Securi-Tay 2017

Friday, February 24, 2017 6 months ago Dundee, UK

MWR is sponsoring the after party and running challenges at Securi-Tay 2017 at Abertay University. Make sure you visit our stand to find out more.

Calendar

Event Description

Securi-Tay is an information security conference held by the Ethical Hacking Society at Abertay University. After the sell-out success of Securi-Tay V this year’s event will run on Friday 24th of February 2017. The conference will be held in Abertay University, benefiting from the fantastic transport links to Dundee. As well as transport, Dundee benefits from affordable accommodation in the city center, as well as a thriving technology community and the reputation for being Scotland’s sunniest city.

The conference is aimed at anyone with an interest in hacking and information security. You don’t need to be a l33t h4x0r to attend and enjoy the event: Securi-Tay promises to provide a fantastic, worthwhile experience for everyone, new to the scene and conference veterans alike. The conference will feature talks from industry professionals and students as well as some workshops. Lunch and an evening buffet will be provided in the bar across the street.

Talk presented by MWR

  • Time:
  • Room:
  • Topic: Advanced Attack Detection
  • Speakers: William Burgess & Matthew Watkins
  • Description: We hear about advancements in the offensive security realm all the time, with new attack techniques being published, new tools released and high profile breaches of major organisations reported in the news. With a whole bunch of technical certifications, training and frameworks available, the offensive security industry is very well represented and fairly well understood, at least in comparison to defensive security. But what do these attacks actually look like, how can we defend against them, and what techniques are there for detecting them?

    In this talk, we’ll explain some of the technical concepts of threat hunting. We will be looking at what is beyond traditional signature detection – the likes of AV, IPS/IDS and SIEMs, which in our experience are ineffective – and detailing some of the ways you can catch real attackers in the act. As a case study, we’ll look at some of the specifics of common attack frameworks - the likes of Metasploit and Powershell Empire - walking through an example attack, and showing how they can be detected. From large-scale process monitoring to live memory analysis and anomaly detection techniques, we will cover some of the technical quirks when it comes to effective attack detection.
  • Time:
  • Room:
  • Topic: A Window into Ring0
  • Speakers: Sam Brown
  • Description: 

    With the rise of sandboxes and locked down user accounts attackers are increasingly resorting to attacking kernel mode code to gain full access to compromised systems. 

    This talk aims to provide an overview of the Windows kernel mode attack surface and how to interact with it. This talk will demonstrate the tools available for finding bugs in Windows kernel mode code and drivers together with highlighting some of the lower hanging fruit, common mistakes and the steps being taken (or lack of steps being taken) to mitigate the risks posed.

    The talk will then cover common exploitation techniques to gather information about the state of kernel mode memory and to gain code execution as SYSTEM using examples from publicly known exploits.

     

 

 

Registration

You can register for tickets here.

Accreditations

MWR is an accredited member of The Cyber Security Incident Response Scheme (CSIR) approved by CREST (Council of Registered Ethical Security Testers).
MWR is certified under the Cyber Incident Response (CIR) scheme to deal with sophisticated targeted attacks against networks of national significance.
We are certified to comply with ISO 14001 in the UK, an internationally accepted standard that outlines how to put an effective environmental management system in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR is approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.
As members of CHECK we are measured against high standards set by CESG for the services we provide to Her Majesty's Government.
MWR’s consultants hold Certified Simulated Attack Manager (CCSAM) and Certified Simulated Attack Specialist (CCSAS) qualifications and are authorized by CREST to perform STAR penetration testing services.