Here is a brief overview of what we will discuss on the day:
Real-time Attack Path Visualisation – Jacques Louw, Technical Director, F-Secure Consulting ZA
Through the use of tools such as Bloodhound, attackers have made significant advancements in identifying and navigating attack paths through large complex IT environments. These advancements greatly decrease the time to compromise highly privileged systems. Consequently, many organisations have been put on the back-foot, having to rely on time-consuming traditional techniques such as threat modelling – a poor fix for countering ever-progressing threats.
Join us as we explore how offensive security techniques can be adapted to support the identification of attack paths in an efficient, automated way, at scale, and in real time.
Unshrouding the Cloud: Applying Old Tricks to New Problems – Craig Koorn, Senior Researcher, F-Secure Consulting ZA
With over 4000 distinct permissions – and counting – understanding how access is managed within an AWS environment is an often daunting and time consuming task that requires an expert capability. Developing a comprehensive understanding of its intricacies can be a costly endeavour, while not doing so could be more costly still.
This talk explores some of the new challenges cloud-based technologies present, and how they can be approached by applying concepts traditionally used in offensive security testing. In addition, we will delve deeper into the latest research we are conducting and tooling being developed to equip organisations with situational context.
Certificate number: 10000178485-MSC-UKAS-FIN