Saturday 6th April

Time (UTC+11)	Talk	Length	Speaker
12:00	Welcome to #ComfyConAU 2024	00:10	icd + shanna
12:15	Profit from Misery	00:20	Aaron
12:40	Retrospect Labs Competition	00:10	icd + shanna
12:55	Influencing Security with no authority - Lessons from the field	00:30	Sam Hitchiner
13:30	Supply Chain Security: Eating SLSA for Breakfast	00:20	Ben Gittins
13:55	Thinking of starting your own company? Do it! But maybe listen to this first	00:20	Ryan Mclaren
14:20	So you wanna be a freelancer?	00:30	Corch
14:55	Break (15 minutes)	00:15
15:15	Embracing the power of Neurodiversity in Cybersecurity	00:30	Emily Holyoake
15:50	Introduction to Threat modelling	00:30	Matt Belvedere
16:25	Why Security Initiatives Are Doomed to Fail and What You Can Do About It	00:30	Josh Armitage
17:00	What do you really need to authenticate?	00:20	Matt Strahan
17:25	Dinner Break (30 minutes)	00:30
18:00	GRC is for everyone: demystifying the what, where and why of Governance, Risk & Compliance in Australia	00:30	Cam La
18:35	To Insert, Swipe or Touch: A Credit Card Dilemma	00:20	Chloe Pang
19:00	Biohacking wellness: physical and mental	00:30	Danarchi
19:35	Close out and thank you	00:10	icd + shanna

Sunday 7th April

Time (UTC+10)	Talk	Length	Speaker
12:00	Welcome to #ComfyConAU 2024	00:10	icd + shanna
12:15	2013-2023 in Cyber: Why are you still banging your head against a brick wall?	00:30	icd
12:50	Securing layoffs without being an a**hole	00:30	Kane Narraway
13:25	Backing up your tech career: building redundancy in the face of redundancy	00:30	Cairo
14:00	Green Fields for a Green Analyst: My first 90 days in cyber, with no experience and no security program	00:30	RedPandaDoge
14:35	Securing REST API Endpoints Against Data Leaks: Or, How to Avoid Another Optus	00:20	James Cooper
15:00	From Pollen to Protocols: Diversifying the Landscape of Cyber Risk.	00:30	Bec Caldwell
15:35	Break (15 minutes)	00:15
15:55	Know your Avatar: mods, energy drinks and the vibrant, contested world of online gaming	00:30	Steve Coomber
16:30	ComfyCon Intermission	00:10	thequietlife
16:45	The Bonzi Chip: The Pitfalls of Success	00:30	swarley and kronicd
17:20	Dinner Break (30 minutes)	00:30
17:55	Retrospect Wrap up	00:30	icd + shanna + Ryan Mclaren
18:30	Why Prefetch Artefacts are Like Ducks	00:30	Claire Carpenter
19:05	Hacking Humanity: Ethical Strategies for Influence and Connection	00:40	Jill Taylor
19:50	Close out and thank you	00:10	icd + shanna

The line-up

Backing up your tech career: building redundancy in the face of redundancy

Cairo

Another day, another big company making layoffs. It’s terrifying isn’t it?

Danarchi

As a casual biohacker I want to do a talk on how technology is helping in data driven insights, and how these insights can be used to optimise stress management, mental health and wellness.

thequietlife

A run through of a weird project I found online that is ComfyCon flavoured.

Emily Holyoake

This talk explores the importance of fostering equity in recruitment and building a culture of inclusivity across an organisation, with a specific focus on the benefits of embracing neurodiversity in the field of cybersecurity.

Bec Caldwell

I’ll be exploring risk assessment and management through a rather unique lens - the urban planning blunder of a city that solely planted male trees 40 years ago, leading to widespread asthma and hayfever in its inhabitants.

Cam La

Born from a challenge to make Governance, Risk and Compliance (GRC) more interesting than watching paint dry, this talk explores the what, where, why of GRC and how as security professionals, we all can have a part to play.

RedPandaDoge

We all hear people talking about how you need to do your part for the “skills gap” and hire new, inexperienced staff, but could a green analyst really do the job if you can’t find anyone experienced?

Jill Taylor

This presentation is designed to teach attendees about the ethical application of social engineering skills for creating positive outcomes in both personal and professional contexts.

Sam Hitchiner

Navigating the ultimate challenge of influencing change to a resistant or outwardly hostile audience, practical examples and guidance for all experience levels.

Matt Belvedere

Good quality penetration tests have two things; a deep understanding of the target, and an idea of a threat model - formalised or otherwise.

Steven Coomber

Overview Controversy over the potential impact of video games on users has come and gone since the first games came on to the market.

Aaron

Can we profit from the market’s fear from what the breach will do the company’s share price?

Kane Narraway

Layoffs are hard. It’s hardest on the employees who get let go.

James Cooper

Optus and their customers had a very bad time in 2022, with a massive data breach resulting in customer PII released into the wild.

Corch

For the hordes of people trying to break into the cybersecurity industry, or the folks who have just managed to get a foot in the door, the idea of one day becoming an “Independent cybersecurity consultant” probably sounds pretty kick-ass.

Ben Gittins

This talk dives into the SLSA framework following the journey of an organisation from 0 to 4.

swarley & kronicd

Recently the hardware modification scene for a current generation console was blown wide open.

Ryan Mclaren

Having run my own cyber security startup for a few years now (since the start of 2020!

Chloe Pang

If you have ever bought anything with a credit or debit card (and who hasn’t?

Matt Strahan

To login to your account you need a username and password and maybe an MFA token if they feel like being secure.

Claire Carpenter

This talk will provide an introductory guide to prefetch examination, focusing on potential applications for forensic analysis.

Josh Armitage

Have you ever found that every security initiative fails despite the best of intentions?