Business Backed CVEs – The Major Vulnerabilities of the Past Year

The past twelve months have seen an unprecedented number of vulnerabilities that strike at the core of the technologies that run our networks. This session will provide detailed demos of each of the major vulnerabilities released this year and discuss the impact for organizations. Attendees will hear from Brad Antoniewicz, Head of Research & Development […]

Read more

The Effective Use of Cyber Ranges for Application Performance and Security Resilience – Train Like You Fight!

Organizations worldwide face a dangerous shortage of Cyber Warriors with the skills required to defend against cyber terrorism. This urgent situation is made worse by the weaknesses and vulnerabilities that continue to pervade critical IT infrastructures – despite billions of dollars invested in cyber security measures. Answering these problems requires Internet-scale simulation environments, along with […]

Read more

Software Defined Networking / Attacker Defined Networking

In this session, the topic of Software Defined Networking (SDN) will be explored from a security perspective.  What SDN means today will be covered, using a lab setup using an OpenDaylight controller with networking gear from multiple vendors.  Openflow, Netconf and Yang protocols will all be discussed, explored and exploited! Security and reliability issues that […]

Read more

The Internet of Bad Things and Securing the Software Defined Data Center

This last minute session has no available abstract.

Read more

One Ring to Rule Them All – Hardware isolation and the future of virtualization security

The ring architecture of modern CPUs arose from the need to protect the OS kernel from malicious or buggy applications.  Unfortunately today’s OSes use only two of the four rings of the x86 architecture – and today’s security challenges are the result.  The complexity and large attack surface of a modern OS, together with trends […]

Read more

There’s no such thing as a coincidence – Discovering Novel Cyber Threats

Jim will provide an in-depth background of the changing cyber threat landscape, with specific focus on recent incidents including the cyber attack on Sony Pictures Entertainment, the massive data breach at Anthem Healthcare, and the compromise at the US Office of Personnel Management of nearly every US government employees’ personal information. Jim will share his […]

Read more

Automation is your Friend: Embracing SkyNet to Scale Cloud Security

Most network and security operations people hate automation. They like to press buttons themselves and maintain “control” of the processes. Cloud computing is going to be very disruptive as they realize their time tested processes go the way of the dodo bird. What they don’t realize is that the cloud actually increases the control they […]

Read more

Learning To Love Your Attackers

Opposing Forces (OPFOR) training is used by the military to help create realistic scenarios so that when they are deployed in battle they aren’t encountering situations for the first time. Whether it’s battle or incident response, that reaction time is critical to the success of a team. Most organizations have some degree of penetration testing […]

Read more

Advanced Threat Analytics: Adapt as Fast as Your Enemies

Today, the topic of cyber-security has moved from IT and the datacenter to the highest levels of the boardroom. Attacks and threats have grown substantially more sophisticated in frequency and severity. Attackers reside within a network an average of eight months before they are even detected. In the vast majority of attacks, they compromise user […]

Read more

CISO Survival Guide: How to thrive in the C-Suite and Boardroom

The CISO lives with a target on his/her back, usually lasts a mere 12-18 months and takes the fall for security issues often out of their control. Yet, this is a strategic, C-level position and essential to the success of any organization. The disconnect lies in the CISO being able to elevate their worth with their […]

Read more

Breaking and Fixing Python Applications

As the popularity of the Python programming language increases and consolidates its position as one of the most popular languages of its genre, only a few attempts have been made to assess how resistant it may be to attacks. We will review and test with practical examples some of the most common attack and defense mechanisms, by […]

Read more

Xenophobia is Hard on Data: Forced Localization, Data Storage, and Business Realities

“Our data is only safe within our borders!” “(The US|China|New Zealand|Vanuatu) is spying on our citizens!” “Don’t ship our citizens’ data overseas!” These rallying cries are calling for the same solution: forced data localization laws, where a country requires that all its citizens’ and corporations’ data be kept within the territory of that country. What’s […]

Read more

Detecting the Bear in Camp: How to Find Your True Vulnerabilities

Is it possible to be successful in a vulnerability centric world? Once you have great vulnerability management data, what do you do with it? Join this session to learn how to find and focus on your true vulnerabilities to build stronger security. You will: Learn how to optimize your vulnerability management program Get best practices […]

Read more

DevOps For The Home

This is the story one man’s personal trip to the cloud (and back) as he rebuilds his home network in a devops model, supported by virtual private cloud service. This presentation takes a micro look at cloud services, and the benefits and risks that come along with it for the average home user, as well […]

Read more

Complete Application Ownage via Multi-POST XSRF

This talk will discuss the risk posed by Cross Site Request Forgery (CSRF or XSRF) which is also known as session riding, or transaction injection. Many applications are vulnerable to XSRF, mitigation is difficult as it often requires re-engineering the entire application, and the threat they pose is often misunderstood. A live demo of identifying […]

Read more

Run Faster, Continuously Harden – Embracing DevOps to Secure All The Things

Infrastructure and application deployments are easy, but as security professionals we have to be conscious of the security concerns. Enter DevOps: pro-actively secure, reduce the attack surface, and automate changes at scale. Through a security focussed lens, we look at how embracing DevOps can reduce information security leakages for application and infrastructure deployments. In this […]

Read more

Effective Ways to Tackle Vulnerability Remediation

In this presentation, Dave will walk the attendees through the challenges facing most companies around dealing with vulnerabilities in their environments. Many companies are running tools or having scans performed against their network, and are being presented with a sea of information on discovered vulnerabilities along with information on how to address them. But most […]

Read more

Malware Activity in Mobile Networks – An Insider View

Mobile devices are becoming the target of choice for cybercriminals. This presentation will provide an in-depth view of the mobile malware that is currently active on the Internet. It will describe the infection rates, what the malware does, how it is monetized and the impact it has on network resources and the user experience. The […]

Read more

Stealthier Attacks and Smarter Defending with TLS Fingerprinting

Ever been busted because your man in the middle software (which does TLS properly) alerted someone to your bad certificate?  No more! Want to detect certain types of connections leaving your network, but can’t keep the IP blacklist up to date?  This could be the answer. This talk includes an introduction to both TLS and […]

Read more

Building Better Indicators: Crowdsourcing Malware IOCs

Over the past couple of years, malware naming from Major AV companies has been collapsing into more generic signatures. Although this may speed up detection and maintenance for AV companies, it can impact small teams which use AV detections as one of the indicators to quantify events during malware triage. This talk will cover a […]

Read more

SIEM and the Art of Log Management

Every business needs to monitor their systems. As a combined view of all network activity, a SIEM can be a powerful tool when managed properly. However, deciding whether to manage network security in-house or off-loading your data to a third party can be a difficult decision. Discover the costs and benefits of in-house vs third-party […]

Read more

What Google knows about you and your devices, and how to get it

With cloud forensics picking up, Google has become one of the most important sources of information about anyone who uses one or more Android devices – or doesn’t use Android at all. Google Account aggregates information about the user’s online behavior and offline activities, analyzes their communication, recommending places to visit and things to read. […]

Read more

Confessions of a Professional Cyber Stalker

For several years I developed and utilized various technologies and methods to track criminals leading to at least two dozen convictions. In the process of recovering stolen devices, larger crimes would be uncovered including drugs, theft rings, stolen cars, even a violent car jacking. Much of the evidence in these cases would be collected by […]

Read more

Phishers are Boring Party Guests: The Value of Analyzing Stale, Recycled Phishing Content

As security organizations have come to value the impact of programs designed to change employee behavior, we have continued to largely ignore the humanity of the attacker. In this presentation Aaron Higbee will examine how the attackers are obsessively focused on the technology involved in phishing attacks, but are lacking some of the human skills […]

Read more

Casting Light on a Dark Web

We cannot afford to wait for the adversary to make their move first, nor can we hide from them. To better understand,  we will spotlight the popular attack techniques of 2014 – including vulnerable attack avenues, darknets and botnets. The most active and proven attack techniques of 2014 will be examined, derived from Fortinet threat […]

Read more

Reverse Engineering a Web Application – For Fun, Behavior & WAF Development

Screening HTTP traffic can be something really tricky and attacks to applications are becoming increasingly complex day by day. By analyzing thousands upon thousands of infections, we noticed that regular blacklisting is increasingly failing so we started research on a new approach to mitigate the problem. We started with reverse engineering the most popular CMS applications such […]

Read more

The Rise of Threat Detection and Response

It seems like it was only yesterday that security was focused almost exclusively on preventative mechanisms as though we’re still facing the same self-replicating viruses from 15 years ago. Overnight it seems, organizations recognize that modern threats like information stealers, botnets, and targeted attacks regularly bypass preventative measures. As a result, great investments are being […]

Read more

Introducing Recog, an open source project utilizing Sonar data for asset and service identification

Project Sonar is a community effort to improve security through the active analysis of public networks. This includes running scans across public internet-facing systems, organizing the results, and sharing the data with the information security community. This talk will detail Project Recog, a derivative of project Sonar which normalizes and open sources service fingerprinting information […]

Read more

Security Awareness Has Failed: A Suggested New Approach!

For over 30 years, the security community mantra has been to deliver annual or regular security awareness education sessions to staff. And for over 30 years, the “big stick” approach has failed to produce any appreciable results. For the most part security awareness training has become ” a corporate check box” and is used to […]

Read more

Quantitative Risk Analysis and Information Security: An OpenFair Case Study from BMO

Risk analysis – nobody wants to do it, but everybody wants the answer when it’s done. Business today is full of qualitative methods for assessing risk, but these tend to fall short of giving Information Security professionals the tools to express risk in a meaningful way. FAIR (Factor Analysis of Information Risk) was recently adopted […]

Read more

Next Generation SOC: Building a Learning Security Ecosystem Using HP ArcSight Technology

The concept of defense in depth has attracted a lot of attention over the past decade. Several organizations have invested heavily in a broad collection of technologies in an effort to better secure their information. The objective of defense in depth is to use complementary technologies to cover the gaps and limitations of each other […]

Read more

FAIL Panel Again! Third time’s the charm

The ugly bastard child of the ugly bastard child of FAIL Panel, in its 3rd year running, a discussion on the cybers and other general observations on infosec. We’ll disagree, agree, talk over each other, ramble until cut-off, throw things, contradict each other (and ourselves), have no clue what Jamie is asking us and generally […]

Read more

Asymmetry in Network Attack and Defense

William will dive in to the fundamental tools and resources needed by network attackers and defenders and look at basic adversary methodology and scaling effects in network attack and defense. After laying this foundation, he will dive deeper into asymmetrical advantages for defenders and how to implement them in your network from an architecture and […]

Read more

4 Undeniable Truths about Advanced Threat Protection

Are you prepared for the next attack targeting your organization? Multi-faceted, persistent threats continue to increase and evolve, evading traditional stand-alone security technologies and forcing a critical need for an integrated, multi-dimensional approach. Today’s targeted attacks require the ability to disrupt the attack lifecycle in order to prevent further compromise. This session will discuss the […]

Read more

ALL YOUR MACS ARE BELONG TO US

Attackers have already set their sights on Mac. They have been thinking of and finding ways to cash out. This talk shows one of those ways. In this presentation, I will show and demonstrate live how attackers pwn Macs using browsers running in Mac and hold the system hostage until the user posts a “ransom.” […]

Read more

POS Malware Evolved

Over the past decade, point of sale (PoS) systems have been plagued by both attacks and targeted malware. During this time, we’ve seen a dramatic shift by this targeted malware in both the techniques used and the capabilities it has. This talk will discuss the shifts the security and research community has witnessed by PoS […]

Read more

SilverBlight

The web continues to be a constant threat for most users. The security industry has become very good at detecting Java, Flash, and PDF exploits over the last few years, now attackers are seeking new vectors. In this talk we will examine the growing trend in Silverlight exploitation Talos has observed over the last several […]

Read more

Identity in the Age of the Cloud

Organizations have traditionally enforced access to various services, applications, resources by establishing a person’s identity. Identity Management encompasses a number of processes such as authentication, authorization, provisioning, deprovisioning throughout a person’s life-cycle in the context of the organization. As employees bring their own devices and applications move beyond the firewall to the cloud, how should […]

Read more

Stay Out of the Kitchen: A DLP Security Bake-off

Despite a plethora of data security and protection standards and certifications, companies and their systems are still leaking information like a sieve. Data Loss Prevention (DLP) solutions have often been touted as the “silver bullet” that will keep corporations from becoming the next headline. With deployment models ranging from a fat agent on an endpoint, […]

Read more

Check Point Compliance Software Solutions “Your Second Set of Eyes”

No one in the Security Industry wants to talk compliance and most of us think of it as a burden.  Since almost all organizations today have to comply with some regulations, it has become important for us to discuss. The session will explore how compliance and network security are tied together and by simply improving […]

Read more

Attrition Forensics, Digital Forensics For When the Going Gets Tough and the Stakes Are High

Investigating a suspected computer compromise or intrusion can be difficult.  In a sense, that is by design.  Malicious actors can go to great lengths to hide their activities and tools.   Attrition Forensics attempts to outline how to investigate a compromise or intrusion involving modern Windows systems when the attacker is particularly good and the investigation […]

Read more

Hunting Malware on Linux Production Servers: The Windigo Backstory

Operation Windigo is a large server-side malware campaign that targets Unix systems (BSD, Linux, etc.). Its operators control more than 25,000 compromised servers. Every day, they use this infrastructure to redirect more than 500,000 end-users to malicious content and send more than 35M spam messages. This talk will cover what we have done and what […]

Read more

OS Legacy Systems

Legacy operating systems in an unsecure world. Many organizations are still running applications on legacy operating systems for one reason or another. Be it their applications do not run on newer operating systems or hardware or simply a matter of cost. In April 2014 Microsoft stopped patch support for Windows XP and in July 2015 […]

Read more

Covering my IaaS: Security and Extending the Datacenter

It might still be “early days”, but cloud based infrastructure-as-a-service (IaaS) offerings are maturing fast and becoming financially compelling.  If you haven’t started to look at these services, you’ll need to sooner than later.  Of course, extending your datacenter outside of your datacenter has just a couple of security implications (that was sarcasm). This talk […]

Read more

Pulling back the covers on credit card fraud: A detailed look at financial fraudware.

Credit card theft has dominated the information security headlines recently and for good reason. This talk will demonstrate (with both Chip & PIN and magnetic stripe credit cards) how malware is able to steal the most critical details. It will also delve into the underground economy and explore how the stolen data is stolen, used […]

Read more

Document Tracking for Fun, Insight, and Profit

Microsoft Office documents are ubiquitous in the corporate environment. We have found that being able to track the spread of Microsoft Office documents has proven to have great value for security practitioners and managers – diverse uses including creating a “honey document” for tracking email scammers, stocking a honeypot (internal or external), or tracking documents […]

Read more

CYDBA: Protecting Your Applications’ Rear End

Businesses have a long way to go in protecting their applications but even farther to go in securing those applications’ rear end—databases. While insecure applications provide a conduit for attack, the confidential data sought by thieves resides in the database. To illustrate why databases deserve the same security scrutiny as their more visible application front […]

Read more

Demystifying the mobile network

We all have smart phones in our pockets these days allowing high speed network access just about anywhere. But few of us consider what is between the phone+tower and the Internet.  There is a magical jungle called the Evolved Packet Core (EPC) which is full of byzantine, arcane, and strange acronyms full of juicy attack […]

Read more

Predictions Panel

Ever wonder what the next big information security threat will be? So do we… and let’s face it, if we knew for certain, we would be keeping quiet and likely very rich. However, this panel session brings together a group with their collective finger on the pulse of information security in Canada and beyond, who […]

Read more

Mobile Fail: Cracking Open “Secure” Android Containers

We’ve known for some time that physical access to a device means game over. In response, we’ve begun to rely more and more on “secure” container applications to keep our private and company data secured. Whether you use LastPass to secure your passwords, or GOOD for Enterprise to make sure your company emails are locked […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required