SteelCon 2018

Tuesday, July 3, 2018 44 days ago Sheffield, UK

Taking place from the 3rd to the 8th of July, Steelcon will be held at Sheffield Hallam University.

Steelcon isn't just a conference; it's a social event for the security community. A chance to make new friends, meet up with old ones and have fun, and you might learn some stuff too. MWR are very happy to be 'Steel' sponsors and to be giving talks and workshops. 

Talks:

Exploiting Screen Recording and Automated Input on Android – Amar Menezes

Track 1 – Pennine Lecture Theatre - 12:00 – 13:00 (PG)

 

What does it take to steal $81m? – Donato Capitella and Oliver Simonnet

Track 2 – Peak Lecture Theatre - 17:15 - 18:15 (PG)

 

Workshops

Docker 101 – Alex Kaskasoli, Mohit Gupta

This workshop will provide an introduction to using Docker. It will include an overview of various tools used as part of the Docker ecosystem for creation, orchestration and monitoring of Docker instances, such as Docker Compose, Docker Machine and Docker Swarm. The main objective is to demystify basic usage and provide attendees with enough knowledge to feel comfortable with Docker for both their personal use and contextual awareness during engagements.

This workshop is recommended for Docker beginners.

Requirements:

Personal laptops with a Linux host or Linux Virtual Machine. It is recommended to use a Linux host with Oracle VirtualBox which will aid with certain parts of the workshop.

 

Introduction to Binary Dark Arts with SMT Solvers – Sam Brown

SMT solvers have been at the core of some seriously cool research projects, particularly in Reverse Engineering and Exploit Development. However the field has a high barrier to entry, often requiring a strong background in Computer Science that a lot of practitioners have never experienced. This workshop aims to provide some basic knowledge and exposure to the Z3 SMT solver and Angr binary analysis platform.

At the end of the workshop a ‘king of the hill’ style CTF challenge will be opened up where the top performer wins a Sphero BB-8.

Requirements:

  • Laptop with VirtualBox installed, 30GB of disk space and at least 4GB of RAM to dedicate to it. A Debian VM with all required tools installed and configured along with exercise files and sample code will be provided.



 

 

Accreditations & Certificates

MWR is an accredited member of The Cyber Security Incident Response Scheme (CSIR) approved by CREST (Council of Registered Ethical Security Testers).
MWR is certified under the Cyber Incident Response (CIR) scheme to deal with sophisticated targeted attacks against networks of national significance.
We are certified to comply with ISO 9001 and 14001 in the UK, internationally accepted standards that outline how to put an effective quality and environmental management systems in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR is approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.
As members of CHECK we are measured against high standards set by CESG for the services we provide to Her Majesty's Government.
MWR’s consultants hold Certified Simulated Attack Manager (CCSAM) and Certified Simulated Attack Specialist (CCSAS) qualifications and are authorized by CREST to perform STAR penetration testing services.