This week we joined droves of vendors and executives in celebrating InfoSecurity Europe’s 20 year anniversary. The venue, the London Olympia, is a behemoth filled wall-to-wall with company banners, awkward sales pitches, gimmicky totebags, gift lightsabers, and ‘free’ prosecco readily exchanged for cloud security pitches.
Security vendors, security vendors everywhere
This year, the organizers wisely decided to add a small conference annex under the banner of ‘Intelligent Defence’ with the intention of attracting a more content-oriented crowd. The talks were largely research-oriented and included a fair serving of IoT bashing and malware hunting.
Here we presented our ongoing research project on whitelisting titled ‘Wolf in Sheep’s Clothing: Your next APT is Already Whitelisted’ – stay tuned for an extensive analysis!
Intelligent Defence included notable presentations by Andrew Hay (OpenDNS), Daniel Mende (ENRW), and Sergey Bratus (Dartmouth). Hay gave us a preview of his ‘labor of love’ paper on IoT beaconing in the enterprise (found here), an extensive research into the domain queries common IoT products perform out of the box and their unregulated penetration into industry verticals.
Daniel Mende walked us through performing an analysis of proprietary network protocols, effectively lifting the veil of security by obscurity by not just showcasing the failure of this particular nameless protocol but also providing the crowd with a sense of the relative ease with which these protocols can be probed, dismantled, and effectively obviated.
Finally, Sergey Bratus shared a brilliant exposition of the complex relationship between defensive and offensive computing, partially defined in terms of ‘weird machines‘ to ease a widespread difficulty in describing the dynamics that enable fruitful InfoSec research – that difficulty subsequently leads to problematic regulatory over simplifications like the expansion of the Wassenaar arrangement currently under consideration.
Intelligent Defence is a strong step in the right direction for Europe’s largest InfoSec conference. We hope to see you there next time.
Source: Kaspersky