April 2013

Our choice of presentation topics for this event were based on details provided by clients about their current requirements and concerns; and also on feedback received from delegates at previous Oasis events. Presentations at this event were based around the theme: '2013 – Year of the Corporate Compromise'.

Presentation One: Burnt Coffee: Is Java Doomed in the Enterprise? - James Forshaw

Java is a common platform on which many applications are built across all industries. It is used not only for back-end web applications but for client facing user interfaces, some of which can be deployed via common web browsers on any of Java’s supported platforms. Recently Java has gained a reputation for insecurity, numerous high profile ‘zero-day’ exploits have been used in the web browser plugin to compromise large corporations such as Apple and Facebook. Whilst Oracle fixed over 50 vulnerabilities in their most recent Critical Patch Update more are still being found.

James' talk presented some technical details on what is making Java so insecure, including some recent zero-day vulnerabilities he has found and presented at CanSecWest 2013. He also discussed how best to protect a corporate environment which relies on Java for day-to-day operation, without necessarily resorting to the blanket ‘uninstall Java’ mind-set.

If you would like more information about Context’s Research services, please go to our dedicated Research area of this website.

Presentation Two: The Bank Job - Michael Jordon

Context are regularly commissioned to perform Red Team engagements and scenario based assessments against client organisations. These engagements help our clients plan for real world attacks, assess their readiness to respond quickly and effectively and review their general security posture.

Mike's talk presented a real life example of a Red Team engagement performed by Context. This ‘no holds barred’ journey detailed from start to finish attack scenarios, advanced technologies and low-tech solutions employed by Context with the single goal of gaining access to the target client systems. Insight was provided into real world attack scenarios used in the wild against many Fortune 500 companies which allow malicious actors to gain a foot hold on specifically targeted company networks.

If you would like more information about Context’s Assurance services, please go to our dedicated Assurance area of this website.

For more information on Red Teaming please go to our dedicated Red Teaming service page.
Presentation Three: Homegrown Response - Peter Barbour

Peter's presentation described how organisations can start to look for intrusions in their own networks using sources of evidence which are readily available or easy to configure. In addition to the proactive efforts to detect malware, understanding, gathering and storing this data will undoubtedly help if and when there is a compromise on the network. The presentation was closed by describing how detection efforts could be supported and complemented by more complex solutions and more specialised skillsets.

If you would like more information about Context’s Response services, please go to our dedicated Response area of this website.

Related Research

Response White paper: Read the full Assessing Network Monitoring white paper here

Response: Read the full Crouching Tiger, Hidden Dragon, Stolen Data here


© Copyright 2013 Context Information Security