An effective incident response capability is becoming increasingly critical. High profile breaches and increased oversight amplify the importance of acting decisively and appropriately when an event occurs. We will review foundational elements of building a mature, adaptable incident response process; embracing complementary approaches used to manage operational risk in real-time.
Rob Beck, Senior Security Consultant, and Noelle Murata as the co-presenter, presented a workshop on "MS SQL Post Exploitation Techniques".
Joe Schumacher, Neohapsis’ Senior Security Consultant presented on "Strategies for a Successful PCI DSS V3.0 Assessment".
Patrick Thomas, Senior Security Consultant, presented on "Building a Social Engineering-Resistant Organization".
Rob Beck from Neohapsis presented a SkyTalk titled: “SQL-Gestalt: A MS-SQL Rootkit Framework”.
Kate Pearce and Patrick Thomas from Neohapsis presented a talk titled “Multipath TCP: Breaking Today's Networks with Tomorrow's Protocols”.
There has been a surge of proposed standards and governing documents to improve web security. Client side flaws are being addressed by standards such as content-security-policy and IFRAME sandboxing. Data in transit is being more tightly secured using HTTP Strict Transport Security. There is a plethora of technologies available like X-frame-options, ORIGIN header, encrypted media extensions, and X-XSS-Protection. We look at the intricacies of the proposed and accepted standards as well as how they are implemented. Security considerations will be addressed for these technologies from a design perspective and with a discussion on any weaknesses observed.
217 North Jefferson Street
Chicago, IL 60661
FAX: +1 (773) 394-8314
5605 North MacArthur Blvd
Irving, TX 75038
FAX: +1 (972) 715-2099
Additional Offices and/or
Consulting Concentrations in Boston,
New York City, Washington, D.C.,
Denver, and Seattle