Latvijas IT drošības ziņu centrmezgls. Informācijas iesniegšana. Avota konfidencialitāti garantējam. pasākums veltīts IT drošības problēmām

Kategorija: Datu drošība + Lekcijas

Thursday, October 18, 2012 from 6:30 PM to 10:00 PM (EEST)
Hotel Kolonna “Konventa sēta” (conference room – Kampenhauzens)
Kaleju street 9/11, Riga, Latvia

5th will be focused on SECURITY issues:

Didzis Balodis from DPA Latvia will talk about “Web application security – hacking weak authentication implementations” (Language – Latvian)
After the latest security breaches when millions of user accounts have been compromised at such companies such as LinkedID, Yahoo and Gamigo we will present the current trends in password attacks, how the different attack vectors work and what kind of weaknesses they exploit. Then we will move on to different strategies of secure authentication implementation and will demonstrate some practical proof of concepts.
Tags: Password attacks, Secure authentication
Didzis Balodis is currently leading IT Security unit in DPA Latvia. He has more than 10 years of IT experience in development, support and administration of IT systems in the public and commercial sector companies. Last five years Didzis has more focused on IT consulting and security audit, serving clients in Latvia and abroad. Most of the time is spent in leading security audit, vulnerability and penetration testing assignments, among his recent clients there are companies from financial, utilities and public sector. Didzis has also developed and is delivering to its clients a User IT security awareness program which often is accomplished with some social engineering attacks. Didzis also holds CISSP and GPEN certifications.

Andrejs Podšibjakins from CTCo will talk about 2-3 techniques he uses for developing secure mobile apps in his company (Language – English)
Will talk about 3-4 items from our companies mobile app security checklist. Will describe the problems, provide solution and show code examples or demos.
Tags: Mobile app security, iOs examples
Andrey Podshibyakin is working in IT for 6+ years. Geek level 85. Love mobile devices and cutting edge tech. Working in CTCo as development manager in mobile development team.

Mehis Hakkaja from Clarified Security OÜ will talk about “Red pill vs. blue pill – penetration testing perspective” (Language – English)
Edutainment mode presentation of typical web application blunders with live hacking demos and real-life examples my penetration testing team encounters all too often. I wrap it up with some visually entertaining fun with recent Java and IE exploits.
Tags: Penetration testing, Live hacking demos, Real-life examples
Mehis Hakkaja is a security practitioner who has viewed IT security from many different viewpoints. Mehis is a U.S. Military Academy, West Point, graduate with a B.Sc. degree in computer science with special interest in cyber warfare. Besides his military background, Mehis has worked as a penetration tester and pentest team leader, security manager for a telecommunications company, has promoted CERTs (Computer Emergency Response Teams) at ENISA (European Networks and Information Security Agency) and has managed information security for a global company. Currently Mehis is the CEO and founder of Clarified Security OÜ which is specialized in technical security audits and penetration testing and also teaches hands-on security courses.


2012-10-09  »  edgars

Re: pasākums veltīts IT drošības problēmām

Tags you can use (optional):
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>