About This Event

Wolverine Security Conference

What is WSC?

The Wolverine Security Conference (WSC) is a volunteer, student run effort by WolvSec - a student organization at the University of Michigan. WSC was born from the Great Lakes Security Conference (GLSC) in collaboration with Michigan Tech University in 2021. It was a great success, and we hope to bring the same quality experience and program.

What will you learn at WSC?

The conference is focused on students of all levels, ranging from undergraduate to PhD students, as well as anyone with an interest in security. Because of this focus, the conference focuses on cross-sectioning the entire cybersecurity landscape. The conference hopes to offer further insights into the vast opportunities in cybersecurity.

Join our discord!

The WSC CTF Competition

As part of the conference, there will be a Capture The Flag (CTF) competition. Our esteemed members have worked tirelessly to bring new and stimulating CTF challenges that pose varying levels of difficulty and topic. Top competitors have the opportunity to win up to $500 in prizes!

Event Schedule

Welcome! We hope you're excited for Wolverine Security Conference! If you haven't already, go sign up for our CTF competition! Join our discord for updates! In this session, we will give a brief overview and kick off the conference!

Medical devices, healthcare delivery, and other cyber-physical systems depend on sensors to make safety-critical, automated decisions. My research lab investigates the problem of how to protect cyber-physical systems from adversaries who can maliciously control sensor output by subverting its semiconductor physics with lasers, acoustics, and radio waves. Finding principled, systematic solutions is extremely important to give consumers confidence in innovative medical devices and other emerging technology. This talk will provide an overview of what I teach EECS undergraduates in my upcoming lab-based course on embedded security for Fall 2022.

We will discuss what social engineering is and go over some of our experiences in social engineering. We'll explain the differences between phishing, vishing, smishing and impersonation. We'll have stories and examples as well as show you how to quickly build rapport in any situation!

Is cybersecurity achievable? How can we measure prevention of a breach? Without good measures, can we make good decisions about priorities or investment scale? Perhaps a better measure of network or digital system strength is resilience.

Government, from the federal to local levels, must rise to meet the special trust that has been placed in it by its citizens. How does government cybersecurity strategy come together and why does it actually matter?

We hope you're excited for Wolverine Security Conference! Join us for our networking sessions to meet peers and others in industry! Continue to network after the event via our discord for updates!

The Computer Fraud and Abuse Act (CFAA) is the notorious federal computer crime law. It has been on the books since 1986, and yet it was only last the year that the Supreme Court first interpreted it. This reflects one of the CFAA's major problems: vagueness. This presentation will review what we know about the CFAA and how you can stay on the right side of the law.

Attacking a big enterprise takes a huge time and planning, and hackers do it so efficiently that it sometimes becomes difficult for the enterprises to cope up with it. Most of the famous attacks that a group of hackers target is malware based, whose intent is a specific enterprise or group of users with the aim of destroying or leaking their data. In this session, we will learn about different kinds of Malware and some common ways of identifying and analyzing them, in as simpler a way as possible. Starting from comprehending some malicious documents to some well-known malware such as ransomware, we will try to understand their behavior and tricks to identify them. This session is for anyone who wants to understand the basics of Malware analysis and willing to learn something new.

In the past, automotive cybersecurity was an afterthought. Now, due to the interconnectivity of vehicles to various parts of infrastructure, cybersecurity has become as important as safety to the vehicle.

In the ever changing field of cybersecurity, how do you establish a base of knowledge and then keep pace with the industry? How can you dig out a niche in such a broad field? What strategies allow cybersecurity practitioners to make meaningful progress and deliver completed research projects? In this talk I'll explain techniques I have found helpful in my own journey from computer science student to CTO.

We hope you're excited for Wolverine Security Conference! Join us for our networking sessions to meet peers and others in industry! Continue to network after the event via our discord for updates!

In the last few years a lot of cryptocurrency providers decided to roll out their own payment cards, which would allow using crypto-currencies whilst you will be paying for your groceries. To step into the "big boys club" they need to collaborate with Visa or MasterCard. In this presentation we looked at the ten most popular cryptocurrency cards and checked them against the most common security issues.

We hope you're excited for Wolverine Security Conference! Join us for our networking sessions to meet peers and others in industry! Continue to network after the event via our discord for updates!

We’ve reached a tipping point with more apps being delivered from cloud services than from on-premises. OAuth 2.0 and OpenID Connect (OIDC) have become essential in federating access and handling strong authentication. But these are frameworks not standards, and these frameworks are based on dozens of RFCs. This has resulted in numerous approaches, confusing developers and security teams alike. In this presentation, participants will learn how to secure implementations.

At this point of the conference, we will be wrapping up by thanking the organizers/contributors, speakers, sponsors, and all of you amazing participants! We will also be announcing the final winners in our CTF competition!

Who's Speaking?

Wolverine Security Conference

Nicholas Andersen

COO, Invictus International Consulting, LLC

Jefferey Scheidt

Rear Admiral/Deputy Principal Cyber Advisor, Navy

Erik Hunstad

CTO and Adversary Emulation Lead, SIXGEN

Bryant Dawson

Senior Product Security Researcher, Aptiv

Shrutirupa Banerjiee

Web Application Security Analyst, Qualys

Dr. Kevin Fu

Acting Director, Medical Device Cybersecurity at U.S. FDA

Adam Batori

Security Researcher

Timur Yunusov

Senior Expert, Positvie Technologies || Organizer, Payment Village

Patrick Laverty

Human Risk Analyst, Social-Engineering LLC.

Rosa Rowles

Human Risk Analyst, SECOM

Wolfgang Goerlich

Advisory CISO, Duo

Mukund Rathi

Attorney, Electronic Frontier Foundation

Sponsors

Wolverine Security Conference