Security Bsides Australia
When: Sunday, 15th of May 2011
Where: Gold Coast, Queensland
Cost: Free
Venue: Gardenia Room, Royal Pines (same level as RACV reception)
http://maps.google.com.au/maps?f=q&source=s_q&hl=en&geocode=&q=royal+pines+resort,+gold+coast&aq=&sll=-25.335448,135.745076&sspn=45.660664,80.068359&ie=UTF8&hq=royal+pines+resort,&hnear=Gold+Coast+Queensland&ll=-27.998873,153.399525&spn=0.042591,0.078192&z=14&iwloc=A
Invite your friends by posting this hashtag on Twitter: "#BSidesAU" (or follow @bsidesau) May, 15th,2011: Discover the next big thing!"
The biggest Security conference in Australia each year is AusCERT and we love it so much we thought we'd try fit in some extra sessions for the folks who think that too much security is never enough!!!! Don't worry, we aren't conflicting with AusCERT, you'll still make it in time for registration Sunday afternoon. Also a special thank you to the AusCERT team for letting us hold the first BSides at Royal Pines itself, so its even easier to come along and check it out if you not already busy doing golf!!!
Event Photo's
https://picasaweb.google.com/lh/sredir?uname=103844922012998215463&target=ALBUM&id=5607176709406409553&authkey=Gv1sRgCKupscbDlL_4lQE&feat=email
Thanks to Dave for the great work on the day to help out with some photo's
Participants
- Please take 30seconds to register at http://bit.ly/BSidesAURegGC2011. This is purely so we can get an idea of numbers for catering on the day.
- PlanB to above, either email securitybsidesau@gmail.com or tweet us on @bsidesau that you'll be there on the day.
Schedule
In will be running between 11-3:40pm on Sunday the 15th of May as we want to make sure you get to AusCERT registration on time!!!! We've put a more complete synopsis of each topic below the schedule
| [Day] - [Date] |
Track 1
|
| |
|
|
11:00 AM - 11:20 am
|
Coffee / Tea / h20
|
11:20 PM - 12:00 PM
|
Name: Andrew Jamieson
Talk: Encryption vs Tokenisation: Fight! |
|
12:00 PM - 12:40 PM
|
Name: Michael Baker
Talk: Roaring Laser Beams of Power and Doom
|
| 12:40 PM - 1:00 PM |
LUNCH!!! |
| 1:00 PM - 1:40 PM |
Name: Christian Heinrich
Talk: For God Your Soul... For Me Your Flesh
|
| 1:40 PM - 2:20 PM |
Name: Eddie Schwartz
Talk: Zero-Day Malware Hunting – Putting Aside the Obvious and Getting Down to Business |
| 2:20 PM - 3:00 PM |
Name: John Pirc
Talk: Next Generation Cyber Threat’s (Shining the Light on the Industries' Best KeptSecret)
|
| 3:00 PM - 3:40 PM |
Name: Will Gragido
Talk: Sight Beyond Sight: Visualizing and Acting Upon Threat Intelligence
|
Speakers
Andrew Jamieson
Title:
Encryption vs Tokenisation: Fight!
Abstract:
Merchants, service providers, and financial institutions are examining the possibilities of using either encryption or tokenisation, or both, to reduce the scope of their PCI DSS validation requirements - but many businesses still have difficulty understanding the pros and cons of each , and indeed the point at which one effectively becomes the other. This presentation will provide information on how tokenisation and encryption can be used to protect cardholder data, and how PCI SSC is working towards formalising this in standards such as PTS v3 SRED, and through the work of Special Interest Groups. Details will be provided on the workings of 'format preserving encryption', and how different vendors are implementing this to provide both encryption and tokenisation at the same time. An Australian perspective will be provided on how developments in these areas impact or compliment existing standards such as AS2805.9, and what QSAs should be aware of when auditing such systems. The presentation will not focus on, endorse, or condem any particular solution. It is designed to provide information to a technical
audience who are familiar with the requirements of PCI DSS, and have a passing knowledge of encryption.
Author:
The presentation will be made by Andrew Jamieson, the Technical Manager of Witham Laboratories. Andrew has worked in payments security for over 15 years, and has authored a number of patents in this field. Andrew manages all technical work of Witham Laboratories, which is only one of two companies in the world to be accredited to evaluate systems against all PCI standards (PCI DSS, PA DSS, and PCI PTS). Andrew represents Witham Laboratories at PCI PTS lab meetings, where developments in the standards are discussed and new FAQs are developed. Witham Laboratories is a member of the PCI SSC encryption and tokenisation Special Interest Groups, Secure POS Vendor Alliance, ATM Industry Association, and contributes to the development of Australian POS message and security standards. Witham Laboratories works with all of the major banks within Australia, as well as vendors of security products such as HSMs, PINPads, and security processors, worldwide.
Michael Baker - BlackFoundry (http://au.linkedin.com/pub/michael-baker/1/718/644)
Roaring Laser Beams of Power and Doom
This presention will cover research done on the correlation over time between CVE's / Metasploit weaponisation, IPS protection and vendor patches. With maybe some supporting video's of the 'IPS evasion' and other techniques within metasploit.
Christian Heinrich, @cmlh
Title
For God Your Soul... For Me Your Flesh
Abstract
Disclosure of two vulnerabilities with exploits which circumvent the privacy controls of both MySpace and Facebook.
Biography
cmlh has presented at ToorCon (USA), Shmoocon (USA), SecTor (Canada), CONFidence (Europe), Hack In The Box (Europe), SyScan (Singapore), RUXCON (Australia), AusCERT (Australia) and the OWASP Conferences in USA, Australia and Europe and OWASP Chapters in the Netherlands, London and Sydney and Melbourne, Australia.
Further information is available from
http://www.linkedin.com/in/ChristianHeinrich
Eddie Schwartz, CSO NetWitness
Title
Zero-Day Malware Hunting – Putting Aside the Obvious and Getting Down to Business
Abstract:
The hallowed ground of kick-ass, targeted and zero-day malware hunting previously has been reserved for the few security researchers who either were lucky enough to stumble upon something truly unique, or those who spend their time collecting and reversing large amounts of samples from lots of fed up public and private
enterprises whose useless anti-malware solutions had completely failed. In a world where incident response team members responsible
for finding bad juju on enterprise networks are fighting a seriously uphill battle, we can’t spend anywhere from 2 to 4 hours analyzing each piece of suspect malware. Real-time / runtime analysis on suspect binaries on the host is challenging due to injection, hooking, and other adversarial subversion techniques. Static analysis on the host is equally a pain because static traits of packed and obfuscated malware too closely matches those of legitimate binaries. Looking up all kinds of information across the global security community is valuable – but what really matters? And what about sandboxing? – what are the pros and cons and dos and don’ts? This technical session will show B-Sides Australia attendees how to up their game and dramatically shrink the time required to identify and prioritize zero-day and targeted malware using a combination of four automated techniques: file (static) analysis, network forensics, community reputation and sand-boxing.
John Pirc, @jopirc (HP TippingPoint)
Title:
Next Generation Cyber Threat’s (Shining the Light on the Industries' Best Kept Secret)
Abstract:
In this presentation John Pirc will be discussing the next generation of cyber threats and the significant challenges facing most industries in dealing with these specific attack vectors. In addition to Join John Pirc, Sr.Product Line Manager, of HP TippingPoint’s Network Security Product Lines , and co-Author of Cybercrime and Espionage: Analysis of the Subversive Multi-vector Threat as he explores the dynamic shift in the threat landscape and uncovers critical gaps in current security technologies and advanced concepts for sophisticated attacks.
Will Gragido, @wgragido (HP DVLabs)
Title:
Sight Beyond Sight: Visualizing and Acting Upon Threat Intelligence
Abstract:
A new era is upon us. It is an era which requires the ability to qualify and quantify potential and imminent threats; there are no awards for ‘second’ place in this forum. The analysis is crucial and the quality of intelligence must be beyond reproach. The media demonstrate this by the scores of examples that seemingly as though in some bizarre succession, manifest one by one underscoring the soft underbellies of those exploited; victimized by a wide array of attacks and actors. Whether it is the decline and resurrection of an indiscriminate worm such as Sapphire (SQL Slammer), the mayhem and uncertainty invoked by botnets such as Waldec, SpyEye or Zeus, the extraordinary sense of expectation rather surprise at targeted attacks –whether the target is a global multi-national corporation or a nation state (APT, APA, SMT), sound intelligence and the ability of the well trained analyst to collect, digest and act upon it is paramount perhaps now more so than ever before. Regardless of your belief or feelings toward taxonomic terminology, the era of the Subversive Multi-vector Threat has arrived and the realities therein are, for many, only now being realized.
Join Will Gragido, Sr.Product Line Manager, of HP TippingPoint’s DVLabs , and co-Author of Cybercrime and Espionage: Analysis of the Subversive Multi-vector Threat as he explores the Global Threat Visualization as an operational function, a tactical element and strategic initiative for combating new and advanced categories of threat while applying reason in their qualification and quantification.
Call for Papers (now closed unless something super awesome comes through)
Please submit your presentation topic to securitybsidesau@gmail.com and we'll be updating this page with further information in the coming weeks. We have a soft deadline of Wednesday the 4th of May for papers to give us some time to review and post whose presenting when on the day. We hope to announce the full agenda on Friday the 6th of May to at least give folks a week to plan.
Sponsors
Sponsors confirmed to date are:
http://www.hp.com/networking/TippingPoint
HP TippingPoint sponsoring:
Syngress are helping outsponsoring with some book giveaways and discounts on book purchases. Check out their range of books at www.syngress.com
Assurance.com.au is helping out by sponsoring BsidesAU with some wifi fu. Should be a hoot, as they will be bringing their ruxcon rig for folks to use.
Please let us know if you'd like to help out and sponsor
Planners (in no particular order)
- Craig Lawson (@craiglawson)
- Stephen MacDonald
- Drazen Drazic (@DDrazic)
- Clinton Smith
- Neal Wise (@y011)
Volunteers
- Mark Dowd aka @mdowd will be assisting as a guest presentation paper reviewer
- Dave Matthews has offered to come along and be the celebrity photographer, thanks Dave!!
Task List
(please -cross out- when it's done)
Tech
Photo (done)
Video
Audio
Streaming or Stickam or Skype or Ustream or Livestream (TBD)
Non-tech
Breakfast
Lunch
Coffee/Tea
Tables and chairs
Tags for flickr, twitter, blog, etc.
Please use the tag #BsidesAU for content related to this event
Follow us on twitter @bsidesau
Comments (0)
You don't have permission to comment on this page.