Round Tables
When it comes to a specialist conference, it is not only the lecturers' quality that matters but it is also important to exchange experiences with other participants who are in similar positions and deal with similar issues. IT-Defense offers a clear framework to discuss security issues and topics with other participating security experts.
Participants can discuss their own problems and other profound issues in small groups. For this purpose, IT-Defense lecturers serve as moderators; however, it is also possible to form individual groups on specific subjects.
Simultaneous round-table discussions will be available on Friday, February 17, 2017.
Strategies on securing your banks & enterprises (from someone who robs banks & enterprises)- Jayson Street
Most people who work on the defensive side of computer security only see the landscape from that perspective! In this talk, Jayson will show how an attacker views your website & employees and then uses them against you. We'll start with how a successful spear phish is created. By using the information gathered from the companies’ own 'About' pages as well as scouring social media sites for useful information to exploit employees. The majority of the talk will be covering successful countermeasures to help stave off or detect attacks. This discussion will draw on the speaker’s 15 years’ experience of working in the US banking industry on the side of defense. At the same time, Jayson will be drawing on over 6 years of doing engagements where he took on the role of the attacker. If everything turns out well, everyone will have learned something new that they can immediately take back to their networks and better prepare them against attacks!
Advanced Lock Opening and Forensic Analysis - Alexandre Triffault
The absence of visual damage to the lock can cause problems in insurance cases or in the field of more advanced theft cases.
In this class, you will learn that non-destructive does not mean 'without any trace'. Alex will show and make you practice NDE techniques to open locks without traces to the naked eye.
After that, the group will put parts of the lock under the microscope and see what traces these non-destructive opening techniques really leave.
Moving from Reactive to Proactive Security – Sami Laiho
Gartner has said that one of the most needed changes in enterprise security is to move to a least-privilege approach, whitelisting of applications and overall proactive security. Microsoft said in November 2015 that 85% of all security threats would have been mitigated by moving to proactive security. In 2015, all major anti-malware companies reported more than 250,000 new malware samples EVERY DAY! Do you really need more convincing that you need to do it as well than these facts? Join this round table session to discuss with the leading Windows Security expert about how to move to proactive security.
Playing with (other people's) data – Chris Böhme
As much as the thinking around data privacy has evolved, so has the technology of data mining to crunch numbers and form links in order to track individuals and organizations. We only need a few data points to identify a so-called anonymous user.
In this workshop, we'll illustrate the big Big Data problem. We'll explore some practical use cases and demos on how this can be done and what additional information we can glean by just following online bread crumbs.
We will play around with interesting data - some freely given, some leaked and some inadvertently exposed. Our journey will take us through social networks and online-dating platforms as we connect and track users – without having to get up from our chairs.
On our journey, we will meet tools like Maltego, make a few friends on Facebook, link some data leaks to actual people and start some romances on Tinder. This workshop aims to entertain you with some tangible examples of explorative data mining and show off the power of connecting tiny pieces of information to form a bigger picture.
Modern malware: current threat situation and new approaches – Stefan Strobel
This round table will present and discuss current issues related to malware, ransomware and new approaches:
- Why are traditional anti-virus solutions no longer capable of providing proper protection from modern malware?
- What are the weak points of present protection concepts?
- What new technical approaches are available today?
- What are the benefits and deficits/problems of those new approaches?
- How do we get a new, future-proof malware protection concept?