Join the Interactive Slack Workspace. Earn 6 CPE credits for attending live.
Slack Workspace: sansurl.com/sans-mobile-solutions-forum
Industry experts agree that smartphone users often assign a higher value to the data stored on their mobile device than actual value of the smartphone itself. This logic also applies to laptops and tablets. Yet, while many people know they should secure the valuable data on their computers, they frequently don't extend that protection to what's on their mobile devices.
With the popularity of smartphones and tablets continuing to rise, mobile devices are becoming more of a target to cybercriminals. Many individuals are using smaller devices as they would a desktop or laptop computer. They are storing more personal data and connecting apps to GPS, financial, storage, health, and more without taking the time to read and understand what information they 're allowing them to track, store, and share.
Taking time to understand the latest malware, smartphone operating systems, third-party applications, acquisition shortfalls, extraction techniques (jailbreaks and roots) and encryption is key in keeping mobile security safe in the digital era. Getting a basic understanding of mobile device forensics will arm users with the knowledge needed to protect information on their equipment that could otherwise be used to harm them.
This forum will explore various mobile security topics through invited speakers while showcasing current capabilities available today. Presentations will focus on case-studies and thought leadership using specific examples relevant to the industry as we know it.
10:30 - 11:00 AM EST - Event Welcome
11:00 - 11:35 AM EST - Best Practices for Securing Remote Workers
As organizations enable employees to work remotely, mobile devices and wireless networks will be key tools for maintaining communication and remaining productive allowing employees to work productively from any device and any location can open users to the risks that come with the shared nature of a mobile device. When your employees work from a personal device with access to corporate data, the device's health must be taken into account. It must be assessed for compliance with corporate security and risk policies.
Join Steve Banda, Senior Manager of Security Solutions at Lookout, to learn best practices for securing your mobile workforce, including:
11:35 AM - 12:20 PM EST - The Going Dark Problem: Finding the Light Using Hidden App Data
In an increasingly privacy-conscious world, app developers are building their software with anonymity and encryption top of mind. But when bad actors exploit these protections, investigators are becoming more often left in the dark, locked out of crucial pieces of evidence critical to solving crimes. Investigators must understand that while mobile forensic tools cannot possibly decode or decrypt every app on the market, there are methods to retrieve hidden app data. Being able to manually analyze and parse data from SQLite databases, WAL files, and other files associated with mobile apps is essential to ensuring you are getting the information needed for your investigations.
This hands-on lab will explore the challenges investigators face analyzing encrypted and privacy-centric apps, and provide the tools you need to dissect them - from understanding the different types of data found within SQLite databases to how the WAL and SHM files work and how they may be the key to a successful investigation.
12:20 - 12:30 PM EST - Break
12:30 - 1:05 PM EST - Life Has No CTRL+ALT+DELETE Interactive Podcast: 30 Minute Malware
If you are an Apple user, it's no secret that you receive more than just a few nudges to upgrade your iOS firmware, but users may have noticed a bit more urgency in the latest patch, 14.4, made available by the vendor. So why was this plea to upgrade issued with such urgency?
This talk will cover a brief history of iOS malware including vulnerabilities and how they've been exploited, how to protect your devices, and the implications iOS vulnerabilities have on mobile forensic investigations.
1:05 PM - 1:40 PM EST - How to Strengthen Your Mobile Strategy
Now that work from home has become a regular routine, mobile devices are playing an even more critical role in business. At the same time, mobile has increasingly become an attractive target for malicious actors. Join us to hear Symantec Mobile Engineers Mike Soto and Devyn Prasad who will discuss the key factors every enterprise should consider when building their mobile defense. 'In this session, you will:
1:40 - 2:05 PM EST - SANS.edu Penetration Testing and Incident Response Programs
Learn more about SANS Technology Institute's Penetration Testing and Incident Response Programs, featuring current student and alumni, Brendan McKeague from Mandiant/FireEye.
This presentation will highlight information pertaining to SANS Technology Institute. The SANS Technology Institute is an accredited college and offers programs at the graduate and undergraduate level. We'll cover an overview of the school's graduate programs, including; admissions requirements, curriculum review, funding and frequently asked questions. In addition, you will have the opportunity to hear from a current student about his experience at the graduate school.
2:05 - 2:15 PM EST - Closing Remarks