Workshop Sessions
The changing world of SCADA and how to secure it
Daniel Lakier, CTO & President at SeeGee Technologies
This workshop session will take you through major questions like What is SCADA/PCD* and why is it so insecure ? Why should we care and what are the risks of not securing it ? What are the operational challenges and why is it so hard to secure ? What are some strategies to mitigate operations vs IT conflict? How to decide the best course of action( Logic its always the same ) i.e. if you have a proprietary 15 year old operating system (obviously you can't put Anti virus on it even if it would void the manufacturers guarantee/warranty.) ? The forgotten pieces and how best to manage associated risk ? Traditional PCD security and why the changing world has rendered most of the existing answers mute ? The next best thing to a solution ?
Defeating Machine Learning: Malware Detection Deep Dive
Bob (Robert H) Klein, Black Hat 2015 Speaker
Machine learning addresses many problems with earlier, more brittle security tools. Though it is often touted as the ultimate defensive technology, machine learning is not a magic bullet, and it has shortcomings of its own. These shortcomings are rarely discussed, yet they are very important to understand when applying machine learning as part of a larger security suite. In this deep dive, we examine problems associated with some existing machine learning technologies, with a focus on malware detection, and propose several solutions that we hope to see deployed in the near future.
Implementing SAP security in 5 steps case-study
Alexander Polyakov
This workshop session will help you to learn: How to start SAP Security Project from scratch, Practical steps for securing SAP against top 9 EAS-SEC risks, Optimal approach to start SOD project with minimum costs, Main issues in ABAP code and first steps to analyze them Practical steps for forensic investigation and log analysis of SAP Platform.
Security Governance for the Cloud
Paul Raines - CISO, United Nations Development Programme
This talk will explore what types of due diligence governance actions an organisation should take when managing one or multiple cloud service providers. Topics to be covered include contractual provisions, security policies, audits, security service level agreements and security authentication/authorisation.
Key Learning on What standards should be used in evaluating cloud providers? What contractual clauses should you insist on with cloud providers? If your organisation uses several cloud providers, how do you ensure standard levels of service? Once the contract is signed, what due diligence should you undertake to ensure continued compliance?
Forensics & Incident Response Essentials
Sachin
This workshop session will help you to peek into the fundamentals of Incident Response, Incident Response Stages: Preparation, Identification, Containment, Eradication, Recovery & Memory Forensics in Incident Response. This can be attended as hands on 2 day training. To know more Click here
Network Forensic Tools & Techniques Workshop
Tamaghna Basu
This talk will explore an Introduction to network forensics, The Basic protocol analysis, Forensic analysis network/web/malware, Basic packet analysis challenges. This can be attended as hands on 2 day training. To know more Click here
Application Security Workshop - IAST, RASP, Real Time Polymorphism
Nilanjan De & Jitendra Chauhan
This talk will explore Understanding IAST/RASP,Realtime Polymorphism.
Some areas covered under IAST/RASP would be Web Security Evolution, Marketing view of RASP and IAST, Science Behind RASP and IAST, Way Forward.
Some areas covered under Realtime Polymorphism would be Polymorphism, Automated attacks, Threat model and attack vectors, Reference Polymorphism, Field Polymorphism., advantages, Limitations.
A brief demonstration and behavior of the technologies will leave you awed, a much appreciated session in the past.
Threat Intelligence Workshop
Bikash Barai
This talk will explore the Key components i.e. (People, Process and Technology), Threat Intelligence Maturity model, Threat Collection & Analysis eg. OSINT, Integrating Actionable Intelligence,Technology and Vendor Landscape. Find frameworks and checklists to build on for your next threat intelligence project!
Cloud Access Security Broker Workshop
Ravi Mishra
This talk will explore the Technology Taxonomy for Cloud Security, Key components of cloud security architecture, Blue print to build your cloud security program & Basics of Cloud Security Access Brokers. Find frameworks and checklists to build on for your next CASB implementation project!
Security Analytics Workshop
Bikash Barai
This talk will explore the various aspects of Security Analytics with respect to business requirements and implementation.
Keynote Turbo Talks
Protecting SCADA environments
Daniel Lakier, CTO & President at SeeGee Technologies
This talk will take you through the fundamentals followed by the advanced levels of SCADA. What is SCADA, Why do we need to care, What are the Risks & Challenges,Operational Practical ( IT challenges), Why the traditional answer isn't enough. According to Daniel, The best answer today is Stealth Networking and next generation two factor authentication.
Network Machine Learning and the Security Industry: Past, Present, And Future
Bob (Robert H) Klein, Black Hat 2015 Speaker
Machine learning is an exciting new technology that is seeing widespread use in many industries, and IT Security is no exception. However, the term “machine learning” is very broad, and its meaning can vary significantly depending on the security application context (insider threat detection vs. malware detection, for example). In this talk, we explore how a variety of machine learning technologies can be used across many different security applications, and we discuss how these technologies will continue to evolve over time.
Lessons learnt from recent Cyber-attacks on SAP systems
Alexander Polyakov
This talk will take you through the past attacks on SAP systems in history and 10 lessons learnt from it.
Since for a long time, almost no real attacks on SAP and Oracle ERP systems were known to the public, it gave CISOs a false sense of security. While the number of breaches in less critical applications was increasing rapidly, and so was the awareness, only a small group of professionals were aware of attacks on business applications. The most popular example of such fraud was to create a fake vendor and a payment order for this vendor and then to approve it. According to the Association of Certified Fraud Examiners, losses from internal fraud constitute 7% of profit on average. To prevent those types of attacks, the segregation of duties concept was created. ERP security isn’t limited to SoD. The issue of unauthorized access to system and user accounts via vulnerabilities now matters. Moreover, the increasing number of SAP vulnerabilities in ERP systems (from 100 in 2007 to 3500 in 2015 only in SAP) makes these issues more critical than ever. But what’s more important, in 2012 we saw a first sight of cyber-attack via SAP Vulnerabilities. Our predictions proved accurate and by now we have witnessed a number of examples from Anonymous attacks on Greek Ministry of Finance via SAP to the attest breach of US Investigation Services (a largest subcontractor of OPM) that led to company’s bankruptcy. In this talk, take a look at the history of ERP attacks and learn 10 lessons how to avoid them.
Building Immune Systems For Our Enterprises: Detecting Emerging Threats in real Time
Dave Palmer, Director of Technology, Darktrace
This talk will take you through a new perspective to realize how the math evolves to detect and emerge from the threats. Learn the algorithms behind, statistics, probability, the techniques, its evolution and how it can create the immune system for your organization.
United Nation's program to help developing nations in IT Security
Paul Raines - CISO, United Nations Development Programme
Cybersecurity assistance for developing nations. This talk will highlight a new initiative within the United Nations Development Programme (UNDP) to provide cybersecurity assistance to the governments of developing nations to help protect their critical national infrastructure and digital economies. UNDP uses its own experienced, award winning cybersecurity team instead of hiring expensive, outside consultants. Thus, UNDP can deliver services to its clients at less cost, less overhead and with the hands-on experience of a team of world recognised experts. The services to be provided include cybersecurity training, risk assessment, incident response training and exercises, training in business continuity/disaster recovery and preparation for ISO 27001 certification.
Comments