Security B-Sides Cape Breton
When:
Friday September 5, 2014
9:00am – 5:00pm
Where:
Cape Breton Centre for Heritage & Science
225 George Street
Sydney, Nova Scotia
Canada
Cost:
FREE *
* We do ask that attendees consider a small cash donation for the Cape Breton Centre for Heritage & Science. There will be a collection box at the door. Please note that this is not mandatory!
Schedule
|
9:00 - 9:30 AM
CHECK-IN, NETWORKING, AND OPENING REMARKS
|
|---|
9:30 - 10:30 AM
Opening Keynote
Dave Lewis, Global Security Advocate - Akamai Technologies
"Elephants On The Lawn" |
10:30 - 11:15 AM
Andrew Kozma
"Hacking Countermeasures" |
11:15 - 11:30 AM
Morning Break |
11:30 - 12:15 PM
Arved Sandström
"Importance of Basic Security Profiles" |
12:15 PM - 1:30 PM
Lunch |
1:30 - 2:15 PM
Frank Breil
"Advanced Malware: Do We Need To Add New Layers"
|
2:15 - 3:00 PM
Paul Halliday
"Squert - An Open Source Web Interface For Network Security Monitoring (NSM) Data" |
3:00 - 3:15 PM
Afternoon Break |
3:15 - 4:00 PM
Benjamin Brown
"Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT)"
|
4:00 - 4:45 PM
Travis Barlow
"So You Want To Be An InfoSec Rockstar Do Ya?" |
Speakers:
KEYNOTE SPEAKER – DAVE LEWIS
Dave is a Global Security Advocate for Akamai Technologies. He has almost two decades of industry experience with extensive experience in IT operations and management. Dave is the founder of the security site Liquidmatrix Security Digest and co-host of the Liquidmatrix podcast. As well, he also serve on the (ISC)2 Board of Directors. Prior to his current role, he worked in the finance, healthcare, entertainment, manufacturing and critical infrastructure verticals. Dave has worked for a defense contractor as a security consultant to clients such as the FBI, US Navy, Social Security Administration, US Postal Service and the US Department of Defense to name a few. When not at work he can be found spending time with his family, playing bass guitar and polishing his brick of enlightenment.
ABSTRACT: ELEPHANTS ON THE LAWN
COMING SOON
ANDREW KOZMA
Andrew Kozma is currently employed as the Sr. Security Analyst for Capital District Health Authority, Nova Scotia’s largest healthcare district. He is responsible for the development of information security policies, standards, procedures, and their management and implementation across the district. He is also trained to look for weaknesses and vulnerabilities in target systems and to use his offensive computer security skills to identify, report and mitigate risk. Andrew is also the co-founder of Atlantic Canada’s largest infosec conference AtlSecCon and the Halifax Area Security Klatch (HASK).
ABSTRACT: HACKING COUNTERMEASURES
In order to adequately defend I.T infrastructure it is important to understand how the attacks against it are performed. In this presentation we will be looking at common attack vectors and why they are successful. Today’s info sec professional needs to have a balanced skill set that includes both offensive and defensive capabilities. The goal is to apply this knowledge to design and implement security controls that have been tested and validated to support the overall security posture of your organization. This talk includes demonstrations on AV Evasion, Cross Site Scripting and Phishing.
ARVED SANDSTROM
Arved Sandstrom has extensive government and industry experience in application security. His security interests encompass application (software implementation) security, SOA security, and web application security.
ABSTRACT: IMPORTANCE OF BASIC SECURITY PROFILES
Implementors of security software are often challenged by overly complex security specifications. Users of the specifications – and of the software – are equally challenged by the same complexity. Specification writers and security practitioners are aware of this. Use of so-called basic profiles, and knowledge gained by experience, reduces a seeming morass to manageable materials.
Correct selection is important. Proper implementation of a subset of potential security mechanisms is vastly better than shoddily applying almost all.
This presentation discusses the problem in brief, and illustrates a solution using WS-* specifications.
FRANK BREIL
Frank has a bachelor of Commerce with Distinction from Concordia University. He has been involved in technology sales and positioning, as well as sales management, for over 25 years, in area such as hardware, application software, 4gl programming languages and CASE tools, Business intelligence and security.
Frank has been in network security for the past 7 ½ years, formerly Regional manager at Fortinet, now with INSA since 2011. Frank is a recognized speaker in different security conferences and has a great variety of knowledge in the world of network security.
ABSTRACT: ADVANCED MALWARE: DO WE NEED TO ADD NEW LAYERS
In the past year or so, there has been much talk about advanced persistent threats, custom malware and targeted attacks. Not surprisingly, many vendors in firewall, antivirus, SIEM, IPS and other market segments are claiming they can block such attacks. The question is: Are they? In Mandiant’s APT1 Report, the average breach duration was 356 days and according the latest Verizon Breach Study, 69% of breached organizations were not aware of the breach until thus informed by an external party. These studies seem to indicate that the entire life cycle of next generation attacks from exploitation of a host, to infection, to ex-filtration are not only bypassing conventional security layers, they appear to be going unnoticed entirely.
Frank will describe some next generation threats and the relative ability (or inability) of conventional technologies to block them. We will also quote industry analysts, government organisations and studies describing next generation of threats and ways in which they try to breach victim organisations and navigate inside victim networks with the ultimate goal of ex-filtrating data.
PAUL HALLIDAY
Paul works as a Security Analyst for a Community College in Nova Scotia, Canada. At work he builds stuff to help himself, technical support staff and management answer questions.
He is an open source author (he writes software and gives it away for free) and staunch OSS supporter. He doesn’t believe that people should have to pay to be safe while online; or anywhere else for that matter.
ABSTRACT: SQUERT – AN OPEN SOURCE WEB INTERFACE FOR NETWORK SECURITY MONITORING (NSM) DATA
Paul began work on squert in 2006; the first incarnation a quick hack so that he could access IDS alert data via a web browser.
While initially intended as a simple event viewer it has slowly evolved into a usable and feature rich event driven console for the Suricata (or Snort) Intrusion Detection system and the Bro Network security Monitor. It is available for free on Github and can also be found on the popular Security Onion Linux distribution. It has been featured in Richard Bejtlich’s book “The Practice of Network Security Monitoring” and is also covered in most talks on Security Onion.
This session will introduce squert and it’s capabilities and future path.
BENJAMIN BROWN
Benjamin Brown currently works on systems safety, adversarial resilience, and threat intelligence at Akamai Technologies. He has experience in Non-profit, Academia, and the corporate world as well as degrees in both Anthropology and International Studies. Research interests include the psychology, anthropology, and sociology of information security, threat actor profiling, and thinking about security as an ecology of complex systems.
ABSTRACT: COGNITIVE BIAS AND CRITICAL THINKING IN OPEN SOURCE INTELLIGENCE (OSINT)
When gathering open source data and transforming it into actionable intelligence, it is critical to recognize that humans are not objective observers. Conscious and unconscious assumptions drive analysts’ choices about which data to analyze and how much importance to ascribe to each resource. Furthermore, analysts’ personal conceptual frameworks about reality and how the world works can undermine the process of objectively translating data into intelligence. These implicit assumptions, otherwise known as cognitive biases, can lead to missed data, skewed intelligence, illogical conclusions, and poor decision making. In this presentation I will illustrate some of the cognitive biases relevant to OSINT and what can be done about them.
TRAVIS BARLOW
Consultant and CEO of a Nova Scotia based stealth start-up focused on penetration testing, data exfiltration, and incident response mainly for the Fortune 500. 16 Year Veteran of the Security Industry.
Founder of…
Atlantic Security Conference (AtlSecCon)
Halifax Area Security Klatch (HASK)
Halifax Hack Labs (HHL)
No BullShit Labs (NBLS)
Weekend redneck, Lover of beer, Hunter/Fisher/Trapper, Philosopher and all round Hell raiser .
ABSTRACT: SO YOU WANT TO BE AN INFOSEC ROCKSTAR DO YA?
Interested in InfoSec? Want to be a rockstar? Check out this talk and understand what it means to fully commit to a career in InfoSec that is not vendor sponsored or “con” driven. It is a hard road and Mr. Barlow will share the mistakes he made thus far in his career. This is meant to be a light-hearted look at InfoSec as a whole, how you make it, what metrics you use to determine success and how you can improve you chances of success.
Sponsors:
PLATINUM
GOLD
SILVER
BRONZE
COMMUNITY
EDUCATIONAL
INDUSTRY
|
Organizers:
Comments (0)
You don't have permission to comment on this page.