Visualizing Your Security Posture from Link, to Gateway, and Beyond

The intersections between IT, OT, and (I)IOT has continued to fuse multiple domains within the organization. And in a world where we need to fully understand our security posture and react to the world around us, visualization is key. During this presentation we will dive deep on the toolsets, tradecraft and methodologies to render (visualize) […]

Read more

The Tools of a Web App Pentester

During a web application penetration test, a tester often encounters different technology stacks and security controls implementations that requires the use of different tools and testing approaches. While commercial tools are often available for these specific scenarios – these can be hard to get in a short time frame (and can be very costly if […]

Read more

Risk Transformation: Plan-Build-Run in a World Without Time

Life is rough for a security leader! The security product landscape is increasingly complicated but seems to always lag behind malicious actor capabilities. Organizations need proven security programs that demonstrate visible ROI, but once-vaunted security concepts have been sacrificed upon the altars of speed and mobility. Organizational leadership-level involvement has never been greater, offering access […]

Read more

Step by step AWS Cloud Hacking

This talk focuses on real-life exploitation techniques in AWS cloud and the tools used to perform them. We will focus on these steps: Identify a server-side request forgery Gain access to instance meta-data credentials Enumerate IAM permissions Privilege escalation Connecting to internal VPC services via VPN Multiple tools, such as nimbostratus, enumerate-iam, Pacu and vpc-vpn-pivot […]

Read more

Revitalizing the Scotiabank SOC with Big Data Security Analytics and Automation

Behavioral analytics helps IT professionals predict and understand consumer trends, but it can also assist CISOs in understanding potential threats—and unearthing them before they wreak major havoc. Additionally, automation helps to respond rapidly, thus reducing your mean time to resolve (MTTR) and improve SOC efficiency. Join this session to discuss: Using behavior analytics as a […]

Read more

Car Hacking on Simulation

Cars are no longer simply mechanical. While they may be getting more advanced that doesn’t mean they are immune to hacks. One particularly sensitive entry point for hacking a car is the legally required OBD II port, which is basically “the Ethernet jack for your car”. This port works on a signaling protocol called CAN […]

Read more

Using Static and Runtime Analysis to Understand Third-Party Applications

Modern software applications are complex, highly integrated collections of components, authored by dozens or even hundreds of individuals, and the rise of open source has taken this complexity to the next level. As an end-user, how well do you understand what a piece of software is *actually* doing, under the hood? Is your favorite string […]

Read more

OWASP Find Security Bugs: The community static code analyzer

The Web application development lifecycle has numerous security activities. For developers, code review is a familiar recurring activity. To support Java developers, a project was started in 2012 called, “Find Security Bugs” (FSB). It is an extension of the SpotBugs project, formerly known as FindBugs. FSB is a community static analysis tool which targets specific vulnerabilities. Over the years FSB has evolved from a limited tool to a solid coverage of bug […]

Read more

Use the Tools You Have: Threat Detection and Hunting in Azure

As organizations continue their love affair with cloud services, critical components are increasingly exposed to threats in ways that can be easy to miss with traditional on-premises tools and technology.  On the other hand, major cloud-services providers have been stepping up their game and are (for a price!) providing the blue team with new ways […]

Read more

How much Cyber Insurance Do You Need, or Do You Need it at All?

Executives and the board face difficult decisions to determine whether cyber insurance is worth the spend and what limit to buy. Quantifying the financial costs of potential cyber incidents provides objective grounding for decision-making and reduces reliance on gut feeling, fear or intuition. However, cyber risk assessments usually don’t quantify the financial cost to the […]

Read more

Weapons of a Pentester – 2018 Edition

In this session Nick will demonstrate and review a list of physical and digital tools used by professional pentesters and red teams in the industry.

Read more

Reinventing PC & Printer Security

It’s no longer a matter of “if”, but “when”. As the world becomes more mobile and connected, cyberattacks continue to rapidly grow in frequency and sophistication, placing your company’s data and personal information at risk. Are you protected? While organizations are aware of the growing threat, most are overly focused on security software and data […]

Read more

Extending Your Incident Response Capabilities with Sysmon

This presentation will introduce attendees to the free Sysinternals tool, Sysmon. Are you an incident responder? SOC analyst? Does your job require you to work with Windows event logs? Do you need to reconstruct attacker timelines? We will look at the Sysmon tool and compare its outputs to standard EVT logs Look at how Sysmon […]

Read more

Heimdall: Vulnerable Host Discovery and Lifecycle Monitoring Toolkit

Heimdall assumes that when a new vulnerability is disclosed, and an exploit goes public, criminals build scanners in order to detect the machines reachable on the internet which are affected by the new vulnerability. If these machines are found and compromised, they are often used by criminals for other activities (C&C panel, redirect to cloned […]

Read more

Angad: A Malware Detection Framework Using Multi-Dimensional Visualization

Angad is a framework to automate classification of an unlabeled malware dataset using multi-dimensional modelling. The input dataset is analyzed to collect various attributes which are then arranged in several feature vectors. These vectors are individually visualized, indexed and then queried for each new input file. Matching vectors are labelled as per their AV detection […]

Read more

Developing and Implementing an Effective Endpoint Security Strategy

Endpoint security is one of the most important aspects of a defence in depth strategy. It is critical to businesses because code execution on servers and workstations is one of the key ways to obtain an initial foothold within a corporate environment. The ability to prevent, detect, and respond to incidents within your environment in […]

Read more

Malboxes: Make Malware Analysis More Accessible

Malware is everywhere. Every organization has been infected by malware to some extent. Yet, most don’t have the expertise on staff to know if they are being targeted or if they are hit with mass-spreading malware. Knowing the difference is vital for a proper response plan. This is where Malboxes comes in. It is a […]

Read more

Elytron: Next-Generation Security for Java Servers

Elytron is a set of Java APIs and SPIs for application server security. Although it was developed to unify security across the WildFly application server, Elytron is an open-source, standalone library that can theoretically be used in other Java server environments. Within WildFly, Elytron has replaced the combination of PicketBox and the Java Authentication and […]

Read more

The Future of Privacy

CIPPIC, the Samuelson-Glushko Canadian Internet Policy & Public Interest Clinic, is Canada’s only public interest technology law clinic. CIPPIC is unique in Canada, bringing together a team of expert legal professionals and students to advocate for the public interest in policy debates arising from the intersection of law and technology. Defense of privacy rights and […]

Read more

Metasploit Community: Tips, Tricks and What’s New

Let’s talk Metasploit! Come learn how the community is building tools that work not just for the single user, but for the whole team. Jeffrey will begin the presentation by discussing basic usage and capabilities, and then explore the roads less traveled as well as some new paths currently being explored in Metasploit Framework. Audience members will […]

Read more

Threat hunting demystified – Strengthening risk management through proactive investigation and response

Despite billions spent on security technology each year, it seems little progress has been made to reclaim the advantage from attackers.  Modest reconnaissance by a malicious actor often results in a better understanding of an environment than the defenders who own and operate it.  At the heart of the problem lies one simple truth: know […]

Read more

TLS Tools for Blue Teams

TLS can cause problems for security teams, breaking TLS or ignoring TLS are common modus operandi, both are flawed and expose organizations to weaknesses. This session focusses on the management of TLS from a blue team perspective, without either ignoring or breaking TLS implementations. We will discuss specific tooling, FingerPrinTLS and TLSProxy will be the […]

Read more

Weapons of a Pentester

In this session Nick will demonstrate and review a list of physical and digital tools used by professional pentesters and red teams in the industry. Tools that will be demonstrated and showcased include: Metasploit (Exploit Framework) BeEF (Browser Exploitation Framework) Physical lock testing (Lock pick set – Snap gun, and lock pick card) Hak5 – […]

Read more

Security Training in a (Virtual) Box

We have designed a virtual training environment that allows the user to step through the quintessential phases of an attack: reconnaissance, scanning and enumeration, gaining access, maintaining access, and covering tracks. Licensed for reuse under Creative Commons, the materials can immediately be used for education and training purposes by attendees. We focus on what can be expected from […]

Read more

NOAH: Uncover the Evil Within! Respond Immediately by Collecting All the Artifacts Agentlessly

Imagine the moment when you realize that a malicious threat actor has compromised your network and is currently going through your confidential information. Faced with this dreadful scenario, you initiate an Incident Response. We have built an open source Incident Response framework based on PowerShell to help security investigation responders gather a vast number of […]

Read more

Extending BloodHound for Red Teamers

BloodHound has changed how red and blue teams approach risk in Active Directory environments. The interface is slick, the install is painless enough considering the dependencies, and the pre-built analytics deliver actionable intelligence. BloodHound provides the foundational elements – a reliable backend, a means for ingesting, querying, and displaying data – for users to extend […]

Read more

Chkrootkit: Eating APTs at Breakfast Since 1997

Chkrootkit will be 20 years old in 2017! The first Chkrootkit release was in 1997 and was written by my friend Klaus (CERT.br team) and I. Chkrootkit is a suite of posix shell scripts and tools written in ansi C, intended to run smoothly in virtually all Unix environments without dependencies. It is able to detect several rootkits, […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!