SlideShare a Scribd company logo

NTXISSACSC3 - Manage Mobile Security Incidents like A Boss by Ismail Guneydas

North Texas Chapter of the ISSA
North Texas Chapter of the ISSA

Manage Mobile Security Incidents like A Boss

Technology
1 of 29
Download to read offline
@NTXISSA #NTXISSACSC3 Manage Mobile Security Incidents Like A Boss Ismail Guneydas Security Manager/Faculty Kimberly Clark/Texas A&M 10/02/2015
@NTXISSA #NTXISSACSC3 Legal Notice From My Lawyer The opinions expressed in this presentation represent my own and not my employers. 2
@NTXISSA #NTXISSACSC3 Bio •Sr. Vulnerability Manager at Kimberly Clark. •Built and manages KCC's first vulnerability management program. •Previously I worked at Yahoo! where I built and led global e- Crime investigations and incident response teams. I received Yahoo! Hackovation and Yahoo! Excellence awards for his innovative work in successful operations against fake customer care centers. •Adjunct faculty at the Texas A&M University and teach computer science courses. •Completed Master of Science in Computer science and hold degrees in Mathematics and Electronics engineer. Currently working towards MBA at UT Dallas. 3
@NTXISSA #NTXISSACSC3 Agenda •Mobile Industry In Numbers •Mobile Security In Numbers •Mobile Security vs PC Security •Mobile Vulnerability Triage •Android •iOS •Conclusion 4
@NTXISSA #NTXISSACSC3 Mobile Industry In Numbers • Google store has 1.6 million applications, and Apple store has 1.5 million applications. • There are 102 billions mobile app download worldwide and 9 billions of them are paid apps. • This generated 26 billions U.S. dollars.. NTX ISSA Cyber Security Conference – October 2-3, 2015 5
@NTXISSA #NTXISSACSC3 Security Problems •Companies try to have mobile presence desperately and ask their IT departments or hire third parties to create mobile applications for their products, services and web sites. • Companies would like to get their apps out as soon as possible like they wanted to have their websites without checking their security in 90s. 6
@NTXISSA #NTXISSACSC3 Mobile Security in Numbers •# of software aimed at mobile devices has reportedly risen from about 14,000 to 40,000 or about 185% in less than a year. 7 0 50 100 150 200 250 300 2007 2008 2009 2010 2011 2012 2013 2014 2015 IOS Vulnerabilities 0 5 10 15 20 25 30 35 40 2009 2010 2011 2012 2013 2014 2015 Android Vulnerabilities
@NTXISSA #NTXISSACSC3 Mobile vs Traditional OS Vulnerability Type 8 0 50 100 150 200 250 300 350 400 iOS Vulnerabilities By Type 0 50 100 150 200 250 Windows 7 Vulnerabilities By Type
@NTXISSA #NTXISSACSC3 9
@NTXISSA #NTXISSACSC3 The Challenges For Incident Responders •Vulnerability X works only in Android version Y and hardware is Samsung Model Z •This could mean security teams needs to buy all those hardware. •Another issue is lack of mobile security knowledge. Often security teams try to handle mobile security incidents as traditional web security incidents. •These cause longer hours of work and potentially don’t help company to fix the issue. 10
@NTXISSA #NTXISSACSC3 Mobile vs PC Security 11 Mobile PC DFIR Lots of thing to figure out Not capable tools Well Established Vulnerability Management Harder. Old vulnerabilities require new testing mechanism. Management of devices  Distributed  No custom image Good tools for testing vulnerabilities. Good patch management tools, process, methodologies Network Intrusion Harder LTE 4G 3G Established e-Crime Apps store lots of sensitive info including birth date, banking credentials etc… CC is also stored Similar to mobile Physical Security Easy to steal Established
@NTXISSA #NTXISSACSC3 Mobile Vulnerability Triage •Listening traffic •Web vulnerabilities, networking vulnerabilities •SSL Vulnerabilities •SSL Validation •Hostname Mismatch 12
@NTXISSA #NTXISSACSC3 Mobile Vulnerability Triage Android •Potential Solutions 1)Cloud Solutions -Testroid -For pentest of apk files 2)VM -Not flexible -Networking issue to dump traffic (need to use VPN otherwise no bridge mode for some corporate network ) 13
@NTXISSA #NTXISSACSC3 Mobile Vulnerability Triage 3)Android SDK •No need to install image/api/device images •Very flexible •Full emulator which actually runs on real firmware image. Other than hardware vulnerability we can find reproduce any vulnerability in our code 14
@NTXISSA #NTXISSACSC3 Creating Emulator and Virtual Devices • AVD Manager • The AVD Manager provides a graphical user interface in which you can create and manage Android Virtual Devices (AVDs), which are required by the Android Emulator. • You can launch the AVD Manager in one of the following ways: • In Eclipse: select Window > Android Virtual Device Manager, or click the AVD Manager icon in the toolbar. • In Android Studio: select Tools > Android > AVD Manager, or click the AVD Manager icon in the toolbar. • In other IDEs: Navigate to your SDK's tools/ directory and execute android avd. • Emulator The Android SDK includes a mobile device emulator — a virtual mobile device that runs on your computer. The emulator lets you develop and test Android applications without using a physical device. 15
@NTXISSA #NTXISSACSC3 Creating VD 16
@NTXISSA #NTXISSACSC3 VD List 17
@NTXISSA #NTXISSACSC3 Emulator 18
@NTXISSA #NTXISSACSC3 Networking Scheme 19 10.0.2.1 Router/gateway address 10.0.2.2 Special alias to your host loopback interface (i.e., 127.0.0.1 on your development machine) 10.0.2.3 First DNS server 10.0.2.4 / 10.0.2.5 / 10.0.2.6 Optional second, third and fourth DNS server (if any) 10.0.2.15 The emulated device's own network/ethernet interface 127.0.0.1 The emulated device's own loopback interface
@NTXISSA #NTXISSACSC3 Sniffing Traffic • Sniff Traffic 1st way: • $emulator -tcpdump pcapFile.pcap -avd myAvd • Hints: There are other commands related with emulator: http://developer.android.com/tools/devices/emulator.html 2nd way: • $telnet localhost portnumber • $network capture start pcapFile.pcap • $network capture stop • Hints: There are other commands related telnet: • http://developer.android.com/tools/devices/emulator.html 20
@NTXISSA #NTXISSACSC3 Sniffing Traffic iOS Devices • Connect iOS device into your Mac. • Find out iOS device’s UDID: •Open iTunes •Find your device and find serial number •Click it, then you will see your UDID • Go to your terminal and type ifconfig -l • Type rvictl –s UDID to start device • rvictl -s f2f587fcf78ff82dccff88fff7ab6db9e9b0bf94 • Starting device f2f587fcf78ff82dccff88fff7ab6db9e9b0bf94 • [SUCCEEDED] • Type ifconfig –l You will see new interface i.e. rvi0 • Go to wireshark or do tcpdump to dump the traffic • sudo tcpdump –i rvi0 –w dump.dump 21
@NTXISSA #NTXISSACSC3 Validating SSL Vulnerabilities •Download burpsuite and configure like this: •Click proxy tab and then click intercept tab. Make sure intercept is off. •Go to options tab (still under proxy tab). Under proxy listener add your network device (by default it is only listening on localhost) 22
@NTXISSA #NTXISSACSC3 Malicious Certificate • By default burpsuite is act man in the middle for https connections. That means it sends its own cert to your mobile device and have deal with original https site by itself. Look below: • • Iphone-Encrypted with BurpsuiteCA---BurpSuite- EncryptedWithBankingSiteCA---BankingSite • This means your app should recognize this is not a valid cert for the site it originally request i.e. banking site and drop the connection. At a minimum, you should receive a warning from the app, but ideally you see no traffic as well. Many apps will just fail silently or complain of connection issues, which isn't ideal, but not "insecure" per se • If you see any traffic in Burp suite that means your app has a validation problem. 23
@NTXISSA #NTXISSACSC3 Second vulnerability: HostName Mismatch • Is the certificate's hostname verified by your application? •For this you will need to acquire a valid certificate, from a CA that is trusted by your device. Comodo is a good source for a free 90 days certificate. •Install the valid certificate in your BurpProxy and configure it to offer this cert, rather than the default • You can confirm step two is working, by going in to your native browser on the device and trying to go to a HTTPS site. You should receive a certificate hostname warning and when you view the certificate details, you should see that the cert you received is the one you installed in BurpSuite, not the one issued by the PortSwigger CA. 24
@NTXISSA #NTXISSACSC3 Mobile Device Configuration 25
@NTXISSA #NTXISSACSC3 Burp Suite Configuration 26
@NTXISSA #NTXISSACSC3 Conclusion •Mobile industry is a fast growing 26 billion dollars industry. •Companies are rushing their mobile solutions without proper security reviews •This makes mobile apps attractive to hackers •Most of the time incident responders don’t have good process around triaging the vulnerabilities and know the difference between PC and Mobile vulnerabilities •By using free tools an incident responder can triage mobile vulnerabilities •We need to think creative! 27
@NTXISSA #NTXISSACSC3 Questions • ismail@realinfosec.com • Linkedin: linkedin.com/in/guneydas • Twitter:realinfosec 28
@NTXISSA #NTXISSACSC3@NTXISSA #NTXISSACSC3 The Collin College Engineering Department Collin College Student Chapter of the North Texas ISSA North Texas ISSA (Information Systems Security Association) NTX ISSA Cyber Security Conference – October 2-3, 2015 29 Thank you

Recommended

Unicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecurityUnicom Conference - Mobile Application Security
Unicom Conference - Mobile Application Security
Subho Halder
 
SmartTV Security
SmartTV SecuritySmartTV Security
SmartTV Security
Ulisses Albuquerque
 
Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Ya
urma
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
Priyanka Aash
 
Mobile security
Mobile securityMobile security
Mobile security
Stefaan
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)
Justin Hoang
 
Android Security Development
Android Security DevelopmentAndroid Security Development
Android Security Development
hackstuff
 
Embedded Development - to Fit the Unique Needs of Enterprises Around the Globe
Embedded Development - to Fit the Unique Needs of Enterprises Around the GlobeEmbedded Development - to Fit the Unique Needs of Enterprises Around the Globe
Embedded Development - to Fit the Unique Needs of Enterprises Around the Globe
Tizbi, Inc.
 

Recommended

Unicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecurityUnicom Conference - Mobile Application Security
Unicom Conference - Mobile Application Security
Subho Halder
 
SmartTV Security
SmartTV SecuritySmartTV Security
SmartTV Security
Ulisses Albuquerque
 
Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Ya
urma
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
Priyanka Aash
 
Mobile security
Mobile securityMobile security
Mobile security
Stefaan
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)
Justin Hoang
 
Android Security Development
Android Security DevelopmentAndroid Security Development
Android Security Development
hackstuff
 
Embedded Development - to Fit the Unique Needs of Enterprises Around the Globe
Embedded Development - to Fit the Unique Needs of Enterprises Around the GlobeEmbedded Development - to Fit the Unique Needs of Enterprises Around the Globe
Embedded Development - to Fit the Unique Needs of Enterprises Around the Globe
Tizbi, Inc.
 
Ten Security Product Categories You've Probably Never Heard Of
Ten Security Product Categories You've Probably Never Heard OfTen Security Product Categories You've Probably Never Heard Of
Ten Security Product Categories You've Probably Never Heard Of
Adrian Sanabria
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
Tom Eston
 
End Point Security - K7
End Point Security - K7End Point Security - K7
End Point Security - K7
Prime Infoserv
 
Kaspersky Internet Security Multi-Device 2015
Kaspersky Internet Security Multi-Device 2015Kaspersky Internet Security Multi-Device 2015
Kaspersky Internet Security Multi-Device 2015
Dejan Pogačnik
 
Ivanti for msp
Ivanti for mspIvanti for msp
Ivanti for msp
Ivanti
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile World
LINE Corporation
 
A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...
A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...
A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...
SyedImranAliKazmi1
 
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Subho Halder
 
Stealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker wayStealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker way
n|u - The Open Security Community
 
Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest Version
Subho Halder
 
The Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric AuthenticationThe Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric Authentication
Veridium
 
VMworld 2012 - EUC 1823: What Makes a Mobile Workspace Better?
VMworld 2012 - EUC 1823: What Makes a Mobile Workspace Better?VMworld 2012 - EUC 1823: What Makes a Mobile Workspace Better?
VMworld 2012 - EUC 1823: What Makes a Mobile Workspace Better?
Craig Newell
 
Top Biometric Identifiers: Risks & Rewards
Top Biometric Identifiers: Risks & RewardsTop Biometric Identifiers: Risks & Rewards
Top Biometric Identifiers: Risks & Rewards
Veridium
 
The hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignmentsThe hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignments
n|u - The Open Security Community
 
LoginCat from TekMonks
LoginCat from TekMonksLoginCat from TekMonks
LoginCat from TekMonks
Rohit Kapoor
 
SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013
Petr Dvorak
 
LoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityLoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated Cybersecurity
Rohit Kapoor
 
(Isc)² secure johannesburg
(Isc)² secure johannesburg (Isc)² secure johannesburg
(Isc)² secure johannesburg
Tunde Ogunkoya
 
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
SecuRing
 
LSI Spring Agent Open House 2014
LSI Spring Agent Open House 2014LSI Spring Agent Open House 2014
LSI Spring Agent Open House 2014
Ashlie Steele
 
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
Rapid7
 
Can we build an Azure IoT controlled device in less than 40 minutes that cost...
Can we build an Azure IoT controlled device in less than 40 minutes that cost...Can we build an Azure IoT controlled device in less than 40 minutes that cost...
Can we build an Azure IoT controlled device in less than 40 minutes that cost...
Codemotion Tel Aviv
 

More Related Content

What's hot

Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
Tom Eston
 
A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...
A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...
A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...
SyedImranAliKazmi1
 
The Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric AuthenticationThe Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric Authentication
Veridium
 

What's hot (13)

Ten Security Product Categories You've Probably Never Heard Of
Ten Security Product Categories You've Probably Never Heard OfTen Security Product Categories You've Probably Never Heard Of
Ten Security Product Categories You've Probably Never Heard Of
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
 
End Point Security - K7
End Point Security - K7End Point Security - K7
End Point Security - K7
 
Kaspersky Internet Security Multi-Device 2015
Kaspersky Internet Security Multi-Device 2015Kaspersky Internet Security Multi-Device 2015
Kaspersky Internet Security Multi-Device 2015
 
Ivanti for msp
Ivanti for mspIvanti for msp
Ivanti for msp
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile World
 
A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...
A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...
A lightweight and_robust_secure_key_establishment_protocol_for_internet_of_me...
 
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
 
Stealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker wayStealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker way
 
Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest Version
 
The Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric AuthenticationThe Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric Authentication
 
VMworld 2012 - EUC 1823: What Makes a Mobile Workspace Better?
VMworld 2012 - EUC 1823: What Makes a Mobile Workspace Better?VMworld 2012 - EUC 1823: What Makes a Mobile Workspace Better?
VMworld 2012 - EUC 1823: What Makes a Mobile Workspace Better?
 
Top Biometric Identifiers: Risks & Rewards
Top Biometric Identifiers: Risks & RewardsTop Biometric Identifiers: Risks & Rewards
Top Biometric Identifiers: Risks & Rewards
 

Similar to NTXISSACSC3 - Manage Mobile Security Incidents like A Boss by Ismail Guneydas

Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
SecuRing
 
LSI Spring Agent Open House 2014
LSI Spring Agent Open House 2014LSI Spring Agent Open House 2014
LSI Spring Agent Open House 2014
Ashlie Steele
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
SecuRing
 
Building your Own Mobile Enterprise Application: It’s Not as Hard as You Migh...
Building your Own Mobile Enterprise Application: It’s Not as Hard as You Migh...Building your Own Mobile Enterprise Application: It’s Not as Hard as You Migh...
Building your Own Mobile Enterprise Application: It’s Not as Hard as You Migh...
Jason Conger
 
Outsmarting the Smart City
Outsmarting the Smart CityOutsmarting the Smart City
Outsmarting the Smart City
Priyanka Aash
 

Similar to NTXISSACSC3 - Manage Mobile Security Incidents like A Boss by Ismail Guneydas (20)

The hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignmentsThe hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignments
 
LoginCat from TekMonks
LoginCat from TekMonksLoginCat from TekMonks
LoginCat from TekMonks
 
SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013
 
LoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityLoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated Cybersecurity
 
(Isc)² secure johannesburg
(Isc)² secure johannesburg (Isc)² secure johannesburg
(Isc)² secure johannesburg
 
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
 
LSI Spring Agent Open House 2014
LSI Spring Agent Open House 2014LSI Spring Agent Open House 2014
LSI Spring Agent Open House 2014
 
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
 
Can we build an Azure IoT controlled device in less than 40 minutes that cost...
Can we build an Azure IoT controlled device in less than 40 minutes that cost...Can we build an Azure IoT controlled device in less than 40 minutes that cost...
Can we build an Azure IoT controlled device in less than 40 minutes that cost...
 
VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
 
INSECURE Magazine - 35
INSECURE Magazine - 35INSECURE Magazine - 35
INSECURE Magazine - 35
 
Security events in 2014
Security events in 2014Security events in 2014
Security events in 2014
 
Meeting Mobile and BYOD Security Challenges
Meeting Mobile and BYOD Security ChallengesMeeting Mobile and BYOD Security Challenges
Meeting Mobile and BYOD Security Challenges
 
Securing your Cloud Environment v2
Securing your Cloud Environment v2Securing your Cloud Environment v2
Securing your Cloud Environment v2
 
Building your Own Mobile Enterprise Application: It’s Not as Hard as You Migh...
Building your Own Mobile Enterprise Application: It’s Not as Hard as You Migh...Building your Own Mobile Enterprise Application: It’s Not as Hard as You Migh...
Building your Own Mobile Enterprise Application: It’s Not as Hard as You Migh...
 
Ten security product categories you've (probably) never heard of
Ten security product categories you've (probably) never heard ofTen security product categories you've (probably) never heard of
Ten security product categories you've (probably) never heard of
 
Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...
Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...
Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...
 
Outsmarting the Smart City
Outsmarting the Smart CityOutsmarting the Smart City
Outsmarting the Smart City
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
 

More from North Texas Chapter of the ISSA

Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
North Texas Chapter of the ISSA
 

More from North Texas Chapter of the ISSA (20)

Purple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcuttPurple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcutt
 
Ntxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cepNtxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cep
 
Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediation
 
Ntxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliencyNtxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliency
 
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
 
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
 
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersenNtxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
 
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykesNtxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
 
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc groupNtxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
 
Ntxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNtxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompson
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
 
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNtxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
 
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNtxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
 
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNtxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
 
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_muellerNtxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
 
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNtxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
 

Recently uploaded

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
WSO2
 

Recently uploaded (20)

Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 

NTXISSACSC3 - Manage Mobile Security Incidents like A Boss by Ismail Guneydas

  • 1. @NTXISSA #NTXISSACSC3 Manage Mobile Security Incidents Like A Boss Ismail Guneydas Security Manager/Faculty Kimberly Clark/Texas A&M 10/02/2015
  • 2. @NTXISSA #NTXISSACSC3 Legal Notice From My Lawyer The opinions expressed in this presentation represent my own and not my employers. 2
  • 3. @NTXISSA #NTXISSACSC3 Bio •Sr. Vulnerability Manager at Kimberly Clark. •Built and manages KCC's first vulnerability management program. •Previously I worked at Yahoo! where I built and led global e- Crime investigations and incident response teams. I received Yahoo! Hackovation and Yahoo! Excellence awards for his innovative work in successful operations against fake customer care centers. •Adjunct faculty at the Texas A&M University and teach computer science courses. •Completed Master of Science in Computer science and hold degrees in Mathematics and Electronics engineer. Currently working towards MBA at UT Dallas. 3
  • 4. @NTXISSA #NTXISSACSC3 Agenda •Mobile Industry In Numbers •Mobile Security In Numbers •Mobile Security vs PC Security •Mobile Vulnerability Triage •Android •iOS •Conclusion 4
  • 5. @NTXISSA #NTXISSACSC3 Mobile Industry In Numbers • Google store has 1.6 million applications, and Apple store has 1.5 million applications. • There are 102 billions mobile app download worldwide and 9 billions of them are paid apps. • This generated 26 billions U.S. dollars.. NTX ISSA Cyber Security Conference – October 2-3, 2015 5
  • 6. @NTXISSA #NTXISSACSC3 Security Problems •Companies try to have mobile presence desperately and ask their IT departments or hire third parties to create mobile applications for their products, services and web sites. • Companies would like to get their apps out as soon as possible like they wanted to have their websites without checking their security in 90s. 6
  • 7. @NTXISSA #NTXISSACSC3 Mobile Security in Numbers •# of software aimed at mobile devices has reportedly risen from about 14,000 to 40,000 or about 185% in less than a year. 7 0 50 100 150 200 250 300 2007 2008 2009 2010 2011 2012 2013 2014 2015 IOS Vulnerabilities 0 5 10 15 20 25 30 35 40 2009 2010 2011 2012 2013 2014 2015 Android Vulnerabilities
  • 8. @NTXISSA #NTXISSACSC3 Mobile vs Traditional OS Vulnerability Type 8 0 50 100 150 200 250 300 350 400 iOS Vulnerabilities By Type 0 50 100 150 200 250 Windows 7 Vulnerabilities By Type
  • 10. @NTXISSA #NTXISSACSC3 The Challenges For Incident Responders •Vulnerability X works only in Android version Y and hardware is Samsung Model Z •This could mean security teams needs to buy all those hardware. •Another issue is lack of mobile security knowledge. Often security teams try to handle mobile security incidents as traditional web security incidents. •These cause longer hours of work and potentially don’t help company to fix the issue. 10
  • 11. @NTXISSA #NTXISSACSC3 Mobile vs PC Security 11 Mobile PC DFIR Lots of thing to figure out Not capable tools Well Established Vulnerability Management Harder. Old vulnerabilities require new testing mechanism. Management of devices  Distributed  No custom image Good tools for testing vulnerabilities. Good patch management tools, process, methodologies Network Intrusion Harder LTE 4G 3G Established e-Crime Apps store lots of sensitive info including birth date, banking credentials etc… CC is also stored Similar to mobile Physical Security Easy to steal Established
  • 12. @NTXISSA #NTXISSACSC3 Mobile Vulnerability Triage •Listening traffic •Web vulnerabilities, networking vulnerabilities •SSL Vulnerabilities •SSL Validation •Hostname Mismatch 12
  • 13. @NTXISSA #NTXISSACSC3 Mobile Vulnerability Triage Android •Potential Solutions 1)Cloud Solutions -Testroid -For pentest of apk files 2)VM -Not flexible -Networking issue to dump traffic (need to use VPN otherwise no bridge mode for some corporate network ) 13
  • 14. @NTXISSA #NTXISSACSC3 Mobile Vulnerability Triage 3)Android SDK •No need to install image/api/device images •Very flexible •Full emulator which actually runs on real firmware image. Other than hardware vulnerability we can find reproduce any vulnerability in our code 14
  • 15. @NTXISSA #NTXISSACSC3 Creating Emulator and Virtual Devices • AVD Manager • The AVD Manager provides a graphical user interface in which you can create and manage Android Virtual Devices (AVDs), which are required by the Android Emulator. • You can launch the AVD Manager in one of the following ways: • In Eclipse: select Window > Android Virtual Device Manager, or click the AVD Manager icon in the toolbar. • In Android Studio: select Tools > Android > AVD Manager, or click the AVD Manager icon in the toolbar. • In other IDEs: Navigate to your SDK's tools/ directory and execute android avd. • Emulator The Android SDK includes a mobile device emulator — a virtual mobile device that runs on your computer. The emulator lets you develop and test Android applications without using a physical device. 15
  • 19. @NTXISSA #NTXISSACSC3 Networking Scheme 19 10.0.2.1 Router/gateway address 10.0.2.2 Special alias to your host loopback interface (i.e., 127.0.0.1 on your development machine) 10.0.2.3 First DNS server 10.0.2.4 / 10.0.2.5 / 10.0.2.6 Optional second, third and fourth DNS server (if any) 10.0.2.15 The emulated device's own network/ethernet interface 127.0.0.1 The emulated device's own loopback interface
  • 20. @NTXISSA #NTXISSACSC3 Sniffing Traffic • Sniff Traffic 1st way: • $emulator -tcpdump pcapFile.pcap -avd myAvd • Hints: There are other commands related with emulator: http://developer.android.com/tools/devices/emulator.html 2nd way: • $telnet localhost portnumber • $network capture start pcapFile.pcap • $network capture stop • Hints: There are other commands related telnet: • http://developer.android.com/tools/devices/emulator.html 20
  • 21. @NTXISSA #NTXISSACSC3 Sniffing Traffic iOS Devices • Connect iOS device into your Mac. • Find out iOS device’s UDID: •Open iTunes •Find your device and find serial number •Click it, then you will see your UDID • Go to your terminal and type ifconfig -l • Type rvictl –s UDID to start device • rvictl -s f2f587fcf78ff82dccff88fff7ab6db9e9b0bf94 • Starting device f2f587fcf78ff82dccff88fff7ab6db9e9b0bf94 • [SUCCEEDED] • Type ifconfig –l You will see new interface i.e. rvi0 • Go to wireshark or do tcpdump to dump the traffic • sudo tcpdump –i rvi0 –w dump.dump 21
  • 22. @NTXISSA #NTXISSACSC3 Validating SSL Vulnerabilities •Download burpsuite and configure like this: •Click proxy tab and then click intercept tab. Make sure intercept is off. •Go to options tab (still under proxy tab). Under proxy listener add your network device (by default it is only listening on localhost) 22
  • 23. @NTXISSA #NTXISSACSC3 Malicious Certificate • By default burpsuite is act man in the middle for https connections. That means it sends its own cert to your mobile device and have deal with original https site by itself. Look below: • • Iphone-Encrypted with BurpsuiteCA---BurpSuite- EncryptedWithBankingSiteCA---BankingSite • This means your app should recognize this is not a valid cert for the site it originally request i.e. banking site and drop the connection. At a minimum, you should receive a warning from the app, but ideally you see no traffic as well. Many apps will just fail silently or complain of connection issues, which isn't ideal, but not "insecure" per se • If you see any traffic in Burp suite that means your app has a validation problem. 23
  • 24. @NTXISSA #NTXISSACSC3 Second vulnerability: HostName Mismatch • Is the certificate's hostname verified by your application? •For this you will need to acquire a valid certificate, from a CA that is trusted by your device. Comodo is a good source for a free 90 days certificate. •Install the valid certificate in your BurpProxy and configure it to offer this cert, rather than the default • You can confirm step two is working, by going in to your native browser on the device and trying to go to a HTTPS site. You should receive a certificate hostname warning and when you view the certificate details, you should see that the cert you received is the one you installed in BurpSuite, not the one issued by the PortSwigger CA. 24
  • 27. @NTXISSA #NTXISSACSC3 Conclusion •Mobile industry is a fast growing 26 billion dollars industry. •Companies are rushing their mobile solutions without proper security reviews •This makes mobile apps attractive to hackers •Most of the time incident responders don’t have good process around triaging the vulnerabilities and know the difference between PC and Mobile vulnerabilities •By using free tools an incident responder can triage mobile vulnerabilities •We need to think creative! 27
  • 28. @NTXISSA #NTXISSACSC3 Questions • ismail@realinfosec.com • Linkedin: linkedin.com/in/guneydas • Twitter:realinfosec 28
  • 29. @NTXISSA #NTXISSACSC3@NTXISSA #NTXISSACSC3 The Collin College Engineering Department Collin College Student Chapter of the North Texas ISSA North Texas ISSA (Information Systems Security Association) NTX ISSA Cyber Security Conference – October 2-3, 2015 29 Thank you