Conference Talks – October 2021

This month, members of NCC Group will be presenting their work at the following conferences:

  • Jennifer Fernick & external panelists, “Threatscape 2023 and Beyond: AI, Deep Fakes and Other Unexpected Challenges”, to be presented at MapleSec (Oct 6 2021)
  • Damon Small, “Which security role is right for me?”, to be presented at Shellcon  (Oct 8 2021)
  • Brian Hong , “Sleight of ARM: Demystifying Intel Houdini”, to be presented at ToorCon  (Oct 12 2021)
  • Damon Small, “Beyond the Scan: The Value Proposition of Vulnerability Assessment”, to be presented at UTINFOSEC Fall 2021  (Oct 14 2021)
  • Robert Seacord, “Secure Coding in C and C++”, to be presented at NDC TechTown 2021  (October 18-19 2021)
  • Sourya Biswas, “Security from Scratch: Reminiscing Being the 2nd Security Employee at a Startup”, to be presented at InfoSec World (Oct 25 2021)

Please join us!

Threatscape 2023 and Beyond: AI, Deep Fakes and Other Unexpected Challenges
Jennifer Fernick & external panelists
MapleSec
October 6 2021

Moderator

  • Darrin Horner, Regional Sales Manager with OKTA 

Panelists

  • Jennifer Fernick, SVP & Global Head of Research, NCC Group
  •  Dr. Hadis Karimpour, Associate Professor and  Chair in Secure and Reliable Networked Engineering Systems, University of Calgary
  • Cara Wolf, CEO, Ammolite Analytx.


Which Security Role is Right for Me?
Damon Small
ShellCon
October 8 2021

Infosec is an industry of diverse professionals, and the roles available are equally diverse. Even after one decides to pursue a career in cyber security, navigating through the myriad job types that exist can be daunting. The speakers, Damon “ch3f” Small and Paul Love, will reflect on their decades of experience in the industry and offer guidance as to how a candidate can focus their job search in specific areas of infosec. From red team, to blue team, to consulting, compliance, and management, there is a role for everyone. Attendees will have ample time for Q&A after the speakers’ prepared remarks, will gain a greater understanding of professional opportunities that exist, and will learn ow to determine which type of role may be best for themselves.


Sleight of ARM: Demystifying Intel Houdini
Brian Hong 
ToorCon
October 12 2021

Infosec is an industry of diverse professionals, and the roles available are equally diverse. Even In the recent years, we have seen some of the major players in the industry switch from x86-based processors to ARM processors. Most notable is Apple, who has supported the transition to ARM from x86 with a binary translator, Rosetta 2, which has recently gotten the attention of many researchers and reverse engineers. However, you might be surprised to know that Intel has their own binary translator, Houdini, which runs ARM binaries on x86.
In this talk, we will discuss Intel’s proprietary Houdini translator, which is primarily used by Android on x86 platforms, such as higher-end Chromebooks and desktop Android emulators. We will start with a high-level discussion of how Houdini works and is loaded into processes. We will then dive into the low-level internals of the Houdini engine and memory model, including several security weaknesses it introduces into processes using it. Lastly, we will discuss methods to escape the Houdini environment, execute arbitrary ARM and x86, and write Houdini-targeted malware that bypasses existing platform analysis.

Beyond the Scan: The Value Proposition of Vulnerability Assessment
Damon Small
UTINFOSEC Fall 2021
October 14 2021

Vulnerability Assessment is, by some, regarded as one of the least “sexy” capabilities in information security. However, it is the presenter’s view that it is also a key component of any successful infosec program, and one that is often overlooked. Doing so serves an injustice to the organization and results in many missed opportunities to help ensure success in protecting critical information assets. The presenter will explore how Vulnerability Assessment can be leveraged “Beyond the Scan” and provide tangible value to not only the security team, but the entire business that it supports.

Secure Coding in C and C++
Robert Seacord
NDC TechTown 2021
October 18-19 2021

Secure Coding in C and C++ is a two day training course that provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is vulnerable to exploitation.

Security from Scratch: Reminiscing Being the 2nd Security Employee at a Startup
Sourya Biswas    
InfoSec World
October 25 2021

What happens when a small company equipped with the brand new security program you built suddenly becomes a not-so-small company successful enough to be targeted by cyber attacks? This case study will outline the security roll-out at a startup and reveal how they remained result-oriented even on a small budget. Attendees will leave with recommendations that have since been successfully implemented by multiple other lean startups, and applicable to anyone tasked with building or rebuilding enterprise cybersecurity, or working with limited funding.

Key Takeaways:

  • Understand the thought process of a new CISO at a company without a security program.    
  • Realize what a startup’s Board typically looks for in a new security program.
  • Understand how Defense in Depth is a viable approach towards implementing security from scratch.
  • Learn about some common gaps encountered assessing startups’ security postures.