Tuesday, 4 September 2012

Deep INTEL - Day one

The guys from DeepSec have done a great job with the DeepINTEL conference.  Well organised, great location and a good speaker line up.  They kindly let me talk about the importance of breach disclosure, so I gave an updated version of the Athcon talk incorporating some of the feedback and post con chatter.

Quick summary of my favourite presentations from day one.

Wargames in the fifth domain - Karin Kosina

Karin gave a really great presentation on the concept and notions of "cyberwar" or what it isn't really.  When the slides go out I highly recommend a read through them as it was well delivered and referenced.  Covering the various international treaties and conventions on what actually constitutes war and the acts of violence that constitute force.

I think the biggest take away point for me from Karin's talk was that most of the rhetoric on cyber war actually describes electronic espionage (I'm going to stop saying cyber now!). Very few instances of damage have occurred that would constitute violence in order for the act to be considered war.

Hopefully I'll manage to get her to co-author the piece I'm writing on collateral damage from electronic espionage

Sexy Defence - Maximising the home field advantage - Iftach Ian Amit

Some really interesting content from Ian on establishing a culture of counter intelligence and investigating what the legal extent of certain counter ops are, as well as the benefits of sensible risk based pen-testing.  Good demo on poisoning malware to give it a signature that is easily detectable, that helps verify that your source of intelligence on threats is accurate, and also enables it to be blocked with a custom IDS signature.  I think that the Bsides Dallas crew might have pinched Ian's subject as the theme for their CFP is just called "sexy defence"!

Picking two favourites from the day two line up could be tricky as there does appear to be some good subjects on the roster.

No comments:

Post a Comment