CONTENTS OF LECTURES 2021
How the military can enhance Cybersecurity by moving to the Cloud
Today, military analysts, together with the relevant infrastructure, around the world are struggling to cope with a constantly increasing amount of data, coming from almost everywhere. Moreover, the military environment itself adds an additional critical factor, that heavily affects the availability and integrity of data. Introducing and exploiting a “military-grade” cloud environment might provide the necessary flexibility, scalability, and fault tolerance which is needed in modern day operations. This can be achieved by the provision of alternate data routes, backup solutions, authentication mechanisms. Another exploit could be the allocation of resources where and when they are needed; for example, in order to quickly perform tasks that require increased processing power. Special provisions at the hook points can provide automatic recognition of bottlenecks or other issues, and act with little or no human intervention. In all, such a solution can enhance overall cybersecurity.
Lecture is being prepared
Locking down an Oracle Database
This talk is an overview of the key steps involved in locking down an Oracle database. What can we do with the core features and what other tools are available. We look at how and why to lock down breaking the task into patching, hardening and actual data security. Locking down Oracle is not trivial as its a complex software and made more complex by virtue of each customer adding their own data model and application data and security. Join Pete for this whirlwind tour of securing Oracle.
M365 Security introduction
Microsoft Secure Score is a security analytics tool designed to help organizations understand what they have done to reduce the risk to their data and show them what they can do to further reduce that risk. Secure Score determines what Microsoft 365 services an organization is using, then looks at its configuration and behaviors and compares it to a baseline asserted by Microsoft. Rather than reacting or responding to security alerts, the Secure Score tool enables organizations to track and plan incremental improvements over a longer period of time.
Prediction for AI driven cyber security - Offensive and Defensive
Vuln Hunting Using Python AST
Application security engineers and vulnerability hunters often search code for specific strings or patterns as a starting point for vulnerability discovery. In this talk I aim to show how searching raw code can be improved upon by searching Python abstract syntax trees. We used such techniques at Bitstamp security team to help us discover codebase specific patterns which are otherwise hard to search for. These patterns can be used to improve SAST automation which you might already use in your CI/CD pipeline. I will opensource a simple proof of concept AST scanner for searching custom AST patterns with some code structure awareness.
Whoever disappears has perhaps never existed
Nowadays a large portion of life takes place on the internet and it is estimated that around 4 billion users are active on social media.
Obtaining information on a specific target has never been easier and digital lives have a decisive influence on what happens in offline existence.
Privacy on the internet is in fact non-existent, users lose control of the information they disseminate more or less consciously and very often have to face the consequences for the rest of their days.
Can we regain our privacy? Can we erase our traces and completely disappear from the digital world?
In this talk we will explore the most common ways to collect information about the targets and, most importantly, how to protect yourself to the point of becoming a ghost on the internet.