Security BSides Jeddah
The event will be live-streamed on YouTube and the URL to attend the event will be posted on our Twitter and LinkedIn Accounts.
From Las Vegas (2009) to Jeddah (2021)
What they say about Security BSides:
“These events are corporate sponsored, centrally managed (though locally organized) and do coincide with other major conferences, but the goal is not to draw people away from such events. The fact of the matter is that many people attend Black Hat, RSA Conference, and SOURCE Boston to meet with their friends event if they never attend the conference. Security B-Sides offers them another venue to spend their time during the day by either attending or presenting on ‘next best thing’ material.”
Reverse Engineering Binaries To the Max using GHIDRA
Ideas on Enhancing OT/ICS Cybersecurity Hiring Process
The topics briefly cover the hiring process within End Users, Vendors and Cybersecurity services companies and organizations. and how you can enhance this process with experities shortage in the market today.
Deep Dive into Kerberos & Its Attacks
Hardware Development for Red Teaming Ops. – The Basics of Hardware Attacks – Rolling Code Circumvention.
Active Directory Security
This talk will give you an insight about ADAz security Attack and defense and it highlights most of the attacks and how to defend yourself from them.
The Art of Security Incident Handling
Security incident handling is one of the most important essential topics in the security field, incident handling is a culture, and it has a profound relationship with business continuity, and play a great role in laying down the plans for future investments, in this talk, we will introduce attendees to the incident handling and response, and we will discuss the 6 phases of incident handling and how they should affect your career path decision. Topics discussed:
- Introduction to incidents handling.
- The six phases of incident handling:
- Identification: Monitoring, Detection, Categorization, and Initial response
- Lesson learned (or follow-up).
- Tools and disciplines.
- Threat Intelligence and Threat Modeling.
- Demo time.
Code Injection Techniques
In this topic, we will discuss several techniques of code injection and we will focus on answering two main questions:
- The first one is how does it happen?
- From a “red team” perspective, we will see the process of how attackers inject malicious code remotely, which could be executable, DLL, or even shellcode.
- The second one is how can we detect it?
- From a “Blue Team” perspective, we will see the challenges that the Blue Team is facing while detecting these kinds of attacks.
An introduction to the cybersecurity governance concept, why it is important, and how it can be influenced by external and internal factors. We will also discuss the business drivers for the cybersecurity governance and how we can embed it inside the entities.
Bug Bounty Hunting Workshop: The easy and payable way to find security bugs in web applications.
Cybersecurity & The Board: Choosing success over the Sarlacc Pit
I regularly have conversations with cybersecurity leaders and experts across a range of industries. Recently on my Cyber Security Effectiveness Podcast, I’ve spoken with the board members from several market-leading companies, in the public and private sectors, to understand their perspectives on cybersecurity.
These conversations demonstrate that board members are paying close attention to their organizations’ security programs — their approach and effectiveness and the impact on risk posture. Additionally, board members’ influence on the direction of a company’s security program has grown. As a result, IT leaders must report regularly that security technology, people, and processes are optimized to protect and defend the organization so that when a breach or attack does take place, it will have minimal impact on the brand and bottom line.
- Understanding what boards really care about
- Measuring and trending security effectiveness
- Rationalizing – exposing gaps, retiring ineffective solutions, and prioritizing investments
- Interpreting risk predicated on an intelligence-led approach to security
- Communicating effectively
Industrial Automation and Control System Culture
- IAC Systems Security Methodologies and Approaches
- Policies, Standards, Guidelines, and Procedures
- Types and Classes of Attack
- Important Technological Trends
Panel Discussion – “Future Challenges for CISOs”
Brian Contos, VP & CISO, Mandiant Advantage
Dr. Erdal Ozkaya, CISO, Comodo
Dr. Reem Al-Shammari, Global Thought Leader in Cyber Security & Technology, Energy Sector
Dr. Fatimah Alturkistani, Director, Cybersecurity Enablement, STC
Abdulrahman Al-Nimari, CISO
Aatif Khan, Risk Management Executive
Digital Forensics Workshop: Getting hands-on experience in Digital Forensics.
Closing Ceremony & CTF Winner Announcement
Capture The Flag
Prepare your arsenal for one of the most exciting CTF by Cyber Defenders.
BSides Jeddah is coming up this year with a CTF hosted by CyberDefenders. This will be a Jeopardy-style blue team flavored intermediate CTF with a few harder challenges, including network analysis, memory forensics, disk forensics, and OSINT.
Start Date – 11 AM GMT+3 (KSA Time) 27th October 2021
End Date – 11 AM GMT+3 (KSA Time) 28th October 2021
CTF Type – Public
انضموا إلينا في حلقة النقاش لاستكشاف “التحديات المستقبلية لمدراء أمن المعلومات” مع أفضل مسؤولين في الأمن السيبراني يشاركون آراءهم
تعقد الحلقة في الساعة 8:00 مساءً بتوقيت السعودية Comodo CyberDefenders