With all the frightening stories of hackers at Black Hat, I stepped into not-just-yet-another-conference in Singapore. Situated at the plush location of the island country, Marina Bay Sands catered to one of the best security conference of this calibre. All renowned and well-informed security enthusiasts visited from all over the world to share their thoughts and ideas on a single platform.
I particularly enjoyed briefings such as Browsers Gone Wild which showcased practical demonstration of latest developments in browser specific weaknesses and faults in new HTML5 features and Hacking the Wireless World with Software defined Radio – 2.0 establishing communication with NASA space probe and even spoofing a restaurant pager system 🙂
I presented our freeware SecPod SanerTM (Personal Edition) on Day 1 of Arsenal and received good response and interests from auditors, security administrators and technical experts.
Although we have a commercial license of this product, the intention of being at Arsenal was to reach out to many who are using anti-malware products but have vulnerable software installed in their systems. This opens their machines to the brunt of recurring malware attacks. It is reported that 67% of Malware is undetected by anti-virus or anti-malware products because of their polymorphic nature and advanced exploitation techniques. SecPod Saner is a light-weight, easy to use, enterprise-grade security solution for proactively assessing and securing your personal computer. It identifies security loopholes and mis-configurations, and remediates to ensure systems are secure.
On the next day, I spoke about Security Metadata model and how to use this metadata to design Real Time Monitoring and Incident Response. I showcased an efficient search methodology for searching through the metadata and generate meaningful responses, swiftly identifying steps to remediate vulnerability or fix an attack in seconds and mitigating further attacks on a system.
I faced some interesting questions such as scalability over time and what sort of Big Data architecture we use. Here are some answers. Scalability issues may occur as the content grows and as the number of agents that push events data grows. We have devised a distributed Big Data architecture to handle such concerns. I also received some questions on our product such as why is Saner an agent-based solution, will you also provide agent-less solution? An agent based solution resides on the computer system, provides enhanced scan and identifies issues across all systems in an organization. Also, when a large number of machines get introduced into an organization, the time taken to scan all systems with this solution remains constant since all systems are scanned in parallel. Therefore, our solution is capable of detecting the security posture of an organization within minutes!
Whitepaper can be found at https://www.blackhat.com/docs/asia-15/materials/asia-15-Subramanian-Security-Content-Metadata-Model-With-An-Efficient-Search-Methodology-For-Real-Time-Monitoring-And-Threat-Intelligence-wp.pdf
Last word, what I realized in the two days of attending this conference is ‘Nothing can stop you from realizing your ideas and thoughts into something substantial’. I saw people from all over the world, pursuing different jobs, but their immense interest in the security field drives them to create something significant and create awareness and transform knowledge into designing better products.
By Preeti Subramanian, Software Architect working at SecPod Technologies, Bangalore.