Events and conferences – 2009
The Exploit Lab 3.0
- 21-22 Ottobre 2009
"The Exploit Lab 3.0" - Saumil Shah
Know your enemy is important if you are responsible for the protection of Oracle databases and application server. In this session you learn various tricks of Oracle Hacker and the a$
- Sito web evento: http://www.seacure.it/training.htm
Oracle Anti-Hacker Training
- 21-22 Ottobre 2009
"Oracle Anti-Hacker Training" - Alexander Kornbrust
Know your enemy is important if you are responsible for the protection of Oracle databases and application server. In this session you learn various tricks of Oracle Hacker and the ap
propriate countermeasure.
- Sito web evento: http://www.seacure.it/training.htm
SAP Security In-Depth
- 21-22 Ottobre 2009
"SAP Security In-Depth" - Mariano Nuñez Di Croce
Have you ever wondered whether your business-critical SAP implementation was secure? Do you know how to check it? Have you imagined which could be the impact of an attack to
your core business platform? Do you know how to prevent it? This training is the answer to these questions.
For many years, SAP security has been a synonym of "segregation of duties" or "securing roles and profiles". While this kind of security is mandatory and of absolute importance, there
are many threats that have been so far overlooked and are even more dangerous, such as the possibility of taking remote control of the entire SAP landscape without having any user in
any system.
This training will help you to fill this knowledge gap, allowing you to understand the involved threats and risks and how to mitigate them. You will review the whole picture, from the
security of the Environment and the SAP application-level gateways (SAProuter, Webdispatcher), through the assessment and hardening of the Operating Systems and Databases and their i
nteraction with the SAP systems up to the security of the SAP Application Layer: Autentication, User security, Password Policies, Authorization subsystem, Interface Security, Componen
t Security, Auditing, Monitoring and more!
The training is organized with many hands-on exercises, which will help you grasp practical knowledge quickly. You will learn how to assess the security of an SAP implementation and t
hen secure the critical security gaps you discovered. You will be able to learn how to use different SAP security tools, as well as the publicly- available SAP Penetration Testing Fra
mework developed by the instructor.
The training also provides a quick introduction to basic SAP concepts, which allows non-SAP security professionals to follow the course smoothly.
- Sito web evento: http://www.seacure.it/training.htm
Black Hat, Europe
- 16-17 April 2009
"Masibty: A Web Application Firewall Based on Anomaly Detection" S.Zanero, CTO and C. Criscione, Partner, Secure Network
During the closing talk at BlackHat Europe 2009, S.Zanero and C.Criscione presented the most important innovations of Masibty, an anomaly based web application firewall,
born from the partnership between Secure Network and Politecnico di Milano. Masibty strongly differs from the rest of the WAF, since it is able to learn despite
observing attacks in the learning set and can perform completely unsupervised learning.
- Website of the event: http://www.blackhat.com
- Masibty: /chisiamo/eventiecon...-04-BHEU-Masibty.pdf