LSEC - Leaders in Security

Security Forum 2011 : Security Hardening

After the successful LSEC events of early september 2011, in the week before the 2011 RSA Europea Conference, LSEC organized the yearly LSEC Security Forum 2011 in Leuven at the Verizon Business’ Ubicenter. The year’s theme “Security Hardening” was meant to explore the possibilities of improving the IT and Information Security architectures and systems.

During the seminar, it became obvious that most of the topics were very complementary and gave an interesting viewpoint on how to improve security measures within companies.

This seminar was mainly intended to companies and government departments already having a security environment, and interested in finding out about new solutions, new approaches and ways to improve their security infrastructure. Security Hardening in this case meant to increase the level of security on different aspects and components of your environment. This would have been be either from a network security perspective, a database and application perspective or increasing the granularity and scope of your data protection technologies. With the hardening was also understood ways and procedures to improve security management as a whole.

All together, we’ve explored how to grow from the typical 80% of managed IT and information security risks to upgrade to 90% or and to understand the complexities, costs and resources necessary to this upgrade path.

As not all topics have been explored, it was decided that a follow-up security hardening event would be organized early February 2012.

Security Hardening

LSEC Security Conference 2011 : Security Hardening

Security Hardening is a rather wide concept, and leaves a lot of opportunities for various topics, but the idea would be to “bring something new and fresh to Security Officers and related people managing IT Security … “. Both network security, data security, privacy and other topics are very welcome.

Specifically some topics we are aiming for :
- IPv6 & impact on security
- Database security hardening
- Bring your own device / mobile
- Web application security
- Next generation firewalling
- New developments in hardware security – TPG/CC-based
- Security as a service (in the cloud)
- Virtualization security
- Identity management – access management - authentication
- Vulnerability testing – intrusion detection
- Data Protection technologies & systems
- Critical Infrastructure Protection
- Cybersecurity & Malware protection
- Security Monitoring & Network Monitoring
- Governance & Compliance
- …

Final Program

The following speakers already confirmed their participation and have been selected to present.

Program of October 6th

9.30 : Welcome & Registration

10.00 : Opening Notes & Introduction by Ulrich Seldeslachts, CEO LSEC

Coffee continuously available during the morning.

10.15 : Continuously dealing with vulnerabilities and challenges on networks and systems, and fulfilling compliance requirements. Immediate hardening by more efficient use of resources. by Bart Bosma, Qualys

Abstract : In order to understand how to harden, it makes sense to understand where to start. Policies and controls, but evenly so vulnerability tests and scans will help you to understand immediate and emminent risks and challenges. Linking it to compliance to regulations will help you to translate those risks into business challenges. Continuously dealing with vulnerabilities on networks and systems, and fulfilling compliance requirements means an immediate hardening by more efficient use of resources. You can improve the deployment of people and tools, to where the biggest concerns are, and focus or harden on those that might need even more attention due to risk or business challenges.

About : Before joining Qualys in 2008 as Technical Account Manager for Benelux and Nordics, Bart Bosma has been active as a Security Consultant for more than 10 years at Dimension Data Netherlands and Ubizen, Cybertrust, Verizon Business.

11.00 : Security Hardening through systems, Oracle Systems Security solutions, by Luc Wijns, Oracle Systems

About : Luc has over 22 years of experience in IT, including 14 years at Sun Microsystems & Oracle Corporation.  Currently Luc holds the position of Master Principal Sales Consultant in the Server Division of Oracle in Belgium & Luxembourg and Chief Technologist for the Benelux.  Luc is also active in the Oracle Security Community and in the Oracle EMEA Cloud Architects Professional Community. Luc’s technical strengths are on Datacenter requirements, Architectures, Security (defense in depth, Identity & Access management), Networking, Virtualization and Datacenter Automation. These are the building blocks for a Cloud computing platform. Luc has a lot of software experience from the former Sun Software Practice, putting him in a unique position to understand integration of the software and hardware stack. This end-to-end view is a key differentiator in large data center projects. Luc holds an M.S. Degree in Electrical Engineering and an M.S. Degree in Computer Science from the “Université Catholique de Louvain” in Belgium. Luc is married, father of three children and lives in Belgium.

11.30 : Better protecting some of the crown jewels, database hardening, by Antonino Mata Gomez

About : Antonio started his career as an Oracle database consultant. Back then IT was more interested in High Availability and Scalability but enterprises started showing a growing interest in protecting their key Business Assets persisted in database management systems. Antonio’s expertise was formed through many projects where protecting the database was key in order to guarantee the required security level.In his role of Database Security expert Antonio closely followed up on the Identity & Access Management market trends, which has enabled him to approach security projects from multiple angels.

12.00 : Deep Safe, security solutions by Intel – McAfee, by Peter Van Eeckhout, McAfee

(this presentation will be added at a later moment, due to publishing restrictions by McAfee - Intel for the nature of the contents)

Abstract :. McAfee® DeepSAFE™ technology is the McAfee-Intel jointly-developed technology which allows McAfee to develop hardware-assisted security products that take advantage of a “deeper” security footprint. McAfee DeepSAFE technology sits beyond the operating system (and close to the silicon) allowing McAfee products to have an additional vantage point in the computing stack to better protect systems. McAfee anticipates the McAfee DeepSAFE technology will be a foundation for a number of hardware-assisted security products that take advantage of a “deeper” security footprint which will work in conjunction with McAfee® Endpoint Security Platform that so many organizations trust to protect their endpoints and information

About :  Peter is a Senior Security Engineer defense for NATO and EU at McAfee (a wholly owned subsidiary of Intel). Before joining Mcafee as Senior SE Systems/network, Peter was Security Solution architect at BT and Senior Technical Security consultant at Telindus Belgacom ICT. He started his current carreer as Security and Networking architect at Exxonmobil, as a contractor for Telindus (currently Belgacom ICT).

12.45 : buffet lunch

13.45 : Hardening web applications against malware attacks, by Erwin Geirnaert, Zion Security

Abstract : During this presentation we give an overview of how we can harden web applications against different types of attacks used by malware to bypass the existing security controls in the web application. We discuss the OWASP Top 10 and how malware can abuse these attacks and how the developer must implement a different strategy. We explain why (mobile) browser security is an important aspect of web application hardening and most importantly that the battle against malware is an ongoing battle. For every countermeasure the security industry develops to protect web applications and is used by a lot of companies today we will show how malware is being developed to bypass these solutions. To finalize we give some advice on how to protect against these malware attacks, using pro-active and detective controls.

About : Erwin founded ZION SECURITY in 2005 to help companies to protect against the latest threats, attacks against web applications. ZION SECURITY is nowadays a Belgian market leader in the field of security testing, vulnerability management, penetration testing and banking security. Erwin has more than 10 years of experience in web security, graduating with a Master of Science in Software Development from the University of Ghent. Erwin executes different types of projects for a lot of international software companies, financial institutions, telecom and web agencies. Specialist in executing code reviews in different development languages for critical applications, executing continuous penetration tests of their infrastructure and Internet applications. A specialist in J2EE security, .NET security and web services security. Erwin architects secure e-business projects for web agencies and software companies. He is a recognized application security expert and speaker at international events like Javapolis, OWASP, Eurostar,

14.30 : Most Exploitation is Internal, Learn new proactive defenses against this global networking epidemic, by Bernard Girbal, VP International Operations, Netclarity Inc.

Abstract : Learn about Internal Exploitation, Common Vulnerabilities and Exposures (CVEs) and how hackers, viruses, worms, spyware, botnets, rootkits, Trojans, cybercriminals and cyberterrorists use CVEs to exploit networks.  Over 95% of successful attacks are exploits of these CVEs, while most also happen behind the firewall.
About : Mr. Girbal joined NetClarity after repeat successes spanning more than 20 years of scaling European, Middle East and African (EMEA) channels as the Vice President of Trend Micro, Packeteer (acquired by Blue Coat Systems), Art Technology Group (acquired by Oracle), Candle Corp (acquired by IBM) and Chipcom (acquired by 3Com). Mr. Girbal is graduated from the Paris University of Technology and hold a Business Administration Degree from IAE/APPRA Paris Institut d’Administration des Entreprises ( Sorbonne University), he is certified in Transition and Change Management MRI- Palo-Alto methodology and Executive Assessment. He is a Pilot and an avid musician who has studied at the Paris Classical Music Conservatory. He enjoys golf, and hiking.

15.15 : Changing business challenges, challenging Security change. From hardening key management to cloud integrations. By Dominique Dessy, RSA, security division of EMC

Abstract : As virtualization changes the security dynamics, how should we rethink the Security Stack to regain control , visibility and build trust in the cloud?

About : Dominique is in IT since quite a while (still remembers Z80 assembly code and knapsack crypto ). Joined EMC after the Big Bug of 2000. Passed his CISSP in 2007 and moved to RSA in 2008. One a year gives a lecture for the Executive Master in IT Management of Prof. Ataya.

16.00 : coffee break, networking

16.30 : Hardening patches or enterprise wide ; challenges in data protection technologies and systems by Stefano Ciminelli, Verizon Business

Abstract : Data Security is often seen as the best security solution, or the worst nightmare for companies. Both approaches are wrong - how can Data Security and DLP projects help an organization to protect financial data and intellectual property? When it comes to financial data, how an organization can be sure that some very sensitive information are not being leaked out to the internet (credit card numbers, SSN, …)? How can an industry identify how its intellectual property is being protected? Where are these information on the systems? If you were an attacker, what would you do to steal this kind of information?

About : Stefano Ciminelli is Head of Business Resilience and Data Protection (Critical Data Flow) EMEA, with focus on business continuity strategy definition and sensitive data protection. With extensive experience in IT Security (both technical and managerial), he works together with customers to identify the best security solution to fit their security requirements. He is a speaker to international conferences.  His vertical experience is mainly in Financial (Banking and insurance services), Defense (classified environments) and Manufacturing, R&D (i.e. Intellectual Property protection).

17.15 : New Kids on the Job, firewalling for Digital Natives and Bring Your Own Device. By Tim De Boeck, Palo Alto Networks

Abstract : The next generation of new employees shares a different mindset when it comes to online privacy and security, albeit not quite on purpose. Being the result of a psychological evolution, they will eventually drive change to the security policies in place today. This session will highlight the inherent differences between digital natives and digital immigrants and project the challenges posed on corporate IT security. Some of the key topics that will be discussed are: Natives vs Immigrants, Web 2.0 & 3.0, Bring Your Own Device, Adapting & Improving Your IT Security Posture.

About : Tim De Boeck is a Systems Engineer for Palo Alto Networks – The Network Security Company. 12 Years of experience in the IT security field have enabled him to develop a holistic view of the challenges that companies face today when it comes to IT security. Before joining Palo Alto Networks, Tim held various positions in companies such as IBM, Internet Security Systems and Westcon Security.

18.00 : Closing Reception & Networking

19.00 : Close of Conference

Program of October 7th

9.30 : Welcome & Registration

10.00 : Opening Notes & Introduction by Ulrich Seldeslachts, CEO LSEC

Coffee continuously available during the morning.

10.15 : iPv6, sneaking into your networks and opening unexpected doors to the outside world. Did you know? by Eric Vyncke, Cisco Systems - Ipv6 Council Belgium.

Abstract : IPv6 has been around for more almost 15 years, but has only slowly been taken up by the market. There are many advantages to IPv6, but still for most organizations, it has been easier to replace IPv4 equipment with IPv4 equipment. You would think. In fact, since the last 5 years, IPv6 equipment has been slowly but surely replacing older equipment, but it hasn’t been advertised always that much. Examples are the many Windows OS-es, since Vista, but also networking equipment. These bring along some additional challenges in terms of security, that are easily being looked over. Eric will bring us a fresh perspective.

About : Eric graduated from the University of Liège, Belgium, in 1983 with a Master degree in Computer Science. He worked for a couple of companies like Siemens where he was the architect of the firewall product and of the military message handling system. Since 1997, he works for Cisco as a Distinguished Engineer by helping customers with security design and by assisting product design (notably security). His area of expertise includes the security aspects of LAN switching, IP telephony and IPv6. He is a guest professor at a couple of Belgian Universities, participates regularly at the IETF (author of RFC 3585), ... He holds a CISSP certification. He is the main author of ‘LAN Switch Security’ and is currently writing another book on IPv6 security. Eric is also CTO of the IPv6 Council.

11.15 : Hardening your identity layer. A view on large scale identity architectures and why you should start using them today , by Ronny Bjones, Security Strategist, Microsoft

About : Ronny Bjones currently is working for Microsoft Corporate as senior architect in the identity & security division. Ronny joined Microsoft in 2002 to contribute in trustworthy computing. Later he became the EMEA security lead for Microsoft’s enterprise business. He has 26 years of experience in ICT, 20 of those in security. Ronny published QuEST together with several industry specialists in the subject of electronic signatures. The book is a comprehensive guide on how to implement Electronic Signatures solutions and can be downloaded from microsoft.com. Ronny also co-authored “Best Practice for Applications using the electronic Identity Card”. Ronny oversees the whole areas of security but has a special interest in smart cards, PKI, Identity Metasystem, cryptography and digital signatures. Ronny is a board member of EEMA, an organisation providing guidance on e-Business. Ronny is also member of the ISSE program committee. He is also member of the OASIS Security Conference program committee and the World-eID program committee. Since ‘89 he is active in the field of Information Security doing large projects for the European Central banks, Police forces, big financial institutes, European Commission, etc.Ronny Bjones was one of the four founders of Utimaco Belgium, where he worked ten years as R&D director. Before Utimaco Ronny worked for a Belgian EFT specialist called Prodata and one of the first firms to specialize in cryptography in Europe called Cryptech. Ronny Bjones is an active speaker on conferences. Ronny holds a bachelor in electronics, Master in IT management and MSc in Information technology.

12.15 : Improving systems security, virtualization and applications by Dave Vijzelman, CA Technologies

About : Dave Vijzelman has worked in several large heterogeneous environments and has a large experience in designing and implementing architectural RBAC solutions. His focus is primarily on RBAC strategies and role mining. Besides this, he also has a wide knowledge towards the technical approach regarding identity and access management (IAM) strategies. Previously he was as a Senior Information Security Consultant at Ascure where he was responsible for the architectural approach of analyzing and designing RBAC strategies for clients. Before this, he was an RBAC Consultant at BHOLD Company. Today, Dave is Principal Security Consultant with CA Technologies, supporting large associations in their Identity Management challenges.

13.00 : buffet lunch & networking

14.00 : close of conference

You can also download the binder of the documentation as an alternative to the separate presentations and information.

Practical Details

LSEC Security Conference 2011
Security Hardening
October 6 and 7th, Ubicenter, Leuven

This event was
Free to participate to LSEC Members, LSEC partners and partner Members, Agoria Members, ECSA Members.
Free to participate to any others when subscribed before September 23rd. After that date, subscription fee of 50 €.
Non-Cancellation fee of 150 €, upon no cancellation at least 1 day before the event and non-appearance.

This event was supported by CA Technologies, an LSEC platinum sponsor for our events. We are always open to other, additional interested parties.

About the organizers :
This event is organized by LSEC, a not-for-profit association focused on Information Security in Belgium. LSEC has been organizing over the last couple of years over 100 highly professional information security oriented activities. LSEC is a founding member of the European Security Innovation Network, a project supported by the European Commission through the INTERREG IVb program that supports innovative developments in the North Western European region in Security. With its partners Systematic Paris region in France, SITC in the UK and TeleTrusT in Germany, LSEC welcomes the active participation of companies to participate in the discussion of potential threats, challenges and opportunities for companies in the domain of Security, or to the enterprise market and government institutions.