March 23, 2015

44CON Cyber Security - Speaker & News Update

44CON Cyber Security Workshop Update

 

EXCLUSIVE WORKSHOPS

44CON CS EXCLUSIVE - Steve Lord presents 'Breaking In: How to hack your way to a Cybersecurity career, and how to hack it if you already have one'.

Many people on the red side of the information security fence look at systems all the time and break them. When you walk into a room you’re checking for exits and CCTV cameras. When you get a router or a new digibox from your ISP, you’re sat there wondering what else it does and whether or not you want it on your network. We apply our mindset to most things except people, including ourselves because we’re trained to hack systems. People are a system. You are a system. Your career is a system.

Whether you're starting out or a seasoned pro, you can apply the principles of hacking to your career to raise your career profile, influence the things that matter to you and make better career judgements. From pay rises to CVs, from job applications to interviews. Everything’s open to be hacked, so let’s hack it!

Based on content from Steve's 30 day e-mail course on how to hack your career and his upcoming book, Breaking In: The Pentester’s Hidden Handbook, this exclusive workshop will teach you the basics of hacking your career. Book your 44CON tickets now as this workshop is expected to fill up quickly.

Steve Armstrong presents, Essentials of Incident Response  

This workshop aims to cover the three key areas required to build an effective Incident Response capability:

1. Legal
   - Contracts/NDAs/permission to call in other staff/work off site/take IP data away from the network/site.
   - Noting that EU/US Privacy/SEC laws/Regulation in play here (Plus IP etc) - as in many IR companies are US based, what do we do about privacy/disclosure/Ip protection.
2. Working with the team
   - What to expect when they are onsite - space/access/briefing needs
   - Getting the basics together: Points of Contact, Network Schematics,
   OS/App deployment info, Barrier info (AV, FW, SIEM, Logs, N/HIPS, Netflow etc).
   - What to release to who, when and how - secure methods of communicating with the team, sharing files and getting legal¹s approval for all this.
   - Getting quotes or ROMs for extras like ³We will just send this back to the office for off-site malware analysis²
   - What does a badly controlled engagement look like? Where does the fault lie?
3. Tech
   - What to configure to improve logging fidelity
   - Various new MS updates for logins exe hashes, File system journaling, prefetch enabling, shadow copy enabling etc.
   - When to call it a day
   - What to do afterwards - making the remediation hold
   - Maintaining the momentum
   - Fixing the problem to prevent the reoccurrence