Latest security Trend,

Viewing 16 reply threads
  • Author
    Posts
    • #4836
      sajeeva
      Participant

      hi..
      I went to an interview and they asked me to do a presentation on “the latest security  trend”. they expect something new. for ex, it shoud not be firewalls, since everybody knows about it. the topic should be bit advance. it should be up to my level. im a graduate and reading for CEH. your suggstions are wrmly welcome.
      thnks…

    • #30419
      j0rDy
      Participant

      does it have to be technical or more management level? things like botnets or cloud computing are always good material to educate about. another thing that is interesting is VMware hacking (if it has to be about hacking). i’ve been to a vmware hacking presentation last week and dispite its shortness (about 20min) it was very interesting.

    • #30420
      hayabusa
      Participant

      Yeah, with MANY of my clients leaning on VMWare and various definitions of ‘cloud computing,’ I find that virtualization security is a very hot topic right now.  I’ve spoken to two local government agencies, recently, who are discussing pentests with me, who have had their outsourced VM / cloud services hacked, within the past 3 months.

    • #30421
      UNIX
      Participant

      Maybe you can get some ideas from the Top Security Predictions for 2010 thread.

      btw, welcome to the forums, sajeeva.

    • #30422
      Anquilas
      Participant

      I’m not sure in what field your company is active, but just spouting a few idea’s on recent stuff that I find interesting.

      There has been some news about successful blows against criminal botnets. That’s always something that speaks to the imagination:

      Also, along the line of awesec: If this company’s focus is towards development, the OWASP TOP 10 project (Top 10 application security vulnerabilities) might give some inspiration. You might pick an interesting application vulnerability and expand on that. If I’m correct, knowledge of application security is very limited in most circles 🙂
      http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project

      (Edit) Or, concerning new tools: the new webapp security tool from Google, Skipfish. You can hardely go more recent then that 😉
      There is a nice review from Jason (Jhaddix):
      http://www.redspin.com/blog/2010/03/19/skipfish-google-enters-the-web-scanner-fray/

      Good luck!

    • #30423
      sajeeva
      Participant

      j0rdy, hayabusa, awesec and Anquilas, thank you all for ur replies..

      @ Anquilas, thnks for ur reply,yep, that company i went for the interview has a team consists of ethical hackers, and they do pen testing and suggest the solutions for vulnrbilities found. 

      wel, the topic “cloud computing” got my attention. hope it wuld be ok for the presntation. if you know any good sources to find the knowldge, plz let me know,
      thnks  🙂

    • #30424
      UNIX
      Participant

      You should be able to find some resources from conferences such as BlackHat and similar ones, e.g. there was a presentation titled Cloud Computing Models and Vulnerabilities: Raining on the Trendy New Parade. There were some more presentations on this topic throughout various other security conferences as well.

    • #30425
      rvs
      Participant
    • #30426
      Anquilas
      Participant

      You’re most welcome m8.

      There is a seminar about Virtualization & Cloud Security on the InfoSecurity.be event that I’m going to this week.
      If I get my hands on some (digital) material, I’ll be sure to let you know.

      Cheers,

      Anq

    • #30427
      blackazarro
      Participant
    • #30428
      j0rDy
      Participant

      if your still not sure what “black hat” topic to choose:

      http://www.defcon.org/html/links/defcon-media-archives.html

      a very good resource for the latest topics!

    • #30429
      Anquilas
      Participant
    • #30430
      n1p
      Participant

      Advanced Persistent Threat may be a good topic, if you are interested in malware and targeted attacks that is! However, if it is an interview, you could demonstrate up-to-date security knowledge, with technical ability (through demo of PDF reversing and shellcode extraction for example) and also an appreciation of the business side of things. Such attacks are targeted against business and as such may have a direct effect on revenue, profit and reputation. Things business execs are all too careful about. Therefore you would demonstrate various aspects of your skillset that interviewers are looking for, whilst getting to talk about something interesting… Again helping you to demonstrate your enthusiasm for security as a whole

      Just a thought…

      n1p

    • #30431
      sajeeva
      Participant

      hi.. all thanks for your replies.links you provide are very usefull.
      since cloud computing is sorta broad topic, they askd me to do the presentation on “heuristic scanning”. have any idea about it?
      thnks

    • #30432
      sajeeva
      Participant

      @j0rDy wrote:

      if your still not sure what “black hat” topic to choose:

      http://www.defcon.org/html/links/defcon-media-archives.html

      a very good resource for the latest topics!

      nice link 🙂 thnnks

    • #30433
      n1p
      Participant

      Heuristic scanning was the next evolutionary step in av scanning after signature scanning. It essentially scans for malicious activity using a known ruleset of malicious behaviour. It’s also known as behavioural scanning and can be very effective. For example a packed file that modifies registry keys and downloads another executable could be classed as malicious. Google has plenty of presentable examples. Be sure to highlight the pros and cons!

      Pros: improvement on signatures
              Effective against unknown threats
              Effective against polymorphic (mutating) malware

      Cons: false positives/negatives
              Requires user interaction
              Etc etc….

      By no means a complete list, but enough to get you started…

      Cheers,
      n1p 

    • #30434
      sajeeva
      Participant

      Thanks mate  🙂

Viewing 16 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?