(Free PPTs) Top Talks @ SACON - 2019 !

Get free access to the presentations by Dr. Phil Polstra, Wayne Tufek, Madhu Akula, Anant Shrivastava, Shomiron Das Gupta, Wasim Halani, Sahir Hidayatullah, Sudarshan Pisupati & more. SACON is one of the largest Security Architecture Conferences in APAC region. With over 500+ participants, this was the 6th edition of SACON and here are a few highlights we wanted to share with you. It was held on 15-16th Feb, Bangalore, India. All sessions were workshop style with 3-4 hours or 6-8 hours of hands on training.

We had with us Top Security Industry Leaders who helped SACON with great content. For more details visit: sacon.io

>> Pre-Register for SACON 2020

01. Cloud Pentesting (Anant Shrivastava)

This session includes Understanding attack surface of AWS, Azure, GCP, OpenStack.....Abusing cloud storage, Forensic analysis, Understanding & attacking IAM & much more

>> Pre-Register for SACON 2020

02. Automated Defense Using Cloud Services For AWS, Azure, GCP (Madhu Akula)

This session includes environment setup using automated playbook, cloud provider account configuration, hardened elastic stack, configuring cloud infrastructure, centralized monitoring system, attack pattern analysis & detection, attack monitoring dashboards, SSH-brute force, AWS cloudwatch, AWS cloudtrail logs, AWS lambda, Container logs to defend Kubernetes security attacks(GCP), Content management system audit analysis (Azure) & more

>> Pre-Register for SACON 2020

03.Practical Threat Hunting Using Open Source Tools (Wasim Halani & Shomiron Das Gupta)

This session was co-presented by 2speakers.

The first part by Wasim Halani included fundamentals, threat hunting approaches, elastic stack primer (elastic search, log stash, kibana, beats), concepts (nodes & cluster, index & shards, documents, fields, logstash), Logstash (configuration, plugins), GROK (basics,example), Kibana (examples), Filebeat, Winlogbeat, Demo (Investigating logs, creating visualizations, analysing data), Use Case.

The second part by Shomiron Das Gupta included the open source aspect of threat hunting - triggers for threat hunt, analytics (tools & techniques), phases in threat management life cycle, attach navigator (Mitre,Deep Panda, Lazarus Group, Inferencing (forward/reverse), building playbooks for standard threat hunt & more

>> Pre-Register for SACON 2020

04.Linux & Windows Forensics (Phil Polstra)

This includes building a toolkit for digital forensics, live response analysis (data analyzying, detecting incident), preparing for dead analysis (memory image, filesystem images), FAT filesystems, NTFS filesystems, file analysis (slack space, file signature, recovery), registry, windows artifacts, memory analysis & more

>> Pre-Register for SACON 2020

05.Practical Security Architecture (Wayne Tufek)

It includes a method of designing a security architecture brings together the following: Sherwood Applied Business Security Architecture (SABSA), Intel’s Threat Agent Risk Assessment (TARA), Lockheed Martin’s Cyber Kill Chain and threat driven approach, Mandiant’s M-Trends report, Verizon’s Data Breach Investigations Report, ASD Essential 8 and Mitre’s Adversarial Tactics, Techniques & Common

>> Pre-Register for SACON 2020

06. Active Deception For Red & Blue Team (Sahir Hidayatullah & Sudarshan Pisupati)

Includes deception techniques for red team and counter-deception for blue teams. Techniques include that used in office files (MS Office), executable trusted files, scripts, active directories (groups, SPNs, ACLs) credentials (windows, SSH, AD), databases (credentials & more), host and enterprise applications, designing deception, wireless deception, identification, rapid deployment at scale using WMI & PowerShell

>> Pre-Register for SACON 2020

07.IoT Network & Ecosystem Security Attacks & Secure Design (Sumanth Naropanth)

Includes attacking of IoT ecosystems, and learning how to securely design such platforms to prevent the demonstrated attacks. Students will learn to analyze the architecture of IoT market products from a security perspective, and using specialized hardware & software tools, perform hands-on security assessments, including packet capture/manipulation/injection in wireless sensor networks (WSN) and Bluetooth/BLE communication channels.

>> Pre-Register for SACON 2020

Some other sessions conducted at SACON (no presentation) : 
  • Extreme Web Hacking Using Cyber Range (Aditya Kakrania)
  • Extreme Web Hacking Using Cyber Range (Satish S)
  • Practical Mobile Application Exploitation (Subho Halder)
  • Cyber Law Best Practices For Incident Response (Venkatesh Murthy)

Views: 961

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

© 2019   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service