOURCE Conference, and is one of our defining features! During this session, we use a fun speed networking format to get a chance to meet some of our fellow attendees. It’s a great way to meet a few people that you will cross paths with many times over the next three days of the conference.

Not to be missed!

12:30pm - 1:30pm EST Lunch Break

How to bring rights to ethical hackers

1:30pm EST - 2:10pm EST Chloe Messdhagi, VP of Strategy at Point3 Security

More Info

Abstract:
Sixty percent of hackers don’t submit vulnerabilities due to the fear of out-of-date legislation, press coverage, and companies misdirected policies. This fear is based on socially constructed beliefs. This talk dives into the brain’s response to fear while focusing on increasing public awareness in order to bring legislation that supports ethical hackers, ending black hoodie and ski mask imagery, and encourage organizations to support bilateral trust within their policies.

Bio:
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine’s The Uncommon Journey, and runs the Hacker Book Club.

Securing Sanity: Talent Management with Remote Employees During Times of Crisis.

2:20pm - 3pm EST Stacy Thayer, Marin Kakachev

More Info

Abstract:

In light of the working from home phenomenon that has escalated due to Covid-19, working from home and maintaining mental health have come into the spotlight. While many people in the security industry have experience working from home, the escalation and pressure of technology needs and office shut downs have placed unique weight on the security and technology industries.

Knowing how to navigate the nuances of working from home and staying sane while doing so has become a priority for employees and for managers. It is also important for managers and leaders to know how to manage remote employees and to help support employees with struggles and challenges, as well as practice good self-care.

This talk will take a bottom-up and top-down approach to exploring remote employment and crisis management as it relates to talent management, leadership, and employee engagement.

The following topics will be discussed:
– Examine management theory and strategy when it comes to remote work.
– Examine perceptions and bias regarding remote work
– Economic impact to organization and employees of a fully remote or mostly remote workforce.
– Examine hiring practices, job descriptions and HR approaches to a remote workforce.
–  The importance of self care during workplace and how it can have a positive impact in all areas of life, for managers and employees
– Strategies for stress management, including addressing burnout, alcohol and drug addiction or overconsumption, and the risk they can pose to your career.
– Concerns and roadblocks to self-care, as well as how to find the find and resources, especially during times of crisis.
– The unique pressures of the security industry and the nuances of talent management and leadership in security

Bios:

Dr. Stacy Thayer has over 20 years’ experience working with professionals in the technical and security industry, and a PhD in Clinical and Organizational/Business Psychology. She currently works as a organizational consultant for I.T. and Security companies. Her clinical research has explored online communication as it relates to depression and anxiety, and factors that contribute to job satisfaction in the technology sector, and on burnout in the security industry. Her work in organizational and business psychology focuses on bridging the communication gap between technical and nontechnical working professionals. She is passionate about creating a positive and thriving working environment that will help support individual strengths and successes. Thayer was the Founder and Executive Director of SOURCE Conferences in Boston, Seattle, Barcelona, and Dublin before it was acquired in 2014 by Big Brain Security.  Thayer is currently going to school for an MBA and teaching Cyberpsychology and Behavior at California Lutheran

Marin M. Kakachev is passionate about all things related to talent management and organizational culture.  Currently employed at Wells Fargo, Marin explores the financial and economic impact of talent management programs and the remote workplace. Marin is also an active member of the Rotary Club of Simi Sunset and participates in community support and outreach activities year around both locally in Ventura County as well as internationally and is pursuing his MBA at California Lutheran University.

3-3:30pm EST Coffee/Networking Break

Managing Burnout & The New Normal: An interview w/Bill Brenner of the OCD Diaries

3:30pm - 4:15pm EST Bill Brenner, Directory of Research, IANS and Rob Cheyne, Executive Director, SOURCE Conference

More Info

Abstract: 
Bill Brenner has a long-running blog called the OCD Diaries that he recently re-booted in light of the Covid-19 situation. It’s a fantastic resource, and Bill has lots of great insights. In this session, Rob and Bill will discuss some of the topics in his blog as well as strategies for managing some of the chaos and uncertainty that we’re all dealing with right now.

Bio:
Bill Brenner is director of research at IANS and was previously senior tech writer and content strategist for Sophos and Akamai Technology’s Security Intelligence Research Team (Akamai SIRT). Before that, he was managing editor for CSOonline.com and senior writer for SearchSecurity.com. He also writes The OCD Diaries, a blog about public discourse and managing depression, addiction and anxiety.

Rob Cheyne is the CEO of Big Brain Security and Executive Director of SOURCE Conference. He has been both a builder and a breaker, and these days spends much of his time exploring strategies for improving the people side of the security equation.

Interactive Session: How YOU doin'?

4:15pm - 5pm EST Rob Cheyne, Executive Director, SOURCE Conference

More Info

Abstract:

In this session, Rob will follow up on his discussion with Bill by opening things up to the audience and leading an interactive discussion of the types of strategies people have been using to cope during the past three months.

What challenges have you faced? How have you managed them (or not)? I understand this might be a sensitive topic, but my hope is that sharing coping strategies can be very therapeutic for people. Participate or just sit back and listen, it’s up to you.

Virtual Reception/Hang out

5pm - 6pm EST (And perhaps longer if people still want to hang out)

More Info

We’ll finish the day with a virtual toast. Bring your beverage of choice and raise a glass! We did this in a previous event and it worked better than expected, so this should be fun. The level of interactivity on this will depend entirely on the number of people, so we’ll figure this one out on the fly.

Setup, Slack Networking, Opening Remarks

10:30am - 11am EST

More Info

We will kick things off at 10:30am each day. This will provide time for people to get online, speakers to get set up, and a good opportunity for some networking on slack, where our virtual hallway con will take place. Please try to be online by 10:45am latest if you can.

Please do take advantage of the slack channel during the three days of the event. It will make this a much richer experience and than just having the conference be a bunch of talks to watch online (not that there’s anything wrong with that either).

But one of SOURCE’s key elements is interaction, and we have a great community that shows up at these events. Please take advantage of the opportunity!

Hacking Web Apps - Professionally!

11am - 11:40am EST Scott Miller, Security Consultant, Synopsys

More Info

Abstract: 

Unless you’ve worked as a professional penetration tester, the actual process of testing an application and generating and delivering a
report is probably a mystery to you. Some web applications are quite big – where do you even start?

As a Security Consultant, I test new applications every week or every other week while maintaining a high level of consistency and quality. This is not something I was able to do when I started, and it was developed through effective training and experience.

In this talk, I’ll describe how to approach a professional web application penetration test, including where in the application to start, what kinds of tests to do, and how to know when to stop. I’ll talk through several tools and processes that help me to focus my efforts on certain parts of the application without losing significant coverage on the rest of it.

By the end of this talk, you should have a good foundation for becoming a penetration tester and understanding why applications fail and how to find the issues about which your clients care most.

Bio:
Scott Miller is a Security Consultant at Synopsys and performs vulnerability assessments and penetration tests for Synopsys’ clients, with his favorite domains being network and web. He enjoys traveling and attending conferences and recruiting events related to security and/or diversity.

Preparing for an Incident 

11:50am - 12:30pm EST Michael Gough, Malware Archaeologist, Blue Team defender, Incident Responder and logoholic for NCC Group

More Info

Abstract:

So your EDR, AV, or other fancy shiny blinky lights security tools alerted you that Bobs Windows box has some suspicious activity.  Do you have the details you need to investigate or remediate the system?  Can you quickly and easily investigate it?   You can enable a lot of things you already have for FREE to help you with your investigations, no matter the tools used.  Let’s take a look how we do Incident Response on Windows systems and what you can do to prepare for an inevitable event.

How is your logging?  Is it enabled?  Configured to some best practice? (hopefully better than an industry standard that is seriously lacking).  Have you enabled some critical logs that by default Microsoft does NOT enable?  Do you have a way to run a command, script, or a favorite tool across one or all your systems and retrieve the results?  Do you block some well-known exploitable file types so users do not initiate the scripting engine when they double click, rather just open good ol’ Notepad?

Everything mentioned here is FREE and you already have it!

This talk will describe these things and how to prepare, and be PREPARED to do incident Response on Windows systems.  A few tools will be discussed as well that you can use to speed things up.

The attendee can take the information from this talk and immediately start improving their environment to prepare for the… inevitable, an incident. 

Bio:

Michael is a Malware Archaeologist, Blue Team defender, Incident Responder and logoholic for NCC Group.  Michael developed several Windows logging cheat sheets to help the security industry understand Windows logging, where to start and what to look for.  Michael presents at many security and technology conferences helping to educate on security that attendees can go back to work and actually do.  Michael is a primary contributor to the Open Source project ARTHIR.  Michael is also co-developer of LOG-MD, a free and premium tool that audits the settings, harvests and reports on malicious Windows log data and malicious system artifacts.    Michael also blogs on HackerHurricane.com on various InfoSec topics.  In addition Michael also ran BSides Texas entity (Austin, San Antonio, Dallas and Houston) for six years and lead for the Austin Conference.

12:30pm - 1:30pm EST Lunch Break

Getting Bear-y Cozy with PowerShell: Defensive Lessons Learned from Emulating the Dukes

1:30pm - 2:10pm EST Jamie Williams, Lead Cyber Adversarial Engineer, The MITRE Corporation & Mike Hartley, Senior Cybersecurity Engineer, The MITRE Corporation

More Info

Abstract:
Detecting malicious PowerShell can be challenging, and it’s exponentially more so when PowerShell is being used by a seasoned state-sponsored actor committed to stealth and sophisticated implementations of techniques via an arsenal of custom malware. This talk will cover lessons learned from emulating the behaviors of APT29, also known as the Dukes or Cozy Bear, during our most recent round of ATT&CK™ Evaluations. This presentation will start by discussing the basics of ensuring you have visibility on PowerShell (are you collecting enough of the right data?) before diving into how to detect known Cozy Bear tradecraft as well as other related tricks employed by adversaries. This presentation will also discuss insights on PowerShell detections learned from ATT&CK Evaluations results as well as provide the audience with recommendations on choosing endpoint tools to help fill in PowerShell coverage.

Bios:
Jamie Williams is an engineer at MITRE where he works on various efforts involving security operations and research, specializing in adversary emulation and analysis of behavior-based detections. He is also a core member of both the MITRE ATT&CK and ATT&CK Evaluations teams.

Mike Hartley is an engineer at MITRE where he works on various efforts involving security operations and research, specializing in adversary emulation and analysis of adversary behaviors. He is also a core member of both the MITRE ATT&CK and ATT&CK Evaluations teams.

Social Engineering Your Metrics: Using Data Science to Provide Value in Reporting

2:20pm - 3pm EST Joe Gray, Senior OSINT Specialist at QOMPLX

More Info

Abstract:
Reporting is generally boring. As social engineers, we often get wrapped up in the hustle and bustle of performing the engagement and report writing falls to the side. While the reports do go out and we meet client obligations, a serious question arises: Are we providing meaningful measurements, metrics, and advice to the client?

We surely highlight the deficiencies and where to improve in a report, which is pretty standard. How do we measure the things that matter most to the client? Measuring opens just tells us how many people read their email and, while risky, clicks do not always translate to negative outcomes. Instead of focusing on email opens or links clicked by users, this presentation is introducing:

  • Measurements rooted in statistics
  • Data science techniques
  • Indicators that actually speak to the security posture and culture of the organization.

The distance of a metric is the time between an event (a click or open) and another event (inputting information or reporting the event). These metrics are far more indicative of how an organization would fare against social engineering than who opens an email.

Bio:
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior OSINT Specialist at Qomplx, Inc. and previously maintained his own blog and podcast called Advanced Persistent Security. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. As a member of the Password Inspection Agency, Joe has placed 2nd in the HackFest Quebec Missing Persons CTF powered by TraceLabs, 2nd in the BSides Atlanta OSINT CTF, and 3rd Place in the 2018 & 2019 NOLACon OSINT CTFs. Joe has independently placed 2nd in the HackFest Quebec SECTF, 4th Place in the DerbyCon OSINT CTF, and 2nd Place in Hacker Jeopardy at Hack in Paris. Joe has contributed material for the likes of TripWire, AlienVault, ITSP Magazine, CSO Online, Forbes, and Dark Reading as well as his own platforms.

3:00pm - 3:30pm EST Coffee/Networking Break

Threat Modeling, Now What?

3:30pm - 4:10pm EST Bob Fruth, Information Security Policies and Standards Lead Manager, The Climate Corporation

More Info

Abstract:
Over the years, Threat Modeling has progressed from its original focus on client-server software systems into a very well understood process that is widely applicable. Threat models have been created for complex hardware and software systems ranging from operating systems to ATMs to automobiles to devices to the Internet of Things. So, where do we go from here? How do we manage the details and focus on the highest risk interfaces and attack surface? What steps should we take to ensure that threat modeling yields the best possible results without becoming yet another mind-numbing process exercise? While threat modeling itself is a well-practiced discipline, its real value is the follow-up actions taken with the results. Ideally, threat models should result in more secure designs, fewer bugs/vulnerabilities and an overall reduction in risk.

Bio:
Bob Fruth is excited to be sharing wisdom he has divined from participating in many product and service releases. During his 19 years at Microsoft, Bob provided security guidance for most of the company’s major product teams, ran the Microsoft Crypto Board and was the focal point for Bing.com security and privacy. Bob then moved into the healthcare sector, where he worried about protecting patient medical and financial data. His guidance position evolved into an Information Security Officer role encompassing everything from secure design and coding to policy development to incident response and customer relationships. Bob recently joined The Climate Corporation as Information Security Policies and Standards Lead Manager, where he is focused on doing his part in applying big data so agriculture can better feed the planet. In his spare time, Bob enjoys playing music, traveling, and watching spectator sports, especially soccer and hockey.

East vs West: How The Coasts Approach Information Security Differently

4:20pm - 5pm EST Sourya Biswas, Principal Security Consultant, Risk Management & Governance (RM&G) practice, NCC Group

More Info

Abstract:
In my experience as an information risk and security consultant, I’ve had the opportunity to assess the security postures of both financial services companies (mainly on the East coast) and technology services providers (mainly on the West coast). The presentation is on how they fundamentally differ in their approaches to information security, and what one can learn from the other.

The session will cover:

  • Where to focus cybersecurity assessment efforts – this is from the perspective of the assessor / auditor
  • How to prioritize remediation recommendations – this is from the perspective of the advisor / consultant
  • What to learn in information security from other industries / domains – this is from the operational perspective
  • Why it’s necessary to learn and share in today’s connected, computerized world – this is from the general security practitioner perspective

Bio:

I’m a Principal Security Consultant in the Risk Management & Governance (RM&G) practice at NCC Group, a security consulting firm headquartered and listed in the UK with a major and growing US subsidiary. I have 14 years of experience in Information Risk and Security, and hold an undergrad degree in Information Technology from IIIT Calcutta and an MBA from the University of Notre Dame. I have several articles on cloud computing available online and served as technical editor for an authoritative textbook on the subject. I’m a certified CISSP, CISA, CISM, CRISC, CGEIT, PMP and also have several ITIL Intermediate certifications.

That’s all about my second job. My first job is being a father to two adorable and naughty munchkins, 2.5 and 1.5 years old. We live in Chicago, having moved back from San Francisco in May, and may have reason to reconsider our decision now that winter is here.

 

 

Interactive Session: Entrepreneur Support Group

5pm - 6pm EST SOURCE Team

More Info

Have you ever thought about starting a company? Have you ever actually done it?

Come join founders and future founders for a frank discussion of the challenges of being an entrepreneur in the Information Security space, and various strategies for managing them.

I’d like to use SOURCE as a hub for InfoSec entrepreneurs to network and have a support system they can fall back on when they need it. We ran this session at SOURCE Boston 2019, and the response blew me away.

We will taylor the discussion to the folks who are online, and cover whatever you’d like to discuss. If starting companies is your thing, you’ll definitely want to attend this session.

And of course, given that it’s in the 5-6pm slot, feel free to bring a beverage for a virtual toast.

Setup, Slack Networking, Opening Remarks

10:30am - 11am EST SOURCE Team

More Info

We will kick things off at 10:30am each day. This will provide time for people to get online, speakers to get set up, and a good opportunity for some networking on slack, where our virtual hallway con will take place. Please try to be online by 10:45am latest if you can.

Please do take advantage of the slack channel during the three days of the event. It will make this a much richer experience and than just having the conference be a bunch of talks to watch online (not that there’s anything wrong with that either).

But one of SOURCE’s key elements is interaction, and we have a great community that shows up at these events. Please take advantage of the opportunity!

Spy vs. Spy: Counter Surveillance Tactics

11am - 11:40am Carson Owlett, CEO, Black Mirage

More Info

Abstract:

Modern surveillance methods have been turned on protestors across the globe to identify ring leaders for later arrests.  Facial recognition, gait recognition, and communications interception have all made assembly a risky proposition with potential for long lasting negative implications for quality of life.  Gain a hacker’s perspective on surveillance systems and learn about resources to help defeat them.

Bio:

Carson Owlett is the CEO at Black Mirage, an offensive security company that offers a wide variety of services.  A former DARPA researcher, he stays on the bleeding edge of adversarial tools, tactics, and procedures. When he is not securing clients he competes in capture the flag competitions and moonlights as the CISO of a nonprofit that fights image abuse.

Why security awareness is a waste of time, and why it doesn't have to be.

11:50am - 12:30pm Micah Nelson, Information Security Awareness Officer, Harvard University

More Info

Abstract:
Security Awareness has been mandatory in many industries for decades, but people making bad choices remain the primary cause for data breaches. What are we doing wrong? Spoiler alert: Almost everything. In this talk we will go beyond newsletters and yearly training to learn a better way to understand and reduce people based risk. For security practitioners, learn about our strategy, learn tactics for any budget, ask questions, and share your experiences. For skeptics, see our results.

Bio:
Micah Nelson has been in cyber security for 15 years. Five years ago he went from Powershell to PowerPoint to become the Information Security Awareness Officer for Harvard University. In this role he helps people understand their risks and find simple ways to stay secure.

12:30pm - 1:30pm EST Lunch Break

An "In-depth-review" at Information Security at Contract Manufacturers in Asia

1:30pm - 2:10pm EST Roy Wattanasin, Healthcare information security professional and former faculty member of over 10 years

More Info

Abstract:
This talk will give an “in-depth overview” of implementing an information security program at contract manufacturers (CMs) in Asia. Some examples include the four Ws: who, what, where, why and also how? Also, think about the language and cultural barriers. Roy was given the opportunity to be the 1st information security member from the US team to help implement an information security program in Asia Pacific (APAC). He was also responsible for hiring and developing the information security team there and interfacing with the US team here. This talk will provide recommendations around all of the items to think about and review regarding with working in Asia to implement information security. Finally, bring your questions for the 15-minute questions and answers session!

Bio:
Roy Wattanasin is a healthcare information security professional and former faculty member of over 10 years. Roy spends most of his time developing information security programs, teaching students, performing incident response and helping to build the local communities. Roy is a longtime ISSA member, OWASP Boston board member and a member/contributor to many groups. He has presented at many conferences such as Source Conference, Defcon Groups, HOPE, Derbycon, BSides conferences, ISSA, ISACA, Secureworld, OWASP, BASC and Infosec World.

How to Make Your VIRTUAL Presentations ENGAGING

2:20pm - 3pm EST Mary Cheyne, MBA, Transformational Public Speaking Trainer & Coach

More Info

Abstract:

Let’s face it, most virtual presentations are boring!

How can you avoid being a statistic?

Whether you’re a professional delivering content, running virtual meetings or a corporate executive presenting ideas virtually, you need to connect with your audience.

In this virtual workshop, you will learn what mistakes to avoid, and learn practical tools & tips on how to be an engaging presenter in a virtual environment that you can use immediately in your next meeting or presentation.

Bio:

Mary Cheyne, MBA, is a Transformational Public Speaking Trainer & Coach, and the 2009 World Champion of Public Speaking first runner-up, out of 25,000 contestants from 14 countries.

She has trained over 15,000 people in 30 cities world-wide, including those in Australia, Europe, Asia, Canada & the US, both in person and virtually.

Mary is a TEDx Speaker & the best-selling author of the book “Present” Yourself in Public Speaking – Tell Your Inner Critic to SHUT UP! And the Real You to SPEAK UP!

This vast experience has led Mary to one important, unvarnished conclusion: “To communicate and persuade effectively, the first person you need to convince is YOURSELF.”

 

3pm - 3:30pm EST Coffee/Networking Break

Interactive Session: Audience Participation Lightning Talks

3:30pm - 4:30pm EST SOURCE Team

More Info

This is something we always have a lot of fun with.

A while back we started finishing off every conference with audience participation lightning talks. These talks can be about literally anything, the entire point is to share something you know about with the audience, and to get an opportunity to practice public speaking. Whether you speak or not, these are always a whole lot of fun, and something you won’t see at other security conferences.

You’ll definitely want to stick around for this session!

Interactive Session/Closing Remarks

4:30pm - 5pm EST Rob Cheyne, Executive Director, SOURCE Conference

FREE

$99

General Admission

FREE 3-DAY VIRTUAL FORMAT! Admission to all conference sessions and events Access to slack virtual "hallway con" Use discount code COMMUNITY for FREE virtual conference ticket!

Buy Now

Pre-Conference Training

InfoSec Train the Trainer

InfoSec Train the Trainer

April 27-28, 2019 (NEW, 2 DAYS!) Communication

This course is designed for anyone who wants to improve their ability to present and train on technical topics to both technical and non-technical audiences.

Affiliate Sponsors

Venue (For reservation code e-mail info@sourceconference.com)

Downtown Marriott Boston

275 Tremont St, Boston, MA 02116

(617) 426-1400

Register:

FREE

$99

General Admission

FREE 3-DAY VIRTUAL FORMAT! Admission to all conference sessions and events Access to slack virtual "hallway con" Use discount code COMMUNITY for FREE virtual conference ticket!

Buy Now

Become a Source Insider

Get promotions and special offers directly to your inbox.