Bishop Fox is proud to present at the CactusCon 12 from February 16-17, 2024. Several Foxes will be presenting on a variety of topics including: Kaitlin O'Neil (Recruiting Manager), Alissa Gilbert (Solutions Architect), and David Bravo (Security Consultant III) .

For more details, visit CactusCon 12 Website.

"Come WiFind Me: WiFi and other RF Survelliance"

Alissa Gilbert, Solutions Architect | Friday, February 16 at 10 a.m. MST

Wireless networks are all around us; from Bluetooth, WiFi, RFID, and more, these radio frequencies (RF) carry precious data for us wherever we go. But if the packets can reach you, you aren't really lost, and you can definitely be found. Some of the tracking is more obvious; we carry around Tiles, headphones, RFID anti-theft stickers, and smartphones. However, RF is also used to track behavior and purchasing decisions in stores, identify who was at a protest, and other location based services. Rotating your MAC address isn't the cure all to making sure you aren't tracked, and you can't live life in a Faraday cage. So what now? This talk will dispel some myths around RF tracking, negate some fears, and give completely new ones in its place.

"Upgrade Your Job Search With AI"

Kaitlin O'Neil, Recruiting Manager | Friday, February 16 at 3 p.m. MST

In today's competitive job market, leveraging AI tools can help you streamline your job search and stand out from the crowd. This talk aims to explore the powerful applications of AI tools, particularly ChatGPT, in enhancing the efficiency and effectiveness of your job search.

The power of AI isn’t just anecdotal. According to a 2023 report from ResumeBuilder, 3 in 4 job seekers who used ChatGPT to write their resume reported a higher response rate from companies, with 78% moving on to an interview stage, and 59% getting hired! By leveraging the capabilities of ChatGPT and other AI tools, candidates can receive personalized guidance and support throughout their job search journey, from resume creation and optimization to interview preparation and career advice.

Attendees will gain valuable insights into the transformative potential of AI in the job market, situated in the context of the recruiting process and how hiring managers and recruiters review candidate profiles. They will discover how leveraging AI tools can significantly improve their chances of securing their dream job while saving time and effort in the process. They’ll also leave the presentation with a cheat sheet of AI tools and Chat GPT prompts to help power their job search long after CactusCon has ended.

"Leaving Doors Unlocked With Cognito"

David Bravo, Security Consultant III | Friday, February 16 at 4 p.m. MST

I have found AWS Cognito much more common in my targets and as a vector to compromise applications deployed in AWS. This talk will review what AWS Cognito is, what are some common misconfigurations, and how to exploit those misconfigurations as an external or internal attacker. Terraform templates will be provided for attendees to deploy some of these vulnerable situations and do hands on learning on their own time.

"Getting to Decent: An Offsec Story"

David Bravo, Security Consultant III | Saturday, February 17 at 2:30 p.m. MST

I will discuss components that, in the context of a fully remote work environment, enabled a recent computer science graduate without security experience to grow into a competent independent contributor and team lead. Specifically, I plan to touch upon what the organization and my managers did to help me overcome impostor syndrome and the role I played in doing that. I'll discuss why I believe I can make mistakes and always ask for help. Additionally, I'll explain how I personally developed my technical skills in parallel to project work without burning out. Finally, I will share what keeps me in my current role.