Topic: Virtualization Security Speaker: Robert Beggs Virtualization, which allows users to run multiple operating systems on a single physical box, can reduce costs and improve network manageability. From a security perspective, this simplified management can enhance system security, and virtualized systems are supporting security in roles such as secure software development, malware analysis, and disaster recovery But what are the risks of putting virtual systems into your production...

Read More »

Topic: BlackHat and Defcon Review Speakers: Various Event Attendees In this presentation, we'll cover the highlights of each conference. The new exploits and tool releases, new research and make sure you know what you missed out on! This is the MUST ATTEND TASK event of the year. If there is any specific topic you'd like covered, be sure to contact us and let us know. Reference: Defcon Official Website Reference: Blackhat Briefings 2008 Website...

Read More »

Topic: SpeedTalks! Presentations linked where available. Technical-focused content: New insecurities in Ipv6 (Tyler Reguly) Adventures in Remote Access (Chuck) Digital Watermarking (Paul Shields) The Canadian Honeynet Projet (Sami Kamel) Office...

Read More »

Topic: Privacy for Security Geeks Speaker: Tracy Ann Kosa Overworked. Underpaid. And now you’re responsible for privacy too. Get under the covers and find out why this job is a lot easier then it sounds. The secret to privacy design: once you’ve done it, you’re done it. This session will provide you with compliance based design requirements, and the teach you how to get there yourself. The legislation hasn’t changed in years, and though the technology evolves, the architecture requirements for compliant privacy design haven’t no matter who your clients are. Do privacy and security make good bedfellows? You bet. And it’s better then doing it alone....

Read More »

Topic: Web Access Management Speakers: Stefan Lesaru + Madhu Mahadevan Madhu Mahadevan and Stefan Lesaru from CA Canada Company will present a comprehensive session on Web Access Management (WAM). This session will highlight the different aspects of WAM and provide a background of how these types of solutions can be utilized in different scenarios. In particular, how authentication, authorization, auditing and policy management can be externalized, as well as provide Single Sign-On, Authentication...

Read More »

Topic: How to implement a Security & Privacy incident management program Speakers: Bobby Singh, SSHA The purpose of the presentation is to provide an overview on how to build a comprehensive and integrated security and privacy incident management program. Privacy incidents such as accidental disclosure of patient health information are becoming more and more common, and but there are few case studies or documented examples on how to deal with these types of incidents available to help organizations...

Read More »

Topic: Linking in to your Information Security Career Speakers: Robert Beggs and Bruce Cowper One of the most popular questions on the TASK forums is: “how do I break into the security field”? Sadly, it rarely receives an answer – like any other career, it seems to be a matter of who you know, and making connections can be difficult. Tonight we’re going to look at social networking resources on the web, especially LinkedIn and Facebook, and see how we can use these as a way to meet and build professional...

Read More »

Topic: Protecting Your Private Parts Speaker: Tracy Ann Kosa Overworked. Underpaid. And now you’re responsible for privacy too. Get under the covers and find out why this job is a lot easier then it sounds. The secret to privacy design: once you’ve done it, you’re done it. This session will provide you with compliance based design requirements, and the teach you how to get there yourself. The legislation hasn’t changed in years, and though the technology evolves, the architecture requirements for...

Read More »

Speakers: Larry Gagnon, Sandy McMurrich and Dave Burton Each of our speakers has extensive law enforcement experience in Ontario. They have all worked for a number of years in the computer forensics field and each has performed hundreds of examinations on devices for major cases including homicides, major frauds, organized crime rings etc. Larry now runs a private firm and supports civil litigations in the Greater Toronto Area. Sandy and Dave are both currently continuing their work in their respective data forensics bureaus. ...

Read More »

Topic: Myths, Mistakes and Outright Lies Speaker: Kellman Meghu A lighthearted look at common pitfalls to building out a network security architecture, this presentation does not intend to be all encompassing, but to encourage people to reconsider and re-evaluate the responsibilities of network security. Open discussion on techniques, tricks and tips is encouraged. Using a subjective threat guide, various policy based deployments are examined at a high level to measure risk versus cost. Sometimes...

Read More »