VB2013 speaker spotlight

Posted by   Virus Bulletin on   Jun 28, 2013

We speak to VB2013 presenter Andreas Lindh about his research interests and what he aims to bring to VB2013.

The VB2013 conference takes place this autumn (2-4 October) in Berlin, with an exciting programme that covers many of today's most pertinent security-related topics.

In the build-up to the event we are running a series of blogs in which we introduce the speakers and find out a bit more about their research interests and what they aim to bring to the conference.

Today, we speak to Andreas Lindh (ISecure), who will speak at VB2013 about reducing the window of exposure.

Tell us a little bit about yourself - your job and your responsibilities.

Andreas Lindh "I work as a security consultant for a Swedish company called I Secure Sweden AB - we are one of the leading providers of competence in SIEM and other security operations technologies in the Nordics. My customers are mainly large organizations in the public and private sector, and my assignments are usually as an analyst or architect.

"My day job consists of digging up and analysing suspicious activity in our customers networks, or acting as an advisor to customers in matters regarding their security architecture. I got into security about 10 years ago although I've only considered myself a security geek for the last 5 years or so."

Can you give us a brief outline of what you will be speaking about at VB2013?

Andreas Lindh "My talk is about how a lot of corporations are still relying on a traditional, very network perimeter-centric approach to defence, and that the models they are using are not really effective against software vulnerabilities in general, and 0-days in particular.

"In itself, this is nothing new, but as client-side attacks are becoming more and more common at the same time as users are connecting more and more outside of the protected network, this means that an unpatched vulnerability in an exposed piece of software (such as a browser) can quickly become extremely critical. Simply relying on patching has also proven to be insufficient, as several high-profile organizations have fallen prey to undisclosed vulnerabilities lately.

"Even in cases where patches are available, they might take weeks or even months to deploy. Because of this, I feel that a different approach to defence is needed to compliment the layers that already exist. This should be a more system-centric approach, focused on minimizing the impact of a software vulnerability-related breach instead of trying to stop attacks at the gate."

Why is your presentation particularly relevant to the security community?

Andreas Lindh "I feel that we are not doing enough in this area. Instead of whining about how poor vendor X's track record is when it comes to patching - which is something that we cannot really do anything about - we should focus on providing mitigating methods or alternatives. The whining actually only helps the bad guys, as all the constructive advice tends to get lost in the information security echo chamber. See it as a 'call to arms', if you will."

What can delegates learn from your presentation?

Andreas Lindh "I hope it will provide a reality check, I think a lot of people don't realize how poor the state of corporate security really is. I will also suggest a method for adding additional layers of defence - something that I think will be especially useful for defenders. What I will NOT do is tell people to go out and buy more blinky boxes, but rather to actually start using the ones they already have. Security tools in general are seriously under-utilized."

What other presentations are you looking forward to?

Andreas Lindh "I definitely don't want to miss Gunter Ollmann's Pentesting with live malware presentation - that one sounds incredibly interesting. Other ones that I'll try to catch are Stephen Cobb's presentation on big data security, and the vulnerability/exploit disclosure talk by Tom Cross and Holly Stewart."

Have you visited Berlin before? What are you looking forward to seeing/doing whilst in town?

Andreas Lindh "No, I haven't visited Berlin before, but I'm really looking forward to going. I'm hoping to be able to visit some bars and I'd like to see the Brandenburger Tor and the Berlin Wall."

What else are you looking forward to at VB2013?

Andreas Lindh "Definitely hanging out and socializing with people who share my interests - that is always one of best things about going to security conferences. There are some people who I've only communicated with online who I'm really looking forward to meeting 'IRL', as the kids say. I'm also a big fan of beer, so I'll have to say the bar too."

Andreas Lindh will present 'Surviving 0-days - reducing the window of exposure' at 11:30 on Wednesday 2 October.

The full programme for VB2013, including abstracts for each paper, can be viewed here.

Read more about why you should attend VB2013 - and download our letter templates as a guide for justifying to your budget holder why you should attend VB2013.

VB2013 takes place 2-4 October 2013 in Berlin, Germany - online registration is now open - we'd love to see you there!

Posted on 28 June 2013 by Helen Martin

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.