In the modern era, businesses diverge over digital platforms and sell their services and products online. SaaS is hotcakes and commonly targeted at large, while hackers are no longer looking for SQL, XSS, CSRF, and RCE.
How security mature is your organization? The Cybersecurity Maturity Model Certification (CMMC) is a major Department of Defense (DoD) program built to protect the defense industrial base (DIB) from increasingly frequent and complex cyber attacks and it is coming to Canada. Learn more about it here!
A journey that explores the irresistible urge of teenagers to enter places they shouldn’t, such as the Casino Lac Leamy, despite being underage. We delve into the clash between the desire to gain unauthorized access and the resources used to keep individuals out and the concept of holistic security.
The one thing that has made email livable has been filters, which trim 99% of SPAM at the provider level before it hits the inbox. AI will be able to defeat every known filter we have, making it impossible to trim the spam. We could harness the power of AI to filter also, but is it worth it?
This presentation walks through the patterns of successfully starting of a DevSecOps program from scratch. It focuses on the strategies to be successful and the lessons learned along the way. Lastly, this talk concludes how the recent EO of SBOM shapes the next steps of DevSecOps maturity.
Did you know your smart bulb could lead seniors out of their houses? My research uncovers hidden security risks in everyday IoT devices repurposed for elderly care. We developed a framework to help build secure, elderly-friendly smart homes. Our surprising findings redefine secure elderly care.
Uncover the vulnerabilities of traditional MFA methods and their real-world implications. Explore emerging solutions that strengthen defenses. Empower your audience with actionable insights to enhance security practices. Elevate your understanding of cybersecurity. Defend against evolving threats.
Offensive security is critical for detecting vulnerabilities in systems, applications, people, and buildings. Some assessment types are only crucial at certain times or stages of an organization’s security maturity. Offensive security takes a threat approach to assess in-scope targets for vulnerabilities and, even more importantly, exploitable ones. Although offensive security is no secret, companies are required to perform pentests for compliance reasons. It is one of the most misunderstood areas of cybersecurity. This is due to the lack of experience by most cybersecurity professionals in this discipline. In this presentation, we will demystify this tradecraft, and attendees will learn the details of each specialization of offensive security, including pentesting, red teaming, social engineering, and physical security assessments. Vulnerability management will be discussed, and where offensive security falls into the overall strategy. Discussed along with the different assessment types, we will share the tools and techniques used in each phase of these assessment types. Attendees will come away with a better understanding of offensive security, the difference in assessment types, and the tools, methodologies, and standards necessary for performing thorough security assessments.