Kaspersky

SECURITY ANALYST SUMMIT

Singapore – April 8-11, 2019

More videos

  • button-facebook
  • button-twitter
  • button-instagram
icon
08 April 2019
icon
Singapore
days
0
0
0
hours
0
0
minutes
0
0
seconds
0
0

About the Security Analyst Summit

The Kaspersky Security Analyst Summit (SAS) is an annual event that attracts high-caliber anti-malware researchers, global law enforcement agencies and CERTs and senior executives from financial services, technology, healthcare, academia and government agencies.

The previous events were joined by members of leading global companies, such as Samsung, Adobe, Microsoft, BlackBerry, CISCO, Boeing, Interpol, the World Bank, Team Cymru, The ShadowServer Foundation, ICSA Labs and Fidelis Cybersecurity Solutions. 

The conference provides an exclusive atmosphere that encourages debate, information sharing and display of cutting-edge research, new technologies, and ways to improve collaboration in the fight against cyber-crime.


 

Nation state cyber-espionage and advanced threat actors
Internet of Things

 

Government surveillance issues and privacy rights

 

Threats against banks, financial institutions

 

Mobile Malware

 

Critical infrastructure protection (SCADA/ICS)

 

Cross-border law-enforcement coordination and information sharing

 

Vulnerability discovery and responsible disclosure

 

Call for papers

Would you like to become a speaker?

Security Analyst Summit 2019 is an invite-only conference. We are especially looking for presentations and research showcasing the following areas:

  • Advanced malware threats
  • Mobile device exploitation
  • Threats against banks, financial institutions
    • PoS systems
    • ATMs
    • Crypto-currencies
    • E-commerce data breaches
  • Critical infrastructure protection (SCADA/ICS)
  • Internet of Things
    • Autonomous transportation (self-driving cars, drones)
    • Smart homes and smart devices
    • Smart cities
  • Cross-border law-enforcement coordination and information sharing
  • Vulnerability discovery and responsible disclosure
  • Mobile Malware
  • Techniques for development of secure software and systems
  • Side Channel and Physical Attacks
  • Blockchain and smart contracts

Individual proposals should be no more than 350 words in length (final presentations will be no more than 20 minutes). Proposals should include the title of the paper and should clearly spell out the focus and goal of the presentation.

You can send your abstract directly to sasCFP@kaspersky.com. The deadline for submissions is December 10, 2018.

Attending Participants

Join us

This is an event connecting security professionals from companies and law enforcement partners who are involved in the fight against cyber-crime.

The audience includes representatives from software vendors, anti-malware/anti-spam researchers, law enforcement professionals, vulnerability researchers and security response teams.

Attendees include trusted, high-profile journalists from New York Times, Reuters, Washington Post, Wired Magazine, Ars Technica, CNET News, Bloomberg, Forbes, Dark Reading and The Economist.

Whether you are an IT professional charged with defending your organization’s systems and data or a vendor-based security researcher, Security Analysts Summit offers opportunities to learn from the best in the industry, discuss methods and technologies, and build contacts.

If you are interested in attending SAS 2019 please contact us.

Sponsorship Opportunities

Security Analyst Summit is offering an attractive range of sponsorship opportunities for SAS 2017 at Platinum, Gold and Silver sponsorship levels. If you are interested in becoming a sponsor of SAS 2017 or exhibiting at the event please contact us for more details.

Click here to download sponsorship information.

Training

Book early and get a discount on SAS conference pricing!
Any questions? Just let us know!

Hunt APTs with Yara like a GReAT Ninja

Trainers: 

Costin Raiu, Director, Global Research & Analysis Team, Kaspersky Lab

Vitaly Kamluk, Principal Security Researcher, Global Research & Analysis Team, Kaspersky Lab

Sergey Mineev, Principal Security Researcher, Global Research & Analysis Team, Kaspersky Lab

Team: Kaspersky Lab’s Global Research and Analysis Team is credited with the discovery of several major cyberespionage campaigns, including Stuxnet, Duqu, Flame, Gauss, Red October, MiniDuke, Turla and more recently, the Careto/TheMask, Carbanak and Duqu2.  The team specializes in the analysis of APTs and military-grade malware attacks.

Early-bird deal! $2500 (price includes hotel accommodation April 6-8, breakfast, lunch and coffee breaks, and does not include SAS 2019 pass)

Have you ever wondered how Kaspersky Lab discovered some of the world’s most famous APT attacks? Now, the answer is within your reach. This training will lead you through one of the essential tools for the APT hunter: the Yara detection engine.

If you’ve wondered how to master Yara and how to achieve a new level of knowledge in APT detection, mitigation and response, it all breaks down to a couple of secret ingredients. One of them is our private stash of Yara rules for hunting advanced malware.

During this training you will learn how to write the most effective Yara rules, how to test them and improve them to the point where they find threats that nobody else does. During the training you will gain access to some of our internal tools and learn how to maximize your knowledge for building effective APT detection strategies with Yara.

INTENDED AUDIENCE

Security researchers and incident response personnel, malware analysts, security engineers, network security analysts, APT hunters and IT security staff. The training is suitable for both beginners and experienced Yara users.

TOPICS COVERED

* Brief intro into Yara syntax
* Tips & tricks to create fast and effective rules
* Using Yara-generators
* Testing Yara rules for false positives
* Hunting new undetected samples on VT
* Using external modules within Yara for effective hunting
* Anomaly search
* Lots (!) of real-life examples
* A set of exercises for improving your Yara skills

CLASS REQUIREMENTS

Level: medium and advanced

Prerequisites: knowledge of the Yara language and basic rules

Class: limited to max 15 participants

Hardware: Own laptop

Minimum Software to install: Yara v. 3.6.0

Duration: 2 days

Date: April 7-8, 2018

Book now

The God-Mode Practical Training in Static Analysis of APT Malware

Trainers:

Igor Soumenkov, Principal Security Researcher, Global Research & Analysis Team, Kaspersky Lab

Sergey Lozhkin, Senior Security Researcher, Global Research & Analysis Team, Kaspersky Lab

Team:Kaspersky Lab’s Global Research and Analysis Team is credited with the discovery of several major cyberespionage campaigns, including Stuxnet, Duqu, Flame, Gauss, Red October, MiniDuke, Turla and more recently, the Careto/TheMask, Carbanak and Duqu2.  The team specializes in the analysis of APTs and military-grade malware attacks.

Early-bird deal! $2500 (price includes hotel accommodation April 6-8, breakfast, lunch and coffee breaks, and does not include SAS 2019 pass)

Every flashy new computer incident involving previously unseen malicious code boils down to one question: ‘what are the attackers trying to do?’ Answering this question requires a keen investigative mind and skills to match in order to determine the functionality of that code and boil it down into actionable artifacts: either a basic set of IOCs or a complete technical description that reveals the TTPs of the attackers. With these products in hand, an organization can proactively defend against the most cutting-edge attackers.

Easier said than done. Organizations affected by a true APT-level attack will require a deep understanding of the APT toolkit to truly understand the extent of the capabilities and intentions of the determined intruders. Only with this can they ever be sure that their damage assessment and incident response efforts are accurate and effective. The only way to reach this level of understanding with true fidelity is to statically analyze the malicious code (no “if’s”, “and’s”, or dynamic “but’s” about it).

Unlike easier dynamic analysis techniques, Advanced Static Analysis allows to produce high fidelity descriptions of the executable code regardless of execution flow and tricky runtime checks. It allows analysts to produce an extensive set of actionable items, including lists of C&C servers, file and memory signatures, crypto implementations and more. A combined understanding of unique code sequences and algorithm employed by the malware developers is key in malware classification, toolset attribution, and the creation of the most advanced hunting signatures.

This course will cover most of the steps required to analyze a modern APT toolkit, from receiving the initial sample, all the way to producing a deep technical description with IOCs. The course material is based on many years of experience analysing the most complex threats ever discovered in-the-wild, including: Equation, Red October, Sofacy, Turla, Duqu, Carbanak, ShadowPad, and many more. It’s time to set your static analysis game to God-Mode.

TOPICS COVERED

* Unpacking
* Decryption
* Developing own decryptors for common scenarios
* Byte code decompilation
* Code decomposition
* Disassembly
* Reconstruction of modern APT architectures
* Recognizing typical code constructs
* Identification of cryptographic and compression algorithms
* Classification and attribution based on code and data
* Class and structure reconstruction
* APT plugin architectures (based on recent APT samples)

PREREQUISITES

* Understanding of x86 and x86_64 assembly, Python
* Basic knowledge of C/C++
* Experience with analysing code in IDA Pro

Level: medium and advanced

Hardware & Software requirements:

* Laptop with VMWare / VirtualBox virtualization solution
* Legitimate copy of IDA Pro (latest version preferred)
* Working C/C++ compiler toolset: clang, g++, mingw

Class: limited to max 15 participants

Duration: 2 days

Date: April 7-8, 2018

Book now

The Good and the GReAT— Stepping up your Threat Intelligence Game

Trainers: 

Brian Bartholomew, Principal Security Researcher, Global Research & Analysis Team, Kaspersky Lab

Brian Candlish, Principal Threat Researcher, Telstra Threat Labs

Early-bird deal! $2500 (price includes hotel accommodation April 6-8, breakfast, lunch and coffee breaks, and does not include SAS 2019 pass)

In the past decade, ‘threat intelligence’ has become one of the hottest commodities in the infosec market for companies to either purchase or create. As a threat intel analyst, one must be a Jack-Of-All-Trades, without over-specializing in any one thing. Unfortunately, there are few guidelines and fewer training courses for analysts to obtain a solid foundation. Even seasoned threat intel analysts find themselves creating specific tools to accomplish a task, only to find out that someone else has already done so. And in those rare cases where expert analysts are stumped, who can they turn to for guidance? This course is designed to serve threat intel analysts of all levels of experience, providing a solid foundation for beginner-to-intermediate intel analysts, as well as showing more advanced analysts how the Global Research and Analysis Team (GReAT) conducts their research in special fringe cases.

The course will span two full days and cover the entire gamut of threat intelligence. Some of the topics covered include:

* Concepts of threat intelligence
* Intelligence life cycle
* Defining intelligence requirements
* Collecting and processing data
* Maximizing data through automation
* Open source / custom tools
* Threat hunting in large security datasets
* Intelligence reporting
* Dealing with biases
* Using estimative language
* Each day will end with large hands-on labs (approx. 2 hrs each)

CLASS REQUIREMENTS

Level: Intermediate or above

Prerequisites:
Students should be interested in learning about the many aspects of threat intelligence. Preferably, the student should be part of a threat intel team as an analyst or lead. Familiarity with commercial and open source tools such as VirusTotal, PassiveTotal, or DomainTools is helpful. Experience hunting threats and analyzing malware considered a plus.

Each student should have their own laptop with access to whatever tools they use on a daily basis. Students will be provided access to other tools as needed during the class.

Class: limited to max 15 participants

Hardware: Laptop with a minimum 20GB free space HD and 8GB RAM capable of running VMs.

Minimum Software to install: Windows / MacOS / Linux equivalent. VMWare / Virtualbox

Duration: 2 days

Date: April 7-8, 2018

Book now

Travel Details

The Security Analyst Summit 2019 will be held on April 8-11 at The Swissôtel The Stamford, 2 Stamford Road, Singapore.

 

Step into a world of comfort and experience the finest in Swiss hospitality at Swissotel The Stamford, Singapore’s Leading Business Hotel and one of the tallest hotels in Southeast Asia. Strategically located in the heart of Singapore with the City Hall Mass Rapid Transit (MRT) train station and other major transportation nodes at its doorstep, Swissotel The Stamford is an upscale hotel that boasts a prime location amidst world-class shopping, dining, entertainment and business opportunities.

For more information please visit https://www.swissotel.com/hotels/singapore-stamford/

 

SAS in the media

Videos

Previously on Security Analyst Summit

Kaspersky Security Analyst Summit, 2018
Kaspersky Security Analyst Summit, 2018

When: March 7-11, 2018

Where: Cancun, Mexico

Click here for more details

Kaspersky Security Analyst Summit, 2017
Kaspersky Security Analyst Summit, 2017

When: April 2-6, 2017

Where: St. Maarten

Click here for more details

Contact Us

Email: sas2019@kaspersky.com

Tel: +7 (903) 961-05-60 (Russian Federation)

Follow SAS 2019 on Twitter with the hashtag #TheSAS2019. We’ll also be live tweeting many of the talks during SAS.

Follow @TheSAScon and @threatpost now!