#bsideslondon

A Welcome from the Organiser Welcome to Security B-Sides London. Security B-Sides has been making waves in North America for the last 2 years and we thought it was about time we did something here. It was July 2010 when when we first started planning the London event and here we are. It has been been a long and arduous journey but it has been worth it. We never anticipated the amount of support and interest for this event and this has certainly given us drive to keep going and start planning another event. These events mean something different to each of us whether is to learn some new technique or exploit, to network or just to catch up with old friends. So what ever your reason for attending relax and enjoy. I certainly have a new found respect for people who have the courage to put events like this on in their home town. The list of contributors is long and I want to say a special thank you to them. Everyone who you see around the room with a volunteer t-shirt has a day job so thank you for giving up your time to do this. Of course this event cannot happen without our sponsors who kindly donate to our cause. Thank you! Matt - BSidesLondon Team

After Security B-Sides London finishes, the party starts! As you know another important part p of BSides is the networking and having fun part. nothing better than chilling out with friends (old After a long day of talks there is n and new), brew in hand, talking of the things you love. On Wednesday April 20th London iis lucky enough to have more than one security event happening. In the evening, the well established DC4420” Defcon’s London gatherings. Chapter”, is running one of their monthly m of the group, others have never heard of them Many of us are already members o it doesn’t matter - the important bit b is that they are security geeks with a great line up of talks and an excellent bar. So let’s DDOS the bar together and prepare to enjoy their presentations, enjoy the drinks and meet more hackers and geeks for a fantastic end to a great day. The Security B-Sides London Team

What is on the menu at DC4420 Technical Talk: Evading Defences, Steve S Lord. Fun Talk: cccamd, spartacus, and th the largest sat-card sharing ring in the world, Neil 'mu-b' Kettle

Where: The Phoenix Pub (downstairs) Cavendish Square W1G 0PP

How to get there: Take Route 55 towards Oxford Circus from Bus Stop (BX- ALDERSGATE STREET / GOSWELL ROAD) or Stop (Clerkenwell Road / St John Street ) both 1 minute walk and alight at the last stop at Oxford Circus Stop: OG and walk 30 seconds to the Phoenix If you are not coming from the venue then use the address above and you're sure to find us! www.tfl.gov.uk/buses Tube (2 Min Walk): From Oxford Circus Station leave via Exit 4, and walk up Regents Street between H&M and Nike town. Take the second left onto Margaret Street and you can’t miss us!

TRACK 1 SPACE INVADERS 9am

Registration and Tea & Coffee Welcome Address - Matt Summers

10am

“Social Media & Security: Are they compatible?” - Dr. Paul Judge

“Cloud Computing Due Diligence - WTF?” Jimmy Blake 11am “Practical Crypto Attacks Against Web Applications” - Justin Clarke 12pm “How not to get hired for a security job!” - Stephen Bonner

1pm

LUNCH

2pm

“Breaking, Entering and Pentesting” - Steve Lord

“Breaking out of restricted RDP” - Wicked Clown 3pm “Agnitio: its static analysis, but not as we know it” - David Rook 4pm “Your money, your media - a DRMtastic Android reverse (re)engineering tutorial.” - Manuel 5pm “Security YMCA” - Chris John Riley - The Suggmeister Arron “finux” Finnon - Frank Breedijk

6pm

Goodbye from the B-Sides London Team Next Years Plans - Challenge Prizes

TRACK 2 TETRIS “DNS Tunneling: It’s all in the name!” - Arron “finux” Finnon 10am “Jedi Mind Tricks For Building Application Security Programmes” - David Rook & Chris Wysopal

“Malware Writing 101 - A Script Kiddie’s Attempt At Writing And Masking Trojans” - Ellen Moar & Colin McLean “All your logs are belong to you!” - Xavier Mertens

LUNCH

11am

12pm

1pm

“The failure of the authentication revolution"” - Benjamin Boulnois & Tim Dobbelaere

2pm

“Pen Testing Must Die” - Rory McCune

“The Funny Thing About Information Security...” - Jim Shields

“Kick Ass Zero-Day Malware Hunting - Putting Aside The Obvious” - Alex Cox

“You Built A Security Castle And Forgot The Bridge... Now Users Are Climbing Your Walls” - Soraya Viloria Montes de Oca Arron Finnon - FrankThe Breedijk “Layer“finux” 8 Security - Securing Nut Between The Keyboard & Screen”

3pm

4pm

5pm

- Brian Honan

SEE PAGE 3 FOR AFTER PARTY

TRACK 3

GALAXIANS

GALAXIANS IS FOR AD-HOC TALKS, WORKSHOPS & FREE DISCUSSIONS. CHECK THE DOOR FOR DETAILS.

Speaker Bios Dr. Paul Judge is the Chief Research Officer and VP Cloud Services for Barracuda Networks. Dr Judge serves as chief research officer and vice president of cloud services at Barracuda Networks. In this role, he leads the Barracuda Labs threat intelligence team and is responsible for application security, Web threat, intrusion and anti-spam intelligence for over 100,000 appliances deployed worldwide. He was co-founder and chief technology officer at Purewire, a Web security SaaS vendor acquired by Barracuda Networks in October 2009. Previously he served as chief technology officer of CipherTrust and Secure Computing. Dr. Judge is a recognized authority on Internet security, having won numerous honors including InfoWorld Top 25 CTOs, Atlanta Power 30 under 30 and MIT Technology Review Magazine's 100 Top Innovators under 35. He regularly presents at leading conferences and is quoted by national business and technology trade press, and has been awarded 10 patents and has over 20 patents pending. Dr. Judge earned a Ph.D. in Computer Science from Georgia Tech.

Arron M Finnon, aka "Finux" studied full-time at the University of Abertay Dundee doing Ethical Hacking and Countermeasures BSc, and has been involved with ethical hacking for a little over 4 years. After spending some amount of time as an independent security consultant and researcher, in 2010 finux returned to university to resume his studies. During the past 4 years, finux has produced a number of talks and delivered them throughout the UK, in addition to his passion for podcasting. During his podcasting carer he has produced over 40 shows predominately focused on security concepts and its practitioners. In 2009 he was awarded the SICSA Student Open Source Award for his Advocacy of Free and Open Source software. He now runs a weekly podcast show about technology, and security matters named; Finux Tech Weekly, which can be found at www.finux.co.uk

Jimmy Blake has nearly two decades experience in information security and business continuity. He currently is the Group Chief Security Officer for Mimecast, a UK based Software-as-a-Service company awarded 5th fastest growing Tech company in Europe by Deloitte and featured in the top ten of both the Guardian Tech Media Invest and Sunday Times Tech Track 100. At Mimecast he is responsible for the security of corporate systems and facilities, as well as that of the service platform itself spanning nearly a dozen data centres on three continents. Jimmy holds a CISSP, CISM and CCSK. He has previously spoken at many events around the world including InfoSec, StorageExpo and ITWeb ZA. When not managing risk, Jimmy can be found drinking fine Belgian beers, head-banging to trash metal or riding Harley-Davidsons.

David Rook works as a Security Analyst for Realex Payments in Dublin. He is a contributor to several OWASP projects including the code review guide and the Cryptographic Storage Cheat Sheet. He has presented at leading information security conferences including DEF CON, SecurityBSides Las Vegas and RSA Europe. David was one of the founding members of the Dublin Security Group and continues to be an active participant in this group. In addition to his work with OWASP and the Dublin Security Group David created a security resource website and blog called Security Ninja and released the Agnitio security code review tool. In 2010 the Security Ninja blog was nominated for the best speciality blog at the Irish Blog Awards, the Computer Weekly IT Security blog award and was a finalist for the Irish Web Awards Best Technology Site.

Chris Wysopal is co-founder and CTO of Veracode, which provides an on-demand software security analysis service. He has testified on Capitol Hill on the subjects of government computer security and how vulnerabilities are discovered in software. Chris co-authored the password auditing tool L0phtCrack, wrote the windows version of netcat, and was a researcher at the security think tank, L0pht Heavy Industries, which was acquired by @stake. He was VP of R&D at @stake and later director of development at Symantec, where he led a team developing binary static analysis technology. He was influential in the creation of responsible vulnerability disclosure guidelines and a founder of the Organization for Internet Safety. Mr. Wysopal wrote "The Art of Software Security Testing: Identifying Security Flaws", published by Addison Wesley and Symantec Press in December 2006. He earned his Bachelor of Science degree in Computer and Systems Engineering from Rensselaer Polytechnic Institute.

Justin Clarke is the Director and Co-Founder of Gotham Digital Science Ltd. He is a senior security consultant with extensive international Big 4 risk management, security consulting and testing experience. Based in the United Kingdom, with previous experience in the United States and New Zealand. Lead author/technical editor of "SQL Injection Attacks and Defenses" - published May 2009 by Syngress, co-author of "Network Security Tools" - published April 2005 by O'Reilly, contributor to "Network Security Assessment, 2nd Edition", as well as a speaker at various security conferences and events such as Black Hat, EuSecWest, ISACA, BruCON, OWASP, OSCON, RSA and SANS. Currently Chapter leader of the OWASP London chapter, and a member of the OWASP Global Connections Committee.

Ellen Moar is a Security Software Engineer and authentication researcher within a large private corporation, where she designs and develops security software for specialised environments. She also works with the University of Abertay Dundee Ethical Hacking department to help provide the university with industry perspective and real-world context for their degrees. Her recent research areas include NFC and mobile security, security awareness and education for programmers, penetration testing methodologies, forensic analysis and deniable encryption. Colin McLean is a lecturer in Ethical Hacking at the University of Abertay in Dundee. His claim to fame is that he designed the first undergraduate degree in the world with the word “Hacking” in the title – gaining the nickname of “Dr Hacker” from the Sun Newspaper. Colin has gained the CEH qualification and is also a trained penetration tester. Colin teaches the Ethical Hacking modules to the PGD in Ethical Hacking and later years of the B Sc in Ethical Hacking at Abertay University. Colin’s research and interests are varied but one major area of interest is investigating how easy it is for relative novices to develop effective hacks and hacking tools. Stephen Bonner is Barclays Head of Information Risk Management responsible for managing the global information risk team. Mr. Bonner joined Barclays, initially Barclays Capital, in 2003 from LIFFE. Prior to LIFFE, Mr. Bonner worked at investment banks, Virgin.Net, UKERNA helping run the UK academic Internet and started his career in the Oxford University Maths Department. Mr. Bonner has held CISSP, CLAS and SANS certifications and is a BCS member and an IISP associate member. He has helped run the IB SIG, the FSIE, GSC judging, the committee for the Whitehat ball in aid of Childline and his running his first Marathon in aid of Childline two days before Security B-Sides London.

Xavier Mertens is a Security Consultant working for C-CURE, a Belgian consultancy company. His job focuses mainly on "security monitoring" solutions such as log management, SIEM, incident management but also on audits and pentests. Instead of following vendors, he prefers to find the best solutions to solve security issues. One of his preferred tool at the moment is OSSEC. He wrote several blog articles about this software to increase its performance or visibility. In parallel to his daily job, Xavier maintains his security blog and offers some spare time and resources to initiatives like BruCON, EuroTrashSecurity. Steve Lord is a career penetration tester and malware analyst. In over 12 years of penetration testing around the world, he has tested just about every type of network or piece of software you can think of and still has nightmares about report writing. Steve has spoken at conferences around the world on subjects ranging from SAP insecurity to the Chinese military. He founded Mandalorian Security Services in 2005 and sits on the TigerScheme Technical Panel. His current obsessions are tunneling and anti-memory forensics. Benjamin Boulnois is EMEA Regional Manager for DigitalPersona, and is responsible for developing and leading the company’s presence in Europe. Since 1998, Ben has held several senior positions driving multi-million dollar businesses in the IT and network security industry, and has extensive experience in establishing and re-launching EMEA businesses, selling emerging technologies and building new strategic alliances. Before joining DigitalPersona, he was Senior Director at Shunra, the world’s top Application Performance Engineering (APE) firm; and he has also held management positions at AirMagnet, Axial Systems and Network Associates.

Tim Dobbelaere is an expert in computer and network security, authentication and biometric technology. Since 1999, he has worked as a software developer, IT manager and biometrics consultant within the IT security sector, and is currently Technical Sales Manager (EMEA) at DigitalPersona, the strong authentication and fingerprint biometrics specialists. Tim’s background encompasses systems architecture, server design and development, with specific expertise in authentication, cryptography, smart cards and biometrics. Before joining the team at DigitalPersona, Tim was Belgium country manager for Linux Counter, having previously held positions at SSL certification pioneers Thawte and SITA, the providers of business technology for the air transport, supply chain and government sectors. He has also worked as a biometrics consultant for BioWise, a vendor-independent systems integrator.

Rory McCune has worked in IT and Information Security for the past 15 years. He has held posts in several large UK financial services security teams designing and delivering IT Security and Penetration Testing services as well as working in several consultancy roles. He is currently a director at 7 Elements Limited a Scotland based IT Security Consultancy. He is the OWASP Scotland chapter leader and presents regularly on technical security topics including application development security and penetration testing.

Wicked Clown, UK Cyberpunk has been in the IT Industry as a consultant for 15 years, working in Security for three years but with over 20 years personal experience. Enjoys investigating all types of security, pretty much jack of all trades. A part from the five minute lighting talk at BruCON in 2010 this is my first ever real talk at a security conference.

Jim Shields is creative director at Twist & Shout Communications. He has spent the last 25 years studying the way organisations and the people in them communicate. A background in theatre and TV production, there was simply no other job for him. Last year we won our first two IVCA awards for the production of short film comedies for business. Secure Computing awarded a best project award to Barclay’s as a result of his work on “the Risk”, and this year we saw another IVCA win with Sony. Six years ago he began stand up comedy because as mid-life crises go it was cheaper than skydiving.

Alex Cox, is the Principal Research Analyst at NetWitness Corporation, providing consulting in network forensics and monitoring to clients and studying existing and emerging information security events to develop content and intelligence for the NetWitness solution suite. Prior to joining NetWitness, Alex was the lead researcher on the emerging threats analysis and solution development team at the Wachovia Corporation and was responsible for forensics analysis and incident response for security events. He is a former Army Officer in the U.S. Army Military Police Corps, and a former Police Officer. Alex holds a B.S in Administration of Justice from Virginia Commonwealth University, and an M.S in

Manuel Leithner is employed as an academic information security researcher at a competence center in Vienna. Having been hired out of high school and now working on his BSc in Software and Information Engineering, his previous work focuses on cloud storage, social network forensics and mobile security. In his spare time, he breaks, reverses and/or enhances software after growing annoyed with it and is involved with the European Youth Parliament.

Soraya Viloria Montes de Oca is a Security practitioner with 20 years’ experience in a variety of technical environments. She has held Cisco, Checkpoint, RSA and Sun certifications moving gradually into governance and compliance. Currently a CISSP, she considers herself lucky to have gained insight into different business cultures as that has allowed her to be bilingual: “I can speak Business and Geek”. Soraya is passionate about what she does. She is an active member of her local BCS as well as part of the BSidesLondon Crew; she’s always working hard raising the profile of women in IT, mentoring young engineers and generally having geek fun.

Frank Breedijk has been active in IT Security for over 10 years. Before joining Schuberg Philis he worked as a Security Consultant for INS/BT and Security Officer for Interxion. He managed the European Security Operations Center (SOC) for Unisys' managed security services. During this period Gartner labeled Unisys leader in the magic quadrant for Managed Security Services in Europe. Besides his day job Frank Breedijk is an active on Twitter and writes blog entries for CupFighter.net. He has also written magazine articles about Seccubus and security awareness.

Chris “@TheSuggmeister” Sumner has been directly involved in Corporate Information Security since 1999 and has maintained a passion for security since seeing Wargames when it first came out. After a lengthy stint as a Pivot Chart creating, PowerPoint wielding, Security Manager for a business division that alone would make the Fortune100, he has turned his attention to a more geeky pursuit and is currently focused on Security in the Development Lifecycle. Outside the corporate world Chris is a data mining, analysis and visualisation geek at heart and also enjoys hiding skateboards in the UK for Tony Hawks twitter hunts.

Brian Honan is recognised as an industry expert on information security and has addressed a number of major conferences relating to the management and securing of information technology such as RSA Europe, BruCON, Source Barcelona and numerous others. Brian is author of the book "ISO 27001 in a Windows Environment" and has also published a number of technical papers and has been technical editor and reviewer of a number of industry recognised publications. Brian is the European editor for the SANS Institute's weekly SANS NewsBites, a semi-weekly electronic newsletter. Brian founded the Irish Reporting and Information Security Service which is Ireland's first national CSIRT (Computer Security Incident Response Team). He is a member of the Information Systems Security Association, Irish Information Security Forum, Information Systems Audit and Control Association, a member of the Irish Computer Society,the Business Continuity Institute and was a founding member of the Irish Corporate Windows NT User Group.

We support

Sponsors: Sponsors

Special Thanks To: Fuzzy Aliens for the metal badges.

StackExchange

Boris schaa of schaacomics.de for B-sides london logo design Barclays for name tags. Tripwire for T-Shirts, Stickers & Participants Badges. Mike Dahn - Security B-Sides co-founder. Didier Stevens for the great challenges. Chris Gerling - Securabit Podcast (securabit.com). Norbert Griffin - BSidesStJohn. The participants, speakers for a great day and the volunteers for their time skills and overall willingness to be bossed about.