Thursday, May 23, 2019 23 hours ago 09:00 - 20:00 London
We are looking forward to our next MWR Briefing, which will take place in May at a central London location.
If you would like to attend, please register your interest below and we will confirm your place. We would like to thank you for registering your interest in the event – we look forward to seeing you there.
Please find the presentation topics and further details below.
This MWR Briefing has passed, but you can sign up to be notified of future events, or register for another of our upcoming events by visiting our MWR Briefings page.
*Request your place early to avoid disappointment!*
Our Briefings have become must-attend events for cyber security experts in every industry, combining cutting edge insights with practical 'how to' tips and guidance.
Predicting attack paths based on an organization’s own environments is extremely useful when assessing risk and designing defences. However, attackers have made significant advances in using offensive tools such as Bloodhound to identify and navigate paths through complex IT environments, putting organizations on the back-foot. In this talk, we will explore how to adapt offensive techniques to support the identification of attack paths in an efficient, automated way. We’ll also look at how this can be visualized in real-time, giving blue teams a fighting chance against modern threats.
During the coffee breaks, Jacques will walk you through the tool we’ve developed to visualize attack paths from a practical perspective through a demo session.
With 4000+ distinct permissions (and counting), understanding how access is managed within an AWS environment is often a daunting and time-consuming task requiring expert capability. Whilst developing this understanding can be a costly endeavor, not doing so could prove more expensive. This talk explores new challenges cloud-based technologies present and how they can be approached by applying traditional offensive security testing concepts. We will present research we’ve been conducting in this area, discuss insights we’ve gathered along the way, and showcase tooling we are actively developing to equip organizations with situational context.
During the coffee breaks, Craig will walk you through how this tool works from a practical perspective through a demo session alongside Jacques’.
It’s important to be realistic about compromises and the fact they occur – which is why incident response (IR) should be a focus for all organizations. And while every company wants their own security team, it’s not always possible. During this talk, you’ll discover some quick wins you can put into place to make immediate reductions in response time.
This talk also covers our vision for the future of IR – where greater context and collaboration leads to increased control - plus the key lessons companies need to learn in order to be prepared for compromise and improve their response capabilities. We’ll also look at the impact early detection has on IR and why it’s just as important.
To achieve their goals and objectives, attackers usually need to elevate their privileges within Active Directory, which is why this is at the centre of almost all enterprise attacks. In this presentation, we will explore the most prevalent escalation paths, detail our research on novel techniques that attackers utilize in these processes, and revisit older (but still prevalent) Tactics Techniques and Procedures. You’ll receive guidance on preventative and detective controls that an organization can implement, based on our vast experience of defending against real-world attacks of this nature.
Cybersecurity’s all about reducing risk by being able to predict, prevent, detect, and respond to attacks. Purple teaming can be incredibly helpful in quantifying detective capability and evaluating processes end-to-end, but business context must be taken into account to operate in a threat-driven way – a factor we’ll dive into in this talk.
We’ll also look at how the MITRE ATT&CK framework can be an enabling factor, but isn’t a one-stop-shop for detection and defence. And, based on our experience of data-driven purple teaming, we’ll showcase information we’ve gathered on detection capabilities across industries – so if you’ve ever wondered how others are performing, you’ll find out in this presentation. We will focus on performance at individual stages of the Cyber Kill Chain, providing key insights into common detective deficiencies in your industry.
Hybrid Mobile Applications are now increasingly used by businesses due to their excellent UI and their faster development cycles. They’re also easier and faster to develop than a native app. So with more organizations using them, how can they ensure security risks are reduced? During this talk, we will explore the evolution of the ‘hybrid application’ development, focusing on how they widen the attack surface compared with a native application and how to mitigate these risks. We will also review Cordova and React Native, and discuss Flutter – the upcoming hybrid SDK by Google - and why you should be getting familiar with this kit.
“Informative, thought provoking, great networking” - CISO, Finance
“Excellent event, very well organised, at a great location and a wide range of information and knowledge shared” - Head of IT, Manufacturing
“Gives good insight into the threat landscape and current techniques used by malicious actors” - Customer Solution Architect, Public Sector
“Attend this event if you can” - Pen tester, Technology