Although Infosecurity Europe isn’t one of the events with the best technical talks, it is Europe’s largest information security event comprising vendors exhibitions and experts’ presentations.
Infosecurity Europe will be held at Olympia London,Hammersmith Rd, London ,W14 8UX. If you are using public transports the nearest tube station is Kensington Olympia and if you prefer taking a bus the lines number 9, 10, 27, 28, 49, 391, N9, N10, N27 and N28 will get you to a place within walking distance of the venue. I personally recommend you to use the mobile app Citymapper in order to see all the available options. If you prefer a taxi you can use Uber as well.
The event will take place from 7th to 9th June 2016.
- 09:30 – 17:30 Tue 7th June 2016
- 09:30 – 17:30 Wed 8th June 2016
- 09:30 – 16:00 Thu 9th June 2016
If you read one of my most successful articles about acing an interview as a penetration tester, you noticed that participating to infosec events and conferences is very important in order to keep up to date with the latest trends, products, technologies, vulnerabilities, attacks, offensive and defensive tools and techniques, as well as networking with other security professionals.
In order to participate as a visitor you need a pass. You can get one for FREE by registering here. Onsite registration is available for £35 + VAT.
If you are thinking of exhibiting instead you can register here.
WHO SHOULD ATTEND
No matter if you are an infosec professional or simply someone passionate about the information security field you can participate and you should. Definitely.
Please be aware that students and people below 18 aren’t allowed.
HOW TO PLAN FOR ATTENDING THE EVENT
The venue is huge, the list of exhibiting vendors and talks is massive. I went to Infosecurity Europe last year and I managed to see all the main things in 1 day, anyway it’s better to decide first what is worth visiting. How to do that? You can browse the official website or download the mobile app. I’ll also help you choose what to see, so stay tuned!
Tuesday, 7 June 2016
Case Study: Modern Malware Investigation Techniques
7th june 2016, 10:00 -10:25
Speaker: Gad Z Naveh
Using a recent Gatak malware attack as an example, this session will walk through an overview of the tools and processes that can be used to detect, contain, investigate and ultimately respond to threats. Learn practical lessons based on the real world experience of threat research experts Gain familiarity with the terminology and tools available for addressing current attack vectors Understand the components of a multi-layered defence strategy to proactively protect your organization Hear about the best practices when analyzing and remediating malware attacks to reduce damage and spread.
On Bonnie and Clyde, The Dridex Trojan, and Behavioral Analytics
7th June 2016, 10:40 – 11:05
Speaker: Yochai Corem
The gang behind the well-known Dridex banking Trojan is a modern-day Bonnie and Clyde. Agile threats like Dridex require advanced behavioural analytics to detect. This session will demonstrate how behavioural analytics outsmart Dridex and similar, highly sophisticated threats.
Sweet Security: Building a Defensive Raspberry Pi
7th June 2016, 11:45 – 12:45
Speaker: Travis Smith
Securing the internet of things is increasingly difficult. Devices are shipped with out of date operating systems and often un-maintained code which is littered with vulnerabilities. Adding to the frustration is that traditional security tools cannot be installed on many of these devices. In this talk Travis will demonstrate the usage of open-source and other free tools to monitor, protect, and mitigate against threats to IoT environments. He will show how all of these tools and methodologies can be deployed on inexpensive hardware, such as the Raspberry Pi. How to deploy NSM/IDS with Threat Intelligence Integrations How to deploy tools (ELK) to consume machine data and alert to malicious behaviours Learn how to integrate asset discover and vulnerability management into IoT networks using open-source tools Learn how to do all of these on cheap hardware like the Raspberry Pi Learn how to adopt these tools and methodologies to other environments, like enterprise and ICS networks.
Profiling the Connected Cybercriminal
7th June 2016, 12:35 – 13:15
Speaker: Mikko Hypponen
Keynote Presentation During this session Mikko will share insight into cybercriminal motivations, behaviours, tactics and techniques. He will delve into mind of the cybercriminal and discuss how they connect and collaborate to be successful. Attend this keynote presentation to gain actionable insight from a leading authority on how to defend your organisation against cyber-attack.
Defending Against Mimikatz et al Golden Ticket Based Attacks
7th June 2016, 13:20 – 13:45
Speaker: Steve Armstrong
Mimikatz based attacks can be devastating to an organisation’s security and the remediation activity is asymmetric in that 5 minutes of attacker activity results in several hundred lost man-hours. This presentation looks at the impact, remediation and the preventative measures to stop reoccurrence. Understand Mimikatz and Golden Ticket attacks on Microsoft Windows networks Understand the concept of OSI Layer 7 attack mitigations Gain insight into how architecture changes can control access to systems Access guidance on protecting against Mimikatz attacks Understand where this fits into a Cyber Incident Response remediation plan.
Fun in Memory with PowerShell and a Debugger
7th June 2016, 15:30 – 16:30
Speaker: Pierre-Alexandre Braeken
During this presentation, Pierre Alexandre will discuss the PowerMemory tool which reveals passwords in memory without calling systems function to decrypt them. It can work without rights on the targeted operating system (by working on the hypervisor level). It works with PowerShell and a Microsoft debugger. Understand PowerShell as an automation tool and the need for it to be controlled in your environment Microsoft provides tools to retrieve critical information from undetectable way for antivirus Understand how Windows Authentication works and how to retrieve all the necessary information from memory to break the credentials of all the sessions Determine how to audit your Windows Domain and how to defend against modern attacks Discover how to protect against this particular attack (method and code will be provided).
You Have Just Been Hacked – Live on Stage
7th June 2016, 16:40 – 17:05
Speaker: Sebastian Schreiber
During a live hacking presentation, Sebastian Schreiber, Managing Director of SySS GmbH – the leading German provider of penetration tests – performs different attacks on IT systems. He shows that it is astonishingly easy to bypass protective measures in order to access sensitive information.
Wednesday, 8 June 2016
Towards Better Security Engineering
8th June 2016, 10:30 – 11:30
Speaker: Wim Remes
Keynote Presentation Last year Sergey Bratus said “Defense is offense’s child” in his memorable keynote at this event. If we assume this to be true (Sergey is a smart man!), how can we turn the plethora of vulnerabilities that are thrown at us through scan reports, penetration tests, code reviews, and –not to forget- bug bounties into learnable lessons to improve the development of better software and hardware? We will explore the mechanisms that turn this offensive data into actions that ultimately yield the outcomes we need and desire. Explore the past and future of integrating offensive practices into security engineering practices Get a complete overview of the skills and processes needed to achieve this Learn from real-life use cases to illustrate the discussed processes Gain practical insight and learning.
State of Vulnerabilities, Exploits and the Best Practices for Prioritising Remediation
Information Security Exchange
8th June 2016, 11:45 – 12:45
Speakers: Jayson Jean, Raimund Genes, Wolfgang Kandek
More than 6000 new unique vulnerabilities will likely be disclosed in 2016. CSOs, CISOs and IT security professionals are expected to keep their organisations safe from new flaws and existing vulnerabilities. When it comes to vulnerability remediation, many organisations are behind the eight ball due to a constant deluge of cyberthreats and acute shortage of Infosec professionals. To weather this perfect storm, IT departments must prioritise remediation. Qualys CTO Wolfgang Kandek and a panel of industry experts will discuss a year-long study of exploits and share best practices to improve remediation and reduce risk. Learn the importance of identifying and prioritizing vulnerabilities to remediate first Obtain insights from a year-long study of the most recent exploits, including Angler, Nuclear, SweetOrange and Magnitude Become acquainted with issues such as root cause analysis, attack vector inspection, attack complexity and remediation information Understand numerous trends which illuminate the nature of the problem and are helpful in creating a remediation plan Hear details about real life exploit case studies as well as review aggregate results of all exploits included in the study.
Cryptography, Quantum Computing and the Future of Cyber Security Controls
8th June 2016, 12:40 – 13:20
Speaker: Jaya Baloo
Keynote Presentation During this session Jaya will discuss the evolution of cyber security controls against a background of increasingly complex risk and vulnerabilities, multiple attack vectors and sophisticated threat actors. She will share insight into the implications of quantum computing for encryption, and how an organisation can future-proof their security controls to protect their information assets and systems. In addition she will address blockchain and Bitcoin technologies and the implications for cyber security.
Nowhere to Hide: Catching Cross-Platform, Targeted Ransomware
8th June 2016, 14:00 – 14:25
Speaker: Andrew Young
This session will explore the evolution of ransomware and the latest variants of this sophisticated file encrypting malware – including strains for Mac, Linux and Android. The presentation will set out how businesses can give themselves more network and security intelligence and provide security policy tips and tactics to best protect sensitive company and customer data. The presentation will identify sensitive assets that might be targets, explain how to spot suspicious activity and set out the Kill Chain 3.0, going into practical detail on defence options. This will include: phishing and web browsing awareness training, systems patching, backups, antivirus, APT blocking and stopping malware calling home (C&C). Analyse the latest ransomware evolutions to demystify ransomware and debunk any myths about homogeneity in the hacking techniques used Understand the Kill Chain 3.0 and the defence options, which can be introduced to take down malware at every step Discover how to identify sensitive assets that might be targets and learn from attack patterns, even attacks that fail, Identify situations where ransomware hasn’t wholly encrypted critical assets and original files haven’t been overwritten could be decisive in their own battle with malware Understand how monitoring visualisation tools regularly can help participants looking to understand their network’s baseline Learn how to futureproof the defences as more and more connected devices join the constant stream of network chatter.
Workshop 1: Shrink the Attack Surface: Managing Risk in the Modern Enterprise
8th June 2016, 14:00 16:00
Speakers: Daniele Catteddu, Paul German, Tony Rowan
Enterprises around the world are revolutionizing business with digitization, highly mobile workforces, advanced partner collaboration, and ever more agile operations driven by evolved IT. Yet widespread data breaches and increasingly damaging hacking incidents show that the security architecture must evolve as well. This workshop will explore the operational and technical factors driving the expansion of the typical enterprise attack surface and new techniques to reduce risk exposure and improve defenses. 1. Learn about the factors driving the expansion of the enterprise attack surface and emerging techniques for reducing the attack surface and controlling risk2. Discuss segmentation and micro-segmentation for application isolation 3. Explore the evolution of breach prevention and breach detection to breach containment4. Understand the modernisation of access control5. Discuss the meaning of “software-defined” security and why you need it Target audience: This session is aimed at Senior information security decision-makers, Mid level information security management, Technical information security practitioners. Please note: Registering your interest does not confirm entry to the session. You will receive an email to let you know whether you have a place on the workshop.
Workshop 2: The Case for Privileged ID Management – The New Approach to Identity
8th June 2016, 14:00 – 16:00
Speaker: Barry Scott
In this workshop session we will cover the following areas: How the modern enterprise has changed our approach to privileged Identity Privileged Access Big Data Security Mac & Mobile Management Regulatory Compliance Privileged identity management best-practice Tools and skills necessary Session benefits: 1. Understand the challenges associated with privileged identity management 2. Understand how the IT threat landscape has evolved 3. Understand the tools available and skills needed to manage privileged accounts 4. Learn best practices for managing privileged accounts and identities Target audience: This session is aimed at mid-level Information Security Management. Please note: Registering your interest does not confirm entry to the session. You will receive an email to let you know whether you have a place on the workshop.
Using Chrome to Attack Users: The Power of JS
8th June 2016, 14:15 – 15:15
Speaker: Jokin Guevara
Google Chrome is one of the most popular web browsers, which offers users the possibility of customising it without much IT knowledge. However to get to that, they need to open some gates that might well be used by malicious hackers to hack into users privacy without much hassle. In this research we show on a very clear and near POC how a script kiddie with some basic knowledge of JS can easily inject their code onto Chrome browsers and harvest all usernames and passwords of accessed accounts. As it’s a POC we keep it short, but show and tell how big is this gate of security flaws. Discover how to know if your Chrome Browser is infected (which will not be detected by anti-viruses) Understand how to protect against Chrome Browser side channel attacks Understand how to make safe payments when using Chrome Browser Understand how Chrome Browser handles extensions and requests Evaluate the potential harm of JS when using Google Chrome and how to prevent attacks.
WiFi – Convenient, Ubiquitous and Fast. All it Lacks is Secure!
Information Security Exchange
8th June 2016, 14:15 – 15:15
Speaker: Patrick Grillo
There’s no doubt that wireless technology has met its promise in providing ubiquitous connectivity without limits. Unfortunately that connectivity also comes without any real security. As enterprises of all sizes continue to embrace wireless and the number of wireless devices continues to expand exponentially – think IoT – it’s only a matter of time before it’s too late to put the genie back in the bottle. Rather than calling for a return to the “good old days” of wired only access, this session will logically explore the issues of wireless security, identify the weak links and make objective suggestions as to how organizations can take advantage of wireless connectivity without compromise. Gain knowledge on the state of the wireless market Have the opportunity to update their knowledge about wireless technology and its impact on the enterprise. Understand the security shortcomings of “typical” wireless offerings. Gain knowledge of how network security and wireless networking can be integrated together. Understand the role of cloud managed wireless solutions.
Privacy, Trust and the Internet of Things
08 Jun 2016, 14:40 – 15:20
Speaker: Bruce Shneier
During this presentation, information security technologist Bruce Schneier will discuss the privacy implications of the Internet of Things. As connected devices proliferate and generate vast amounts of data privacy concerns are coming increasingly to the fore. Who is responsible for protecting that data and who has access to it? Can the threat to privacy posed by the Internet of Things be managed and what is the role of the information security community in tackling this challenge?
Live Security Incident Investigation
8th June 2016, 14:40 -15:05
Speaker: Matthias Maier
Come to see and learn in this session by going through the kill chain of a targeted attack and navigating through an incident investigation to learn how the attacker worked.
Attacking the Domain – Live Demo of Kerberos Attack and Defence Strategies
8th June 2016, 15:20 – 15:45
Speaker: Alex Wilson
Session details to be announced…
Thursday, 9 June 2016
Workshop 1: DevOps Connect: DevSecOps
9th June 2016, 09:30 – 12:30
Speakers: Alex Manly, Chris Swan, Gareth Rushgrove, Helen Beal +2
DevSecOps is the best shot we have at rising to the challenge of software security through the creation of an automated Software Supply Chain. DevOps Connect: DevSecOps is a series of sessions focused on the DevOps Software Supply Chain. DevOps and Security practitioners combine to talk about real world, enterprise level experience on implementing automation into the Software Supply Chain. If you and your company are ready to investigate the advantages of DevSecOps and explore automation of the Software Supply Chain, but are not quite sure where to get started or why, this workshop is for you. Workshop Agenda 9.30: Doors open 9.55: Welcome, Nick Coombs, Sonatype 10.00: Opening Keynote, Opening Up Security with DevOps, Gareth Rushgrove, Puppet Labs 10.35: Does Dev”Sec”Ops Really Exist?, Alex Manly, Sendachi 11.05: The Journey to Rugged DevSecOps, Shannon Lietz, Intuit 11.35: Measuring Value Through Your Software Supply Chain, Helen Beal, Ranger4 12.00: Closing Keynote, DevOps: Deploying Security at Scale, Chris Swan, Computer Sciences Corporation (CSC) 12.30: Closing comments, Nick Coombs, Sonatype Please note: Registering your interest does not confirm entry to the session. You will receive an email to let you know whether you have a place on the workshop.
Info security Europe Hall of Fame 2016: Best Practice Incident Response
9th June 2016, 10:00 – 10:35
Speakers: Brian Honan, Dan Raywood
Join Dan Raywood in conversation with Brian Honan, 2016 Infosecurity Europe Hall of Fame inductee. During the session Brian will discuss his career in information security and share insight into how connected organisations should tackle cybersecurity incidents. Brian is recognised for his long term contribution to the information security sector, including as founder and CEO of Ireland’s first CERT, special advisor on internet security to Europol’s Cyber Crime Centre (EC3) and industry expert on information security advising organisations in multiple industry segments, mentoring new professionals and lecturing on information security at University College Dublin. The Infosecurity Europe Hall of Fame celebrates the achievements of internationally recognised information security visionaries, luminaries, practitioners and advocates. Members of the Hall of Fame meet the following criteria: An internationally recognised and respected information security practitioner or advocate Have made a clear and long-term (over 10 years) contribution to the advancement of information security Have provided intellectual or practical input that has contributed to and accelerated the advancement of information security An engaging thought-leader demonstrating creativity and original thinking in information security.
Attacks That are Invisible to SIEM Systems
Cyber Innovation Showcase
9th June 2016, 11:45 – 12:10
Speaker: Jonathan Davies
This presentation will explore the latest trend in intelligent attacks that are invisible to modern threat detection technologies. Since 2010 we have seen an increase in the number attack vectors that are specifically designed to evade traditional corporate security strategies. This talk will look closely at the anatomy to 2 example attacks, explain why they would go undetected using today’s SOC systems and explore enhancements that could be made in order to detect such attacks. Whilst this talk will provide a technical “deep dive” into each attack based on the research of Pervade Software and Mendicant/FireEye the talk as a whole will be suitable for people of all levels of technical knowledge and will demonstrate why a log-centric SOC is no longer good enough.
Ten Years On: Lessons From A Decade Of Website Security Statistics
9th June 2016, 13:20 – 13:45
Speaker: Ryan O’Leary
Now in its tenth year, WhiteHat Security’s Website Security Statistics Report provides a one-of-a-kind perspective on the state of website security and the issues that organisations must address in order to safely conduct business online. In recognition of the ten year milestone, this talk will highlight the biggest changes and challenges in web vulnerabilities over the past decade and provide the most accurate picture of website security as it stands today. Analyse this year’s trends in web vulnerabilities, their overall prevalence and how effective we are at fixing them, broken down by industry and geography Get the most accurate picture of website security available Learn which technologies, frameworks, and so-called “best practices” are actually (statistically) the most and least vulnerable Learn how to best apply all of this knowledge to your own organisation and what methods of scaling security inside your own enterprise will work best.
A Year on From a Leaky Kettle. Has Security of the Internet of Things Improved?
9th June 2016, 15:20 – 15: 45
Speaker: Ken Munro
One year on from our research into the Wi-Fi enabled kettle we revisit the security of the IoT and examine how it has evolved. While manufacturers continue to rush products to market we review the security roadmap of these devices and examine the apparent inertia that they are suffering from. Have any real improvements have been made to reduce the risks they present? Understand the broad security problems and issues that plague the IoT Understand why IoT security is so slow to evolve compared with the evolution of the market Gain an insight into the corporate risk that IoT devices present Find out how to reduce risk and minimise the potential impact of unsecured IoT devices Learn how the security of the IoT can better managed and improved.
MEET THE BEST EXPERTS
Bruce Schneier is an internationally renowned security technologist, called a “security guru” by the Economist. He is the author of 13 books—including Liars and Outliers: Enabling the Trust That Society Needs to Thrive and Carry On—as well as hundreds of articles, essays, and academic papers. His influential newsletter “Crypto-Gram” and his blog“Schneier on Security” are read by over 250,000 people. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard Law School, a program fellow at the New America Foundation’s Open Technology Institute, a board member of the Electronic Frontier Foundation, and an advisory board member of the Electronic Privacy Information Center.
Jaya Baloo the CISO of KPN Telecom in the Netherlands. She won the Cyber Security Executive of the year award in 2015. Jaya works with an amazing information security team of highly driven specialists. Working in the information security arena for the past 18 years, she has worked mostly for global telecommunications companies such as Verizon and France Telecom. Jaya is also a frequent speaker at security conferences on subjects around lawful interception, mass surveillance, and cryptography.
Mikko Hypponen is chief research officer of F-Secure, working for the company since 1991. He led the team that took down the world-wide network used by the Sobig.F worm in 2003, was the first to warn the world about the Sasser outbreak in 2004 and named the infamous Storm Worm in 2007. He is also an inventor of several patents. Over the years, he has assisted law enforcement in USA, Europe and Asia on cybercrime cases.
Mr Hypponen has addressed the most widely respected universities and technology conferences worldwide and has been inducted into the Infosec Hall of Fame. He is also the record holder for the most viewed video on the Internet about computer security.
Cory Scott is the Senior Directory of House Security at LinkedIn. He is responsible for production and corporation information security, including assessment, monitoring, incident response and assurance activities. Prior to joining LinkedIn, Cory was at Matasano Security, where he led the consulting teams based in Chicago and Mountain View. He has also held technical positions at @stake, Symantex and ABN AMRO/Royal Bank of Scotland. Cory has presented at Black Hat, USENIX, OWASP and SANS.
CHECK OUT THE BEST EXHIBITORS
Everything you see is part of my personal recommendations for you in order to save your time, anyway feel free to visit any exhibitors and conference talks. Some are new and not so known, but not necessarily worse, so if you find something interesting that I didn’t mention you can leave a comment below the article. It’s highly appreciated.
Now I leave you with some pictures I took at Infosecurity Europe 2015, so you can have an idea of what you’ll find inside the Olympia London venue.
See you there! 🙂
Author: Fabio Baroni Date: 2016-06-01 15:09:19