GoSecure, a leading provider of Managed Detection and Response (MDR) services and a Predictive Endpoint Detection and Response (EDR) platform, will be presenting two technical sessions at SecTor, Canada’s premier IT security conference in October. SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defenses. Members of GoSecure’s Red Team and Research and Development Team will be sharing their research and in-depth knowledge on Social Network Manipulation and security analysis tools.
“We are extremely excited to have our GoSecure researchers present at SecTor,” said Neal Creighton, GoSecure CEO. “Our researchers work tirelessly to find techniques for staying ahead of today’s cybercriminals. Sharing this research is part of our strategy for giving back to the security community.”
OWASP Find Security Bugs: The Community Static Code Analyzer
Track (Location): Tools (716AB)
Date: Wednesday, October 9 | 4:00pm – 5:00pm
Philippe Arteau, Security Researcher at GoSecure and author of the widely used Java static analysis tool, Find Security Bugs (FSB), shares his insights on the tool. Over the years FSB has evolved from a limited tool to a solid coverage of bug patterns and is now used in many large corporations to support automation. In this presentation, attendees will learn about its high-level internals and heuristics, its potential integration in developers’ IDE and in continuous integration environments. A selection of vulnerabilities found by the tool in popular applications, including Spring and Struts, will be explained. For each of these vulnerabilities, Philippe will review the description of the affected component, the issue reported by the tool, the method to analyze the report and an overview of the potential risks. Along the way, attendees will learn a few tips on increasing your efficiency with the tool. After observing some real-world vulnerabilities, Philippe will conclude with lessons learned, including successes but also failures, from maintaining this open-source project for close to 8 years.
Behind the Scenes: The Industry of Social Media Manipulation Driven by Malware
Track (Location): Tech 2 (801A)
Date: Thursday, October 10 | 1:30pm – 2:30pm
Olivier Bilodeau, Director of Cybersecurity Research, and Masarah Paquet-Clouston, Security Researcher at GoSecure, will discuss their four-year long investigation that started with analyzing an IoT botnet and led to discovering the structured industry that exists behind social media manipulation (SMM). SMM is the deliberate act of paying for popularity with followers or activity on social media. From traffic fingerprinting to panel clustering and forum inquiries, the presenters will uncover the whole supply chain: malware suppliers, bulk resellers, panel software providers and hucksters. Different approaches to disrupt social media manipulation will also be discussed, giving practical insights for cybersecurity professionals, law enforcement agencies, and policy makers willing to curb this illicit industry.
In addition to the two presentations, GoSecure will be in the exhibit hall in booth #201 providing demonstrations of its solutions throughout the conference. To keep up-to-date with GoSecure’s world renowned security research, please visit the GoSecure security blog at: https://www.gosecure.net/blog.
GoSecure is recognized as a leader and innovator in cybersecurity solutions. The company is the first and only to integrate an Endpoint and Network threat detection platform, Managed Detection and Response services, and Cloud/SaaS delivery. The CounterTack Platform delivers predictive multi-vector detection, prevention, and response by applying a unique combination of behavioral analysis, memory forensics, machine learning, and reputational techniques to counter the most advanced threats. Our MDR Services are driven by aggressive SLAs for rapid response and active mitigation services that directly touch the customers’ network and endpoints. Together, these capabilities provide the most effective response to the increased sophistication of continuously evolving malware and malicious insiders that target people, processes and systems. With focus on innovation quality, integrity and respect, GoSecure has become the trusted provider of cybersecurity products and services to organizations of all sizes, across all industries globally. To learn more, please visit: https://www.gosecure.net/.