Loading…

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Saturday, November 21
 

08:00 WIB

Opening Speech by Conference Chair
Serve as OWASP Jakarta Chapter Leader, OWASP Securetea Project Leader Etc


Speakers
avatar for Ade Yoseman Putra

Ade Yoseman Putra

OWASP Leaders & Conference Ccmmittee, OWASP


Saturday November 21, 2020 08:00 - 08:15 WIB

08:15 WIB

Speech by Keynote Speaker
Speakers
avatar for Vivek Ramachandran

Vivek Ramachandran

CEO, Pentester Academy
Vivek Ramachandran is the Founder, CEO of Pentester Academy. We now train thousands of customers from government agencies, Fortune 500 companies, and smaller enterprises from over 90 countries. Vivek has been researching Wi-Fi security for over a decade. He discovered the Caffe Latte... Read More →


Saturday November 21, 2020 08:15 - 08:45 WIB

08:45 WIB

Scale Your Security by Embracing Secure Defaults & Eliminating Bug Classes
Abstract:
We’re in the middle of a significant shift in how security teams operate and prioritize their limited budget and person-time.

Historically, as an industry, we’ve focused on building tools to identify vulnerabilities. While we’ve built impressive tools, these approaches have failed to address the challenges of modern engineering teams.

Specifically, these tools often are too slow, require a prohibitive amount of security engineer time and domain expertise to tune, overwhelm users with false positives, and most importantly, do not ultimately raise a company’s security bar.

But there’s another way.

Rather than investing in finding more bugs, some modern security teams are instead focusing on providing developers with frameworks and services with secure defaults (“guard rails”) so that developers can build features quickly and securely. When done correctly, combining secure defaults and lightweight checks that enforce invariants (properties that must always hold), organizations can solve classes of vulnerabilities by construction, preventing bug whack-a-mole.

In this talk, we’ll present a practical step-by-step methodology for:
- Choosing what to focus your AppSec resources on
- How to combine secure defaults + lightweight invariant enforcement to eradicate entire vulnerability classes
- How to integrate continuous code scanning into your CI/CD processes in a way that’s fast, high signal, and low friction for developers
- How to use an open source, lightweight security linting tool to find bugs and anti-patterns specific to your company

Speakers
avatar for Isaac Evans

Isaac Evans

CEO, r2c


Saturday November 21, 2020 08:45 - 09:30 WIB

08:45 WIB

Betrayal of Reputation: Trusting the Untrustable Hardware and Software with Reputation
Reputation is based on trust, and people normally believe the products produced by global companies because of their reputation. Their products are built with some kinds of hardware and software made by them or confirmed by them. The companies have spent their efforts creating and managing high-quality products for profit and reputation. So, trust that is based on reputation works properly. Despite their efforts, the complexity of hardware and software has been increasing. Thus, it is hard to check the correctness and completeness of specifications and implementations related to their products

In this talk, I introduce the case that hardware and software, especially BIOS/UEFI firmware, Intel Trusted Execution Technology (TXT), and Trusted Platform Module (TPM), betrays your trust. Reputable companies defined and implemented specifications, and the TPM with UEFI/BIOS firmware and Intel TXT has been widely used for the root of trust.
I found three vulnerabilities, CVE-2017-16837, CVE-2018-6622, and CVE-2020- 0526, related to the sleep process. Unlike previous researches, the vulnerabilities can subvert the TPM without physical access. To mitigate the vulnerabilities, I also introduce countermeasures and a tool, Napper, to check the vulnerabilities. The sleep process is a vital part of the vulnerabilities, so Napper makes your system take a nap and check them.

Speakers
avatar for Seunghun Han

Seunghun Han

Senior Security Researcher, Affiliated Institute of ETRI


Saturday November 21, 2020 08:45 - 09:30 WIB

09:30 WIB

Learn how to find and exploit race conditions in web apps with OWASP TimeGap Theory
OWASP TimeGap Theory is the latest work Abhi M Balakrishnan. You probably must have heard of his other projects - OWASP Bricks, OWAPS Mantra, Web app security testing with browsers, TinyBirdCTF, BrickTown, and Snow. Abhi works as a security consultant for SecurityCompass, San Francisco, USA.

Speakers
avatar for Abhi Balakrishnan

Abhi Balakrishnan

Security Consultant, SecurityCompass
Abhi M Balakrishnan is an application security consultant hailing from India. He is currently working as a security consultant for SecurityCompass, San Francisco, USA. He focuses on application security and has been active with OWASP projects for a while now.Abhi is here to introduce... Read More →


Saturday November 21, 2020 09:30 - 10:15 WIB

09:30 WIB

OWASP Women in AppSec (WIA) - Application Of NIST Cyber Security Framework in Public Schools
OWASP Women in AppSec (WIA) - Application Of NIST Cyber Security Framework in Public Schools

Abstract:
As we all know that Cybercriminals are targeting middle schools and high schools and given the fact that due to COVID 19 we are now in an online learning environment. So It is vital than ever that we must apply frameworks to protect our young adults from Cybercriminals. Schools all over the world are scrambling to protect their children and communities, but there are not many resources available for middle schools and high schools’ guidance. The National Institute of Standard and Technology (NIST) Cyber Security Framework can be applied in K-12 which can be very helpful. In this talk, I will cover the application of the NIST CyberSecurity framework for K-12 schools in a global perspective. This talk is for all types of attendees who are educators and want to help K12 schools in creating a Cyber Attack free environment.


Speakers
avatar for Deveeshree

Deveeshree

Assistant Teaching Professor, University of Washington
Deveeshree is passionate about teaching and learning cybersecurity and information technology. She began her career as an information security analyst and has been involved in various roles related to cybersecurity before joining UW Tacoma. She grew up in India before moving to the... Read More →


Saturday November 21, 2020 09:30 - 10:15 WIB

10:15 WIB

Break #1
Saturday November 21, 2020 10:15 - 10:30 WIB

10:30 WIB

Mobile Security in a Remote World
Attacks are no longer limited to traditional endpoints like laptops and workstations; mobile devices have been ranked the #1 hardest enterprise asset to defend. Compounded by bring-your-own device policies, enterprises are struggling to protect themselves against a growing variety of mobile threats.

In this session, we will dive into the challenges with securing mobile and the evolution of mobile device security. Join us to learn about why attackers are shifting to target mobile, validated by investigations from the Cybereason Nocturnus team, and how the enterprise is moving to address them.

Speakers
avatar for Allie Mellen

Allie Mellen

CSO, Cybereason
Allie Mellen is a computer engineer by training and has spent the past decade in engineering, development, and technical consulting roles at multiple venture-backed startups, as well as research roles at MIT and Boston University. Her passion is combining technology and effective... Read More →


Saturday November 21, 2020 10:30 - 11:00 WIB

10:30 WIB

The caveats of the unseen: Crouching exposure, Hidden Misconfiguration
The complexity and number of enterprise cloud applications has resulted in a constant stream of misconfigurations and data exposures breaches. This work is a deep dive into the different types of misconfiguration that lead to cloud data breaches. We examine sensitive data exposures across more than 20 apps -- including meeting apps and project management tools -- and analyze them across three different dimensions. Our goal is to provide a framework that organizations can use to identify and prevent cloud data exposure. We classify the risks according to how they arise: Independent risks happen within a single app, such as accidentally exposing a bucket publicly in Amazon S3. Interconnected risks happen when multiple apps interact, such as configuring Slack notification in Confluence. Interconnected risks are typically a major data transfer blindspot for organizations, who don’t have visibility into data flowing from between apps. We will demo this by creating a nearly invisible command & control channel for an insider to steal sensitive data. Next is the extent to which data can be exposed:  Public data is exposed to the entire Internet External data is shared with individuals outside an organization Internal data is shared within one’s organization. We provide two examples of internal data breaches.   Finally, we analyze the risk factors that contribute to misconfiguration: Design factor, exposure from the design of the app, such as Google Hangouts image links. Default factor, exposure by the default sharing settings of the app, such as Google Groups default visibility. Human factor, exposure from users applying inappropriate permissions, such as using Google Drive “anyone with link” option for confidential files. Finally, we shed light on how attackers can abuse misconfigured cloud apps. We conclude the talk by providing vendor agnostic recommendations and security controls that can aid organizations to mitigate exposure risks.

Speakers
avatar for Ashwin Vamshi

Ashwin Vamshi

Staff Engineer, Netskope
Ashwin is a Security Researcher at Netskope. His research has been quoted in Forbes and also in several Infosec magazines and online portals. Ashwin primarily focusses in identifying malware, campaigns and threat actors that use 'Cloud as an attack vector'.


Saturday November 21, 2020 10:30 - 11:15 WIB

11:15 WIB

Top security mistakes with API's
The talk is the resultant analysis of major security breaches and disclosures related to APIs, from 2017 to 2020. We will look at the top vectors of API compromise like authentication, authorization and rate limits and take a technical in-depth looks at how hacker’s gains access to system by compromising application level flaws, including mechanism to crack JSON Web Tokens. The talk will club breach information with live demo’s to display constructs of OWASP API security top 10

Speakers
avatar for Shahnawaz Backer

Shahnawaz Backer

Principal Security Advisor, F5
Shahnawaz Backer does security analysis and threat research at F5. He has been a developer, systems engineer, solutions architect, and security advisor, and he firmly believes that cyber security is a collective responsibility. In his current role at F5 labs, his research focuses... Read More →


Saturday November 21, 2020 11:15 - 12:00 WIB

12:00 WIB

Lunch Break
Saturday November 21, 2020 12:00 - 13:00 WIB

13:00 WIB

Hunting Malware Using Yara
As we are in the age of the computer, the complexity of computer threats has also increased. So it is necessary to identify the malware and hear come the Yara, it makes it possible for the malware researchers to hunt and classify malware and even APTs. Yara is the swiss-army knife that makes the work of malware researchers and threat intelligent researchers painless. It is the simple rule-based approach for hunting and classifies malware families/variants. Using Yara we can accurately detect malware threats. The capability of Yara can also extend to scan files and memory. The best part of Yara rules is that it provides both textual and binary patterns for creating an efficient signature for malware. The binary patterns help to hunt for hunting the code reuse among the malware families. Yara rules can last for decades. So Yara lubricates the process of hunting malware, The key to efficient YARA rules depends on simple and clear rule sets utilizing both.

Speakers
avatar for Lakshya Dubey

Lakshya Dubey

Lakshya Dubey is a security researcher and an enduring learner of technology and malware enthusiasts. He is a highly skilled technology enthusiast in the security domain especially in malware research and believes in constant learning and shaping cutting-edge security technology through... Read More →


Saturday November 21, 2020 13:00 - 13:30 WIB

13:00 WIB

13:30 WIB

Applications Security with SAST y Automated Threat Modeling
Review the basic tools and taks of the profesional in product security
- Automated Threat modeling
- Found,Fix and explain code vulnerabilities
- Undestand SAST tools work
- Create you own SAST tools

Speakers
avatar for Gustavo

Gustavo

Chapter Leader, OWASP Vina del Mar
Engineer on SystemsOwasp Trainer https://www.owasp.org/index.php/OWASP_TrainingOwasp Chapter Leader https://owasp.org/www-chapter-vina-del-mar/Research Publish for the IEEE Cloud Security How develop secure app in Cloud-2019 https://ieeexplore.ieee.org/document/8854038Member Cloud... Read More →


Saturday November 21, 2020 13:30 - 14:15 WIB

13:30 WIB

Threat Defense: Defending the ATT&CK with TTP’s
For defenders in the current threat landscape, threat intelligence is mostly focused on Observables and Indicators of Compromise (IOCs) which are more technical in nature and have a very short lifespan. By the time controls are put in place to thwart the technical IOCs, attackers may have already changed them and countered with new attacks. Therefore, it becomes essential for defenders to continuously harness and operationalize the tactical information made available by technical threat intelligence to identify the Tactics, Techniques, and Procedures (TTPs) used by attackers and deploy the corresponding countermeasures in real-time.

TTPs are the new way of tackling attackers and having your countermeasures in place. This talk will help the defenders understand how to harness the information for TTPs from external and internal sources, how to map/create their own specific tactical threat landscape, and how to use the harnessed information for SOC, IR, Threat Hunting, and Threat Intelligence use cases.

Speakers
avatar for Avkash Kathiriya

Avkash Kathiriya

VP - Research and Innovation, Cyware Labs
Information Security professional with overall 12+ years of experience in the Information Security domain. Currently heading Research and Innovation in Cyber Fusion and Threat Intelligence domain within security product company Cyware Labs. Also Null Mumbai(Open security community... Read More →


Saturday November 21, 2020 13:30 - 14:15 WIB

14:15 WIB

Use the OWASP Threat Modeling Playbook to Improve your Product Security
We consider threat modeling a foundational activity to improve your software assurance or product security.   We have trained hundreds of experts and consulted with as many clients regarding threat modeling. We found that a well-established threat modeling practice will measurably decrease security issues of delivered products. But performing a threat modeling exercise is one thing. Scaling it up as a standard practice in an organization is another. Threat modeling is often considered a manual and costly activity with an unpredictable outcome. We pulled together our Toreon threat modeling vision and strategy with OWASP best practices (like OWASP SAMM and the AppSec champion playbook) to create a ‘Threat modeling playbook’. The playbook shows you how to turn threat modeling into an established, reliable practice in your development teams and in the larger organization.  
We released this and an open source OWASP project for everyone to use and improve upon.
We encourage you to download and use our playbook. Try it with your own team or on a pilot project. And let us know how it works and how we can improve the playbook.
With you, we can create a community to support and continuously improve ‘Threat modeling playbook’. Together, we can make threat modeling more widely available. This in turn will make all of our software more secure.
GitHub repository https://github.com/Toreon/threat-model-playbook
OWASP project page https://owasp.org/www-project-threat-modeling-playbook/
Outline talk Threat modeling  Leveling up – we need a playbook! Get stakeholder buy-in Embed in your organization Training your people Strengthen your processes Innovate with technology Open sourcing our playbook / demo Q&A

Speakers
avatar for Sebastien Deleersnyder

Sebastien Deleersnyder

CEO, Toreon
Seba (https://twitter.com/Sebadele)  is co-founder, CEO of Toreon and a proponent of application security as a holistic endeavor. He started the Belgian OWASP chapter, was a member of the OWASP Foundation Board and performed several public presentations on Application Security. Seba... Read More →


Saturday November 21, 2020 14:15 - 15:00 WIB

15:00 WIB

Break #2
Saturday November 21, 2020 15:00 - 15:30 WIB

15:30 WIB

The Fault in Our Shells: A Weekly Overview Running Cowrie
I ran ssh honeypot on cloud environment for a week. I then dissected the result focusing on two things. The statistics, that is how many attacks happened, and other quantitative numbers. The second one is the qualitative sides, how the attackers behave and what kind of malware attacks. Most of the malware attacking are variants of mirai bots, the attack uses brute force of commonly used wordlist/ dictionary and some used default IoT logins. After gaining access, most of the malware do any or a combination of these activities, that is (1) fingerprint the OS, (2) download and run payload, and (3) contact C2 server, (4) persistance/ installing service (miner), (5) cleaning activities. Some malware failed miserably because of bad programming, but some are more sucessfull. Due to the limitation of the honeypot, not much payload activities can be seen. The paper then conclude by showing types of TTP's used, some funny fail script, and some tips on how to handle the types of malware this honeypot gets.


Speakers
avatar for Ewaldo Simon Hiras

Ewaldo Simon Hiras

Digital Forensic, Directorate General of Taxes of Indonesia
Experienced in law enforcement and investigation field, with 7+ years focusing in digital forensic. My employment background as an investigator requires me to be detail-oriented and thorough. I hold a Masters Degree in digital forensics with thesis focusing in metasploit exploitation... Read More →


Saturday November 21, 2020 15:30 - 16:00 WIB

15:30 WIB

teler - Protect Your WebApp
"teler" is an open source tool I created to detect various types of threats that attack for web applications, working like IDS by reading and analyzing access logs; as well as using abundant free resources to determine true-positive threats.

Speakers
avatar for Dwi Siswanto

Dwi Siswanto

Security Engineer, Kitabisa.com
A Security Engineer, part-time bug bounty hunter and reverser, is an experienced security researcher and technology evangelist. Dwi enjoys figuring out ways to protect customers from the latest threats.


Saturday November 21, 2020 15:30 - 16:00 WIB

16:00 WIB

Web Security in Indonesia National Policy Framework
Speakers
avatar for Rifki Indrakusuma

Rifki Indrakusuma

Vice Commander of Cyber Unit of Bais TNI, Bais TNI
Vice Commander of Cyber Unit of Bais TNIEducation: Bandung Institute of Technology & UNSW, SydneyVoluntary Military Officer School.Air Force Command n Staff College


Saturday November 21, 2020 16:00 - 16:45 WIB

16:45 WIB

Closing Remarks
Speakers
avatar for Prashant Kv

Prashant Kv

Conference Committee, OWASP


Saturday November 21, 2020 16:45 - 17:15 WIB
 
Sunday, November 22
 

09:00 WIB

Car Hacking Village
Intro to Car Hacking for Fun and Profit
Shall we play a game in car hacking? CAN you fuzz? Oh wait! Hmmm, how about building our own car hacking labs? Too many components and ECU kits though. Building a car hacking labs will surely take some time, resources and analysis. What if I have zer0 knowledge in automotive wiring and CAN Bus hacking? Say no more because I got you! In this talk, we don't need roads. Seat tight and no need to fasten your seat belts because this will be a quick, cheap, practical and dirty approach in car hacking specifically CAN Bus hacking. Using one component of your car you could just acquire from a junkyard or by any means necessary to start Car Hacking by yourself from fuzzing a simulator to an actual hardware with open source tools and hardware. We will also talk about building your own lost-cost CAN fuzzer and Metasploit module creation geared towards the hwbridge and discuss about common automotive security bugs. Warning: this talk could produce future car hackers who will be at your nearest Car Hacking Village and bug bashes.

Speakers
avatar for Jay Turla

Jay Turla

Manager, Security Operations (PH), Bugcrowd


Sunday November 22, 2020 09:00 - 16:00 WIB

09:00 WIB

Creating a 'Secret Room' in the DarkWeb
WHEN THE TRAINING BE HELD
Sun Nov 22, 2020 7:00 PM - Mon Nov 23 1:00 AM PDT (Pacific Daylight Time)
Sun Nov 22, 9:00 AM - 4:00 PM WIB (Western Indonesian Time)
Duration: 6 hours

WHAT IS THIS TRAINING ABOUT
Creating a 'Secret Room' in the DarkWeb

The "DarkWeb" or "Dark Web" is popularly associated with negative things nowadays; although DarkWeb as one of the DarkNet's services was designed initially to improve: security, privacy and anonymity of the web itself. The word "Dark" in "DarkWeb" means: "good security, privacy and anonymity"; no one knows who you are and what you do (because it's dark already). DarkWeb as one of the available web technologies needs to be used a lot for positive things. The community and public needs the right information about DarkWeb and correct usage of it.

The hidden services (.onion websites) described as mysterious terrifying places, it gives complicated impressions and is difficult to create; but it's actually relatively easy to do. However, this needs basic knowledge in order to understand how a website in the DarkWeb can be created and accessed.

By joining this training, the participants are expected to create a 'secret room' (an .onion website) in the DarkWeb as a first step in using it for positive things; with expectations of increasing the useful hidden-services and will reduce the downsides of this encrypted web technology.

This training covers understanding the three fundamental concepts of DarkWeb technology: security, privacy and anonymity. Also will provide a solid overview about: DarkNet, DarkWeb, ClearNet, DeepWeb, SurfaceWeb and notice the difference. Besides introducing the audience to concepts and ideas, the participants will be taught ways to create a regular web server and change it into a hidden service of DarkWeb. This training provides participants with actionable skills that can be applied immediately.

WHO THIS TRAINING IS FOR?
- IT Security Researchers
- Private Detectives and Investigators
- IT Professionals working in security domain
- Anyone with a common belief: internet users should have private access to an uncensored web

KEY TAKEAWAYS
- Understanding of the concept of security, privacy and anonymity
- Clear understanding of: DarkNet, DarkWeb, ClearNet, DeepWeb and SurfaceWeb
- Ability to get, verify and authenticate the tools for DarkWeb
- Understand how to access DarkWeb hidden services
- Ability to create a semi-custom .onion domain name
- Ability to create a hidden service of DarkWeb (.onion website)

Speakers
avatar for Danny Ismarianto Ruhiyat

Danny Ismarianto Ruhiyat

Co-Founder & CEO, CIKUR
I like encryption since elementary school; loved programming since middle school and studied virus and antivirus techniques since high school. Deepen cyber security since college untill now. Established a startup company that focuses on cyber security since 2016 and in 2018 focuses... Read More →


Sunday November 22, 2020 09:00 - 16:00 WIB

09:00 WIB

CyberWarOps Training: Red and Blue Team Joint Operations
Adversaries are rapidly adapting the convoluted offensive techniques that are focused to circumvent the defense mechanism in order to accomplish their motive on the attack surface. Whereas most of the organization are not pretty much aware of the techniques used by the threat actor to accomplish their motive which leaves the defensive mechanism of the organization in a very fragile position. The fragility of the defense makes it easier for the threat actors to break or bypass the security boundaries of the organization which leads to harsh consequences. To avoid these consequences, the organization adopts the concept of depicting the art of the threat actors on the attack surface to know the security loopholes before the attacker exploit it to accomplish its motive. This particular exercise of depicting the nature of threat actor on the attack surface is known as Red Teaming.
"CyberWarFare: Red and Blue Team Joint Operations" aims to provide the trainees with the insights of the offensive techniques used by the red team and defensive techniques employed by the blue teams in an enterprise.
From Red Team perspective, trainee will not only understand the advanced Real World Cyber Attacks but also simulate Tactics, Techniques and Procedures (TTP's) widely used by APT groups.
However, from Blue Team perspective, trainee will understand how to Monitor, Detect, Analyse and then Respond against the real-time attacks performed by red team.
Paper Link: http://bit.ly/CWF_OID

Speakers
avatar for Yash Bharadwaj

Yash Bharadwaj

Red Team Security Researcher @cybewarfarelabs, CyberWarFare Labs
Yash Bharadwaj is currently working as Red Team Security Researcher at CyberWarFare Labs [https://cyberwarfare.live]. He is highly attentive towards finding, learning and discovering new TTP’s used during offensive engagements. His area of interest includes (but not limited to... Read More →
avatar for Manish Gupta

Manish Gupta

Red Team Security Researcher, Citrix
Manish Gupta is a Red Team Security Engineer at Citrix in India. Where he specializes in Offensive Security and Red Teaming Activities on enterprise Environment. A part-time Bug Bounty Hunter and CTF Player. His Research interest includes Real World Cyber Attack Simulation and Advanced... Read More →


Sunday November 22, 2020 09:00 - 17:00 WIB

09:00 WIB

Kubernetes Overview and exploitation
Introduction:
This attacker focused, hands-on training will set you on the path to understanding common vulnerabilities in containerized environments (Docker) and get familiar with Kubernetes clusters
It will help you to learn the approach to follow and the process for testing and auditing containers and Kubernetes clusters
By the end of the training participants will able to identify and exploit applications running on containers inside Kubernetes clusters with a hands-on approach

Abstract:
An organization using microservices or any other distributed architecture rely heavily on containers and container orchestration engines like Kubernetes and as such its infrastructure security is paramount to its business operations.
This session will set the base for security testers and DevOps teams to test for common security vulnerabilities and configuration weaknesses across containerized environments and distributed systems. It also helps to understand - the approach and process to audit the Kubernetes environment for security posture.
The courseware is meant to introduce participants to container and cluster management with Kubernetes. The focus is on the security aspects of the application and the container infrastructure. The participants will learn the common tools and techniques that are used to attack applications running in containerized environments.
The participants will be introduced to Kubernetes and learn to assess the attack surfaces applicable for a given application on the cluster
The participants will learn how to audit for security based on best practices using tools and custom scripts

As part of the course delivery, the trainer will share examples of real-world security issues found in penetration
testing engagements to showcase the mapping of the concepts with what usually happens in the real world.

Hardware Requirements
At least 8 GB of RAM, 10GB of Diskspace free on the system
The laptop should support hardware-based virtualization
If your laptop can run a 64-bit virtual machine in Oracle VirtualBox it should work
Network Connectivity

Prerequisites
Basic knowledge of using the Linux command line
System administration basics like servers, applications configuration, and deployment
Familiarity with container environments like Docker and distributed systems would be useful

Take-Aways
Complete hands-on training with a practical approach and real-world scenarios
Presentation and a PDF created for the training session
Resources and references for further learning and practice

Speakers
avatar for Mihir Shah

Mihir Shah

Consultant, Awake Security
Mihir Shah currently works as a threat researcher for Awake Security and is an Industry mentor for Stanford University, he also works as a security Advisory personnel for multiple companies. He has been a prior speaker and trainer at conferences like OWASP Seasides, Kubernetes Day... Read More →


Sunday November 22, 2020 09:00 - 17:00 WIB

09:00 WIB

Hands on Threat Hunting workshop
Threat Hunting Workshop to develop your skills and test your abilities. At the end of the workshop you will be armed with knowledge and hands-on experience in hunting down threats and defending networks against advanced adversaries.

Speakers
avatar for Manieendar Mohan

Manieendar Mohan

Cyber Security Engineer, Beagle Cyber Innovations
avatar for Rejah Rehim

Rejah Rehim

Director & Co-Founder, Beagle Security and Appfabs
Rejah Rehim is currently the Director and Chief Information Security Officer (CISO) of Appfabs (https://appfabs.com). Previously holding the title of Security Architect at FAYA India, he is a long-time preacher of open source. He is a steady contributor to the Mozilla Foundation and... Read More →


Sunday November 22, 2020 09:00 - 17:00 WIB

09:00 WIB

YARA RULES ON STEROIDS
Whenever we want to proactively hunt for malware of interest for threat intelligence purposes, YARA is the swiss-army knife that makes the work of malware researchers and threat intelligence Researchers easier. Malware developers work just like legitimate software developers, aiming to reduce the time wasted on repetitive tasks wherever possible. That means they create and reuse code across their malware. This has a pay-off for malware hunters we can learn how to create search rules to detect this kind of code reuse, Traditional Yara rules are written on strings, but if we implement code leveraging YARA code reuse rules in addition to the strings rule the rule will last decades. for successful and long-term hits, we have to combine both string-based and code-based coverage. Meanwhile, we can leverage that for finding future malwares from the same authors using their digital code fingerprintsAdd individual feedback





Speakers
avatar for Saurabh  Chaudhary

Saurabh Chaudhary

Security Researcher
Saurabh Chaudhary is a self-motivated Technology enthusiast and a published researcher with several independent research papers in the information security domain specifically in malware and ransomwareHe is a passionate InfoSec enthusiast and tech enthusiast, he is one of the leaders... Read More →


Sunday November 22, 2020 09:00 - 17:00 WIB

09:30 WIB

Building Scalable Labs for Offensive and Defensive Security Scenarios
Numerous cybersecurity and penetration testing tools and techniques have the potential to damage or destroy the target system or the underlying network. In addition, if malware is used in testing, there is the potential for infection and spread if testing in an Internet-connected testbed. This class will teach how to build your own virtualized, physical, or cloud-based environment to practice your skills in a safe ecosystem. You will learn what you need to create a lab for offensive and defensive cybersecurity concepts. You will also learn and obtain access to numerous tools that you can use to practice your skills, from virtual machines (VMs), Docker containers, and intentionally vulnerable systems.
You will learn how you can leverage tools like Virtual Box, VMWare Workstation/Fusion, ESXi, Proxmox, or even OpenStack to build your own cyber range. In addition, you will also learn how to use tools like Vagrant and Ansible to automate a lot of tasks. Vagrant files and Ansible playbooks will be shared during the class for you to build complex lab environments within minutes. You will also learn how to create environments in cloud services such as AWS, Azure, Google Cloud, and Digital Ocean.
This course is designed for anyone preparing for a certification like Certified Ethical Hacker (CEH), CompTIA PenTest+, CEH Practical, Offensive Security Certified Professional (OSCP), Cisco CCIE Security, CCNP Security. It is also designed to help those just learning how to perform penetration testing (ethical hacking), exploit development, or reverse engineer malware.
This live and interactive training is designed to help you get started building different lab environments to practice cybersecurity skills. This training is important for any individuals preparing for cybersecurity certifications or that are just passionate about learning new hands-on skills.

Speakers
avatar for Omar Santos

Omar Santos

Principal Engineer, Cisco
Omar Santos is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. Omar is the author of over 20 books and video courses. Omar is a Principal Engineer of Cisco’s Product Security Incident Response Team (PSIRT) where he... Read More →


Sunday November 22, 2020 09:30 - 16:00 WIB