Archive for the talks Category

Arron “finux” Finnon gave extra talk (during BSidesLjubljana event)

Video/recordings:

[Slides (PDF)] [Recording (MP4)]

Level: Technical

Abstract:
Number of new malware families is in constant growth with millions of new samples each day. In this landscape, how do you find samples worth looking at? How do you distinguish unique malware from copy-paste-patch-to-work malware? And once you found it, how do you hunt it down? On the example of Upatre downloader we will show how to gather over 1.8 million files of the same malware family, inspect malware’s hidden configuration settings and do comprehensive analysis on C&C servers.

Bio:
Katja (Malvoni) Pericin works as Reverse Engineer at ReversingLabs focusing on malware hunting and analysis. Before she become interested in reverse engineering she was working on John The Ripper password cracker developing energy-efficient password cracking techniques. Recently she presented her work at PasswordsCon, WOOT and SkyTalks conferences.

Video/recordings:

[Slides (PDF)] [Recording (MP4)]

Abstract:
In this short opening keynote we’ll look at 3rd party data-breaches, in fact we’ll look at a lot of them and the impact they have. Too many
incident responders in the infosec industry seem to think that the problem of their user’s credentials being leaked is just a password-reset from resolution, and on a case-by-case basis that might make some sense, conventionally 😉

This talk looks at what happens when you look at 3rd party data-breaches as a ever growing heterogeneous data-set, and how painful that can be.

Bio:
Arron “finux” Finnon has been involved in security research and consultation for a over 12 years. Arron has discussed a wide range of security related topics at a number of high profiled international Security/Hacking conferences, as well as producing over 100 security related podcasts. Interviewing countless security professionals as part of the Finux Tech Weekly podcast show. His security research and consultation have helped businesses around the globe better develop the effectiveness of their security posture in detecting and mitigating
cyber attacks.

During Arron’s time at The University of Abertay Dundee he was awarded the SICSA Student Open Source Award for his Advocacy of Free and Open
Source software for his work whilst president of The UAD Linux Society. A subject matter he is still very passionate about even today.

Arron currently is the Chief Technical Officer for Krohn and Partners where he oversees the technical and security requirements of the business, as well as offering security consultation and services to Krohn and Partners clients.

Level: Technical

Abstract:
How we can integrate Security tests into DevOps and Continuous Integration pipeline? In this talk we go through challenges of security automation in an enterprise and introduce tools and procedures to build up a fully automated security test in pipeline.

The talk go through the concepts first and then introduce the problem and why we need security automation after that I introduce developed tools and scripts. Parts of the talk contains:

  • What SecOps
  • SecOps Automation and DevOps
  • Why we need Security Automation
  • Where is the developers and security engineers in the process
  • How to integrate Security Tests in Pipeline
  • Technologies to be used
  • Introducing the Scripts
  • Building up the environment and demo

Bio:
Abdollah Shajadi – Working as Security Engineer in one of the pioneer finnish cloud based enterprises, I like to look at everything with a security point of view. I like to play around with malwares and break stuff!, I do rock climbing and play guitar.

Video/recordings:

[Slides (PDF)] [Recording (MP4)]

Docker Security (Simon Janz)

| February 20th, 2018

Level: Technical

Abstract:
This presentation describes the relevant Docker security aspects with particular regard to container breakouts and misconfigurations. After the talk, the attendees will be able to evaluate the risk resulting from different type of container deployments and know about available hardening measures.

Bio:
Simon works as Security Analyst at ERNW GmbH with focus on Pentesting, DevOps and Cloud. He also audits and advises big and very big companies in the area of IT security and how to combine Agile Approaches, DevOps, and Security.

Video/recordings:

[Slides (PDF)] [Recording (MP4)]