Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.  
  • Doors to the main event open at 8.30am with talks starting at 9am on 6 June 2018
  • Workshops will be held on 5 June 2018 starting at 10am; Pre-registration is required
Please remember that Security BSides London has a strict code of conduct available here.

Log in to bookmark your favorites and sync them to your phone or calendar.

Track 3 [clear filter]
Tuesday, June 5

10:00 BST

Writing effective Penetration Test Reports
In this workshop, we'll aim to cover the following:
1. What does a good pentest report look like?
2. Common things that should be factored in while writing a pentest report. We will cover typical structures, coverage and depth on each.  
3. Writing crisp and effective executive summaries, which appeals to both a technical and non-technical audience.
4. Providing the right level of detail for a technical person to understand the attack scenario and take action.
5. Leveraging tools such as a Dradis to help us become more efficient at reporting.

A laptop is recommended.

avatar for Vinayak Ram

Vinayak Ram

Vinayak is an Associate Director at Protiviti, where he heads up the Technical Security Practice in the UK.  Vinayak has 10+ years of broad ranging experience in Information Security across multiple domains. He is passionate about bridging the “understanding gap” between technical... Read More →

Tuesday June 5, 2018 10:00 - 12:00 BST
Workshop 3 ILEC Conference Centre 47 Lillie Road London SW6 1UD

12:30 BST

How To Be A Ghost: Developing Operational Security (OPSEC) for security researchers
In the security community, most threat researchers are conducting research in an insecure and time-consuming environment. Whether intelligence is gathered from private communications over an IRC server or postings on an underground forum, researchers must be able to identify, document, and disseminate their findings quickly and without compromise. Having a secure and monitored enterprise covert communications framework in place will allow your researchers to focus on producing finished intelligence. In this workshop, we will discuss everything from creating/securing system architecture to developing methods for automation, all while staying protected.
The speakers will begin by detailing virtual server presence and configurations for virtual machines. The systems will be setup properly with tools and services commonly required by researchers. Network communications and anonymization techniques will also be covered in depth. This includes best practices for buying online services with Bitcoin and cash, the caretaking and sharing of online personas, and demonstrations on how actions done on a website, IRC server, forum, or gaming chat room can be tracked back to the researcher. Counter-log activities, the integration of mobile/social platforms, and legal implications/nuances will also be discussed.
The Advanced Programs Group within McAfee has experience in conducting sensitive and timely investigations in an enterprise environment. APG’s lessons learned in creating and maintaining these systems can assist research teams of any size in their endeavor to be more secure and deliver timely intelligence.


Rhett Greenhagen

Rhett Greenhagen has worked in the NetSec/IC for over a decade. He specializes in open source intelligence, cyber counter-intelligence, profiling, exploitation, malware analysis, and technical research and development. Career highlights include Primary Forensic Investigator for the... Read More →

Jean Yav

Jean Yav (@projekrex) is a Security Engineer at one of the world’s largest dedicated security technology companies. He has spent the last fifteen years supporting blue team operations in the healthcare and nonprofit industries. Jean Yav’s official billets have included System... Read More →

Tuesday June 5, 2018 12:30 - 16:30 BST
Workshop 3 ILEC Conference Centre 47 Lillie Road London SW6 1UD

Twitter Feed