Name: Mandy Woodland, Mandy Woodland Law
Title: Life without spam? Canada’s Anti-Spam Law (CASL), 12 weeks in
Abstract:The first piece of Canada’s Anti-Spam Law (“CASL”) came into effect July 1, 2014. Has it enhanced the safety and security of the online marketplace, as was its intent? Has it changed how email marketing and direct email campaigns are run? Are companies more cognizant of their responsibility in protecting privacy and security through CASL compliance? We’ll talk about those issues and how its implementation and enforcement have evolved since July 1st.
Name: Jamie Gamble, Accuvant Labs
Title: Identifying and Preventing Security Weaknesses in Security Controls
Abstract:In many cases security controls have created security weaknesses. While the controls added some measure of security the weaknesses they created were often unknown or overlooked. Drawing on real world examples this presentation will examine security controls and the security issues they created. Rules of thumb will be given to help practitioners avoid making similar mistakes.
Name: Mark Nunnikhoven
Title: (LO)Users
Abstract: To say that most in IT–and security specifically–have a generally negative view of users is an understatement. Users never pick a strong password. That user stored that document in the cloud. The virus got onto the network because that user brought it in. This attitude is putting your organization at risk.
In this talk we’ll explore the role this view has and how it colours your decisions. We’ll talk about why we hold this view and what we can do to change it. Unicorns & rainbows not included.
Name: Dwayne Hart
Title: Creating a Custom FreeBSD ISO
Abstract: In this talk I would like to discuss the process I went through to create my own custom FreeBSD ISO (which I based on the 7.x, 8.x RELEASE versions).
By building our own ISO we’re able to install third party packages, add in custom/proprietary software stacks which are not included in the RELEASE version of FreeBSD due to possible licensing issues. You can also implement an ssh trust between your build system and your remote machines and have the given root and other accounts setup with random passwords to have a truly secure/hardened system.
To provide an additional level of security, as a result of the creation of a base.mtree text file containing a hierarchical directory structure of our build, we can create a custom script based on mtree to construct something along the lines as Tripwire (an example can be seen from Dru Lavigne’s “BSD Hacks: 100 Industrial Tip & Tools”). This would allow us to audit our deployed systems and report and/or repair a given event.
Name:Dale O’Grady, Palo Alto Networks
Title: Hiding in Plain Site
Abstract: If the 2014 Application Usage and Threat Report confirms one thing above all, it’s that attackers are hiding in plain sight, using existing applications on your network and traditional exploit techniques in innovative ways to mask dangerous threat activity. Attend this session to learn how existing and common applications are being used to deliver threats and how to employ a robust attack-kill-chain to provide the necessary protections to this ever-evolving threat landscape.
Name: Steve Rainville, Deloitte
Title: Getting the most out of SIEM solutions
Abstract: Security incident and events monitoring (SIEM) solutions are growing more popular with organizations concerned about effectively protecting their sensitive data in a world where cyber threats are increasingly prevalent and sophisticated. But how much value do these solutions offer if they are not appropriately configured? And what are the challenges in making them work effectively? This session will explore the key considerations to getting the most value out of SIEM solutions and addressing the keychallenges faced with such systems including logging baselines, event normalization and correlations. Our presentation will draw on real-life case studies from our global security practice.
Name: Adam Sultan, Deloitte
Title:“SIEM Automated Kill Chain Correlation”
AbstractMove beyond use case based incident detection utilizing advanced kill chain correlation within your SIEM deployment. This session will focus on how to implement automated kill chain correlation to provide an enhanced layer of protection by detecting and tracking incidents as they progress through the logical stages of the cyber-attack framework. Experience the great and see specific examples on how easy it is to implement and deploy the framework engine – elevating your incident detection potential exponentially.
Name:Stephen Finn, NOCLand
Title: Network Management: Present and Future
Abstract: The software and best practices of Network Operations Centres will be discussed. Topics that will be included are:
Name:Jason Lilly, Verafin
Title: Cloud Security
Abstract: Introduction to different hosting models.
What makes an application secure?
Classic defense in-depth
Types of users/accounts that can access sensitive information
Registration\Networking – Coffee and Muffins Served
Opening Remarks
Name: Mark Nunnikhoven
Talk: (LO)Users
Name: Stephen Finn
Talk: Network Management: Present and Future
Name: Dale O’Grady
Talk: Hiding in Plain Site
Name: Dwayne Hart
Talk: Creating a Custom FreeBSD ISO
Lunch
Name: Jamie Gamble
Talk: Identifying and Preventing Security Weaknesses in Security Controls
Name: Mandy Woodland
Talk: Life without spam? Canada’s Anti-Spam Law (CASL), 12 weeks in
Name: Adam Sultan
Talk: SIEM Automated Kill Chain Correlation
Name: Jason Lilly
Talk: Cloud Security
Grand Prize Giveaway
Drinks and Social Gathering
