【活動名稱】
TW Becks Security Meeup #2
【活動簡介】
Beer is beautiful, hacks is amazing, BECKS is gold. Becks是Beer與Hacks兩個字所組成,Becks主要目的就是提供一個定期的聚會,讓資訊安全研究者可以分享研究心得並與各領域的專家進行討論,同時我們也會邀請國外的安全研究者參加這個聚會,讓不同領域以及不同區域間的安全研究者可以透過這個聚會做更多的交流。
本次Becks分享內容精采可期,千萬不要錯過本次機會,快來報名參加!
【主辦單位】
LINE / GrayLab
【活動地點】
士林三號出口藝廊咖啡廳 / 台北市士林區福德路31-1號
【活動時間】
2019 年 06 月 03 日 (一) 19:00~22:00 (18:50開放入場)
【活動時間表/ 流程】
- 18:50-19:00 來賓報到
- 19:00-19:10 主持人開場
- 19:10-19:50 (EN)Webkit fuzzing for fun - Cheol Ung Lee (chpie) / GrayLab
- 19:50-20:10 Break Time
- 20:10-20:50 (TW)MITRE ATT&CK: What You Need to Know - MingYen Hsieh
- 20:50-21:00 Break Time
- 21:00-21:40 (TW)The Distance Between Us and Industrial Control System Security - Mars Cheng / Trend Micro-TXOne Networks
- 21:40-22:00 Q&A / 交流時間
※活動参加費全免,主辦單位將提供餐飲及小吃。
*因座位有限,僅報名成功者具入場資格,並需憑報名成功之 QR code 條碼入場。
*報名成功後將會在5分鐘內收到系統發出的「成功訂購通知」信件,內含報到需出示之 QR code,請留意您的 email 信件。
【內容簡介】
- Webkit fuzzing for fun - Cheol Ung Lee (chpie) / GrayLab
In this talk, I'd like to introduce how I combined kubernetes with public open source fuzzers.
It includes how I simplified the management of infrastructure and fuzzers on multiple containers each running on multiple machines.
Following items will be covered:
- Public open source fuzzers I used
- Dockerizing webkitgtk fuzzing environment for JS/DOM layer
- Use of Kubernetes, great for easy scale-out, update, durable running
- Fuzzing results
Also it'll introduce LINE's infrastructure resource I used, which is granted to all LINE developers
- (TW)MITRE ATT&CK: What You Need to Know - MingYen Hsieh
Managed detection and response (MDR) become a popular term recently. Many concepts and terms are invented: red team, blue team and threat hunting. MITRE ATT&CK Framework is one of these ideas. This talk will introduce MITRE ATT&CK Frameworks and how we can leverage on it, the spirit of MDR and what's the difference between previous defense mindset and MDR.
- (TW)The Distance Between Us and Industrial Control System Security - Mars Cheng / Trend Micro-TXOne Networks
Mars is the Threat Researcher at Trend Micro(TXOne Networks). He will introduce the Industrial Control System (ICS) and what kind of the security threat that ICS faced.
本講題將深入淺出的說明何謂工業控制系統、工業控制系統究竟面臨著什麼樣的資安威脅以及為何會是駭客眼中的新藍海等面向入手,最後以實際案例說明駭入工業控制系統究竟有多容易!!!