SANS Community Nights are a great way to stay in touch with your local InfoSec community and to hear the latest in technical wizardry, industry intelligence, and thought leadership from our amazing instructors.
Join us at etc.venues Monument, 8 Eastcheap, London, EC3M 1AE
View the agenda below:
Monday 13th March
17:30 – 18:00
Registration and Drinks
18:00 – 19:00
Hackers Guide to Environmental Catastrophe
Presented by Mark Baggett
19:00 – 20:00
Getting Started in Infosec Consulting
Presented by Ted Demopoulos
Tuesday 14th March
17:30 – 18:00
Registration and Drinks
18:00 - 19:00
ICS Threat Landscape: a look back to 2022 and what to expect from 2023
Presented by Kai Thomsen
19:00 – 20:00
When Skids Attack: Why Teenagers Understand Your Attack Surface Better Than You Do, and How To Fix It.
Presented by Steven Harris
Abstracts:
Hackers Guide to Environmental Catastrophe by Mark Baggett
CNN, Fox News and Greta Thunberg; they all know. If you are paying any attention, you see what’s happening. Organizations and governments are relying more and more on online services. As a result, sensitive data such as Authorization codes, Usernames, passwords and API keys are being stored in environment variables.
In this talk we will look at the security around Linux Environment Variables. I’ll show you how attackers steal this data and use it against you. You will learn how certain environment variables are used by attackers to exploit your system. I’ll explain different options for securing this data and the risk associated with each of them.
Getting Started in Infosec Consulting by Ted Demopoulos
Becoming a successful consultant seems like a dream: high pay, freedom, and fascinating work. These can all be true yet there is more to the reality: as a consultant you are running a business and you need clients! This Webinar covers what those considering consulting need to know, including getting clients, setting pricing and much more. Whether you aspire to consulting full time or you want to keep your job and consult on the side, we cover the basics you need to know to get started.
Based on Ted's over 30 years of consulting, interviews with dozens of successful infosec consultants, and Ted’s book “Getting Started in Infosec Consulting”, topics include:
- What do you need to get started?
- Five ways to acquire clients
- Pricing
- Proposals and negotiations
- Smoothing out the stereotypical “Feast and Famine Cycle” of consulting
ICS Threat Landscape: a look back to 2022 and what to expect from 2023 by Kai Thomsen
A look at the threats against industrial environments and security posture in 2022, some predictions what we might encounter in 2023 and recommendations on how to effectively improve your ICS/OT security posture.
When Skids Attack: Why Teenagers Understand Your Attack Surface Better Than You Do, and How To Fix It by Steven Harris
Recently we have seen that teenagers were able to compromise the networks of large companies like Uber. This talk discusses real life cases from law enforcement and the cyber security industry that an organization's attack surface is often wider than we imagine, why teenage hackers succeed when pentesters fail, and how you can better understand what your attack surface really looks like.