ITSA Day 2006
November 8, 2006
|Welcoming Remarks||Dr. Marc Hoit||Interim Chief Information Officer||University of Florida||All|
|Welcoming Remarks||Susan Blair||Privacy Officer||University of Florida||All|
|Welcoming Remarks||Kathy Bergsma||IT Security Manager||University of Florida||All|
|Anatomy of the Hack||John Rezabek||Enterprise Security Specialist||Cisco||IT Professional|
|Computer Forensics: Error in Judgment||Scott Moulton||CCFS / Certified Forensic Specialist||Forensics Strategy Services, LLC||IT Professional|
|Cover Your Apps: Top Five Things You Can Do||Ambarish Malpani||VP of Engineering||Cenzic||IT Professional|
|The Tweety Project: Prevent the Spread of Malware Using Canary Hosts||Kevin Johnson||Founder||Secure Ideas||IT Professional|
|Information Security Negligence||Andrea Matwyshyn||Executive Director||UF Center for Information Research||IT Professional|
|Microbiological Impact: The Effect of Windows on Threat Evolution||Joe Wells||Chief Scientist of Security||Sunbelt Software||IT Professional|
- IT Professional
- An individual hired by a unit to manage or maintain IT resources in that unit.
- General Public
- One using the computer. Most likely not with advanced technical skills.
Dr. Marc Hoit, Interim Chief Information Officer, University of Florida
Susan Blair, Privacy Officer, University of Florida
Kathy Bergsma, IT Security Manager, University of Florida
Session 1: Anatomy of the Hack
John Rezabek, Enterprise Security Specialist, Cisco
John has presented several times at past ITSA days on the “Anatomy of a Hack”. This year he will share how the Threats and Security challenges have continued to evolve and shares today’s new security landscape. He will discuss how the older attacks and exploits that were that had a common focus and theme have drastically changed and this helps explain why things have appeared to get much quieter than in the days of an new exploit or worm hitting every two weeks.
Session 2: Computer Forensics: Error in Judgment
Scott Moulton, Certified Forensic Specialist, Forensics Strategy Services
In years of doing computer forensics and working on criminal cases, there are many problems and errors with handling and processing evidence. I will discuss some of the errors I have seen, the types of problems and how they can be improved.
Session 3: Cover Your Apps: Top Five Things You Can Do
Ambarish Malpani, VP of Engineering, Cenzic
Securing data and applications that run on the web is one of the most pressing information technology challenges for large companies today. Attacks made through common hacking techniques can lead to financial loss, compliance headaches and disastrous issues with customer privacy and overall satisfaction. While business applications are going online at a record pace, security solutions today are not keeping up. The lack of a proper protocol to test for application vulnerabilities can quickly result in large-scale security breakdowns. This session will address the top 5 things you can do to protect your applications and prevent such security breaches from happening in the first place, including:
- Watch out for open redirects: Open redirects are a big cause of phishing scams. If an open redirect is left accessible and can be used to redirect data to an arbitrary location, a clever attacker can redirect users from a legitimate-looking site to their spoofed version.
- Don’t rely on client-side input validation: A menacing problem with client-side input validation is that end users can bypass this validation. Doing so can break the security on Web applications and lead to unauthorized access to data, entry of counterfeit information and system failures. It’s therefore easy for attackers to circumvent client-side input validation, using a man-in-the-middle proxy, and attack an application.
- Expect the unexpected: Use an automated means to check for input validation and parameter tampering. This simple form of attack takes advantage of the fact that many programmers rely on hidden or fixed fields. Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.
- Bounds check all your application inputs.
- Check for SQL injection vulnerabilities throughout your whole application.
Session 4: The Tweety Project: Prevent the Spread of Malware Using Canary Hosts
Kevin Johnson, Founder, Secure Ideas
The usage of specialized IDS installs to detect and prevent the spreading of malware and spyware.
Session 5: Information Security Negligence
Andrea Matwyshyn, Executive Director, UF Center for Information Research
Negligence is a body of civil law that addresses harms resulting from lack of due care in business conduct. Recent trends in caselaw show a rise in information security negligence lawsuits being brought by private litigants following instances of corporate data security breaches. This talk introduces the law of negligence and discusses the application of existing negligence law to the information security context.
Session 6: Microbiological Impact: The Effect of Windows on Threat Evolution
Joe Wells, Chief Scientist, Security Group, Sunbelt Software
Biological life forms depend on their environment to survive. In a friendly environment they flourish, but if their environment suddenly becomes hostile, they must either adapt or die. This model applies to computer viruses. In the mid-1990’s Mr. Wells developed a theory about the effect of Microsoft Windows 3.1 on various types of computer viruses. The theory was intended to explain an observed phenomenon. In the early 1990’s there was a decrease in the number of file viruses being reported in actual incidents. At the same time there was an increase of boot virus incidents.
This presentation will explain to users how change in the computing environment – specifically change introduced by versions of Microsoft Windows has had a direct impact on the nature and evolution of virus threats.