Shane Macaulay, Director of Cloud Security for IOActive, to present at Source Security Conference & Training
PRESENTATION: Cloud Security – Zero-day protection with memory integrity based on white lists (aka. Total Cloud Patch Management) PRESENTER(S): Shane Macaulay, Director of Cloud Security for IOActive CONFERENCE: SOURCE Seattle 2016 LOCATION: Seattle, WA DATE & TIME: October 12, 2016 at 11:40AM PT Patch management is often looked down upon due to its simplicity and relatively short shelf life. However, this talk will demonstrate how if we identify patch management as a way to categorize all known and unknown code in our infrastructure (given clouds can…
Michael Allen, Security Consultant for IOActive, to present at OWASP AppSec USA 2016
PRESENTATION: Beyond the ’Cript: Practical iOS Reverse Engineering PRESENTER(S): Michael Allen, Security Consultant for IOActive CONFERENCE: OWASP AppSec USA LOCATION: Washington D.C. DATE & TIME: October 13, 2016 at 10:45AM ET Today there is an app for almost everything. But all apps come with security vulnerabilities, many of which have been relatively easy to find with the help of increasingly available frameworks. So developers are now generally better about hardening apps against the most common issues using jailbreak detection and best practices, and many of the…
Fernando Arnaboldi, Senior Security Consultant for IOActive, to present at OWASP AppSec USA 2016
PRESENTATION: Assessing and Exploiting XML Schemas Vulnerabilities PRESENTER(S): Fernando Arnaboldi, Senior Security Consultant for IOActive CONFERENCE: OWASP AppSec USA 2016 LOCATION: Renaissance Washington, Washington, DC, USA DATE & TIME: October 13, 2016 at 9:30AM ET Specifications for XML and XML schemas have been designed with multiple security flaws. At the same time, these specifications provide the tools required to protect XML applications. This provides a complex scenario for developers and a fun environment for hackers. Even though XML schemas are used to define the security of…
Cédric Lévy-Bencheton, Managing Consultant for IOActive, to present at the 3rd Annual Industrial Control Cyber Security Europe
PRESENTATION: Converting Cyber Attacks into Successful Cyber-Physical Attacks PRESENTER(S): Cedric Levy-Bencheton, Managing Consultant for IOActive CONFERENCE: 3rd Annual Industrial Control Cyber Security Europe LOCATION: Copthorne Tara Kensington, London, UK DATE & TIME: September 28, 2016 at 9:35 AM Access to a control network does not itself constitute an attack. Somehow this important fact is often omitted from public documentation. Cédric Lévy-Bencheton will address an attacker’s challenges in designing disruptive assaults on physical infrastructure or operations. This talk draws from Lévy-Bencheton’s extensive experience in offensive cyber-physical security,…
Michael Allen, Security Consultant for IOActive, to present at DerbyCon 6.0
PRESENTATION: Beyond the ’Cript: Practical iOS Reverse Engineering PRESENTER(S): Michael Allen, Security Consultant for IOActive CONFERENCE: DerbyCon 6.0 LOCATION: The Hyatt Regency, Louisville, KY, USA DATE & TIME: September 23, 2016 at 4:00 PM Today there is an app for almost everything. But all apps come with security vulnerabilities, many of which have been relatively easy to find with the help of increasingly available frameworks. So developers are now generally better about hardening apps against the most common issues using jailbreak detection and best practices, and many…