VB2013 speaker spotlight

Posted by   Virus Bulletin on   Jun 28, 2013

We speak to VB2013 presenter Andreas Lindh about his research interests and what he aims to bring to VB2013.

The VB2013 conference takes place this autumn (2-4 October) in Berlin, with an exciting programme that covers many of today's most pertinent security-related topics.

In the build-up to the event we are running a series of blogs in which we introduce the speakers and find out a bit more about their research interests and what they aim to bring to the conference.

Today, we speak to Andreas Lindh (ISecure), who will speak at VB2013 about reducing the window of exposure.

Tell us a little bit about yourself - your job and your responsibilities.

Andreas Lindh "I work as a security consultant for a Swedish company called I Secure Sweden AB - we are one of the leading providers of competence in SIEM and other security operations technologies in the Nordics. My customers are mainly large organizations in the public and private sector, and my assignments are usually as an analyst or architect.

"My day job consists of digging up and analysing suspicious activity in our customers networks, or acting as an advisor to customers in matters regarding their security architecture. I got into security about 10 years ago although I've only considered myself a security geek for the last 5 years or so."

Can you give us a brief outline of what you will be speaking about at VB2013?

Andreas Lindh "My talk is about how a lot of corporations are still relying on a traditional, very network perimeter-centric approach to defence, and that the models they are using are not really effective against software vulnerabilities in general, and 0-days in particular.

"In itself, this is nothing new, but as client-side attacks are becoming more and more common at the same time as users are connecting more and more outside of the protected network, this means that an unpatched vulnerability in an exposed piece of software (such as a browser) can quickly become extremely critical. Simply relying on patching has also proven to be insufficient, as several high-profile organizations have fallen prey to undisclosed vulnerabilities lately.

"Even in cases where patches are available, they might take weeks or even months to deploy. Because of this, I feel that a different approach to defence is needed to compliment the layers that already exist. This should be a more system-centric approach, focused on minimizing the impact of a software vulnerability-related breach instead of trying to stop attacks at the gate."

Why is your presentation particularly relevant to the security community?

Andreas Lindh "I feel that we are not doing enough in this area. Instead of whining about how poor vendor X's track record is when it comes to patching - which is something that we cannot really do anything about - we should focus on providing mitigating methods or alternatives. The whining actually only helps the bad guys, as all the constructive advice tends to get lost in the information security echo chamber. See it as a 'call to arms', if you will."

What can delegates learn from your presentation?

Andreas Lindh "I hope it will provide a reality check, I think a lot of people don't realize how poor the state of corporate security really is. I will also suggest a method for adding additional layers of defence - something that I think will be especially useful for defenders. What I will NOT do is tell people to go out and buy more blinky boxes, but rather to actually start using the ones they already have. Security tools in general are seriously under-utilized."

What other presentations are you looking forward to?

Andreas Lindh "I definitely don't want to miss Gunter Ollmann's Pentesting with live malware presentation - that one sounds incredibly interesting. Other ones that I'll try to catch are Stephen Cobb's presentation on big data security, and the vulnerability/exploit disclosure talk by Tom Cross and Holly Stewart."

Have you visited Berlin before? What are you looking forward to seeing/doing whilst in town?

Andreas Lindh "No, I haven't visited Berlin before, but I'm really looking forward to going. I'm hoping to be able to visit some bars and I'd like to see the Brandenburger Tor and the Berlin Wall."

What else are you looking forward to at VB2013?

Andreas Lindh "Definitely hanging out and socializing with people who share my interests - that is always one of best things about going to security conferences. There are some people who I've only communicated with online who I'm really looking forward to meeting 'IRL', as the kids say. I'm also a big fan of beer, so I'll have to say the bar too."

Andreas Lindh will present 'Surviving 0-days - reducing the window of exposure' at 11:30 on Wednesday 2 October.

The full programme for VB2013, including abstracts for each paper, can be viewed here.

Read more about why you should attend VB2013 - and download our letter templates as a guide for justifying to your budget holder why you should attend VB2013.

VB2013 takes place 2-4 October 2013 in Berlin, Germany - online registration is now open - we'd love to see you there!

Posted on 28 June 2013 by Helen Martin



Latest posts:

VB2019 paper: APT cases exploiting vulnerabilities in region-specific software

At VB2019, JPCERT/CC's Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique to Japan. Today we publish both their paper and the recording of their…

New paper: Detection of vulnerabilities in web applications by validating parameter integrity and data flow graphs

In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that can be used to detect SQL injection in stored procedures, persistent cross-site scripting (XSS), and server‑side request…

VB2020 programme announced

VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference.

VB2019 paper: Cyber espionage in the Middle East: unravelling OSX.WindTail

At VB2019 in London, Jamf's Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick's paper and the recording of his presentation.

VB2019 paper: 2,000 reactions to a malware attack – accidental study

At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.