All Videos Tagged Conference (CISO Platform) - CISO Platform 2021-01-18T07:26:24Z https://www.cisoplatform.com/video/video/listTagged?tag=Conference&rss=yes&xn_auth=no Practical Forensics - Tools & Techniques by Sachin Deodhar (Part-2) tag:www.cisoplatform.com,2015-01-09:6514552:Video:29964 2015-01-09T13:15:54.408Z pritha https://www.cisoplatform.com/profile/pritha <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-2"><br /> <img src="https://storage.ning.com/topology/rest/1.0/file/get/840396987?profile=original&amp;width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />This lecture introduces security professionals to Forensics and includes - Forensic basics,Locard's principle,PGP,Public Key Cryptoraphy,symmetric key crypto... <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-2"><br /> <img src="https://storage.ning.com/topology/rest/1.0/file/get/840396987?profile=original&amp;width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />This lecture introduces security professionals to Forensics and includes - Forensic basics,Locard's principle,PGP,Public Key Cryptoraphy,symmetric key crypto... Practical Forensics - Tools & Techniques by Sachin Deodhar (Part-1) tag:www.cisoplatform.com,2015-01-09:6514552:Video:30105 2015-01-09T13:14:15.418Z pritha https://www.cisoplatform.com/profile/pritha <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-1"><br /> <img src="https://storage.ning.com/topology/rest/1.0/file/get/840396989?profile=original&amp;width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />This lecture introduces security professionals to Forensics and includes - Forensic basics,Locard's principle,PGP,Public Key Cryptoraphy,symmetric key crypto... <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-1"><br /> <img src="https://storage.ning.com/topology/rest/1.0/file/get/840396989?profile=original&amp;width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />This lecture introduces security professionals to Forensics and includes - Forensic basics,Locard's principle,PGP,Public Key Cryptoraphy,symmetric key crypto... The Notorious 9 in Cloud Security tag:www.cisoplatform.com,2014-12-23:6514552:Video:29600 2014-12-23T12:31:48.910Z CISO Platform https://www.cisoplatform.com/profile/06chlks3jaa2a <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-1"><br /> <img alt="Thumbnail" height="180" src="https://storage.ning.com/topology/rest/1.0/file/get/840396989?profile=original&amp;width=240&amp;height=180" width="240"></img><br /> </a> <br></br>The Notorious 9 in Cloud Security by Moshe Ferber.<br></br> <br></br> Cloud Computing presents major opportunities and benefits for the organization worldwide. It is scalable, flexible and efficient. But along with those major advantages, comes the threats. Most Cloud Computing threats and risks are well documented, but we are missing information… <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-1"><br /> <img src="https://storage.ning.com/topology/rest/1.0/file/get/840396989?profile=original&amp;width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />The Notorious 9 in Cloud Security by Moshe Ferber.<br /> <br /> Cloud Computing presents major opportunities and benefits for the organization worldwide. It is scalable, flexible and efficient. But along with those major advantages, comes the threats. Most Cloud Computing threats and risks are well documented, but we are missing information regarding how those threats can be put into practice in the real world, what are the attack vector used and what is the risks and results for those events. In the presentation we will elaborate the notorious nine Cloud computing threats as described by the Cloud Security Alliance, and for each threat we will provide recent examples for known incidents, the attack vectors used and the damage resulted from the incident. By understanding the risks and case studies, we can better prepare our organization for cloud adoption. Among the recent events we will explore: Supply chain attacks, Attacks for Bitcoin mining, Attacks on the management GUI, API manipulation and more. We will talk about recent incidents for such as Code-spaces.com hack, Buffer and Mongo DB OAUTH credential theft, attacks on Twitter and Microsoft and many more.<br /> <br /> <iframe src="//www.slideshare.net/slideshow/embed_code/42962470" width="476" height="400" frameborder="0"></iframe> Antti Karjalainen on How we discovered Heartbleed? tag:www.cisoplatform.com,2014-12-22:6514552:Video:29597 2014-12-22T14:49:04.517Z CISO Platform https://www.cisoplatform.com/profile/06chlks3jaa2a <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-1"><br /> <img alt="Thumbnail" height="180" src="https://storage.ning.com/topology/rest/1.0/file/get/840396989?profile=original&amp;width=240&amp;height=180" width="240"></img><br /> </a> <br></br>How the Heartbleed bug was found by Antti Karjalainen discoverer of Heartbleed.<br></br> The Heartbleed bug was a catastrophic vulnerability in widely used OpenSSL TLS implementation. This talk at CISO Platform Annual Summit, will give background how the Heartbleed bug was found by Codenomicon. The mechanism that initially detected the vulnerability… <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-1"><br /> <img src="https://storage.ning.com/topology/rest/1.0/file/get/840396989?profile=original&amp;width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />How the Heartbleed bug was found by Antti Karjalainen discoverer of Heartbleed.<br /> The Heartbleed bug was a catastrophic vulnerability in widely used OpenSSL TLS implementation. This talk at CISO Platform Annual Summit, will give background how the Heartbleed bug was found by Codenomicon. The mechanism that initially detected the vulnerability is presented. It is also discussed what made the Heartbleed bug so severe, and what kind of factors would have mitigated the consequences of the vulnerability.<br /> <iframe src="//www.slideshare.net/slideshow/embed_code/42934736" width="476" height="400" frameborder="0"></iframe> More Shadow Walker The Progression of TLB Splitting On X86 Jacob Torrey tag:www.cisoplatform.com,2014-12-16:6514552:Video:29853 2014-12-16T12:47:49.881Z CISO Platform https://www.cisoplatform.com/profile/06chlks3jaa2a <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-1"><br /> <img alt="Thumbnail" height="180" src="https://storage.ning.com/topology/rest/1.0/file/get/840396989?profile=original&amp;width=240&amp;height=180" width="240"></img><br /> </a> <br></br>This talk will cover the concept of mis-using the hardware (x86 translation lookaside buffer) to provide code hiding and how the evolution of the Intel x86 architecture has rendered previous techniques obsolete and new techniques to perform TLB-splitting on modern hardware. After requisite background is provided, the talk will then move to the new… <a href="https://www.cisoplatform.com/video/practical-forensics-tools-techniques-by-sachin-deodhar-part-1"><br /> <img src="https://storage.ning.com/topology/rest/1.0/file/get/840396989?profile=original&amp;width=240&amp;height=180" width="240" height="180" alt="Thumbnail" /><br /> </a><br />This talk will cover the concept of mis-using the hardware (x86 translation lookaside buffer) to provide code hiding and how the evolution of the Intel x86 architecture has rendered previous techniques obsolete and new techniques to perform TLB-splitting on modern hardware. After requisite background is provided, the talk will then move to the new research, the author's method for splitting a TLB on Core i-series and newer processors and how it can again be used for defensive (MoRE code-injection detection) and offensive purposes (EPT Shadow Walker root-kit). This talk will be very high-level but aims to convey the complexities of the hardware and possible attack vectors that can happen at the lowest-levels of an organization's IT infrastructure.<br /> <br /> <iframe src="//www.slideshare.net/slideshow/embed_code/42755283" width="476" height="400" frameborder="0"></iframe>