SecurityWorld.be ©
2001-2008
|
|
|
Saturday, May 24, 2008 |
|
|
|
SECURITY CONFERENCES
Having attended the OWASP AppSec Europe 2008 conference in Gent mid May this year, I must say that some lectures gave me a lot of new ideas how all this is going to evolve.
Not only was there a great mix between different nationalities, the conference was the first of its kind that was professionally organized and was all about the topic secure web application and secure software.
Take in count that web applications are only a subset of software so the insecure pieces of code don't only reside on web apps but definitely also on the underlying software components like the OS. For the presentations, you can check them out here. Those Americans (Mark Curphey, Gary McGraw) really knew how to get the right level of interaction with the audience.
The social dinner and the musical performance in the "Patershol" area of ancient Gent made the conference also a fun event where people could enjoy themselves without having the talk about XSS attacks and SQL injections ;-)
Last week I attended the yearly ArcSight use conference in Washington DC. It's a great conference organized by ArcSight for it's customers and provides lectures, social activities (the boat party was really cool!) and plenty of networking possibilities. Compared with 2006, this years connect the dots edition really aimed towards an information/business conference where more companies are using the deployed SIEM infrastructures to create new business models.
It's interesting to see companies nowadays establishing a service offering to help enterprise customers define and deploy use cases by solving real-world business challenges associated with: data loss, theft, incident remediation, and government and industry regulatory compliance.
I'm also planning to attend the yearly hack.lu conference. A three days conference in Luxembourg, for bridging ethics and security in computer science. Mark in your agendas: October 22, 2008 – October 24, 2008 @ the Parc Hotel Alvisse. Check out the presentations outline here.
 Labels: security conference
# posted by Welcome @ 11:59
[0] comments
|
|
|
|
|
|
|
|
Thursday, April 17, 2008 |
|
|
|
ONLINE COURSE
While skimming rootsecure.net, I stumbled on a course F-Secure organizes at the technology university of Helsinki that goes in detail on Malware Analysis and Antivirus Technologies.
If you are interested in knowing more about how to use the tools, to get the in and outs on this topic, go check it out here!
The whole course material was made public..
And later this year, there is the known security research gathering on
"Detection of Intrusions and Malware & Vulnerability Assessment"
It's sponsored by Google and some other big shots.
In case someone reads this and has intentions to go, drop me an e-mail/comment so we can meet on July 10-11th in Paris.Labels: hacking tools, malware, security conference, threat analysis
# posted by Welcome @ 15:20
[1] comments
|
|
|
|
|
|
|
|
|
|
|
|
HACK.LU 2007
Last week there was the yearly gathering in Luxembourg (Kirchberg) bringing back together the people who breath IT security for a 3 day conference.
Just like last year, the agenda was very promising...
I arrived Wednesday evening in the Novotel at about 23h30 spending the rest of the evening partitioning my Sandisk Cruzer (4GB) and configuring the backtrack image.
I'm drafting up a small document explaining in easy steps how you can do this yourself. It's convenient if you want to prevent data leakage from your corporate windows image. By booting of a memory stick instead of a CD it's quicker and read/write access is no problem at all.
The rest of the 3 days I really enjoyed Saumil's workshop on Thursday morning teaching how to write exploits in the MetaSploit 3.0 framework.
Lance Spitzner's (founder honeynet project) view on fast-flux service networks was very amusing also. By the way, great person to meet and drink a couple of beers with ;-)
Automated malware detection programs (botspy), e-passport and rfid snooping, exploiting SAP internals and wifi fuzzing (from the France Telecom R&D guys) were some of the topics that past the venue.
Depending on how busy my tail -f /var/log/syslog was ;-) I spend most of the time listening, brainstorming on security related matters letting me understand that creativity is an important asset to have.
You can find some high level notes that I made here.
Some rich bookmarks will be posted in the next couple of days revealing more content in line with the hack.lu agenda.
Again I was very happy being able to attend the conference and once again I've met interesting people!! Hack.lu, cu next year!Labels: security conference
# posted by Welcome @ 18:38
[0] comments
|
|
|
|
|
|
|
