The Cyber Defense Matrix enables organizations to define clear categories for the range of products and services that are available in the marketplace to solve our various infosec problems. This model removes confusion around the security technologie
All Posts (2678)
Sort by
Take It to the Cloud: The Evolution of Security Architecture
As companies evolve their IT stack, traditional security approaches/architectures need to be reconsidered. This session will review some of the new risks introduced by SaaS/IaaS adoption a
Demystifying Security Analytics: Data, Methods, Use Cases
Many vendors sell “security analytics” tools. Also, some organizations built their own security analytics toolsets and capabilities using Big Data technologies and approaches. How do you find
Data Breach Litigation How To Avoid It and Be Better Prepared (RSA Conference 2016)
Here's an overview of the presentation: Background: Where are the Data Breaches occuring?; How to Be Better Prepared for When Your Company Data is Brenched; How to A
Building a World-Class Proactive Integrated Security and Network Ops Center
The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hi
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical Device
Imagine being dependent on a wireless infusion pump to receive the correct dosage of life-supporting medication. Now imagine the implications, were that pump to be malicious
How to Analyze an Android Bot
This presentation will demonstrate a complete end-to-end analysis of an Android bot. This will include the decompilation and static analysis of bot code and the dynamic analysis of the bot’s behavior in a controlled san
Building an Android Scale Incident Response Process
The Android ecosystem has over one billion active devices from hundreds of OEMs and carrier networks. The Android Security Team will explain how the ecosystem is able to respond quickly and effecti
Finding Triggered Malice in Android Apps
Traditional techniques to detect malice in Android apps struggle to identify trigger-based changes to application logic. Unfortunately, such triggers are a key component of targeted malware, where the trigger
The State of End-User Security—Global Data from 30,000+ Websites
We live in a rapidly changing environment. Mobile commerce is skyrocketing, browsers/OS are changing, web applications enable increasing functionality—yet the only thing that seems con
Android Serialization Vulnerabilities Revisited
This session is about Android Serialization vulnerabilities. We revisit two vulns found in Android (CVE-2014-7911, CVE-2015-3837) which allowed for privilege escalation. We also present vulns found in
Hacking Exposed: The Mac Attack
Windows attacks receive all the attention. However, Mac and Linux have gained in popularity with the adversary. This session will focus on common Mac attack vectors and other cross-platform hacks that are typically se
What IT Professionals Need to Know about Sniffing Wireless Traffic in 2016
Next generation wireless standards define MU-MIMO, which promises 4x capacity gains. This session compares different multi-antenna technologies (SM, STBC, BF, MU-MIMO). It de
Hacking Exposed: The Mac Attack
Windows attacks receive all the attention. However, Mac and Linux have gained in popularity with the adversary. This session will focus on common Mac attack vectors and other cross-platform hacks that are typically se
Hacking Exposed LIVE: Attacking in the Shadows
Attackers have found compromise trivial for decades. But as additional security layers get deployed and next generation solutions come to market, attackers are turning to old and new techniques for bypa
Sophisticated Attacks vs. Advanced Persistent Security
It appears that any successful attack these days is labeled, Sophisticated. The implication is that the attacks were unpreventable. The reality is very different. We dissect recent attacks, and
The Pivot
In today’s threat landscape, the attacker is an insider. Whether a state-sponsored actor or cybercriminal, attackers typically first compromise the endpoint with a client-side exploit and then pivot. In this session, we take a deep dive in
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
Which are the most dangerous new attack techniques for 2016/2017? How do they work? How can you stop them? What's coming next and how can you prepare? This fast-paced session pro
Hacking Critical Infrastructure Like You’re Not a N00b
This presentation is targeted towards an audience that already understands how to compromise the embedded systems that run a process and now is looking at manipulating the physics of the process
Cybersecurity for Oil and Gas Industries: How Hackers Can Steal Oil
One of the industries most plagued by cyberattacks is the oil and gas industry. Several attacks against such companies as Aramco have been executed. SAP and Oracle systems are widel
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
Atlanta Chapter Meet: Build the Pen Test Maturity Model (Virtual Session)
- Description:
The Atlanta Pen Test Chapter has officially begun and is now actively underway.
Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
- Created by: Biswajit Banerjee
- Tags: ciso, pen testing, red team, security leadership
The Insider Risk Summit (West)
- Description:
- Created by: pritha
- Tags: insider risk summit, monterey, california
