Mobile Security Solutions Forum

  • Friday, 19 Feb 2021 10:30AM EST (19 Feb 2021 15:30 UTC)
  • Speakers: Domenica Crognale, Heather Mahalik, James Eichbaum, Steve Banda, John Gfeller VI, Kimberly Kafka, Brendan McKeague

Join the Interactive Slack Workspace. Earn 6 CPE credits for attending live.

Slack Workspace:

Event Overview

Industry experts agree that smartphone users often assign a higher value to the data stored on their mobile device than actual value of the smartphone itself. This logic also applies to laptops and tablets. Yet, while many people know they should secure the valuable data on their computers, they frequently don't extend that protection to what's on their mobile devices.

With the popularity of smartphones and tablets continuing to rise, mobile devices are becoming more of a target to cybercriminals. Many individuals are using smaller devices as they would a desktop or laptop computer. They are storing more personal data and connecting apps to GPS, financial, storage, health, and more without taking the time to read and understand what information they 're allowing them to track, store, and share.

Taking time to understand the latest malware, smartphone operating systems, third-party applications, acquisition shortfalls, extraction techniques (jailbreaks and roots) and encryption is key in keeping mobile security safe in the digital era. Getting a basic understanding of mobile device forensics will arm users with the knowledge needed to protect information on their equipment that could otherwise be used to harm them.

This forum will explore various mobile security topics through invited speakers while showcasing current capabilities available today. Presentations will focus on case-studies and thought leadership using specific examples relevant to the industry as we know it.


10:30 - 11:00 AM EST - Event Welcome

Heather Mahalik, @HeatherMahalik, Chairperson, SANS Institute, @SANSInstitute

11:00 - 11:35 AM EST - Best Practices for Securing Remote Workers

Steve Banda, Senior Manager, Security Solutions, Lookout, @Lookout

As organizations enable employees to work remotely, mobile devices and wireless networks will be key tools for maintaining communication and remaining productive allowing employees to work productively from any device and any location can open users to the risks that come with the shared nature of a mobile device. When your employees work from a personal device with access to corporate data, the device's health must be taken into account. It must be assessed for compliance with corporate security and risk policies.

Join Steve Banda, Senior Manager of Security Solutions at Lookout, to learn best practices for securing your mobile workforce, including:

  • Critical considerations for allowing personal devices to access corporate resources
  • What rights should be granted for devices accessing corporate data
  • How to control specific operating systems from gaining unauthorized access
  • What guidance to give users to remain productive and secure while working remotely

11:35 AM - 12:20 PM EST - The Going Dark Problem: Finding the Light Using Hidden App Data

James Eichbaum, @jeichbaum Global Training Manager, MSAB, @MSAB

In an increasingly privacy-conscious world, app developers are building their software with anonymity and encryption top of mind. But when bad actors exploit these protections, investigators are becoming more often left in the dark, locked out of crucial pieces of evidence critical to solving crimes. Investigators must understand that while mobile forensic tools cannot possibly decode or decrypt every app on the market, there are methods to retrieve hidden app data. Being able to manually analyze and parse data from SQLite databases, WAL files, and other files associated with mobile apps is essential to ensuring you are getting the information needed for your investigations.

This hands-on lab will explore the challenges investigators face analyzing encrypted and privacy-centric apps, and provide the tools you need to dissect them - from understanding the different types of data found within SQLite databases to how the WAL and SHM files work and how they may be the key to a successful investigation.

12:20 - 12:30 PM EST - Break

12:30 - 1:05 PM EST - Life Has No CTRL+ALT+DELETE Interactive Podcast: 30 Minute Malware

Host - Heather Mahalik, @HeatherMahalik, Director of Digital Intelligence, Cellebrite, @Cellebrite_UFED

Guest - Lee Crognale, @domenicacrognal Certified Instructor, SANS Institute, @SANSInstitute

If you are an Apple user, it's no secret that you receive more than just a few nudges to upgrade your iOS firmware, but users may have noticed a bit more urgency in the latest patch, 14.4, made available by the vendor. So why was this plea to upgrade issued with such urgency?

This talk will cover a brief history of iOS malware including vulnerabilities and how they've been exploited, how to protect your devices, and the implications iOS vulnerabilities have on mobile forensic investigations.

1:05 PM - 1:40 PM EST - How to Strengthen Your Mobile Strategy

John Gfeller VI, Principal Solution Engineer, Symantec, A Division of Broadcom, @symantec

Now that work from home has become a regular routine, mobile devices are playing an even more critical role in business. At the same time, mobile has increasingly become an attractive target for malicious actors. Join us to hear Symantec Mobile Engineers Mike Soto and Devyn Prasad who will discuss the key factors every enterprise should consider when building their mobile defense. 'In this session, you will:

  • Find out why skipping mobile protection in your security plan is not an option
  • Learn why you need mobile technologies that protect against a wide range of mobile threats without sacrificing employee productivity
  • Hear the details of the important elements of a robust mobile defense
  • See a real-world attack illustrating what can happen if a malicious actor successfully pulls off an attack

1:40 - 2:05 PM EST - Penetration Testing and Incident Response Programs

Kimberly Kafka, Admissions Specialist, SANS Institute, @SANSInstitute

Brendan McKeague, Senior Threat Analyst, FireEye, Inc., @FireEye

Learn more about SANS Technology Institute's Penetration Testing and Incident Response Programs, featuring current student and alumni, Brendan McKeague from Mandiant/FireEye.

This presentation will highlight information pertaining to SANS Technology Institute. The SANS Technology Institute is an accredited college and offers programs at the graduate and undergraduate level. We'll cover an overview of the school's graduate programs, including; admissions requirements, curriculum review, funding and frequently asked questions. In addition, you will have the opportunity to hear from a current student about his experience at the graduate school.

2:05 - 2:15 PM EST - Closing Remarks

Heather Mahalik, @HeatherMahalik, Chairperson, SANS Institute, @SANSInstitute