This document provides an overview of a conference on managing next generation threats to cyber security. It includes details about the speaker, Dr. Peter Stephenson, and his extensive background in computing, diplomacy, cyber forensics, and cyber law. The document outlines the conference agenda, which will discuss topics like picking the right tools for next generation security, how adversaries may use next generation technologies, and challenges around prosecuting next generation crimes. Specific techniques like machine learning, deep learning, neural networks, and generative adversarial networks are defined. An example adversarial machine learning tool called PEsidious is also described.
We are all aware of the current risks when developing a connected product, especially with vehicles since much is at stake both from an information and safety perspective. In this workshop, we will learn how to build Security requirements, architect, design, test and produce Safety and Security critical components using a methodology that works in harmony both with Engineering and Security
In this provocative and sometimes irreverent presentation, retired Brigadier General Greg Touhill, the United States government's first federal Chief Information Security Officer, will discuss why the legacy perimeter defense model has been overwhelmed and made obsolete by the advent of modern mobility and cloud computing. He'll demonstrate how to make the business case that the shift to the Zero Trust security strategy is now essential for businesses to survive and thrive in today's highly contested global digital economy.
Jim Wojno: Incident Response - No Pain, No Gain!centralohioissa
Say incident response to 10 people and odds are you'll get 10 different opinions on how to do it right. When evaluating tools and procedures for enterprise Incident Response it's helpful to understand how to approach this in a way that will cause the adversary maximum pain. This talk will review the essential requirements for IR tools and procedures in a vendor / tool neutral approach. Find out the right questions to ask and the strategies to make sure you get the most out of your incident response team.
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Digital Bond
Technology in ICS environments lags the Enterprise by 10-15yr. This often leads to ICS companies having to stand by while other more nimble institutions are able to take advantage of new technology. What few people realize, is that our industry gets to watch the future happen out on the Internet and then pick and choose the best techniques to adapt and bring back in time. In this session Mr. Kitchel will look at what is new in the IT world and forecast what should and will be applied to OT.
We are all aware of the current risks when developing a connected product, especially with vehicles since much is at stake both from an information and safety perspective. In this workshop, we will learn how to build Security requirements, architect, design, test and produce Safety and Security critical components using a methodology that works in harmony both with Engineering and Security
In this provocative and sometimes irreverent presentation, retired Brigadier General Greg Touhill, the United States government's first federal Chief Information Security Officer, will discuss why the legacy perimeter defense model has been overwhelmed and made obsolete by the advent of modern mobility and cloud computing. He'll demonstrate how to make the business case that the shift to the Zero Trust security strategy is now essential for businesses to survive and thrive in today's highly contested global digital economy.
Jim Wojno: Incident Response - No Pain, No Gain!centralohioissa
Say incident response to 10 people and odds are you'll get 10 different opinions on how to do it right. When evaluating tools and procedures for enterprise Incident Response it's helpful to understand how to approach this in a way that will cause the adversary maximum pain. This talk will review the essential requirements for IR tools and procedures in a vendor / tool neutral approach. Find out the right questions to ask and the strategies to make sure you get the most out of your incident response team.
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Digital Bond
Technology in ICS environments lags the Enterprise by 10-15yr. This often leads to ICS companies having to stand by while other more nimble institutions are able to take advantage of new technology. What few people realize, is that our industry gets to watch the future happen out on the Internet and then pick and choose the best techniques to adapt and bring back in time. In this session Mr. Kitchel will look at what is new in the IT world and forecast what should and will be applied to OT.
Purple Teaming - The Collaborative Future of Penetration TestingFRSecure
Organizations get penetration tests year after year, yet companies still get breached because they’re STILL missing the basics.Traditional penetration tests are failing to prepare organizations for the threats they actually face. They’ve become a commodity of compliance and box-checking. Remediation steps rarely include management objectives. General lack of excitement for Blue Team functions. Red team is sexy, but just a tool. Do you even have a JBOSS server? (Then why are you seeing alerts for it?)
Threat Modeling for the Internet of ThingsEric Vétillard
A presentation made in several public events in 2015 about the threats related to the Internet of Things, and how modeling can be used as a way to manage mitigation methods.
Welcome to the CISSP Mentor Program! What is the CISSP Mentor Program • History: 1st class was 2010; 6 students • Today’s class; 80 students. Why do we do it • Success Stories • Heck, it’s free! If you aren’t satisfied, we’ll refund everything you paid us. We need MORE good information security people!
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
APNIC Senior Security Specialist Adli Wahid provides some useful findings of lessons learned from security incidents at the UMS Cybersecurity Awareness Seminar, held online on 25 October 2021.
Introduction of Ethical Hacking, Life cycle of Hacking, Introduction of Penetration testing, Steps in Penetration Testing, Foot printing Module, Scanning Module, Live Demos on Finding Vulnerabilities a) Bypass Authentication b) Sql Injection c) Cross site Scripting d) File upload Vulnerability (Web Server Hacking) Countermeasures of Securing Web applications
Chris Haley - Understanding Attackers' Use of Covert Communicationscentralohioissa
Today’s cyber attackers survive by hiding their attack communications from the prying eyes of network security. It’s a critical part of an attacker’s arsenal and it lets them patiently manage and propagate attacks throughout network, while remaining undetected.
• The latest techniques attackers use to hide their traffic in plain sight
• Why simple techniques like signatures and reputations of domains or IPs come up short in finding these evolving forms of communication
• Why this isn’t really just a malware problem
• What techniques can be used to systematically identity these forms of communication and to treat them as a strong indicator of compromise
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...CODE BLUE
Cyber espionage attacks have been aware of for around 10 years. Security vendors keep inventing new technology to defend against attack. Many solutions look fancy, however breaches keep happening. People spent a lot of budget to improve their fences, but the effectiveness of these security products remains doubtful. In Taiwan, we have more than 10 years history with cyber espionage attacks. Government, enterprises, and security vendors were fighting hard with threat actors, but new victims still got compromised day by day.
In recent years, a lot of Japanese government agencies, defense industry, enterprises are suffering from cyber attacks from cyber espionage groups. We keep seeing breaches and incidents from news. We believe many victims still have no good strategy to defend and control the situation.
In this talk, cyber espionage attacks in the last decade would be discussed from Asia Pacific region’s point of view. We’ll discuss why security solutions didn’t work, how actors easily bypassed those fancy solutions and adopted countermeasures quickly with very low cost. Besides, according to our incident response’s experience for hundreds times and consulting to help victim for several years, we will try to propose a design of security model to prevent, detect, react, and remediate cyber espionage threats.
Ted Gruenloh, Director of Operations, ECONET
The Role of Threat Intelligence and Layered Security for Intrusion Prevention
The term 'Threat Intelligence' is getting a lot of buzz these days, but what does it mean? And, more importantly, how can it help protect your network? In this presentation, we will attempt to answer these questions within the context of a layered security approach that integrates Threat Intelligence with existing security methodologies. We also attempt to demonstrate how Threat Intelligence can improve a network's defenses at the perimeter and allow administrators to gain more visibility on the inside.
Since the introduction of public key cryptography by Diffie and Hellman in 1976, uses and infrastructure have grown in unimaginable ways. The security that has been afforded through Public Key Infrastructure (PKI) is now an integral and essential part of the internet. The proliferation of digital certificates, certificate authorities and PKI implementations creates a large and enticing attack surface. Most businesses rely heavily on PKI for their data security, yet few organizations could tell you how many certificates they have deployed, where they are and their current status. This presentation will discuss a few of the most critical PKI implementations and threats they face today. The talk will conclude with mitigation recommendations and practical ways you can improve the PKI in your organization.
Deception Technology: Use Cases & Implementation ApproachesPriyanka Aash
Deception over the years
• Millions of years in Natural World for survival/aggression
• Millions of years in bacteria and virus to thrive
• 1000s of years in Warfare/Military to attack or defend
Monty McDougal, Cyber Engineering Fellow, Intelligence, Information and Services, Raytheon
Advanced Persistent Threat Life Cycle Management
This presentation will cover the full Advanced Persistent Threat (APT) Life Cycle and Management of the resulting intrusions. It will cover both what the APTs are doing as attackers and what we as defenders should be doing for both the APT Mission Flows and the Computer Network Defense (CND) Mission Flows.
Vulnerability Management – Opportunities and Challenges!Outpost24
57% percent of companies that has experienced a data breach claimed it was due to an unpatched vulnerability. Vulnerability Management decreases an organizations risk profile significantly.
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Core Security
Vulnerability Assessments, Penetration Tests and Red Teaming – Do you know what these tactics are all about? In this session, we will present our understanding of these practices in terms of when to apply them and what to expect. Nowadays, organizations run on top of hundreds, if not thousands, of Information Technology assets with some of them on premise and others cloud based. Having control over all of this is a challenging task. Based on our extensive experience with securing our customers, I will show what real findings and attack trends look like while hopefully, shedding some light on how to be prepared to resist current attacks.
Continuous Skills Improvement for Everyone
Ohio Information Security Forum (OISF)
2019 Anniversary Conference
Saturday July 13, 2019
Matt Scheurer
Twitter: https://twitter.com/c3rkah
This presentation strives to provide some ideas to attendees toward effective career guidance and self-empowerment. Whether attendees are looking for their first Information Security career opportunity, looking to take that next career step, or making impacts to safeguard their own job security. This talk also encourages attendees to help mentor others and offers different examples of how to give back to the InfoSec community. I cover freely available and low cost technical training resources, but also go beyond that to provide other takeaways that touch on goal setting and emotional intelligence. My ultimate objective is to inspire others to find a path leading toward a better and more rewarding future.
Purple Teaming - The Collaborative Future of Penetration TestingFRSecure
Organizations get penetration tests year after year, yet companies still get breached because they’re STILL missing the basics.Traditional penetration tests are failing to prepare organizations for the threats they actually face. They’ve become a commodity of compliance and box-checking. Remediation steps rarely include management objectives. General lack of excitement for Blue Team functions. Red team is sexy, but just a tool. Do you even have a JBOSS server? (Then why are you seeing alerts for it?)
Threat Modeling for the Internet of ThingsEric Vétillard
A presentation made in several public events in 2015 about the threats related to the Internet of Things, and how modeling can be used as a way to manage mitigation methods.
Welcome to the CISSP Mentor Program! What is the CISSP Mentor Program • History: 1st class was 2010; 6 students • Today’s class; 80 students. Why do we do it • Success Stories • Heck, it’s free! If you aren’t satisfied, we’ll refund everything you paid us. We need MORE good information security people!
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
APNIC Senior Security Specialist Adli Wahid provides some useful findings of lessons learned from security incidents at the UMS Cybersecurity Awareness Seminar, held online on 25 October 2021.
Introduction of Ethical Hacking, Life cycle of Hacking, Introduction of Penetration testing, Steps in Penetration Testing, Foot printing Module, Scanning Module, Live Demos on Finding Vulnerabilities a) Bypass Authentication b) Sql Injection c) Cross site Scripting d) File upload Vulnerability (Web Server Hacking) Countermeasures of Securing Web applications
Chris Haley - Understanding Attackers' Use of Covert Communicationscentralohioissa
Today’s cyber attackers survive by hiding their attack communications from the prying eyes of network security. It’s a critical part of an attacker’s arsenal and it lets them patiently manage and propagate attacks throughout network, while remaining undetected.
• The latest techniques attackers use to hide their traffic in plain sight
• Why simple techniques like signatures and reputations of domains or IPs come up short in finding these evolving forms of communication
• Why this isn’t really just a malware problem
• What techniques can be used to systematically identity these forms of communication and to treat them as a strong indicator of compromise
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...CODE BLUE
Cyber espionage attacks have been aware of for around 10 years. Security vendors keep inventing new technology to defend against attack. Many solutions look fancy, however breaches keep happening. People spent a lot of budget to improve their fences, but the effectiveness of these security products remains doubtful. In Taiwan, we have more than 10 years history with cyber espionage attacks. Government, enterprises, and security vendors were fighting hard with threat actors, but new victims still got compromised day by day.
In recent years, a lot of Japanese government agencies, defense industry, enterprises are suffering from cyber attacks from cyber espionage groups. We keep seeing breaches and incidents from news. We believe many victims still have no good strategy to defend and control the situation.
In this talk, cyber espionage attacks in the last decade would be discussed from Asia Pacific region’s point of view. We’ll discuss why security solutions didn’t work, how actors easily bypassed those fancy solutions and adopted countermeasures quickly with very low cost. Besides, according to our incident response’s experience for hundreds times and consulting to help victim for several years, we will try to propose a design of security model to prevent, detect, react, and remediate cyber espionage threats.
Ted Gruenloh, Director of Operations, ECONET
The Role of Threat Intelligence and Layered Security for Intrusion Prevention
The term 'Threat Intelligence' is getting a lot of buzz these days, but what does it mean? And, more importantly, how can it help protect your network? In this presentation, we will attempt to answer these questions within the context of a layered security approach that integrates Threat Intelligence with existing security methodologies. We also attempt to demonstrate how Threat Intelligence can improve a network's defenses at the perimeter and allow administrators to gain more visibility on the inside.
Since the introduction of public key cryptography by Diffie and Hellman in 1976, uses and infrastructure have grown in unimaginable ways. The security that has been afforded through Public Key Infrastructure (PKI) is now an integral and essential part of the internet. The proliferation of digital certificates, certificate authorities and PKI implementations creates a large and enticing attack surface. Most businesses rely heavily on PKI for their data security, yet few organizations could tell you how many certificates they have deployed, where they are and their current status. This presentation will discuss a few of the most critical PKI implementations and threats they face today. The talk will conclude with mitigation recommendations and practical ways you can improve the PKI in your organization.
Deception Technology: Use Cases & Implementation ApproachesPriyanka Aash
Deception over the years
• Millions of years in Natural World for survival/aggression
• Millions of years in bacteria and virus to thrive
• 1000s of years in Warfare/Military to attack or defend
Monty McDougal, Cyber Engineering Fellow, Intelligence, Information and Services, Raytheon
Advanced Persistent Threat Life Cycle Management
This presentation will cover the full Advanced Persistent Threat (APT) Life Cycle and Management of the resulting intrusions. It will cover both what the APTs are doing as attackers and what we as defenders should be doing for both the APT Mission Flows and the Computer Network Defense (CND) Mission Flows.
Vulnerability Management – Opportunities and Challenges!Outpost24
57% percent of companies that has experienced a data breach claimed it was due to an unpatched vulnerability. Vulnerability Management decreases an organizations risk profile significantly.
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Core Security
Vulnerability Assessments, Penetration Tests and Red Teaming – Do you know what these tactics are all about? In this session, we will present our understanding of these practices in terms of when to apply them and what to expect. Nowadays, organizations run on top of hundreds, if not thousands, of Information Technology assets with some of them on premise and others cloud based. Having control over all of this is a challenging task. Based on our extensive experience with securing our customers, I will show what real findings and attack trends look like while hopefully, shedding some light on how to be prepared to resist current attacks.
Continuous Skills Improvement for Everyone
Ohio Information Security Forum (OISF)
2019 Anniversary Conference
Saturday July 13, 2019
Matt Scheurer
Twitter: https://twitter.com/c3rkah
This presentation strives to provide some ideas to attendees toward effective career guidance and self-empowerment. Whether attendees are looking for their first Information Security career opportunity, looking to take that next career step, or making impacts to safeguard their own job security. This talk also encourages attendees to help mentor others and offers different examples of how to give back to the InfoSec community. I cover freely available and low cost technical training resources, but also go beyond that to provide other takeaways that touch on goal setting and emotional intelligence. My ultimate objective is to inspire others to find a path leading toward a better and more rewarding future.
Security Training: Making your weakest link the strongest - CircleCityCon 2017Aaron Hnatiw
It is well known among security professionals that the weakest link in any organization's security is the employee- the so-called "human element". While endpoint security controls may mitigate this risk, they are nowhere close to removing it completely. This is where security training becomes essential. This talk will cover how to introduce and improve security training in any organization, along with industry best practices, and methods to keep knowledge retention high. The speaker will provide specific examples from his own experience of cases where a properly trained employee could have easily thwarted a devastating attack immediately. Will your employees be your weakest link, or your strongest asset?
High time to add machine learning to your information security stackMinhaz A V
Machine learning might never be the silver bullet for cybersecurity compared to areas where it is thriving. There will always be a person who tries to find issues in our systems and bypass them. They may even use it to assist the attacks.
But adding it to our general information security stack can surely help us be more prepared while defending. Different categories like regression, classification, clustering, recommendations & reinforcement learning can be leveraged to build efficient & faster monitoring, threat response, network traffic analysis and more.
Along with introduction to different aspects and how it can be leveraged - I'd like to present a case study on how ML/AI can be used in distinguishing between benign and Malicious traffic data by means of anomaly detection techniques with 100% True Positive Rate with live demo.
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...EC-Council
Today there is a dispute over the ethics of operations involving honeypots and honeynets in cyber security. However, many organizations will adopt the use of such techniques and tools to develop defensive strategies to stop attackers. For professional offensive security practitioners, detecting, bypassing, and even avoiding honeypots is a new challenge and much is to be discovered and shared. This brief will work to accomplish these objectives and begin the development of a new framework for Counter Honeypot Operations (CHOps).
"Threat Model Every Story": Practical Continuous Threat Modeling Work for You...Izar Tarandach
How to do threat modeling in the age of Agile and DevOps. A practical methodology for teams focusing on developers. Also, an introduction to PyTM as a tool for threat-modeling-with-code.
My Keynote from BSidesTampa 2015 (video in description)Andrew Case
This is the slides from keynote presentation at BSidesTampa 2015. A recording of the talk can be found at: https://www.youtube.com/watch?v=751bkSD2Nn8&t=1m35s
Incident handlers manage security incidents by understanding common attack techniques, vectors and tools as well as defending against and/or responding to such attacks when they occur. In this talk we will discuss modern attacks, techniques, how to defend & respond to those threats.
Problems:
- What Security Products Do We Really Need & Don’t?
- How do we Identify Gaps & Overlaps in Portfolio?
- How do we define our Security Products Strategy?
- What security products can be replaced or dropped?
- How do we understand & categorize security vendors using a standardized approach?
- How do we make the optimal use of my existing cybersecurity products portfolio?
Incorporating Threat Intelligence into Your Enterprise Communications Systems...EC-Council
It is well known that computer exploitation will continue to increase in prevalence and sophistication. Computer network attacks and data exfiltrations are most successful when the methods of exploitation traverse the entry and egress vectors that are least expected and least defended in your network. Most of the time, no matter how well your perimeter is guarded, the user still represents the weakest avenue into that network. A clear need exists to better protect data transmitted and received by the user. But what are we to do when signature-based detection has long been defeated and anomaly/heuristic-based detection is not yet where we need it to be? The solution lies in enhancing the defense paradigm via the incorporation of intelligence-based security (Threat Intelligence) in the analysis of threats and discovery of malicious activity affecting your network, data, and your protected clients.
Keynote on why you should make Infosec a board level strategic item, how you should raise it to this level and how to approach Information Security strategically
Video (at YouTube) - http://bit.ly/19TNSTF
Big Data Security Analytics, Data Science and Machine Learning are a few of the new buzzwords that have invaded out industry of late. Most of what we hear are promises of an unicorn-laden, silver-bullet panacea by heavy-handed marketing folks, evoking an expected pushback from the most enlightened members of our community.
This talk will help parse what we as a community need to know and understand about these concepts and help understand where the technical details and actual capabilities of those concepts and also where they fail and how they can be exploited and fooled by an attacker.
The talk will also share results of the author's current ongoing research (on MLSec Project) of applying machine learning techniques to information secuirty monitoring.
There are a lot of myths in application security. By partnering with developers, Target has busted several common security myths and proved that an effective security program can take a different approach.
This session will describe how to successfully implement a “credit score” to security measurement practices, build an exclusive security champions program, and stop “scanning all the things.”
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Sean Whalen
Respond proactively to threats like a defense contractor. It’s more realistic than you might think!
A practical guide of how to build intelligence-driven cyber defenses using open source software, based on real implementations of best practices, adapted from the Lockheed Martin Cyber Kill Chain model.
Similar to Managing Next Generation Threats to Cyber Security (20)
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
It covers popular IaaS/PaaS attack vectors, list them, and map to other relevant projects such as STRIDE & MITRE. Security professionals can better understand what are the common attack vectors that are utilized in attacks, examples for previous events, and where they should focus their controls and security efforts.
Discuss Security Incidents & Business Use Case, Understanding Web 3 Pros
and Web 3 Cons. Prevention mechanism and how to make sure that it doesn’t happen to you?
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
Round Table Discussion On "Emerging New Threats And Top CISO Priorities In 2022"_ Bangalore
Date - 28 September, 2022. Decision Makers of different organizations joined this discussion and spoke on New Threats & Top CISO Priorities
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
Cloud Security Groups are the firewalls of the cloud. They are built-in and provide basic access control functionality as part of the shared responsibility model. However, Cloud Security Groups do not provide the same protection or functionality that enterprises have come to expect with on-premises deployments. In this talk we will discuss the top cloud risks in 2020, why perimeters are a concept of the past and how in the world of no perimitiers do Cloud Security groups, the "Cloud FIrewalls", fit it. We will practically explore Cloud Security Group limitations across different cloud setups from a single vNet to multi-cloud
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.
The Internet is home to seemingly infinite amounts of confidential and personal information. As a result of this mass storage of information, the system needs to be constantly updated and enforced to prevent hackers from retrieving such valuable and sensitive data. This increasing number of cyber-attacks has led to an increasing importance of Ethical Hacking. So Ethical hackers' job is to scan vulnerabilities and to find potential threats on a computer or networks. An ethical hacker finds the weakness or loopholes in a computer, web applications or network and reports them to the organization. It requires a thorough knowledge of Networks, web servers, computer viruses, SQL (Structured Query Language), cryptography, penetration testing, Attacks etc. In this session, you will learn all about ethical hacking. You will understand the what ethical hacking, Cyber- attacks, Tools and some hands-on demos. This session will also guide you with the various ethical hacking certifications available today.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Quantum Computing: Current Landscape and the Future Role of APIs
Managing Next Generation Threats to Cyber Security
1. Best Of The World In Security Conference
Best Of The World In Security
12-13 November 2020
Managing Next Generation
Threats to Cyber Security
Dr. Peter Stephenson, CISSP (Lifetime)
Center for Digital Forensic Studies
2. Best Of The World In Security Conference
• Questions anytime – but be courteous and respectful
• Breaks about every hour – 10 minutes
• That’s all, folks…..
House Rules
3. Best Of The World In Security Conference
• PhD in computing with research and specialty in digital investigation
• MA in diplomacy with a concentration in terrorism
• Over 55 years experience including 10 years as a US Navy crypto tech
• Consultant for over 40 years
• Associate Professor at a private military college for ten years teaching cyber
forensics, cyber crime/cyber law, and network attack/defend (red
team/blue team)
• Lifetime (retired) CISSP
• Author or co-author of 20 books (new one coming next year)
• Retired technology editor at SC Magazine
• Blog at SecureWorldExpo.com
• Deep-dive reviews at Cyber Defense Magazine with podcast coming soon
• All-but-dissertation, PhD in Law focusing on cyberspace
About me
4. Best Of The World In Security Conference
• Introduction - sorting out the next gen hype from the next gen facts
and a few definitions
• Picking your tools - are they really next gen and how do you know -
do you need next gen tools and why or why not – an example with a
short demo
• Is the adversary using next gen technologies, how do we know and
what should we do?
• The law and cyber science - are we ready to prosecute the next
generation of adversary - what are we doing now and what's wrong
with it - do we need a whole new set of laws? - How does this affect
our governance?
Agenda
5. Best Of The World In Security Conference
• Complicated field of AI
• Lots of definitions
• For example, Dr. Jason Brownlee cites 14 different types of machine learning alone
• 1. Supervised Learning
• 2. Unsupervised Learning
• 3. Reinforcement Learning
• 4. Semi-Supervised Learning
• 5. Self-Supervised Learning
• 6. Multi-Instance Learning
• 7. Inductive Learning
• 8. Deductive Inference
• 9. Transductive Learning
• 10. Multi-Task Learning
• 11. Active Learning
• 12. Online Learning
• 13. Transfer Learning
• 14. Ensemble Learning
Introduction
6. Best Of The World In Security Conference
• Key constructs
• Machine learning
• Supervised, unsupervised and reinforcement - classifiers
• Deep learning
• Neural networks
• Why bother with all of this?
• AI, especially ML, is in many security tools
• AI, especially ML, is being explored by the adversary as a viable attack
modality
• Lots of security tools claim AI but not all really incorporate it
• Bottom line: this is where cyber science and cyber security are
headed and we need to understand it, at least at a 100,000 foot level
Introduction
7. Best Of The World In Security Conference
• Artificial intelligence
• The computing technology that behaves like human intelligence – comprises
several specific techniques/technologies
• Neural network
• The algorithms that simulate human brain activity – input layer, hidden
layer(s) and output layer
• Machine Learning
• Based upon neural networks and may or may not use labeled data initially
• Deep learning
• Based upon neural networks and machine learning with multiple hidden
layers
Introduction – Machine Learning
8. Best Of The World In Security Conference
• Defined by towarddatascience.com as “… providing systems the ability to
automatically learn and improve from experience without being explicitly
programmed.”
• Basic machine learning algorithm
• Y = f(X)
• Y is the dependent variable (the answer we seek)
• X is the independent variable (the independent variable we are given)
• f is a function (some formula or algorithm we are given)
• Initially we may not be given X or Y – we don’t even start out by knowing f
• Training data is randomly selected Xs and Ys that represent what we know and what
we are seeking.
• We then look for relationships between the two and derive our f
• Or, we may know f and need to apply it to an already-labeled training set
• Supervised learning
• The algorithm is much more complicated and there may be several
Introduction – Machine Learning
9. Best Of The World In Security Conference
• Depends upon labels
• All elements in the dataset are labeled
• Algorithms f predict output Y from the input X
• Outputs can be grouped into packages of similar elements using a
classifier
• X (with labels) -> f (algorithm models) -> Y
• The key in supervised learning is the label. Elements are classified by
their labels which are assigned already
• When a new unknown element is introduced to the model it is
assigned a label and its classification is predicted
Introduction – Supervised Machine Learning
10. Best Of The World In Security Conference
• Unsupervised learning does not start with labeled data elements
• Systems infer a function from unlabeled input data
• Can be clustering (discover inherent classifications)
• Can be association (discover association rules in the input data based
upon the algorithm)
• X -> f -> classifier
Introduction – Unsupervised Machine Learning
11. Best Of The World In Security Conference
• Learns through the consequences of behavior in a given environment
• Behavioral learning model
• Algorithm provides analysis feedback, selecting the best result (a “reward”)
• Not trained by a dataset – learns using trial and error, like a human
child’s learning based upon experience
• Algorithms can be biased
Introduction – Reinforcement Machine Learning
12. Best Of The World In Security Conference
• Deep learning uses more than one intermediate layer of f (greatly
oversimplified but acceptable for our purposes)
• Neural networks simply aim to reproduce the neural pathways in the
human brain and how they work (again, greatly simplified but
acceptable for our purposes)
Introduction – Deep Learning and Neural Networks
13. Best Of The World In Security Conference
• By calculating f the adversary can determine how the defensive
measures will respond to an attack and then craft an attack to
circumvent those measures (adversarial machine learning or AML)
• We will discuss an example of this – a tool called PEsidious – later
• Another example is DeepFool – tool that computes training data
perturbations to fool deep networks
• AML consists of determining f and extracting the training set
• Black and white box attacks
• White – training set is known by the attacker
• Black – training set is not known
• AML is particularly well-suited to hivenets and swarmbots, especially
autonomous ones
Introduction – Adversarial Machine Learning & GANs
14. Best Of The World In Security Conference
• Generative Adversarial Network – GAN
• Analyzes a training set generates new data with the same characteristics as
the training set
• Goal is to generate elements of the target’s training set that are slightly – but
not observably – different to fool the target into thinking that the GAN-
generated elements are genuine
• Applicable especially to autonomous swarmbots
Introduction – Adversarial Machine Learning & GANs
15. Best Of The World In Security Conference
• What is a next generation security tool?
• A tool that uses one or more components of AI
• How do I know I am getting such a tool? What questions should I have answered
and proven in a demo?
• Are you using supervised, unsupervised or reinforcement learning?
• If supervised, where are you getting your training data?
• Tell me about your algorithms – what do they do?
• Just having algorithms does not make the tool AI
• Some example open source/free tools
• See exhaustive curated collection at GitHub: https://github.com/jivoi/awesome-ml-for-
cybersecurity
• Excellent tutorial by Alexadre Pinto at https://www.youtube.com/watch?v=tukidI5vuBs
• Test your AI-based defenses with DeepFool (free): https://towardsdatascience.com/deepfool-
a-simple-and-accurate-method-to-fool-deep-neural-networks-17e0d0910ac0
• More and link to Python code at https://github.com/LTS4/DeepFool/blob/master/MATLAB/README.md
• Weka – ML workbench: https://www.cs.waikato.ac.nz/ml/weka/ … user can assemble
machine learning pipelines, train models, and run predictions without having to write code –
demo
Picking Your Tools
16. Best Of The World In Security Conference
• Devevloped by the Machine Learning Group at the University of Waikato
(https://www.cs.waikato.ac.nz/ml/weka/)
• Can be integrated with many data science tools
• R
• Python
• Apache Spark
• Scikit-learn
• WekaDeeplearning4j is a deep learning package for Weka
• No programming required
• Can be used for practical purposes
• Phishing email analysis* demo is a good example
• *Tan, Choon Lin (2018), “Phishing Dataset for Machine Learning: Feature Evaluation”,
Mendeley Data, V1, doi: 10.17632/h3cgnj8hft.1 http://dx.doi.org/10.17632/h3cgnj8hft.1
Picking Your Tools – Weka: A Machine Learning Workbench
17. Best Of The World In Security Conference
• Easy steps
• Build a model
• Save the model
• Load the model
• Make predictions
• What you need
• Weka
• Training dataset
• https://github.com/renatopp/arff-datasets
• https://waikato.github.io/weka-wiki/datasets/
• https://math.nist.gov/mcsd/savg/vis/NVD/index.html (National Vulnerability Database)
• Test your dataset to make predictions using your data
• DEMO of WEKA on a PHISHING EMAIL DATASET
Picking Your Tools – Weka: A Machine Learning Workbench
18. Best Of The World In Security Conference
• No open source/free products as far as I know
• Several competent commercial products
• What is a deception network?
• Technology that overlays or interlays traps, lures and decoys on the enterprise
that exactly mimic enterprise assets
• What is a deception network NOT?
• Honeypot or honeynet
Picking Your Tools – Deception Nets
19. Best Of The World In Security Conference
• Our deception net has advanced features (be sure to include these if you
decide to build your own from scratch)
• Unsupervised ML – enterprise discovery
• Decoys – Virtual network assets such as virtual devices that mimic actual devices
transparently
• Lures – Enterprise items such as email addresses, emails, users, file systems and
documents
• Sinkhole with built-in forensics
• Active directory defenses and forensics
• Forensics to detect, among other things, lateral movement by watching endpoints
• Deception network demo
• Using a commercial product because of a lack of open source products
• You could build an open source deception net using Python (probably) and any of
several open source libraries and general ML tool kits
Picking Your Tools – Deception Nets
20. Best Of The World In Security Conference
• Beginning to experiment with ML
• A few things the adversary might do
• ML-based malware
• ML-based obfuscation, especially of malware
• ML-managed spam
• DeepFake images, video, audio and social media postings
• FakeApp - https://www.malavida.com/en/soft/fakeapp/ - brief walkabout
• DeepFaceLab (Microsoft – free) https://github.com/iperov/DeepFaceLab
• Tool resource: http://www.deepfakestate.com/deepfake-tools
What About the Adversary?
21. Best Of The World In Security Conference
• PEsidious: malware obfuscation using machine learning
• Mutates the malware
• Uses reinforcement learning and GANs
• Tries to bypass classifiers in ML-based anti-malware
• Keeps malware functionality
• Full instructions and code at https://github.com/Vi45en/Pesidious
(excellent)
• Includes benign and malicious binaries for training
• Excellent reference guide at
https://vaya97chandni.gitbook.io/pesidious/
What About the Adversary? – an Example of Malicious AI
22. Best Of The World In Security Conference
What About the Adversary? – PEsidious (simplified)
23. Best Of The World In Security Conference
What About the Adversary? – PEsidious – Process Detail
24. Best Of The World In Security Conference
What About the Adversary? - PEsidious
The MalGAN generative adversarial network used by Pesidious
Generates adversarial feature vectors that appear to be benign
25. Best Of The World In Security Conference
• Feature extraction and feature mapping vector generation – training
• Generate a feature vector mapping for section names and import functions
from a malware and benign binary samples
• Features Vector Mapping
• Malware Feature Vectors
• Benign Feature Vectors
• Malware feature vector mutation using Generative Adversarial Networks
• Feed the feature vectors to the MalGAN model to generate adversarial
feature vectors which appear to be benign
• Build binaries of the mutated malware
What About the Adversary? – PEsidious – How it Works
26. Best Of The World In Security Conference
What About the Adversary? – PEsidious – Test Results
1682 Benign binaries - Scraped from our host computers.
2094 Malware binaries - Downloaded from VirusTotal.
Training Data
27. Best Of The World In Security Conference
• This section taken from three years of research for a PhD in law with
an emphasis on cyber law
• Upcoming book: The Collision of the Law and Cyber Science to be published
next year
• A theory of cyber law based upon jurisdiction
• Over 170 U.S. cases studied
• Key aspects:
• Purposeful availment
• Effects test
• Minimum contacts
• Due process clause of the 14th amendment to the U.S. Constitution
• Definitions of general and specific personal jurisdiction
The Law and Cyber Science
28. Best Of The World In Security Conference
• The problem we are trying to solve:
• Can every American potentially cyber-related private law case be analyzed,
jurisdiction guidance applied, and probability of accuracy of that guidance
determined using The Cyber Jurisdiction Framework generally, and the three-prong
test specifically.
• My research developed the Cyber Jurisdiction Framework and the three-prong test
• Cyberspace is not a separate domain as many describe it, but, rather is an
overlay on the physical space
• Result of my research and the opinion held by the Tallinn Manual 2.0 on
international law applicable to cyber operations prepared for NATO
• Three kinds of case outcomes
• Simple – my be adjudicated using settled law
• Hard – may be adjudicated using novel interpretations of settled law
• Complicated – requires either new laws or amendments/modifications to settled law
to adjudicate
The Law and Cyber Science
29. Best Of The World In Security Conference
• The Cyber Jurisdiction Framework (CJF) Guidelines
• A State may only exercise its jurisdiction if another State with a purportedly stronger nexus to the case
fails to do so in ways that are reasonably acceptable to the would-be regulating State or to the
international community at large.
• The place of the harm is the place of the impact
• Non-consensual or unauthorized control of intermediate Internet or other network-attached devices and
computers does not dictate personal jurisdiction in the forum where the devices or computers reside
• Substantive directed contact suggests the jurisdiction. By “directed” I mean intentional and with
• knowledge of the contact.
• Where settled physical space law exists as to the choice of jurisdiction and the type and nature of
anticipated litigation, such as an event that begins and is completed within the same jurisdiction, that law
shall be applied, with modifications to address the cyber aspects of the event if necessary.
• The place of the harm usually is the first choice for jurisdiction.
• Where an attack or other wrong acts autonomously, the developer, actor launching the malicious code or
attack, or producer of the offending autonomous code, is liable.
The Law and Cyber Science – Cyber Jurisdiction Framework
30. Best Of The World In Security Conference
• Constructs describe the environment(s) of the event
• Five general constructs in the CJF
• Construct 1: The event is completely within the forum’s jurisdiction. It begins and ends in the forum without
passing through any other jurisdiction.
• Construct 2: The cyber event begins and ends in the same forum’s jurisdiction but at some point it passes
through another jurisdiction
• Construct 3: The event begins in one jurisdiction and ends in another without any intermediate stops in other
jurisdictions
• Construct 4: The event begins in one jurisdiction and ends in another but makes intermediate stops in a third
(or more) jurisdiction(s).
• Null Construct: – Symbolized by φ, the Null Construct is used when the case has no cyber relationships.
• Two important definitions
• Cyberspace - Cyberspace is a complex global information infrastructure that facilitates communication
between technology such as computers, networks and other digital systems, both independently and on behalf
of people using it. Cyberspace per se is distinct from physical space and the constraints imposed by it such as
geographic boundaries
• Cyber science - Cyber science is the study of phenomena caused or generated within the cyber space, which
may or may not interact with phenomena caused or generated within the physical space.
The Law and Cyber Science – CJF Constructs
31. Best Of The World In Security Conference
• 2-step process used to validate the CJF
• Over 170 private law cases analyzed
• Evaluate the selected cases individually for consistency between the CJF and actual case
outcomes
• Evaluate the study as a whole for overall consistency and CJF validation
• Modifiers used when analyzing cases using the CJF
• Minimum contacts
• Purposeful availment
• Effects test
• Points of confusion
• Place of the harm
• The state where the last event necessary to make an actor liable for an alleged tort takes place
• Minimum contacts
• What is that number? Depends upon the type and quality of contact. Could be as low as
one
• International Shoe Co v. Washington
The Law and Cyber Science – CJF Case Analysis Methodology
32. Best Of The World In Security Conference
• Zippo Manufacturing Co. v. Zippo Dot Com Inc.
• Purposeful availment
• Minimum contacts
• Begins in one jurisdiction and ends in another while passing through, but not
stopping in, another jurisdiction (Construct 3)
The Law and Cyber Science –Seminal Internet Jurisdiction Case
Zippo Manufacturing Company is the maker of Zippo lighters and is headquartered in Bradford,
Pennsylvania. Zippo Dot Com was an internet news service located in Sunnyvale, California. The
case turns on Manufacturing’s complaint that Dot Com had infringed Manufacturing’s
trademarks and other similar claims. The claims were both Federal and based upon Pennsylvania
law.
Dot Com set a motion before the Court for dismissal based upon lack of jurisdiction in
Pennsylvania since Dot Com was a California company. Dot Com also moved to relocate the
case to another Federal Court under 28 U.S.C. § 1406(a). The Court denied the motion.
Dot Com had a provision on the site for signing up subscribers and approximately 2% of its
global customers were in Pennsylvania. Therefore, it was not a passive site and was
subject to personal jurisdiction in Pennsylvania rather than its home state of California.
33. Best Of The World In Security Conference
• Microsoft Corp. v. John Does 1-82
• Dismantling of the Citadel botnet
• The District Court claimed personal jurisdiction over the unknown
developers/operators of the botnet – how?
• Used aliases of admins of the command and control servers
• Court was in North Carolina because of a heavy concentration of Microsoft
customers which the complaint claimed were harmed as well as Microsoft
• Botnet’s command and control structure was known
• Won’t be the case for next generation autonomous hivenets and swarmbots
• Based largely on purposeful availment and the effects test
The Law and Cyber Science –A Very Complicated Case
34. Best Of The World In Security Conference
• The 3-prong test for personal jurisdiction
• The Cyber Event Test – is the case, actually, cyber-related?
• In order to be classified as a Cyber Event, the case must adhere to both the definition of cyberspace and the definition of cyber
science Cyberspace is a complex global information infrastructure that facilitates communication between technology such as
computers, networks and other digital systems, both independently and on behalf of people using it. Cyberspace per se is
distinct from physical space and the constraints imposed by it such as geographic boundaries
• The Modifier Test – does the case have a clear indication of the primary modifier, purposeful availment,
and the secondary modifier minimum contacts, in the contest of cyberspace?
• In order to be subject to jurisdiction in cyberspace, the case must demonstrate purposeful availment within the context of
cyberspace. The case also must be able to apply minimum contacts in order to comport with the due process clause of the
Constitution.
• The Cyber Effects Test – does the selected jurisdiction properly reflect the place of the harm?
• In order to be subject to jurisdiction in cyberspace the case must be able to apply the standard effects test within the context
of cyberspace.
The Law and Cyber Science –A Way Forward
35. Best Of The World In Security Conference
• Cybersell v. Cybersell - 1997
• Two separate companies that did different businesses
• Both Internet-dependent
• One in Arizona and one in Florida
• Trademark infringement
• CSA (Cybersell Arizona) sued CSF (Cybersell Florida) for infringing its trademark
• One used Internet for email marketing and the other built web sites
• Cyber event test is satisfied
• CSA (plaintiff) could not establish that CSF (defendant) purposefully availed itself of
business in Florida since the Florida web site was passive
• Purposeful availment fails for passive web sites
• Modifier test fails
• CSA claims Arizona as the place of the harm but CSA or its customers were not
affected by access to the passive Florida website
• Effects test fails
• Under CJF Guideline 5 settled physical space law is sufficient to adjudicate this case
The Law and Cyber Science –A Way Forward - Example
36. Best Of The World In Security Conference
• An Emerging Role of Cyber-Legal Practitioner is needed
• Cyber Forensic Training Including Advanced Malware Analysis and
Evidence Identification and Gathering Needs to enter Education
Programs
• Lawyers and Courts Need to Become Better Acquainted with
Advanced Cyber Threats
• Organizations need to be prepared to address these three issues
through training, awareness, advance contracting of both legal and
technical experts, next generation-relevant policies, and application
of next generation tools, techniques and procedures designed both to
protect and gather forensic evidence in an autonomous environment
The Law and Cyber Science –Governance Issues
37. Best Of The World In Security Conference
• Although well over 80% of so-called cyber-related cases can be solved
without recourse to cyber technology, there is an increasing number
that are hard cases from the cyber perspective.
• For those cases that involve artificial intelligence in general and
machine learning in particular, the challenges border on the extreme
as our hypothetical illustrates. We are not, today, prepared legally or
technically to address these new challenges. However, and much
more important, lawyers and cyber subject matter experts (SMEs) are
not yet prepared educationally to work together.
• When the law takes on the creator of an autonomous malware
system (hivenets and swarmbots, for example) it will have to depend
upon expert witnesses and even then the interactions are very
complicated.
The Law and Cyber Science – Conclusions
38. Best Of The World In Security Conference
Questions?
Dr. Peter Stephenson
pstephen@cdfs.us