|Target Audience||Security Operations Center Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security
From Consultancies and Resellers/ Integrators are only technical people (which are involved in the Security Operation Processes) allowed to take part – max. one participant per company. Vendors and people with a Sales/Marketing role are not authorized as participants.
If you are not on the dedicated invitation list and you like to take part in this community and get the invitations, please fill out the application form.
|CPE Credits||Earn 4 CPE (Continuing Professional Education) for attending this SIGS event. Please request a confirmation.|
|Location||EPFL Innovation Park
Building C – Room Neptune 1st Floor
|Date of Event||26th of April 2018
|Participation Costs||CHF 55.–
Organization, presentations, beverages and apéro riche (almost dinner) included
|1:30 – 2:00||Registration & Apéro|
|2:00 – 2:30||Malick Sy, IT Security Manager at World Economic Forum (WEF)
Operational Security of the defenders and the threat actors
We will share a real case on how the security of a highly exposed event was handled.
|2:30 – 3:00||Omar Benjumea, Cybersecurity Architect at Kudelski Security
The rise of auto-spreading Ransomware
In this presentation we will look into why and how this happened. Furthermore, we will discuss key controls one should consider in order to successfully protecting organizations from future similar incidents.
|3:00 – 3:30||Cristian Zamfir, Co-Founder & COO at Cyberhaven
Toward data-centric security: the challenge to keep data safe when endpoints get breached
This talk argues for designing a security stack with data-centric security at its core and proposes some guidelines for implementing such a design. We’ll discuss how to reduce the window of opportunity for an attacker who managed to run code on corporate endpoints, what events to monitor in a SOC in order to better react and remediate such breaches, and what are the implications of such breaches on GDPR compliance.
|3:30 – 4:00 pm||Gabi Gerber, Founder of Security Interest Group & Marc Green, Threat Intelligence at Anomali
Project Shared Threat Intelligence Platform – SIGS-ISAC
|4:00 – 4:30||Coffee Break|
|4:30 – 6:00||Workshop with Dr. David Gugelmann, Security Analytics Researcher and the CEO of the ETH Spin-Off Exeon Analytics
Dr. David Gugelmann is a security analytics researcher and the CEO of the ETH Spin-off Exeon Analytics AG. Prior to founding Exeon Analytics in 2016, he was a postdoctoral researcher at ETH Zurich in the Networked Systems Group. His research interests are in big data analytics, digital forensics and machine learning for anomaly detection. He combines these areas by developing big data security analytics solutions to fight advanced cyber attacks.
Threat hunting using machine learning and big data analytics
In this workshop, we show how machine learning and big data analytics approaches can extract valuable information from millions of data points.
First, we present a novel, unsupervised approach to detect C&C channels in Web traffic. Our approach is based on the observation that the HTTP requests triggered by malware are different from the Web request patterns occurring during regular Web browsing. Therefore, by reconstructing and filtering the activities occurring during regular Web browsing, we can identify Web requests that are related to malware without training a malware-specific model. Our evaluation shows that we can reliably identify the C&C requests of APT malware campaigns that had been active during years without being detected.
This talk is based on the research publication “Lamprakis et al. Unsupervised Detection of APT C&C Channels using Web Request Graphs”, which was published at the DIMVA 2017 security conference (https://itsec.cs.uni-bonn.de/dimva2017/). The research was conducted in collaboration between the Zurich Information Security and Privacy Center (ZISC) of ETH Zurich and armasuisse Science and Technology.
Second, we show various techniques for detecting malicious behavior based on DNS logs and NetFlow-like data, such as:
|6:00 – open end||Apéro Riche & Networking
The speakers will be onsite for Q&A
The Sponsor of this event is:
This is a ‘must attend’ event for all Security Operation Professional! We are confident that the relationships you develop here will prove to be crucial to your continuing success.
So don’t wait and register or send us the application form by email
With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this platform. In addition, we share the contacts as well with the community itself.