Social Network For Senior Security Executives
Get free access to the presentations by Dr. Phil Polstra, Wayne Tufek, Madhu Akula, Anant Shrivastava, Shomiron Das Gupta, Wasim Halani, Sahir Hidayatullah, Sudarshan Pisupati & more. SACON is one of the largest Security Architecture Conferences in APAC region. With over 500+ participants, this was the 6th edition of SACON and here are a few highlights we wanted to share with you. It was held on 15-16th Feb, Bangalore, India. All sessions were workshop style with 3-4 hours or 6-8 hours of hands on training.
We had with us Top Security Industry Leaders who helped SACON with great content. For more details visit: sacon.io
01. Cloud Pentesting (Anant Shrivastava)
This session includes Understanding attack surface of AWS, Azure, GCP, OpenStack.....Abusing cloud storage, Forensic analysis, Understanding & attacking IAM & much more
02. Automated Defense Using Cloud Services For AWS, Azure, GCP (Madhu Akula)
This session includes environment setup using automated playbook, cloud provider account configuration, hardened elastic stack, configuring cloud infrastructure, centralized monitoring system, attack pattern analysis & detection, attack monitoring dashboards, SSH-brute force, AWS cloudwatch, AWS cloudtrail logs, AWS lambda, Container logs to defend Kubernetes security attacks(GCP), Content management system audit analysis (Azure) & more
03.Practical Threat Hunting Using Open Source Tools (Wasim Halani & Shomiron Das Gupta)
This session was co-presented by 2speakers.
The first part by Wasim Halani included fundamentals, threat hunting approaches, elastic stack primer (elastic search, log stash, kibana, beats), concepts (nodes & cluster, index & shards, documents, fields, logstash), Logstash (configuration, plugins), GROK (basics,example), Kibana (examples), Filebeat, Winlogbeat, Demo (Investigating logs, creating visualizations, analysing data), Use Case.
The second part by Shomiron Das Gupta included the open source aspect of threat hunting - triggers for threat hunt, analytics (tools & techniques), phases in threat management life cycle, attach navigator (Mitre,Deep Panda, Lazarus Group, Inferencing (forward/reverse), building playbooks for standard threat hunt & more
04.Linux & Windows Forensics (Phil Polstra)
This includes building a toolkit for digital forensics, live response analysis (data analyzying, detecting incident), preparing for dead analysis (memory image, filesystem images), FAT filesystems, NTFS filesystems, file analysis (slack space, file signature, recovery), registry, windows artifacts, memory analysis & more
05.Practical Security Architecture (Wayne Tufek)
It includes a method of designing a security architecture brings together the following: Sherwood Applied Business Security Architecture (SABSA), Intel’s Threat Agent Risk Assessment (TARA), Lockheed Martin’s Cyber Kill Chain and threat driven approach, Mandiant’s M-Trends report, Verizon’s Data Breach Investigations Report, ASD Essential 8 and Mitre’s Adversarial Tactics, Techniques & Common
06. Active Deception For Red & Blue Team (Sahir Hidayatullah & Sudarshan Pisupati)
Includes deception techniques for red team and counter-deception for blue teams. Techniques include that used in office files (MS Office), executable trusted files, scripts, active directories (groups, SPNs, ACLs) credentials (windows, SSH, AD), databases (credentials & more), host and enterprise applications, designing deception, wireless deception, identification, rapid deployment at scale using WMI & PowerShell
07.IoT Network & Ecosystem Security Attacks & Secure Design (Sumanth Naropanth)
Includes attacking of IoT ecosystems, and learning how to securely design such platforms to prevent the demonstrated attacks. Students will learn to analyze the architecture of IoT market products from a security perspective, and using specialized hardware & software tools, perform hands-on security assessments, including packet capture/manipulation/injection in wireless sensor networks (WSN) and Bluetooth/BLE communication channels.