Friday, 12 October 2012

RSA Conference Europe 2012

I was delighted to be invited to attend the RSA Conference Europe in 2012 (9-11/Oct) in London [1]. A number of interesting talks which included Jimmy Wales talking about the freedom of speech on the Internet and the distribution of knowledge through Wikipedia.

I was looking forward to Ira Winkler's talk "What the Security Profession Can Learn From the Intelligence Profession". Very interesting views as always and one of the few people in security that has something new to say, without repeating outdated ideas. 

Adrienne Hall's presentation from Microsoft was very informative and well delivered. She talked about the Security Intelligence Report (SIR) v13, security tools [2] like the Attack Surface Analyzer, the (anti)Cross-Site Scripting library, the The Enhanced Mitigation Experience Toolkit (EMET) and introduced us to the Cloud Computing study [3]. However, you may want to take a closer look to the following numbers. One of the the Cloud Adoption Benefits is that it improves security by 54% while one of the Cloud Adoption Barriers for a company to adopting/move to cloud services, is security concerns by 44%. 

  Cloud Adoption Benefits         Cloud Adoption Barriers
    57% Time Savings                   44% Security Concerns
    3x Money Savings                   61% Industry Standards
    54% Improved Security           59% Transparency

The real problem with the aforementioned percentages is that they differ in reality based on which side of the fence you are. If you are not taking security seriously or you do not want to spend money in this are, the cloud is most probably the best solution for you. If you know what you are doing, moving to the cloud will only take away all the costs of maintaining/securing your own data centre.

Another interesting and entertaining talk was that of Herbert "Hugh" Thompson. Cyber Intelligence, cyberstalking, a bird joke lighten up the atmosphere. 

Mitja Kolsek (@mkolsek) from ACROS security gave a talk on how you could rob a bank and get away with it. It was an interesting subject but it only scratch the surface as I assume it was intended for all the managers attending the presentation who don't like technical stuff. 

I have attended Bruce Schneier's talks before but this time I had the change to briefly have a chat with him and I also seized the opportunity and asked him to sign my copy of Liars and Outliars (which happened to have with me for that reason!). 

Last but not least, Stuart McClure was there (author of Hacking Exposed) and we also had a brief chat. He had a few copies of the new edition of hacking exposed with him which he signed and gave out to people. I am one of the lucky one he gave one! Thank you Stuart.

in the Crypto Commons hall, one could find almost all the security vendors. The interesting bit of the day was this new WAF called Mykonos from Juniper which caught my attention. I moved closer and started listening as the guy was demonstrating the software's capabilities to a potential client. Long story short, after the demonstration I approached the guy and said that I have 2 questions for him. The first one was about profiling the attacker, which we clarified what he meant by that. The second one was about the live demo he did. The Web Application protected by the WAF had a value on the URL which it was equals to True. If you tried to change this value to False then the WAF would picked that up and wouldn't allow a False value to reach the back-end. I asked him if I can change the value to False myself (my way) in order to test if the WAF will pick it up. He said yes and he allowed me to change the URL string. Surprise-surprise, False value went through, all the way to the back-end and the WAF didn't picked it up (awkward moment of silense). Well, we all understand that there is no silver bullet in security but I won't lie. I was glad I managed to do this just by looking at the S/W demo for 5 minutes and on my first try. 

It was a very exciting to be there and had many interesting talks with a lot of people during these 3 days of the event. Looking forward to a future RSA Conference.  


No comments:

Post a Comment