F-Secure Consulting Event

The Briefing, London

Thursday, January 31 2019

Event title

09:00 - 20:30

00:00 - 00:00

London, United Kingdom

We’ll hold the first UK Briefing of 2019 in January where we will be presenting our research and insight on managing risks posed by cloud, mainframes, targeted software and supply-chain attacks.

Donec maximus ipsum ligula, sit amet egestas magna vulputate a. Fusce ut viverra erat, molestie pulvinar turpis. Morbi metus quam, laoreet ut posuere vitae, euismod vel erat.

Morbi consectetur tortor sit amet tellus lacinia, a varius nibh hendrerit. Nullam ut quam fringilla, maximus turpis id, auctor ante. Morbi luctus id erat aliquet pellentesque. Interdum et malesuada fames ac ante ipsum primis in faucibus.

Duis diam arcu, mollis at nisi sit amet, maximus tempus nisl. 

  • In hac habitasse platea dictumst. Nulla non suscipit sapien.
  • In sollicitudin sem sed suscipit auctor.
  • Duis convallis placerat ante, in pellentesque ipsum vulputate id.
  • In sit amet elit hendrerit, varius purus ac, eleifend quam. 

Presentation topics

09:00 - 09:20 Networking
09:30 - 10:00 Keynote and opening words
10:00 - 10:30

Topic One

Fusce ut viverra erat, molestie pulvinar turpis. Morbi metus quam, laoreet ut posuere vitae, euismod vel erat. Morbi consectetur tortor sit amet tellus lacinia, a varius nibh hendrerit.

10:30 - 10:50

Topic Two

Nullam ut quam fringilla, maximus turpis id, auctor ante. Morbi luctus id erat aliquet pellentesque. 

11:00 Lunch

Automating your Security in the Cloud - Nick Jones

As modern business is increasingly moving to the cloud, we're seeing more and more damaging effects from cloud-based attacks. However, much of this can be solved easily through automation and a fresh approach to enforce secure defaults. We'll give guidance on developing a strategy to cover Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and hybrid deployments within both AWS and Azure. We'll also share our research on automated techniques for assessing attack detection capability in the cloud.

 

Demystifying Cloud Forensics - Callum Roxan

The benefits of pay-as-you-go cloud infrastructure have led organizations to move significant chunks of their infrastructure to the cloud. This has changed the security paradigm, but has not prevented breaches and the need for forensic investigations within the cloud. How do you capture artefacts from or isolate a host you have no physical access to? This talk shall demystify many of the common misconceptions and show how any organisation can easily prepare their business to respond quickly to incidents in the cloud, and talk through some of the common best practices the MWR Incident Response team have developed to operate in this area.

 

An Ice-Cold Boot to Break BitLocker - Olle Segerdahl

A decade ago, academic researchers demonstrated how computer memory remanence could be used to defeat popular disk encryption systems. Today, most seem to believe that these attacks are too impractical for real world use. This talk will demonstrate techniques that allow recovery of BitLocker encryption keys from RAM on most, if not all, currently available laptops and tablets. These techniques allow bypassing of security controls such as password protected BIOS configuration, UEFI-based Secure Boot and the TCG Platform Reset Attack Mitigation by directly manipulating the firmware storage device.

 

Modern Mainframe Security - Pierrick Smet

Securing your mainframe is critical - this black box has been sitting on the network for years processing a large amount of sensitive data. You may not have looked at this for years, but it’s still just another technology, and like everything, you need to understand the security around it. We'll share our experience testing mainframe environments and the critical applications running on them. From this, we will share key recommendations to ensure access to your mainframes as well as the applications they host is appropriate to meet today's security challenges.

 

Detecting Attacks in Office 365 - Alex Davies

The majority of businesses today are moving to Office365, and consequently are keen to mitigate the associated risks. Based on our experience helping clients secure their O365 environments, we’ll give insight into the current threats we’re seeing, ways to avoid getting breached and how to threat hunt effectively. We’ll advise on what data sets to look at, effective use cases and anomalies commonly encountered, and our recommendations for how to implement detection and prevention based on real-world attacks.

 

Attack Aware Applications - Matthew Pendlebury and Calum Hall

Attack aware applications offer a compelling vision of deeply integrated security that works with the DevSecOps model. Attack aware applications can save you significant time and money on later stage testing through building security into existing applications without having to start from scratch. Rather building a firewall around them, applications can have their own anomaly and intrusion detection power. We’ll explain how to adapt open source code from the tool AppSensor to enhance the security around your own applications and we'll share best practice suggestions for standardizing the AppSensor detection points.

 

Specialist Software as a Target - Tim Carrington

Widely used software has long been a target for attacks – MSOffice attacks are so prevalent even general users understand the risks of enabling macros. However, less is known about attack techniques focused on specialist, industry specific solutions, and how to protect from these. We’ll share our research how large enterprise software can contain enough native functionality to facilitate a full compromise of an organisation, using AutoCad as a case study. Beyond this case study, we’ll demonstrate how legitimate functionality can be leveraged across the various stages of an attack, in seemingly low-risk software. We’ll share best practices when assessing the perceived threats within your organization and guidance on mitigating the risks.

Register

This event has passed. Please register for one of our upcoming events.

Can't attend? Subscribe to our latest insights and upcoming events in your country.

Accreditations & Certificates

F-Secure Consulting (F-Secure Cyber Security (Pty) Ltd) is a level 4 contributor to B-BBEE with a procurement recognition level of 100%. Learn more and download our B-BBEE certificate. Click here to read the press release.

Follow us
@fsecure_consult F-Secure-Consulting f-secure-foundry fsecurelabs