Starting on February 13th, 2017, some of the world’s top information security experts will descend upon Moscone Center in San Francisco CA for the annual RSA Conference 2017. We’re excited to announce that Skycure will be hosting our own session titled “Mobile Containers: the Good, the Bad, and the Ugly” on Friday, February 17th at 11:30 AM (which goes until 12:15 PM).
In our session, we’ll cover the premise of mobile containers and their inherent limitations – from app level containers to OS level containers. Our presenters, Yair and Adi, will also disclose issues they’ve recently uncovered within the Android for Work framework. In fact, they’ll provide a live demo of the techniques used by attackers to bypass the secure separation built into this solution. It’s definitely a must-see, especially for anyone interested in (or evaluating the market for) a Mobile Threat Defense solution, you’ll definitely want to attend!
The keynotes all have some amazing lineups, and we encourage you to attend all of them. In addition to those, there will also be a lot of great sessions throughout the entire conference that touch on mobile security and mobile threat defense. Here’s our list of sessions that you should definitely check out (subject to availability- reserve your spots in advance):
- Practical Intelligence Sharing: ISACs and ASAOs
Monday, Feb 13th from 9:00 AM to 12:00 PM
This seminar will challenge conventional approaches, highlight what’s working and where we still need some work, and provide a framework for understanding the opportunities and challenges around intelligence sharing.
- Sizzle or Fizzle: Is Threat Intelligence Really Worth My Time?
Tuesday, Feb 14th from 1:15 PM to 2:00 PM
This lively panel will pit the promises of security providers against the needs of enterprise defenders. Panelists will share the threat intelligence traps organizations should avoid, and how to operationalize this data for faster, more effective incident response. Attendees will leave knowing whether they’re ready to take on threat intelligence and, if so, how to get the most out of their investment.
- Delivering Secure, Client-Side Technology to Billions of Users
Tuesday, Feb 14th from 1:15PM to 2:00 PM, or 2:30 PM to 3:15 PM
Google aims to make the web secure for all. Many tools that were once available selectively (verified boot, encryption, TEE, sandboxing) are now on a billion+ devices, but there is still much to be done to achieve a secure ecosystem. Director of Android Security Adrian Ludwig will discuss the progress Google has made, the gaps that remain and how client-side security can make the web more secure.
- Mobile Devices: What Could Go Wrong? Discussion from the Frontlines
Tuesday, Feb 14th from 2:30 PM to 3:15 PM
Many enterprises allow employees to bring their own devices and access email, calendars, address books, and sometimes internal web resources, file shares and apps. Learn how your peers are dealing with hidden BYOD risks from mobile apps and Wi-Fi networks that employees visit.
- Securing What You Don’t Own or Control: The Current State of Wi-Fi Security
Wednesday, Feb 15th from 8:00 AM to 8:45 AM
Wi-Fi is the defacto networking protocol and it is one of the hardest to secure. The explosion of connected devices in and around corporate networks—printers, security cameras, IoT sensors—raises a new set of security challenges. Join Rick Farina, Director of R&D at Pwnie Express, to learn how to protect data and systems from this expanded Wi-Fi threat landscape and explore real-life solutions.
- Hacking Exposed: Real-World Tradecraft of Bears, Pandas and Kittens
Wednesday, Feb 15th from 9:15 AM to 10:00 AM
Demos and mitigation strategies from real-world case studies of advanced intrusions like the hack of the Democratic National Committee and others that CrowdStrike has detected globally. The session will showcase demos of intrusion tradecraft of sophisticated nation-state adversaries from Russia, China and Iran.
- How Android and iOS Security Enhancements Complicate Threat Detection
Thursday, Feb 16th from 9:15 AM to 10:00 AM, or Friday, Feb 17th from 9:00 AM to 9:45 AM
Well-intentioned Android and iOS security improvements amplify attackers’ asymmetric advantage. Platform security enhancements take away tools and techniques defenders and incident responders have come to rely upon to detect and respond to mobile security incidents. This talk will explain a number of obstacles created by Android and iOS security enhancements and methods for overcoming them.
- IRL: Live Hacking Demos
Thursday, Feb 16th from 11:30 AM to 12:15 PM
Leading security researchers Jacob Holcomb and Dan Staples will demonstrate exploits against a handful of connected devices. The researchers will explain and show how attackers would progress through an actual exploit, describing the attack anatomy along the way. The audience will be left with a tangible sense for how IoT devices get broken, and how to think about better securing them.
And, just a quick reminder:
- Mobile Containers – The Good, the Bad, and the Ugly
Friday, Feb 17th from 11:30 AM to 12:15 PM
This presentation will cover the premise of mobile containers and their inherent limitations; from app level containers to OS level containers. During their presentation, Yair and Adi will disclose issues they have recently uncovered within the Android for Work framework and will provide a live demonstration of techniques used by attackers to bypass the secure separation built into such a solution.
By this point, our guess is you’ll need something a little lighter, so once you’re done learning everything you need to know about mobile security and mobile threat defense, be sure to watch Dr. Neil DeGrasse Tyson’s keynote on Thursday, Feb 16th from 4:20 PM to 5:10 PM, and then Seth Meyer’s closing keynote on Friday, Feb 17th from 1:00 PM to 2:00 PM.
Now that you know what the must see sessions are to fit into your schedule, here are some next steps:
- Come to Booth #2904 in the North Hall to chat and witness live iOS hacking demos
- Request a meeting with one of our executives – Meet with Skycure
- Learn about the success of your peers Aetna, RNDC and Ceragon Networks.
Oh, and whatever you do: don’t connect to any open Wi-Fi networks while you’re at the show. Just trust us on that one.