IT Security Seminar

THINK SECURE:

TECHINCAL IT SECURITY SEMINAR

Auditorium, Faculty of Engineering, Univeristi Putra Malaysia.
28 July 2008, 9 AM ~ 1 PM

IT Security seminar 08 concluded in a huge success with more than 200 registrations received. The event provides an excellent platform for participants to exchange ideas and share experiences on security issue facing the evergrowing information technology and communities.

Positive feedback was received as participants felt that the seminar gave them an insightful update on current IT Security trends, unsafe browsing habits and awareness of vulnerability to hackers infiltration. Apart from that, participants were also impressed by the knowledge of the guest speaker.

Our heartfelt appreciation to Dr Shamsul Bahari, Deputy Dean (Development) and Mr. Shahril Iskandar Amir, Head of Information Technology Unit, Faculty of Engineering Universiti Putra Malaysia and their team in making this event successful.

This half-day seminar has addressed the following Information Technology (IT) Security issues:

Session 1
Organizational Systems Security Analyst (OSSA) Enterprise Security :
Web Habits & Hacker-Defence

In appreciation to Mr Christopher Low for the topic Web Habits & Hacker Defence.

Today, more web attacks are being announced than any other form of online attack. The sophistication and deceptiveness of each attack increases, outdoing the one that came before it. What this means is that the things you do on your laptop at home can have serious consequences when that same laptop is brought back to work the next day. This presentation will illustrate common unsafe browsing habits and how these browsing habits can potentially lead to a hacker exploiting and compromising one's browser and private, confidential information.

Download Presentation Slides for Session 1

Inconjunction with this event, we have a special package for participant who are Interested to attend the OSSA Enterprise Security Course >> More

Speaker Biographies

CHRISTOPHER LOW started his career in 1993 with the Infocomm Development Authority of Singapore (IDA), a government organization involved in the regulation of telecommunications in Singapore (formerly known as NCB). His role in IDA involved the development and implementation of large-scale government projects as well as conducting security and system audits. He was also involved in Census 2000, a nation-wide project, where he spearheaded the infrastructure and security setup of the entire operation.

Prior to that, Christopher worked at Sensecurity Institute as a technology director, covering a wide array of security fields such as biometrics, authentication systems, network- and host-based intrusion systems all the way to Single-Sign-On (SSO) solutions and IT-security training.
One of his passions in the training arena is to improve the overall security skillset of security professionals across all industries. Because of this, Christopher is an accomplished trainer, having developed the Sensecurity Institute Security Practitioner course and co-developing the Organizational Systems Security Analyst (OSSA™) programme, and he continues to teach various high profile security certification programmes such as ThinkSECURE’s Organizational Systems Security Analyst (OSSA™) programme and ISECOM's OSSTMM Professional Security Tester (OPST) course. He infuses his classes with experiences drawn from his real-world consulting experience and knowledge. A classic example of this is the probemapper wireless Client assessment tool which he released in Jan 2006, and his discovery of the WEP-Client-Communications-Dumbdown (WCCD) vulnerability in Dec 2005. Christopher is a frequent speaker at various security conferences covering broad ranging topics from web security to open source security and has been featured in the press.

Session 2

Organizational Systems Wireless Auditors (OSWA) Assistant:
Wireless Penetration Testing Toolkit for Practical Security Professionals

Mr Julian sharing the importance of wireless audit.

Julian explaning on his practical knowledge and hands-on experiences on IT security.

In appreciation to Mr Julian Ho on his interactive topic of vulerability of our wireless communication technology.

Many IT-security professionals are tasked with conducting wireless audits. However, as 99% of wireless auditing tools are developed for the Linux operating system, auditors face problems in loading these tools onto their corporate laptops because the laptops are governed by corporate rules on installing software and hard drive partitioning. Auditors have also complained about the user-unfriendliness of many LiveCD toolkits available today, e.g. tools being kept in different locations on the CD, menus for some tools while others have no menus, not being wireless-specific, not being easy to navigate, etc. This session will introduce attendees to the OSWA-Assistant, a technical wireless auditing and penetration-testing software CD toolkit which is specially designed and released to address these problems.

Download Presentation Slides for Session 2

Inconjunction with this event, we have a special package for participant who are Interested to attend the OSWA Enterprise Security Course >> More

Speaker Biographies

JULIAN HO has extensive security experience in telecommunication and IT consultancy in the United States and Asia Pacific. Julian was primarily responsible for the design, implementation and maintenance of security and operations for AsiaPac's largest hotspot deployment: StarHub's Wireless Hotzones in Changi International Airport Terminals 1 & 2 and Suntec International Convention & Exhibition Centre, totaling 100+ enterprise/carrier-class access points, routers, switches, SSGs and servers.

Julian's international work experience includes tours-of-duty with KPMG Consulting Pte Ltd, Western Digital, Songy Partners Limited/Songy Partners Realty Ltd (USA) and Standard Chartered Bank (London & Hong Kong) and was the Co-Creator and GameMaster of the BlackOPS:HackAttack 2004 Challenge. In August 2005, he and ThinkSECURE co-founder Christopher Low unveiled AIRRAID, Asia's First-Ever Wireless Hacking Tournament. This event drew interest from Brunei, France, Malaysia and Singapore and was featured in both the IT-Security world and mainstream media. Julian was also key in the design and execution of AIRRAID2, Thailand's first-ever public hacking tournament.

Julian has parlayed his extensive international and local work experience into the creation and development of the Organizational Systems Security Analyst (OSSA™) and the Organizational Systems Wireless Auditor (OSWA™) IT-security certifications. He has also developed and released the OSWA™-Assistant, a standalone specialized wireless auditing software toolkit as well as the Practical Wireless Deployment Methodology (PWDM).

Enterprise Security:	Wireless Auditing