Presentations

Security Engineering – A manifesto for defensive security

Published 28/06/2019 | By TMB

Presentation on the need to re-examine how we engineer systems (taking service providers as an example) and the implications on how we quantify cyber risk if we want to take this message into the board room (as given at BT’s SnoopCon 2019 and Cisco’s June 2019 Knowledge Network webinar for service providers). Continue reading →

Posted in Presentations | Tagged C-Suite, conference, CRQ, cyber risk quantification, devops, devsecops, hardening, infradev, orchestration, risk, seceng, service providers, SnoopCon, sre

So you want to build a SOC: Lessons from the front line

Published 20/06/2019 | By TMB

Presentation on building an effective operational security capability (as given at Cisco Live US/Talos Threat Research Summit 2019). Continue reading →

Posted in Presentations | Tagged blue team, conference, SOC, TTRS

Is that really you? The importance of identity in breach response and recovery

Published 18/06/2019 | By RID

Presentation on Zero Trust and the importance of identity in breach response and recovery (as given at InfoSec Europe 2019 on the tech talk track). Continue reading →

Posted in Presentations | Tagged blue team, C-Suite, conference, incident response, InfoSec Europe, zero trust

Discover the secrets of the SOC

Published 18/06/2019 | By TMB

Presentation on building effective SOCs (as given at InfoSec Europe 2019 on the interactive workshop track). Continue reading →

Posted in Presentations | Tagged blue team, C-Suite, conference, InfoSec Europe, SOC

Where 2 worlds collide: Bringing Mimikatz et al to UNIX

Published 06/12/2018 | By TMB

Presentation on Active Directory integration solutions for UNIX (as given at Black Hat Europe 2018). Continue reading →

Posted in Presentations | Tagged analysis, auditing, Black Hat Europe, blue team, conference, exploit, hardening, red team, root, training, UNIX, Windows

The importance of logs: You won’t see what you don’t log

Published 31/10/2018 | By TMB

Presentation on logging and auditing strategies (as given at Secure South West 11). Continue reading →

Posted in Presentations | Tagged blue team, hardening, red team, SecureSouthWest, training

Playback: A TLS 1.3 story

Published 13/08/2018 | By AGA

Presentation on 0-RTT in TLS 1.3 (as given at DEF CON 26 and Black Hat 2018). Continue reading →

Posted in Presentations | Tagged Black Hat USA, conference, DEF CON, exploit, MiTM, SSL

Secrets of the motherboard

Published 16/02/2018 | By GCS

Presentation on “interesting” features of the Intel x86[_64] platform (as given at 44CON 2017).

A lot of recent work has gone into the discovery, analysis, and (on occasion) marketing of hardware weaknesses in the Intel x86[_64] platform particularly with respect to how it is often implemented as part of specific motherboard designs. Some, such as the recent speculative execution borne attacks, are issues in the architecture itself. Other issues, however, affect individual implementations. This talk will take a wide-coverage “state of play” look at x86[_64] platform security covering:

Architectural failings in hardware design
Identifying security issues with modern computer hardware (treat it just like IoT devices!)
Attempts at restoring privacy, ownership, and security
Code and data persistence
How secure hardware can be re-used