===

NCC Group Security Open Forum - San Francisco

===



DATE: Wednesday, January 10, 2018

TIME: 6:00pm-9:00pm

LOCATION: Amazon Lab126: SJC[masked] Enterprise Way

Sunnyvale, CA 94089



CHECK-IN: Please bring a photo ID with you for check-in with reception.

PARKING: Please allow 10 minutes extra time for parking as sometimes all visitor spaces are in use and you may need to park on a higher level in the garage.



Please RSVP via https://www.meetup.com/NCCOpenForumSF/ if you wish to attend!



***technical managers and engineers and those interested in the world of information security only please***

***food and beverage provided***



===

AGENDA

===



SPEAKER: Jake Heath / Senior Security Consultant / NCC Group



PRESO TITLE: SaaS, SSO and Access Controls



PRESO SUMMARY: Access controls have become increasingly important as software-as-a-service (SaaS) companies have become more prevalent in the technical community. This is mainly due to SaaS services attempting to implement single sign-on (SSO) authentication to reduce the barrier to entry for large enterprise clients to use these services.



However, web applications with improper access controls will often introduce very dangerous privilege escalation when dealing with SSO features. This talk will go through some new techniques we have developed that have allowed us to authenticate as other tenants by exploiting these common access control problems with SSO.



SPEAKER BIO: Jake Heath is a senior security consultant at NCC Group, bringing years of experience building full-stack environment applications and embedded devices throughout his graduate program. At NCC Group, he has worked on a variety of engagements, including web application penetration tests, network penetration tests, architecture reviews, and source code review engagements.



Jake’s current realm of expertise is in application security, with particular skill sets in various web application frameworks like Ruby on Rails, Spring, and nodejs. Jake has been very successful in finding vulnerabilities with these framework applications, as well as building effective exploits and maneuvering around various architecture defenses, such as web application and network firewalls.



-=-=-



SPEAKER: Nikki Brandt / Product Security / eero



PRESO TITLE: KRACK: What the Hack?



PRESO SUMMARY: By now, you may have heard that WPA is broken due to the KRACK vulnerability. But what exactly is KRACK? Nikki read the paper so you don't have to. Join her as she shares her understanding of the vulnerabilities branded as KRACK, provides some advice on testing for and patching them, and shows a live exploit demo.



SPEAKER BIO: Nikki Brandt is currently Product Security at eero, and was formerly a Senior Security Consultant at NCC Group. She's a security generalist with broad interests and a background in development. Outside of work, Nikki can usually be found sleeping, running, and cooking vegan food.



-=-=-



SPEAKER: Phil Young, aka Soldier of FORTRAN / Level 6 Security



PRESO TITLE: Mainframes Hacking: Let’s do it live!



PRESO SUMMARY: In 2013 Soldier of FORTRAN started on a mission, one not attempted before. He wanted to know, where there any mainframes on the internet? The internet, a vast and wonderful place, surely there would be one or two of these big iron beasts. This talk will chronicle the many attempts and tools used to catalogue all the internet facing mainframes, both successes and failures. Then, once completed with the story, the audience will be given choices of internet facing mainframes to connect to while Soldier of FORTRAN discusses the various techniques he could use to attack that mainframe. This talk will cover topics such as updating Nmap, metasploit and other tools. Scanning and automating internet scanning at scale, how to hack a mainframe and what this all means.



SPEAKER BIO: Soldier of FORTRAN is a mainframe security researcher. Having spoken at conferences around the world, including DEFCON, RSA, BlackHat and keynoting at both SHARE and GSE Europe, he has established himself as the thought leader in mainframe penetration testing. Since 2013 Soldier of FORTRAN has released tools to aid in the testing of mainframe security and contributed to both the Nmap and Metasploit projects, allowing those with little mainframe capabilities the chance to test their mainframes. In addition to speaking, he has built mainframe security programs for multiple Fortune 100 organizations starting from the ground up to creating a repeatable testing program using both vendor and public toolsets. His hope is that through raising awareness about mainframe security more organizations will take their risk profile seriously.



===

About the NCC Group Security Open Forum

===



The NCC Group Security Open Forum is an informal and open venue for the discussion and presentation of security related research and tools, and an opportunity for security researchers from all fields to get together and share work and ideas.



The Forum meets quarterly in the Bay Area, Seattle, Chicago, New York City, and Austin. Forum agendas are crafted with the specific needs/interests of its members in mind and consist of brief 20-30 minute talks. Talks are not product pitches or strongly vendor preferential. Attendance is limited to engineers, technica