It has been a great experience participating in CyberTech 2014 Conference in Tel-Aviv. I did not attend most of the speeches, Because I preferred to look at the booths. Some of them were really interesting.
- RSA had a nice booth, in which you had to cross an obstacle course with a RC car. The obstacles were protection mechanisms, and you had to pass them in the fastest time, with your RC car. The participant with the fastest time, won a PS4.
- The IBM booth was interesting as well, A friend of mine and me got a nice (and extensive) live demonstration of IBM`s QRadar SIEM. Their SIEM looks pretty good, and has nice features like auto discovery of your network assets using netflow or Qflow, And automatic risk assessment in correlation with your vulnerability scanner and FW/IPS policies.
- Seculert, that recently revealed an attack on Israeli organizations handed out a “APT Protection for Dummies” handbook. The handbook explains shortly about APTs, Common defense mechanisms and of course, how Seculert`s APT Protection architecture can stop them.
- Another interesting booth was of a new Israeli startup named Cybertinel. The CEO showed us a small presentation, and showed as the capabilities of the startup. Cybertinel deploys agents on endpoints and gathers from them information. Then it analyzes the data in depth using a combination of analysis modules –static code, behavior, dynamic and statistical. The startup is still new, but looks very promising.
- Last but not least, I have participated in Symantec`s Cyber Readiness Challenge. Symantec`s CRC is a capture the flag competition, where each contestant brings his own laptop with tools and connects via a VPN to a network where you have to enumerate servers, find vulnerabilities and attack. (Approximately 50 People participated.) Each flag is a different type of question that requires a different skill, like the ability to perform DNS enumeration, execute exploits or crack passwords. I was in the lead for the first two and a half hours, then I finished somewhere in the top 10. (They removed the scoreboard in the last half hour on purpose) Because I had the lead for 2 and a half hours, I have received a little prize:
A solid gold disk on key, and USB hub! (Not real gold, but it looks really cool, and the “Bank of Memory” joke is pretty funny.)
I have enjoyed the conference really much, and I will be more than happy to come next year. Especially if Symantec`s CRC will be held again.