Presentation @ Securi-Tay 2017

Feb 24 2017, Dundee, UK

Posted on 8 February 2017

Talk Presented By Countercept:

Topic: Advanced Attack Detection

Speakers: William Burgess & Matthew Watkins
Talk description:

We hear about advancements in the offensive security realm all the time, with new attack techniques being published, new tools released and high profile breaches of major organisations reported in the news. With a whole bunch of technical certifications, training and frameworks available, the offensive security industry is very well represented and fairly well understood, at least in comparison to defensive security. But what do these attacks actually look like, how can we defend against them, and what techniques are there for detecting them?

In this talk, we’ll explain some of the technical concepts of threat hunting. We will be looking at what is beyond traditional signature detection – the likes of AV, IPS/IDS and SIEMs, which in our experience are ineffective – and detailing some of the ways you can catch real attackers in the act. As a case study, we’ll look at some of the specifics of common attack frameworks - the likes of Metasploit and Powershell Empire - walking through an example attack, and showing how they can be detected. From large-scale process monitoring to live memory analysis and anomaly detection techniques, we will cover some of the technical quirks when it comes to effective attack detection.


About Securi-Tay:

Securi-Tay is an information security conference held by the Ethical Hacking Society at Abertay University. After the sell-out success of Securi-Tay V this year’s event will run on Friday 24th of February 2017. The conference will be held in Abertay University, benefiting from the fantastic transport links to Dundee. As well as transport, Dundee benefits from affordable accommodation in the city center, as well as a thriving technology community and the reputation for being Scotland’s sunniest city.

The conference is aimed at anyone with an interest in hacking and information security. You don’t need to be a l33t h4x0r to attend and enjoy the event: Securi-Tay promises to provide a fantastic, worthwhile experience for everyone, new to the scene and conference veterans alike. The conference will feature talks from industry professionals and students as well as some workshops. Lunch and an evening buffet will be provided in the bar across the street.