On the Eve of Quantum Computing: The Definitive Need for Crypto Agility

On the eve of quantum computing, the definitive need for crypto-agility is greater than ever. The ability to locate, manage, and securely update digital certificates on a network or on a device seems like a simple task, yet with the advent of new Enterprise use cases and flourishing IoT device introductions, management at massive scale […]

Read more

From Profit to Destruction: Analyzing Today’s Threat Landscape

The security threat landscape is constantly in flux as attackers evolve their skills and tactics. Cisco’s Talos team specializes in early-warning intelligence and threat analysis necessary to help secure networks in today’s volatile threat landscape. In this talk, Earl will analyze how the threat landscape has evolved over the last year or so by looking […]

Read more

Everything or Nothing: Active Defense in the Corporate World?

How can a good offense be a great defense? The concept of Hack-Back is extremely controversial and at first glance seems unsuited to the corporate world. However, in this session we will look at strategies and technologies you can use to actively defend your organization. Learn how create an active defense by using the attacker’s […]

Read more

Crowd Sourced Security – Applying the Wisdom of the Crowd to Cyber Defences

Taking advantage of user provided intelligence improves your organization’s ability to recognize, report and respond to active phishing threats and keeps you ‘Left of Breach’ on the cyber kill chain. Through development of anti-phishing program best practices, the use of active threat intelligence and trend analysis, this presentation will show you how to improve your […]

Read more

Malboxes: Make Malware Analysis More Accessible

Malware is everywhere. Every organization has been infected by malware to some extent. Yet, most don’t have the expertise on staff to know if they are being targeted or if they are hit with mass-spreading malware. Knowing the difference is vital for a proper response plan. This is where Malboxes comes in. It is a […]

Read more

Elytron: Next-Generation Security for Java Servers

Elytron is a set of Java APIs and SPIs for application server security. Although it was developed to unify security across the WildFly application server, Elytron is an open-source, standalone library that can theoretically be used in other Java server environments. Within WildFly, Elytron has replaced the combination of PicketBox and the Java Authentication and […]

Read more

The Future of Privacy

CIPPIC, the Samuelson-Glushko Canadian Internet Policy & Public Interest Clinic, is Canada’s only public interest technology law clinic. CIPPIC is unique in Canada, bringing together a team of expert legal professionals and students to advocate for the public interest in policy debates arising from the intersection of law and technology. Defense of privacy rights and […]

Read more

Metasploit Community: Tips, Tricks and What’s New

Let’s talk Metasploit! Come learn how the community is building tools that work not just for the single user, but for the whole team. Jeffrey will begin the presentation by discussing basic usage and capabilities, and then explore the roads less traveled as well as some new paths currently being explored in Metasploit Framework. Audience members will […]

Read more

Threat hunting demystified – Strengthening risk management through proactive investigation and response

Despite billions spent on security technology each year, it seems little progress has been made to reclaim the advantage from attackers.  Modest reconnaissance by a malicious actor often results in a better understanding of an environment than the defenders who own and operate it.  At the heart of the problem lies one simple truth: know […]

Read more

TLS Tools for Blue Teams

TLS can cause problems for security teams, breaking TLS or ignoring TLS are common modus operandi, both are flawed and expose organizations to weaknesses. This session focusses on the management of TLS from a blue team perspective, without either ignoring or breaking TLS implementations. We will discuss specific tooling, FingerPrinTLS and TLSProxy will be the […]

Read more

Privileged Access Security for Hybrid Cloud: Secure Amazon, Azure and Google Environments

Organizations are increasingly moving workloads to hosted Infrastructure-as-a-Service (IaaS) environments. In many cases, they are extending their data centers across one or more IaaS providers, creating hybrid cloud environments. This session will explore best practices for extending data centers to hosted environments, and review how to secure privileged access to hosted infrastructure and virtual machines […]

Read more

Weapons of a Pentester

In this session Nick will demonstrate and review a list of physical and digital tools used by professional pentesters and red teams in the industry. Tools that will be demonstrated and showcased include: Metasploit (Exploit Framework) BeEF (Browser Exploitation Framework) Physical lock testing (Lock pick set – Snap gun, and lock pick card) Hak5 – […]

Read more

Developing Your Career in IT Security (2017)

The IT security industry continues to rapidly evolve. With this rate of change comes both opportunity and challenges. There are more areas of specialization and more types of employers to apply them to. Come to what will certainly be a spirited and exciting panel session on how very different segments of the industry are viewing […]

Read more

Security Training in a (Virtual) Box

We have designed a virtual training environment that allows the user to step through the quintessential phases of an attack: reconnaissance, scanning and enumeration, gaining access, maintaining access, and covering tracks. Licensed for reuse under Creative Commons, the materials can immediately be used for education and training purposes by attendees. We focus on what can be expected from […]

Read more

How to Ramp Up Security Operations to Stop Advanced Threats

As attacks have become more sophisticated and continue to evolve, static technologies can’t keep up. Siloed solutions fragment your defenses. It takes power and precision to stop attacks. Join this session where we will explore; Do you have an intelligent, orchestrated and automated approach to prevent, detect and respond to threats? How did GFL Environmental […]

Read more

NOAH: Uncover the Evil Within! Respond Immediately by Collecting All the Artifacts Agentlessly

Imagine the moment when you realize that a malicious threat actor has compromised your network and is currently going through your confidential information. Faced with this dreadful scenario, you initiate an Incident Response. We have built an open source Incident Response framework based on PowerShell to help security investigation responders gather a vast number of […]

Read more

Insider Threat Analytics & Anomalous Behaviors

Employee suspicious access, behavior abuse, and exfiltration of confidential data could all be a result of Insider Threat. We need a new innovative way of thinking about security as rule, pattern and signature-based solutions are evaded easily. Learn how user & entity behavior analytics (UEBA) and Identity Analytics (IdA) leveraging the context of open choice […]

Read more

Security consideration for Microservices using Container Technology

Continuous Deployment and Cloud applications offer new opportunities in cyber security in allowing flexibility and rapid reaction to the ever-changing demands to protect cyber assets. However, new technologies also offer new possibilities and require new approaches in evaluating and improving the security posture for software applications as well as the infrastructure. This talk will explore […]

Read more

Building a Secure Foundation for the Internet of Things (IoT)

Connected devices provide a way for businesses to improve their operations and to provide enhanced services to customers.  They also can introduce significant security risks, as many devices that are now being connected were not designed with security in mind.  The fundamentals of the old adage of “garbage in, garbage out” are critical for IoT […]

Read more

Moving Up the Security Maturity Curve – The Sisyphean Task

Compressed timelines, skill gaps, staff shortages, and an endless sea of new security technology options challenge organizations to keep pace with rapidly advancing threats. It’s easy for technology leaders to fall into the trap of spending their entire budget on bigger firewalls and trendy new endpoint solutions, while ignoring the simple things. Sometimes the best […]

Read more

Decoding Cyberespionage from Insider Mistakes

People are not computers. This seems like an obvious statement, but many of our security controls treat people as though they are neat streams of code. This can cause problems when it comes to insider threat programs. If we approach insider threat analysis as a black and white then we risk more than wasted time […]

Read more

Boosting Canada’s Cyber Immune System for Internet Health

As adversaries develop ways to make money through cybercrime and the number of attackers and suppliers of cybercrime tools are growing, organizations are finding it more difficult to protect themselves. This environment increasingly resembles an organism under attack from countless viruses, bacteria, parasites and toxic substances. To effectively defend against these threats, we can use […]

Read more

Prioritizing Vulnerability Remediation From an Attacker’s Perspective

While IT departments constantly battle against a tsunami of ever-increasing volumes of annual vulnerability disclosures, lack of visibility into the attacker’s perspective means that they retain an advantage, and still continue to breach organizations, causing massive damages to business. In this presentation, we will discuss a year-long study of vulnerability attributes, exploits and attack trends […]

Read more

The Spy in Your Pocket

You walk into a meeting and the person you are about to talk to informs you that they will be video and audio recording everything. Would that change what you might say or do? What if we told you that your mobile device could be doing that, or worse, to you already? Visit this session […]

Read more

The Power Of Integration

As cyber criminals grow more aggressive, organizations are installing new security tools to protect themselves against threats. In fact, the average enterprise runs 508 applications and allows 89 different vendors to access their network each week. (Source Bomgar.com and Forbes.com) You likely manage dozens of security tools across your organization– from firewalls to authentication software. […]

Read more

Security Automation and Orchestration That Won’t Get You Fired

Responding to security incidents is mostly firefighting -too much noise, not enough signal, and not enough analysts to work incidents when the signal is found. There is a direct link between the time to detection and volume of data stolen. Leveraging automation and orchestration in the investigation and response process is the key for finding […]

Read more

The State of the Phish and Response

The State of the Phish and Response is a look into many of the prevalent phishing campaigns that leverage ransomware, fileless malware, and tactics that bypass technology. Contrary to what some may still believe, attackers don’t rely on executables and other extensions typically restricted. What are attackers doing and what works in their campaigns? Additionally, […]

Read more

Skin​ ​in​ ​the​ ​Game:​ ​How​ ​Security​ ​Teams​ ​are​ ​Scaling​ ​Through​ ​IT​ ​Orchestration

It’s​ ​a​ ​universal​ ​truth​ ​acknowledged​ ​that​ ​IT​ ​and​ ​security​ ​teams​ ​have​ ​too​ ​much​ ​to​ ​do,​ ​and​ ​never enough​ ​resources​ ​to​ ​do​ ​it.​ ​Traditionally,​ ​there​ ​are​ ​tactical​ ​tasks​ ​that​ ​security​ ​organizations​ ​own,​ ​but invest​ ​far​ ​too​ ​many​ ​resources​ ​in:​ ​alert​ ​triage,​ ​managing​ ​vulnerabilities,​ ​and​ ​more.​ ​These​ ​tasks​ ​lead to​ ​alert​ ​fatigue,​ ​but​ ​worse,​ ​they​ ​suck​ ​up​ […]

Read more

Building Your Own Automated Malware Analysis Lab for Insights on Active Threats.

Understanding the mechanics of malware attacks is critical for remediation and for preventing similar attempts in the future. Malware analysis can provide valuable insights into the adversaries goals, especially when they are targeted. While cloud based malware analysis tools exist, they are largely inflexible. An in-house lab environment can offer more customization, automation and enhanced […]

Read more

Take Best Practices to the Next Level

Despite all of the advances in technology, we still aren’t doing a good enough job in basic house-keeping, The result is avoidable breaches and network compromises, we read about them daily. Leveraging best practices but not actually implementing formal processes and solutions isn’t cutting it any longer, as more and more companies who think they […]

Read more

Cloud Security is Application Security – Securing the Cloud as a Team

“Infrastructure” is software in the era of Cloud; you should consider the software design choices as they impact not only the application structure, but also security in the Cloud. The convergence of the AppDev team and the security team allows for securing the cloud throughout the process without impacting agility. Bringing security in at the […]

Read more

Cyber Crime and Financial Crime: different sides of the same coin

Rapidly evolving technology and business channels have resulted in the cyber landscape becoming a core tool for criminals conducting all facets of financial crime. Modern day criminals seek to steal information and commit various types of conventional fraud with coordinated efforts that increasingly leverage cyber technologies. Industries coping with compliance and/or processing financial transactions are […]

Read more

Hunting Ransomware: Automate protection to get ahead of the next global outbreak

Ransomware got “very real” this year with nearly every day delivering news of not just more localized attacks but of sweeping compromises, bringing entire organizations to a sudden halt. Organizations are demanding a comprehensive response and IT teams are struggling to deliver defenses that are effective but don’t cripple their productivity.  With a focus on […]

Read more

Extending BloodHound for Red Teamers

BloodHound has changed how red and blue teams approach risk in Active Directory environments. The interface is slick, the install is painless enough considering the dependencies, and the pre-built analytics deliver actionable intelligence. BloodHound provides the foundational elements – a reliable backend, a means for ingesting, querying, and displaying data – for users to extend […]

Read more

Chkrootkit: Eating APTs at Breakfast Since 1997

Chkrootkit will be 20 years old in 2017! The first Chkrootkit release was in 1997 and was written by my friend Klaus (CERT.br team) and I. Chkrootkit is a suite of posix shell scripts and tools written in ansi C, intended to run smoothly in virtually all Unix environments without dependencies. It is able to detect several rootkits, […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!