09.00 AM - 09.15 AM

The main keynote, undertaken by one of our founding members.

09.15 AM - 10.00 AM

Let's Make Needles Glow in Timesketch

Timesketch is an open source platform focused on analyzing timeline-formatted forensic data. The increasing number of data sources available means modern timelines may contain millions of events, and it has become increasingly difficult for an analyst to reduce that information and extract the dozens of events that will ultimately be relevant to their investigation. This talk will showcase some new Timesketch features that aim to help an analyst make sense of the data and filter out the noise in large timelines - most notably through the integration of various sources of threat intelligence and collective knowledge by the means of dfTimewolf, Sigma rules, and integration with third party threat intelligence platforms such as Yeti and MISP

10.00 AM - 10.45 AM

BeyondProd - A New Approach To Cloud Native Security

BeyondProd is a security whitepaper written by Google. BeyondProd purposefully calls back to the concepts of BeyondCorp - just as a perimeter security model no longer works for end users, it also no longer works for microservices. In this talk, we provide on how several pieces of Google’s infrastructure work together to protect workloads, in an architecture that is now known as "cloud-native".

10.45 AM - 11.30 AM

Collecting Forensic Evidence from SaaS Applications: A Study of Microsoft 365 Forensics

It is an obvious trend, pushed by the pandemic work-from-home arrangements, for companies to leverage cloud technologies. Recent surveys indicate substantial gaps and challenges in applying traditional digital forensics to the cloud paradigm. Instead of acquiring partial forensic remnants from a seized (on-premises) device, we propose to collect “CSP- enabled logs” and “CSP-stored contents” (CSP stands for the cloud service provider) as the best evidence for SaaS application investigations. We provide a study on a “forensically- aware” SaaS application to illustrate of application of the proposed approach in acquiring the best available forensics evidence from Exchange Online, a crucial part of Microsoft 365. The collected evidence can help rebuild the compromise timeline or facilitate the reconstruction of criminal events.

11.45 AM - 12.30 PM

Learning Hands-On Cybersecurity Skills - The Real Journeys

Working at Offensive Security, I work with individuals and companies at all sectors, I have heard about some real stories of how to be successful at technical roles through hard core learning of hands on skills. These could be of great interest to students, aspiring career beginners in cyber security, and shed some light on how corporates can facilitate workforce development on hands on skills.

12.30 PM - 2.00 PM

Lunch break

Details regarding food will be updated at a later date.

2.00 PM - 2.45 PM

Panel Discussion: TBD

3 industry leading experts will discuss a subject of interest.

2.45 PM - 3.30 PM

canTot - A CAN Bus Hacking Framework for Car Hackers and Automotive Security Enthusiasts

canTot is a cli framework similar to the usage of known frameworks like Metasploit, dronesploit, expliot, and Recon-ng. The fun thing is that it contains fun hacks and known vulnerabilities disclosed. It can also be used as a guide for pentesting vehicles and learning python for Car Hacking the easier way. This is not to reinvent the wheel of known CAN fuzzers, car exploration tools like caring caribou, or other great CAN analyzers out there. But to combine all the known vulnerabilities and fun CAN bus hacks in automotive security.

3.30 PM - 4.15 PM

Turing Certs: Blockchain-empowered Authentication for Real Estate, ESG, Healthcare, and Education.

Turing Certs, a global identity passport on blockchain, founded by Berkeley alum Yao-Chieh Hu, invested by Morgan Stanley CEO Taiwan. Mr. Ko, and coached by Google ex-CEO Taiwan, Dr. Chien. We help authorities certify credentials and identities for counterfeiting and sustainability. Now having WHO, Roche, LINE, Berkeley Law, Harvard HCAP and 120+ governments and institutes adopting us to talent certificates; and having Dun & Bradstreet and CRIF adopting us to ESG certificates.

4.15 PM - 5.00 PM

AI and ML in the World of Cyber Detect & Response - Hype or Hyper?

With escalating number of malicious payloads circulating, it is becoming increasingly unfeasible to rely on traditional detect & respond processes and technologies. Is AI/ML the proverbial silver bullet cyber the profession needs, or how else to keep up with the rampant cyber threats? Join for a presentation to discuss the challenges of AI enabled Cyber and how to qualify marketing hype from real outcomes and solutions.

5.00 PM

Outro