In a break from what seems to have become a yearly tradition for me, I won’t be able to make it to the SANS London event this year. As sad as it is not to catchup with old friends and make new ones, I’m taking on another challenge this year (more on that another time) and there just wasn’t enough time to make both happen. However, that doesn’t mean that you readers get off without my regular post on what the great SANS EMEA team are up to in the build-up to the conference taking place in December.
As is customary for the month or so prior to the conference , SANS EMEA have arranged a number of regular Tuesday webcasts to talk about interesting and topical themes that might be interesting for readers of the blog. As much as the webcasts are designed to enthuse about the SANS classes, they also have great content and I feel stand alone even for people who don’t/can’t attend the training themselves. Another plus is that as these are EMEA focused webcasts, you don’t have to stay up till 2AM to watch/listen live (like the US-based webcasts).
I’ll leave it up to you, the reader, wether or not you find them interesting… This year is a good mix of technicaland audit content, with a little Social Engineering thrown in for good measure. Enjoy!
Tuesday October 4th 2pm BST 3pm CEST
Defending Against APT: IT Audit Techniques In Action with David Hoelzer
Are you already compromised? It can be really hard to know unless you really know your systems. Sign up and tune in for a one hour fast paced discussion of how to merge some simple continuous monitoring controls together to identify signs of Advanced Persistent Threat malware for which there are no signatures. David Hoelzer, faculty fellow and well known security lecturer will give you actionable techniques that you can put into practice immediately following the webcast!
Tuesday October 11th 3pm BST 4pm CEST
Attacking the Human: A Look at Client and Customer-side Attack Vectors with Stephen Sims
During this one hour talk, live client-side hacking techniques will be performed, demonstrating the impact of using such attack vectors. How easy or common is it to incorporate social engineering into a client-side attack? We will look at scenarios where this is applicable, as well as some social engineering techniques used on a grander scale. How are attackers stealing money these days? We’ll look at some real-world examples. The low-hanging fruit has dwindled in many instances, forcing attackers to become more clever, or attack with more traditional techniques like physical theft. Gone are the days of simple remote exploits, and lessening are the number of web-based attack vectors. There are only so many 0-day exploits available…
Tuesday October 18th 2pm BST 3pm CEST
The Intersection of Cool Mobility and Corporate Protection: Practical Steps for Assessing the Security of Mobile Devices with James Tarala
Cool Mobility in business terms is mobile productivity. It enables a workforce to have instant access to information through mobile applications anywhere, anytime. People are fundamentally changing the way they work, and in order to remain competitive, organizations are making enterprise applications accessible through mobile devices. But, what about the confidential data? How do we audit those mobile devices? This presentation will provide a streamline approach to auditing endpoint security on mobile devices.
Tuesday October 25th 2pm BST 3pm CEST
Scapy, Packets, Fun: IPv4 and other dead protocols with Johannes Ullrich PhD
IPv4 has been around the block a few times, and attackers have poked at hit whenever it past them along the way. Needless to say that IPv4 of today isn’t the same protocol we got to know and love 30 years ago. Since conception and birth, IPv4 has had its good and bad times and all is visible in the conglomeration of standards defining a protocol that is now a lot more saggy and heavy then the slick and slim streaker defined initially. We will go over some of the realities of modern IP networking. Why did it change? what are some of the issues you may not know about? How do real networks affect how the protocol actually works vs. how it was supposed to work. Buffering, Layer 9 switches, ubiquitous proxies and non compliant firewalls can have interesting affects on network performance, intrusion detection and security controls. We will use scapy as a tool to experiment with these affects.