Turkey country track
13:30-14:30 Scrum Based Multidisciplinary Training Approach | Cyberstruggle
Due to the integrality between real life and cyber life, cyber security has become a struggle which cannot be handled only within the framework of IT security or its specific subdomains.
In this context, there is an inevitable requirement for experts and passionate team players who are able to comprehend the big picture, perform technical studies at micro level, develop cognitive functions and can deliver excellent outcomes under high pressure and stress. These experts are also expected to run offensive and defensive tasks; have a complete understanding and vision of psychological warfare, criminology, terrorism, non-war and a developed criminal perspective due to the evolution of cyber struggle.
Therefore, in order to contribute to the development of hybrid experts with all these hard-to-acquire qualities, we present you the most extraordinary training program and introduce “Multidisciplinary Cyber Struggle” concept based on Scrum methodology.
14:00-14:30 Application Control Bypass Workshop | Havelsan
Application control feature is being widely used by many next-generation firewalls. With this feature, security administrators can control applications while controlling traditional Layer4 network traffic.
In this research, Leaders of Gartner Magic Quadrant for Enterprise Network Firewalls are selected and the identification techniques and management of applications on these next-generation firewalls are analysed. The results of the research show us that there are easy ways to bypass application control features of these products. In this workshop, the outcomes of the research and a PoC tool that can act like HTTP and HTTPS protocol traffic and send other protocols inside a tunnel will be introduced.
14:30 -15:00 Fraud Detection and Prevention via Machine Learning in Telecom | Netas
Telecom systems merge IP network and so secure communication needs to check the whole systems not only local systems, services. Moreover the systems is getting more complex and the amount of usage is increased. Fraud on VoIP telecom systems has been increasing while VoIP usage is enhanced and merged with other communication systems, services.
The traditional CIA (Confidentiality, Integrity, and Availability) model of cyber security is insufficient to prevent fraud as a threat. Big & fast data analytics, machine learning and enhanced rule platforms based on logical expressions are necessary to deal with fraud detection and prevention. We will discuss the problems and solutions in the presentation. Moreover machine learning method outputs will be presented.
15:00 - 15:30 Presentation: Fooling Automated Malware Analysis Systems | GAIS Security
The number of APT attacks increases day by day and malware, which is a step in these attacks, poses a threat to the target organizations. These malwares targeting corporations are sent to teams for analysis while they are in suspicious condition and these teams sometimes use automated malware analysis systems while performing manual analysis operations according to the situation. The main purpose of automatical analysis systems is to facilitate the analyst's job by making the analytical time quicker by performing fast and time-consuming operations which must be done manually by the analyst and taking the time-consuming operations.
15:30 -16:00 Next Generation Vulnerability Management | Penetra
Enterprises continue to find it a challenge to address vulnerabilities. Although most enterprises employ a variety of cyber security tools and policies, conduct penetration testing and vulnerability scanning activities, many still don’t have the visibility and the required data at hand to program a holistic organizational approach to risk and vulnerability. On the other hand, it is simply impossible for any organization to remediate every vulnerability and ensure 100% coverage of its attack surface. What we need is the visualize and prioritize our risks which leads to take quick remediation actions and monitor the results. “Next Generation Vulnerability Management” is the best method to meet this requirement.
16:00 - 16:30 Mobile Application Security : Apps are the new end points | Cyberarts
Why are applications so critical? Because our applications; are keys to our backend systems, store our enterprise data, enable our enterprise mobility, are our most precious intellectual property.
How secure are our mobile applications? Applications that : We purchased? We developed? Our employees bring in? We distribute those applications to our customers, to our partners, to our employees. These applications run on many different type of devices. We need to be in control. We need to protect data everywhere it goes : At rest, In use, In transit. We need to fight all the threats our apps are up against : Malware. Hackers. Crackers. Fraudsters.
Yes, control is critical. But do we really have control? Many existing solutions rely on securing devices to secure data. How can we say we have the control if we cannot control the devices our apps go along with?