Security BSides St. John's

Friday, September 21st, 2012

Register at http://bsidesstjohns.eventbrite.com/ Limited space available

 Submitted Talks

• Name: Karim Nathoo

• Title: Command and Control and Data Exfiltration, Version 2.0

• Abstract: As defenders become more proficient at using network based detection techniques to identify the presence of malware on enterprise networks, we have inevitably seen attackers shift tactics to make network based detection more difficult.  This talk will present a survey of both common and lesser-known techniques used by attackers to perform command and control functions and data exfiltration from enterprise networks and avoid detection.  Case studies based upon analysis of malware found in the field will be presented to demonstrate that the techniques to be discussed have graduated into mainstream use.  Each technique will be discussed in the context of the ability of current safeguards to detect and prevent use of the technique.  Proof of concept code demonstrating techniques that could be observed in the future will be shared with the audience.
  
  Offensive practitioners will be able to use the techniques discussed to perform more effective penetration tests and red team engagements.  Defensive practitioners will come away with a better understanding of current blind spots within their networks and deficiencies in current threat models.  Recommendations for better defenses will be presented to the extent possible.  This talk will be presented at a level applicable to both technical and management level audiences. 

• Name: Darryl MacLeod

• Title: Have Credentials, Will Travel... Literally.

• Abstract: As we all know, infosec certifications have been taking a beating lately. Many feel that they are not worth the time or effort to obtain. Darryl MacLeod is proof that they are, in fact, worth the effort. 
  
  In his presentation, Darryl will tell the story of his long journey from audio geek to infosec geek. He has gone from working for small Atlantic Canadian IT companies to working for a global Information Security firm. All due to his certification efforts, the support of the Atlantic Canadian Information Security community… and a bit of luck.
  
  Join Darryl as he tells you where he has been, what he has done (right AND wrong), and where he is now.

• Name: Stefano Tiranardi
• Title: Today's Threat Landscape – Facts, Figures, Myths and Perceptions

• Abstract: This presentation will focus on the changing threat landscape and how it affects today's information environments by examining threat statistics from Symantec's Global Intelligence Network and discussing how some popular myths and perceptions have affected our security strategies and potentially made life easier for today's attackers. 

• Name: Bruno Germain,

• Title: Services defense in depth: an emerging paradigm for protecting the Data Center 

• Abstract: The current and accepted methodology for deploying network security is based on establishing security zones and letting compliant traffic flow through. Application layer attacks of the last years, new functionality in products and corporate liability for employee’s Internet activities have forced us to revisit the model and adapt it in order to offer more granular “per service” protection with the challenges of tool proliferation and operational complexity.   This session is a security architecture discussion meant to introduce you to current security challenges and see how they get addressed by large organizations such as banks, Facebook, Sony and their likes

• Name: Mark Nunnikhoven,

• Title: The Basics & Other Things That We're Probably Doing Wrong 

• Abstract: We're barely keeping our heads above water while trying to defend our information. We always need more time, money, and people in order to implement our security programs. But what if we're focusing on the wrong things? What if the core principles we hold dear no longer hold true?

   

  In this talk, we'll discuss those core principles and--given where things are and where they are headed--try to figure out; 

   

  - do we have the right set of controls?

  - are we using those existing controls in the right manner?

  - where are the gaps in our defences?

  - how do we not go crazy while trying to figure this all out?

• Name: Jamie Goodyear,

• Title: Anatomy of an Apache vulnerability report, and Secure Release Management

• Abstract: In this talk we'll discuss the procedure for reporting a security vulnerability to an Apache project, and what you as a reporter should expect to see happen as the project community validates the issue, and proceeds towards a resolution. We'll then switch gears to talk about how users can validate that their Apache project downloads are in fact legitimate.

• Name: Kellman Meghu,

• Title: How NOT To Do Security: Lessons Learned From the Galactic Empire  

• Abstract: An analysis of the strengths and weaknesses of the Galactic Empire security policy. This presentation seeks to conduct a post-mortem on the data security policy implemented during the events that led to the destruction of critical technology needed by the Empire for continued operational efficiencies. A history of the company, as well as a detailed look at the events that followed, provides a great working analysis that can be applied to your policy in hopes of avoiding the same fate. Learning from past mistakes, let's ensure we are not doomed to repeat them, and potentially, suffer a similar fate.

• Name: Russ Doucet

• Title: Key Considerations in Securing Internet Access

• Abstract: While the internet offers us access to a wealth of information and tools, we know it is increasingly being used as the vehicle to compromise our infrastructure via viruses, malicious code, advanced persistent threats (APT’s) etc.  This leaves us with two important challenges:

    1)  How do we customize our users’ internet access to their business requirements and

    2)  How to minimize the risk that invariably comes with giving users internet access

  We will explore the various ways in which your users’ internet access can compromise your security and application performance and how a multi-layer approach can help you to customize user internet access to their work-related requirements while minimizing the chances of being successfully attacked or hacked.  We will also discuss the role of policy and procedure in establishing internet use guidelines, surveillance and enforcement.

Schedule

Sponsors

1. Platinum
2. Gold
3. Silver
4. Bronze
5. Educational Sponsor