All Articles

Cloud Breach – Preparation and Response

Your next breach or insider attack will most likely have you digging for evidence in the cloud. Are you prepared? The old styles of imaging disks and tapping networks won't work! It won’t scale! This session w

Upwardly Mobile: Looking at Evolving Cybercrime Tactics in Mobile Malware

This session will cover two key trends in mobile malware observed over the past 12 months and explore the evolution in fraud-linked mobile malware where criminals are developi

Cloud Security Essentials 2.0 Full Stack Hacking & Recovery

Here's an overview of the presentation: A Basic Introduction – Cloud Hack Lab Attack; Harness, Enumeration and Testing Tools Cloud; Forensics at Scale; Opportunities for Tools

Speakers

Sha

Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration

This session will present a real case study of methodology and advanced cybersecurity tools used along with important tips and lessons learned on implementing an ISOC projec

Preserving the Privilege during Breach Response 

When companies hire cybersecurity consultants to investigate incidents, those professionals’ reports and emails could be used against the company in court unless a privilege applies. This session prov

Designing Virtual Network Security Architectures

With the advent of virtualization and software-defined networking (SDN), the nature and design of today’s networks are changing rapidly. Network security models need to adapt to the virtual data cente

Security Program Development for the Hipster Company

Cloud services have evolved and can now replace nearly every facet of traditional infrastructure. This movement has enabled rapid scale while introducing a considerable element of risk. This sessi

The Cyber Defense Matrix enables organizations to define clear categories for the range of products and services that are available in the marketplace to solve our various infosec problems. This model removes confusion around the security technologie

Take It to the Cloud: The Evolution of Security Architecture

As companies evolve their IT stack, traditional security approaches/architectures need to be reconsidered. This session will review some of the new risks introduced by SaaS/IaaS adoption a

Demystifying Security Analytics: Data, Methods, Use Cases

Many vendors sell “security analytics” tools. Also, some organizations built their own security analytics toolsets and capabilities using Big Data technologies and approaches. How do you find

Data Breach Litigation How To Avoid It and Be Better Prepared (RSA Conference 2016)

Here's an overview of the presentation: Background: Where are the Data Breaches occuring?; How to Be Better Prepared for When Your Company Data is Brenched; How to A

Building a World-Class Proactive Integrated Security and Network Ops Center

The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hi

Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical Device

Imagine being dependent on a wireless infusion pump to receive the correct dosage of life-supporting medication. Now imagine the implications, were that pump to be malicious

How to Analyze an Android Bot

This presentation will demonstrate a complete end-to-end analysis of an Android bot. This will include the decompilation and static analysis of bot code and the dynamic analysis of the bot’s behavior in a controlled san

Building an Android Scale Incident Response Process

The Android ecosystem has over one billion active devices from hundreds of OEMs and carrier networks. The Android Security Team will explain how the ecosystem is able to respond quickly and effecti

Finding Triggered Malice in Android Apps

Traditional techniques to detect malice in Android apps struggle to identify trigger-based changes to application logic. Unfortunately, such triggers are a key component of targeted malware, where the trigger

The State of End-User Security—Global Data from 30,000+ Websites

We live in a rapidly changing environment. Mobile commerce is skyrocketing, browsers/OS are changing, web applications enable increasing functionality—yet the only thing that seems con

Android Serialization Vulnerabilities Revisited

This session is about Android Serialization vulnerabilities. We revisit two vulns found in Android (CVE-2014-7911, CVE-2015-3837) which allowed for privilege escalation. We also present vulns found in

Hacking Exposed: The Mac Attack

Windows attacks receive all the attention. However, Mac and Linux have gained in popularity with the adversary. This session will focus on common Mac attack vectors and other cross-platform hacks that are typically se

What IT Professionals Need to Know about Sniffing Wireless Traffic in 2016

Next generation wireless standards define MU-MIMO, which promises 4x capacity gains. This session compares different multi-antenna technologies (SM, STBC, BF, MU-MIMO). It de