Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.  
  • Doors to the main event open at 8.30am with talks starting at 9am on 6 June 2018
  • Workshops will be held on 5 June 2018 starting at 10am; Pre-registration is required
Please remember that Security BSides London has a strict code of conduct available here.
Back To Schedule
Tuesday, June 5 • 12:30 - 16:30
How To Be A Ghost: Developing Operational Security (OPSEC) for security researchers

Log in to save this to your schedule, view media, leave feedback and see who's attending!

In the security community, most threat researchers are conducting research in an insecure and time-consuming environment. Whether intelligence is gathered from private communications over an IRC server or postings on an underground forum, researchers must be able to identify, document, and disseminate their findings quickly and without compromise. Having a secure and monitored enterprise covert communications framework in place will allow your researchers to focus on producing finished intelligence. In this workshop, we will discuss everything from creating/securing system architecture to developing methods for automation, all while staying protected.
The speakers will begin by detailing virtual server presence and configurations for virtual machines. The systems will be setup properly with tools and services commonly required by researchers. Network communications and anonymization techniques will also be covered in depth. This includes best practices for buying online services with Bitcoin and cash, the caretaking and sharing of online personas, and demonstrations on how actions done on a website, IRC server, forum, or gaming chat room can be tracked back to the researcher. Counter-log activities, the integration of mobile/social platforms, and legal implications/nuances will also be discussed.
The Advanced Programs Group within McAfee has experience in conducting sensitive and timely investigations in an enterprise environment. APG’s lessons learned in creating and maintaining these systems can assist research teams of any size in their endeavor to be more secure and deliver timely intelligence.


Rhett Greenhagen

Rhett Greenhagen has worked in the NetSec/IC for over a decade. He specializes in open source intelligence, cyber counter-intelligence, profiling, exploitation, malware analysis, and technical research and development. Career highlights include Primary Forensic Investigator for the... Read More →

Jean Yav

Jean Yav (@projekrex) is a Security Engineer at one of the world’s largest dedicated security technology companies. He has spent the last fifteen years supporting blue team operations in the healthcare and nonprofit industries. Jean Yav’s official billets have included System... Read More →

Tuesday June 5, 2018 12:30 - 16:30 BST
Workshop 3 ILEC Conference Centre 47 Lillie Road London SW6 1UD