Content tagged as 'Hacking'

Here is a list of all the content that has been tagged as hacking.

Workshop - Building Security Into Your Development Teams

Few organisations understand the secrets of shifting the focus on security from late in the software development life-cycle to within the Development Team. Not only does this significantly reduce the number of security defects being pushed to your production systems, but also significantly reduces the total cost of development. Cheapest place to deal with defects There have been many studies specifically looking at the costs of finding and fixing defects early, as opposed to the planning of how to fix defects once the product is delivered, or not planning at all.

Holistic Info-Sec for Web Developers

A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises.

Christchurch Hacker Con

The second CHCon: A conference aiming to raise awareness and skill levels of information security within our community.

Workshop - Building Security Into Your Development Teams

Kim will explain the roles of ’T’ shaped professionals, including placement of security champions to create your purple Development Teams. We will work through how to implement the Sensible Security Model (SSM) within each and every Sprint, including: Creating actionable countermeasure Product Backlog Items Integrating them into the same Product Backlog that your Development Team has been pulling business focussed items from Ordering them based on the risk ratings you create for each Kim will discuss how and where Agile Development Teams often fail, along with how to succeed with security with a familiar anecdote.

Haroon Meer on Network Security

Workshop - Web Developer Quiz Night

Talk - The Art of Exploitation

Talk - The Art of Exploitation

Workshop - Windows Exploitation and Persistence with PowerShell

The common payload takes the user supplied shellcode and overwrites the first 0x1000 bytes of the calling instance of PowerShell, creates a thread to execute within the virtual address space of the calling PowerShell instance and starts it. All delivery and persistence techniques ensure AV bypass of shellcode. Kim has dissected and will explain how the virus and payload works. We will look at delivery mediums (virus): Compiled C executable Office document (take your pick) C/- Nishang Persistence mediums:

Workshop - Holistic Info-Sec for Web Developers - Intense

The content is aimed at software engineers to teach them how to think holistically about security. The theme that runs through the training, and the book, is pulling the security focus that’s usually left until the end of the project or “go live” right into each Sprint. Baking security into the product from the cheapest possible place. Thus saving large amounts of money due to re-work and business asset loss. Kim will be teaching attendees a very simple threat modelling process initially blue printed by one of the best security experts the world has known, Bruce Schneier, then how to apply that process to a 10,000′ view and lower for a collection of areas: