Static analysis tools for different languages. Statistics for different package managers.What’s pretty sure is that BSides Stuttgart will continue next year, maybe growing and giving also you a chance to grep a seat. I’ve learned so many new tools, and new information especially in the areas of network security and security monitoring for getting OpSec started. Slides have been published on a bsidesstuttgart gitlab site or are posted on the bsidesstuttgart twitter. This will get us some ideas on hardening our NoSQL databases potentially.Īgain from Elastic but on the Linux auditd sub-system and how to process its audit events with Auditbeat and Elastic stack for security monitoring. Insights on the security posture and evolution of MongoDB, Redis and Elasticsearch. Included some real-live example how an attack could be detected and handled based on network logs using the various tools bundled in the distribution. Workshop on Security Onion, a Linux distribution specially for security monitoring, forensics and incident response, just like Kali is for pentesting. On a tool from a Microsoft lady to catalog and filter the many events that the Windows OS produces with mapping to Interesting approach and using sigma for generating SIEM queries for the relevant events. What to log? so many events, so little time.On the second day, the sunny Sunday, I’ve been listening to the following presentations: Also works with docker (as a companion to Sysdig?) and spits out logs. Very interesting workshop on osquery a service that exposes system information such as processes, filesystems, etc. How to treat users not as DAU but involve them into building a security culture in the organization. Cyber Threat Intelligence for Enterprise IT and ProductsĪ presentation Thomas Daniel (Bosch PSIRT)form PSIRT on a concept for product CTI.Security testing using OSSTMM methodology Workshop on using ELK and Beats to build a SIEM more powerful than commercial products Elastic Stack for Security Monitoring in a Nutshell.Very interesting presentation on how Unicode and Punycode tricks can be used for DNS squatting and opening vulnerabilities for buffer overflows How does ASCII and Unicode affect our Security.These are the topics I had attended and are noteworthy on day 1: Many colleagues from Bosch PSIRT and CERT and other (automotive) Bosch GBs attended the conference together with people from other companies such as Daimler. As you can image, this was the track I’ve been mostly following. BUT there was a general track with interesting presentations on cyber security in general. Great atmosphere and well prepared by CC security people from Bosch.Ĭo-organized by the ASRG (Automotive Security Research Group) and being hosted in Stuttgart, the event was pretty automotive oriented in general. Same place as a digitalisation hackathon form Bosch before, just smaller. And the contents are not second class in any way, in the contrary as this event has demonstrated!īSides Stuttgart as the first of its kind in Stuttgart in 2019 took place in the previous industrial facility Wizemann co-working space. Security BSides conferences were originally a way to give those a platform whose presentations had been reject by the large conferences like DefCon or BlackHat, but in the mean time this is a grass-roots DIY conference format world-wide. As this was, as you can see, a Bosch-organized event, I still managed to get listed as a guest, thanks to dear colleague from Bosch CC. But when looking on it 2 weeks before again, it was already sold out. I was lucky to have been there, because after monitoring the site months and weeks before, there was no program published and no way to buy tickets. This post is a bit delayed, on the weekend, 25th and 26 of May, the first BSides Stuttgart took place in the Wizemann location.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |