What’s Behind “Big Data” and “Behavioral Analytics”

“Big Data” and “Behavioral Analytics” are the latest hot terms in threat detection, but what do they mean and how do they work when applied to security? This presentation will uncover the math behind behavioral analytics explaining the principles and mathematics that make accurate threat detection based on anomalous behavior possible.  It will explain why […]

Read more

Scaling Security in Agile Scrum

Agile Scrum is here to stay, and security teams aren’t adapting quickly enough. “Best-practice” Agile SDL models aren’t very helpful because they assume a simplified, idealized model of how software is built. In the real world, software development often involves multiple Scrum teams working on various components of a larger product. As a result, application […]

Read more

How’d That End Up On Pastebin?

Defenders are at a huge disadvantage, often investigating compromise with educated guesses based on theoretical knowledge of kill chains, anomaly detection, and IOCs. Experience adds the benefit of recognizing what has been done before, but few blue team members understand how attacks work and how attackers move or escalate during attacks. This talk will explore […]

Read more

Asymmetry in Network Attack and Defense

William will dive in to the fundamental tools and resources needed by network attackers and defenders and look at basic adversary methodology and scaling effects in network attack and defense. After laying this foundation, he will dive deeper into asymmetrical advantages for defenders and how to implement them in your network from an architecture and […]

Read more

Re-Thinking Security Operations

Do your security solutions deliver effective coverage against the challenging new threat environment?  The threat environment has grown to be a too large a problem with protection infrastructures too narrow a solution to cover every possible attack in every circumstance.  Progressive (and costly) concepts like situation awareness, globally integrated intelligence and access to advanced tools […]

Read more

The Internet of Fails: Where IoT Has Gone Wrong and How We’re Making It Right

This presentation will dive into research, outcomes, and recommendations regarding information security for the “Internet of Things”. Mark and Zach will discuss IoT security failures both from their own research as well as the work of people they admire. Attendees are invited to laugh/cringe at concerning examples of improper access control, a complete lack of […]

Read more

CYDBA: Protecting Your Applications’ Rear End

Businesses have a long way to go in protecting their applications but even farther to go in securing those applications’ rear end—databases. While insecure applications provide a conduit for attack, the confidential data sought by thieves resides in the database. To illustrate why databases deserve the same security scrutiny as their more visible application front […]

Read more

Attrition Forensics, Digital Forensics For When the Going Gets Tough and the Stakes Are High

Investigating a suspected computer compromise or intrusion can be difficult.  In a sense, that is by design.  Malicious actors can go to great lengths to hide their activities and tools.   Attrition Forensics attempts to outline how to investigate a compromise or intrusion involving modern Windows systems when the attacker is particularly good and the investigation […]

Read more

Covering my IaaS: Security and Extending the Datacenter

It might still be “early days”, but cloud based infrastructure-as-a-service (IaaS) offerings are maturing fast and becoming financially compelling.  If you haven’t started to look at these services, you’ll need to sooner than later.  Of course, extending your datacenter outside of your datacenter has just a couple of security implications (that was sarcasm). This talk […]

Read more

Document Tracking for Fun, Insight, and Profit

Microsoft Office documents are ubiquitous in the corporate environment. We have found that being able to track the spread of Microsoft Office documents has proven to have great value for security practitioners and managers – diverse uses including creating a “honey document” for tracking email scammers, stocking a honeypot (internal or external), or tracking documents […]

Read more

Pulling back the covers on credit card fraud: A detailed look at financial fraudware.

Credit card theft has dominated the information security headlines recently and for good reason. This talk will demonstrate (with both Chip & PIN and magnetic stripe credit cards) how malware is able to steal the most critical details. It will also delve into the underground economy and explore how the stolen data is stolen, used […]

Read more

Stupid is as Stupid Does – The Good, The Bad and The Idiots

How Hackers get caught Everyone sees the daily stories about hackers stealing personal data and credit cards but the media moves on to the newest breach the next week. What happens to these cases and the criminals behind them? This presentation will cover Law Enforcement (the good), criminals and their motives (the bad) and the […]

Read more

Cybercrime 101

Cybercrime continues to rise. While many businesses are improving their overall security posture using GRC regimes like PCI, HIPAA-HITECH, and SOX, and technologies such as Web Application Firewalls, Network Access Control devices, and SIEM solutions, attackers are making adjustments to avoid detection, becoming more creative in their approach to the attacks, and leveraging more complex […]

Read more

Quantitative Risk Analysis and Information Security: An OpenFair Case Study from BMO

Risk analysis – nobody wants to do it, but everybody wants the answer when it’s done. Business today is full of qualitative methods for assessing risk, but these tend to fall short of giving Information Security professionals the tools to express risk in a meaningful way. FAIR (Factor Analysis of Information Risk) was recently adopted […]

Read more

So, you want to be a pentester?

This presentation is designed to provide practical career advice to aspiring penetration testers, or those who want more insight into what the actual day to day life of a penetration tester is like. This presentation examines social, psychological, and physical issues surrounding a career in one of information security’s most popular fields. October 21, 2014 […]

Read more

ALL YOUR MACS ARE BELONG TO US

Attackers have already set their sights on Mac. They have been thinking of and finding ways to cash out. This talk shows one of those ways. In this presentation, I will show and demonstrate live how attackers pwn Macs using browsers running in Mac and hold the system hostage until the user posts a “ransom.” […]

Read more

Data protection and Identity Management at cloud scale

Security of corporate resources has never been as important as it is in todays mobile first cloud first world. The proliferation of remote access, mobile access and various cloud storage solutions, among other things, has led to the erosion of the classic enterprise security moat. We need to look at security under the context of […]

Read more

Check Point Compliance Software Solutions “Your Second Set of Eyes”

No one in the Security Industry wants to talk compliance and most of us think of it as a burden.  Since almost all organizations today have to comply with some regulations, it has become important for us to discuss. The session will explore how compliance and network security are tied together and by simply improving […]

Read more

The Things You See (and Application Scanners Won’t)

Application scanners are a very common tool often used by security professionals to identify vulnerabilities and weaknesses in (mostly) web applications. However, due to the “developer factor”, applications often include weakness and vulnerabilities that are simply not “detectable” by scanners, and relying on these results often means ignoring significant security risks that are still presented […]

Read more

The Rise of Threat Detection and Response

It seems like it was only yesterday that security was focused almost exclusively on preventative mechanisms as though we’re still facing the same self-replicating viruses from 15 years ago. Overnight it seems, organizations recognize that modern threats like information stealers, botnets, and targeted attacks regularly bypass preventative measures. As a result, great investments are being […]

Read more

Fighting Next-Generation Adversaries with Shared Threat Intelligence

Adversaries today are technically advanced, structured around an underground governed by market forces, and using paradigm shifts in technology to compromise more victims. Through specialization and collaboration, attackers are becoming more effective and continue to cause widespread damage, even as systems become more secure. However, recent advances in technology provide the foundation for a new […]

Read more

Human Metrics – Measuring Behavior

The human element is one of the weakest links, as a result your employees are now the primary attack vector.  From phishing and infected USB drives to lost mobile devices and weak passwords, people represent the greatest risk to most organizations.  Many organizations are now rolling out security awareness programs with the intent of changing […]

Read more

The Theory of Cyber Security Evolution: Adopting Continuous Active Threat Protection and Security as a Service

We’re all aware that the cyber threat landscape continues to shift and evolve at a staggering pace. Attacks are becoming more sophisticated and let’s face it – the notion that signatures are dead is an exaggeration. Cyber security is continuing to shift too, as industry experts begin to prescribe continuous monitoring over incident response. Recognizing […]

Read more

Security for the People: End-User Authentication Security on the Internet

Despite the continued success by attackers to brute-force accounts, phish credentials, and otherwise impact the online security of consumers, a large portion of the sites and services consumers utilize still don’t take authentication security seriously enough. This presentation will review recent research into the state of end-user-facing authentication security as it relates to strong authentication, […]

Read more

KickaaS Security with DevOps and Cloud

Think DevOps and cloud reduce your security? Think again. In this session we will dive into the world of DevOps and show how it can dramatically improve security through consistency, resiliency, and standardization. We will demonstrate specific technical techniques for integrating security into DevOps, including automating security policy compliance through injection of security baselines, and […]

Read more

Stopping Cross Contamination with Network Access Control…”The ULTIMATE PATCH”

This session will highlight how Network Access Control is the ultimate patch checking system. By utilizing a set of key protocols NAC will define and implement a policy that will define the access requirement for devices attempting to access your network. Those policies are designed to look for among other things pre-admission endpoint security policy […]

Read more

Microsoft Security Intelligence Report, Canadian Edition

Threats have changed in dramatic and unexpected ways around the world over the past year as attackers continue to hone and evolve their strategies and tactics, and Internet-connected devices proliferate. Using the latest data from hundreds of millions of systems around the world and some of the Internet’s busiest online services, this session will provide […]

Read more

Fiber Channel – Your OTHER Data Center Network

The majority of large datacenter storage architectures in the world are currently based on Fiber Channel networks. Unfortunately, the emphasis on security, compliance, and audit remains on hosts and traditional Ethernet networks, leaving the Fiber Channel behind as “a storage thing” that for some reason is never secured. Abdicating this responsibility leaves the Fiber Channel […]

Read more

BIOS Chronomancy

In 2011 the National Institute of Standard and Technology (NIST) released a draft of special publication 800-155. This document provides a more detailed description than the Trusted Platform Module (TPM) PC client specification for content that should be measured in the BIOS to provide an adequate Static Root of Trust for Measurement (SRTM). To justify […]

Read more

How they get in and how they get caught

This talk will take you through the basics of how to pick, rake, bump, impression and bypass a lock, but be careful, you’re leaving a lot of evidence behind. Using datagram’s work at lockpickingforensics.com as a jumping off point we’ll explore how a picker gets in, and how, with careful observation and some practice, we […]

Read more

Threat Modeling 101

Threat modeling allows developers and security professionals to collaborate and catch vulns before they ship – and potentially before the code is even written. In this hands-on workshop, Leigh will teach the basics of threat modeling using a game called Elevation of Privilege.

Read more

Swiping Cards At The Source: POS & Cash Machine Security

You put your credit card in, I take your cash out. Point of Sale systems and Cash Machines are frequently targeted but rarely discussed. This talk will be a frank discussion about the types of attacks Ryan and John have both seen and executed against these types of machines, where these systems are vulnerable from […]

Read more

Building a Security Operations Center – Lessons Learned

This presentation will go through the various steps required to craft a Security Operations Center; including hiring and managing an array of human resources, monitoring, reporting, and mitigating technology, and covering the definition of repeatable, scalable processes, such as the OODA loop. The presentation will address the fundamental concepts related to training, structuring, and running […]

Read more

The US Department of Homeland Security’s Software Assurance Enumerations

The benefits of CVE, CWE, MAEC, CWSS, CAPEC, STIX and TAXII can often be at work without the users knowledge. Learn how these standards are working behind the scenes, and how you can use them to support information sharing and gain an advantage from crowd-sourced security information. Prior to 1999, software vulnerabilities were not widely […]

Read more

FUFW: 5 Steps to Re-architecting Your Perimeter

The hype train around next-generation firewalls (NGFW) continues to race forward, but replacing one device with a new shiny object isn’t going to ultimately solve the security problem. Securosis analyst Mike Rothman will put NGFW into proper context regarding the evolution of network security and give you 5 steps to move your perimeter protection forward.

Read more

Build Your Own Android Spy-Phone

Know your enemy! Attendees will see a live demonstration of how we built a proof-of-concept Android Spy-Phone. We will show how we developed the Android spy-phone module and demonstrate how to inject it into legitimate applications to infect unsuspecting victims. We will demonstrate how the spy-phone command and control server can take complete control of […]

Read more

Information & Risk Mitigation

Information is the lifeblood of today’s connected world. It plays a critical role in our personal lives and drives our businesses. Each year, the amount of information we create – from digital photos to business critical data – increases exponentially. Securing and managing our information, and the identities to access that information, becomes even more […]

Read more

How to Connect Security to the Business

When CISOs are briefing their executive teams or boards on the organization’s security (usually only when there’s a security incident), this is usually the challenge. Distill the volumes of data, assets, silos, operations, threats, and remediations down to a couple of key points. And this is to an audience who typically get their security information […]

Read more

Cryptographically Isolated Virtualized Networks – A Community of Interest Approach

Two ongoing industry trends are in conflict with each other. On the one hand, networks are increasingly being consolidated into shared infrastructure utilized by many different clients. From converged hardware networks, through virtualized IT shops, into the cloud, more and more traffic is being merged and intermixed on this shared infrastructure. Conversely, industry regulatory and […]

Read more

Enabling Access Assurance and Identity Intelligence for a multi-perimeter world

In today’s increasing open and interconnected enterprise, traditional perimeters are quickly being extended to multi-perimeters to support secure adoption of mobile, cloud, social and information interactions. The traditional network, IT, and end-point security capabilities are being enhanced to support these interactions and similar demands are put on the Identity and Access Management systems too. In […]

Read more

Analyzing Exploit Packs: Tips & Tricks

In this 30 minute session, we will look at tips and techniques that can help malware analysts and Incident Responders perform effective analysis and de-obfuscate/decode malicious exploit code. Primary focus will be on exploit delivery obfuscation and JAR exploit debugging.

Read more

Pivoting in Amazon clouds

From no access at all, to the company Amazon’s root account, this talk will teach attendees about the components used in cloud applications like: EC2, SQS, IAM, RDS, meta-data, user-data, Celery; and how misconfigurations in each can be abused to gain access to operating systems, database information, application source code and Amazon’s services through it’s […]

Read more

Today’s Cyber Threat Landscape – Prevention is no cure

AccessData will talk about Today’s Cyber Threat Landscape – The traditional cyber security infrastructure is riddled with blind spots… open doorways for threats you can’t see, because the tools you’re relying on can’t see them We will discuss how to eliminate those blind spots, allowing you to catch the data leakage your DLP misses, detect […]

Read more

Needle in a Haystack – Harnessing Big Data for Security

The polymorphic nature of malware, failure of signature-based security tools and massive amounts of data and traffic flowing in and out of enterprise networks is making threat management virtually impossible using traditional approaches without copies, samples or details how can one possibly prevent, contain and inform on targeted attacks? This session will demonstrate how to […]

Read more

Your own pentesting army complete with air support

This talk will discuss pentesting with an army of low-powered devices running a custom Linux distro (known as The Deck). The devices are connected via 802.15.4 networking for command and control. The Deck runs on the BeagleBone and BeagleBoard family of devices. An airborne version of The Deck which (along with wireless sensors) is embedded […]

Read more

Identity & Access Governance: Key to Security or Completely Useless?

Jackson Shaw will take the audience thru the state of Identity & Access Governance and why having an IAG strategy is key to security for corporations big and small. He will also highlight how, in today’s rapidly changing environment of APTs, foreign intrigue & hacking why even with a strong IAG strategy you will still […]

Read more

Fortifying Canada’s Cyberspace: Together

The foundation of Canada’s economy is increasingly dependent of the digital infrastructure that supports all sectors of industry. Confidence in this infrastructure is essential if individuals and businesses are to harness the opportunities it presents. Maintaining this confidence is a complex challenge, especially in face of continually evolving threats. Staying ahead of the threats to […]

Read more

Frayed Edges; Monitoring a perimeter that no longer exists

The foundations of traditional network security are crumbling in the public cloud. Old assumptions will leave your cloud deployments vulnerable and exposed. In this talk, we’ll examine the existing models of network security and how you can transition to new cloud-friendly models that take advantage of dynamic cloud environments. With the stage set, we’ll dive […]

Read more

Vulnerability Management Programs and Lessons Learned from the Field

Often Vulnerability Management program managers are missing the mark by focusing on the wrong information, communicating poorly and not understanding the business criticality as it relates to the technical risk found in scanning. This creates a “bad data” scenario where all the data collected is seen to have little or no value – which increases […]

Read more

SDN : Radically New Network Architecture, Same Old Cyber Security Protection

As Virtual Machines (VM’s) were the disruptive technology at the end of last century for server and storage platforms, Software Defined Networks (SDN) will be (already is) the first industry-changing, disruptive technology for switch and router platforms in this young century. SDN has already gained grass roots momentum as early adopters Google, Goldman Sachs and […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!