Security
Presentations about Security
Guardians of the Galaxy: Architecting a Culture of Secure Software
EternalBlue: Exploit Analysis and Beyond
ID Crisis! Take Back Control With Self-Sovereign
Securing Serverless – By Breaking In
Encryption Without Magic, Risk Mngmnt Without Pain
Formal Methods at Amazon Web Services
Bigger, Faster and More Secure
Insecure Transit - Microservice Security
Security Champions: Only YOU Can Prevent File Forgery
Attack Trees, Security Modeling for Agile Teams
How Performance Optimizations Shatter Security Boundaries
AMA w/ Laura Bell
Interviews
EternalBlue: Exploit Analysis and Beyond
What is the focus of your work today?
I am a cyber security analyst at riot games, working within our internal blue team. My day-to-day involves active threat hunting as part of a team of analysts looking for threats to Riot, Rioters and our player base. The Technical threat hunting can be as wide as reviewing logs from traffic entering and leaving our environment, to as narrow as specifically reviewing processes and logs from a single build server to identify any unusual activity. A large amount of my personal development time is being channeled into Malware and Exploit Analysis based around both threats targeting Riot and those raised by the global infosec community.
What’s the motivation for this talk?
Understanding of newly released Malware and Exploits is something that I feel is severely under appreciated outside of a core group of CyberSecurity Professionals. In understanding these exploits we can build detections and provide advice to our companies and colleagues on how they can protect themselves against such risks. I want to provide people who have an interest in security with some basic knowledge and a starting point to begin analysing and sharing data when situations like the shadowbrokers dump occurs and help develop their own skills much as I did myself.