Technical Level: Intermediate Technical Speaker: Andy Gallacher, Senior Technology Consultant, HP ProCurve As IT networks evolve and expand, defending against multiplying and varied attacks is becoming increasingly complex. Who is on the network? What are they doing? Where are they doing it from? These are all critical issues that need to be addressed and controlled. A network security strategy must be able to detect, protect and respond to both internal and external threats through a combination...

Read More »

Topic: Proactive Security, Lessons from Star Trek Speaker: Brian O'Higgins, CTO, Third Brigade Proactive security, self-defending networks, self-healing computers...they sound more than a little like science fiction. However, we are getting closer to that dream. This talk will discuss the role that host intrusion prevention technology (HIPS) is playing in proactive security today, and where it poised go in the future. Presentation: Click here for PDF...

Read More »

Speakers: Various Conference Attendees In this presentation, we'll cover the highlights of each conference. The new exploits and tool releases, new research and make sure you know what you missed out on! This is the MUST ATTEND TASK event of the year. If there is any specific topic you'd like covered, be sure to contact us and let us know. Presentation: Click here for PDF Reference: Defcon Official Website...

Read More »

Topic: The Catahoula Leopard Dog - A Study in Heuristics for Virus Detection Technical Level: Non-Technical Speaker: Randy Abrams, Director of Technical Education at ESET This presentation explains what heuristics are in manner that is easily understood by non-technical users while providing information that is often new to experienced professionals as well. Users who already understand the topic well will probably find useful ways to help explain the subject when the occasion arises. Focus is given to how heuristics relate to AV software, the strengths and limitations, as well as different types of heuristic approaches. Examples of false positives are used to help provide insight into some of the thinking that is involved with the development of heuristic approaches. ...

Read More »

Technical Level: Non-Technical to Intermediate Speaker: Kelly Anderson, Detective Sergeant, OPP, e-Crime Section Topic: Payment Card (Skimming) Compromises and Trends. The advent of the payment card reduced complaints of NSF Cheque frauds. However the payment card system is under attack from criminals who find that the technology yields a greater payoff than cheque fraud ever did. This presentation will show the evolution of skimming compromises showing an evolution in the technical capabilities...

Read More »

Location: Health Sciences Building, 155 College St., Auditorium Technical Level: Highly Technical Speaker: Nish Bhalla and Rohit Sethi, Security Compass Web application security continues to be one of the most pressing issues facing enterprises today. While many security experts understand the need for application threat modeling, few have actually implemented them successfully in practice. In their talk to TASK, Nish...

Read More »

Topic: Recon 2 Root Speaker: Jeremy Richards Jeremy will demonstrate the usage of BackTrack 2.0 (a live linux penetration testing distribution) to perform a staged penetration test from initial recon and knowledge gathering, to identification of logical and software vulnerabilities and, finally, the tools used to exploit these vulnerabilities. Jeremy has been performing network and application based security audits for financial institutions, critical infrastructure, as well as government and...

Read More »

Technical Level: All Levels (Mostly technical) Topic: Introductions Presentation: Click here for PPT Speaker: Fred Hopper Topic: PCI DSS 101 - An introduction to the Payment Card Industry (PCI) Security Standards Council's Data Security Standard - what it is, where it came from and why your shop may find it useful, even if you do not process credit card data. Presentation: Click here for PPT...

Read More »

Technical Level: Intermediate Speaker: Seth Hardy Key and Identity Management With PGP There are many introductory tutorials out there on PGP (and its open source equivalents), but few seem to touch on one of the most important aspects of it, why many people choose to use it: key and identity management. It's been said that key management is the hardest (and worst) part of cryptography; trust is hard to manage because it's both very important and completely intangible. There's a reason why...

Read More »

Technical Level: Intermediate to Advanced Speaker: Bruce Cowper, Rodney Buike With launch of Windows Vista, there is much speculation about the new approach to securing Windows and the numerous security features in the operating system. This session will be hosted by Microsoft and provides an opportunity to see and discuss ‘the most Secure version of Microsoft Windows to date’. You will be taken through an in-depth look at feature functionality as well as given an opportunity to ask your security...

Read More »