Ambrosio Berdijo

PowerShell For The Blue Team

The PowerShell scripting is a feature of the Windows operating system created to automate system administration tasks. In recent years, PowerShell has become a major tool used by hackers to gain a foothold inside an organization’s network. This training hopes to reverse the trend by teaching PowerShell techniques to computer security defenders to help gather information regarding potential security breaches in their computer network. You will learn PowerShell scripts that will help the triage and investigate possible computer attacks.
Erwin Dusojan

Erwin Dusojan is a Senior Threat Researcher and has been working in Trend Micro since 2010.

He is providing CyberSecurity-related training to Trend Micro employees, students,professionals, and law enforcement(Interpol).

He is an a Certified Advanced Threat Defense Trainer, GCFA (GIAC Certified Forensic Analyst) CEH( Certified Ethical Hacker), MCSE (Microsoft Certified System Engineer), RHCSA (Red Hat Certified System Administrator), LPI Certified(Linux Professional Inistitue) and VCP5(Vmware Certified Professional).

PowerShell For The Blue Team

The PowerShell scripting is a feature of the Windows operating system created to automate system administration tasks. In recent years, PowerShell has become a major tool used by hackers to gain a foothold inside an organization’s network. This training hopes to reverse the trend by teaching PowerShell techniques to computer security defenders to help gather information regarding potential security breaches in their computer network. You will learn PowerShell scripts that will help the triage and investigate possible computer attacks.
Robert McArdle
Robert is a Trend Micro Research Director, specifically the Forward Looking Threat Research team, where he is involved in analysing the latest Cybercrime threats, specialising in researching the future threat landscape , Open Source Intelligence (OSINT) and coordinating investigations with international law enforcement. He also lectures in Malware Analysis and Cybercrim e Investigations on MSc modules at Cork IT and University College Dublin.

Ready for Battle: Today's Cybercrime Threats and Gearing Up to Defend Against Them

“Ready for Battle” – and my plan is first start with a sort of state of the union on what we see in Cybercrime today (lots of eye catching stories and figures) – and then coming around to the last 10 mins focusing on the whole area of learning skills and developing yourself in InfoSec (Getting Battle Ready)
Christina Lekati

Christina Lekati is a psychologist and a social engineer. With her background and degree in psychology, she learned the mechanisms of behavior, motivation, decision making, as well as manipulation and deceit. She became particularly interested in human dynamics and passionate about social engineering.

Contrary to typical career paths, her history and involvement in the cybersecurity field started quite early in her life. Being raised by a cyber security expert, she found herself magnetized by the security field at a very young age. Growing up, she was able to get involved in different projects that were often beyond her age, that gave her an edge in her own knowledge and experience.

Christina has participated among other things in penetration tests, in training to companies and organizations, and in needs and vulnerability assessments.

She is working with Cyber Risk GmbH as a social engineering expert and trainer. Christina is the main developer of the social engineering training programs provided by Cyber Risk GmbH. Those programs are intertwining the lessons learned from real life cases and previous experiences with the fields of cybersecurity, psychology and counterintelligence.

Information Security is up Against Weaponized Psychology

Cybersecurity nowadays is not only a technical challenge, it is also a behavioral challenge. As long as managers and employees can provide access to critical assets, systems and data, attackers will be targeting them through social engineering schemes in order to acquire this access. Those that have access to technology and organizational assets have also become responsible for the protection of those assets.

Recent threat landscape reports show consistently, that today hackers prefer attacking humans instead of systems. That’s because it is simpler. While technology keeps advancing and security systems become stronger and more complicated to compromise, human psychology has remained the same over centuries and is thus easier to exploit. This is where weaponized psychology starts becoming a tool employed to infiltrate organizations in the public and private sectors, to steal sensitive information, and to help attackers breach organizational security. The stimulus response effect in human vulnerabilities is consistent, and exploiting these vulnerabilities is consistently successful. In addition, it is often a low cost, low risk, and high reward approach.

This talk discusses the social domain involved in cybersecurity and the threat of social engineering. It will provide an understanding on the mechanisms and modus operandi of social engineering and explain the concept of weaponized psychology. It will also discuss the ways in which attackers elicit information that assist them in initiating or delivering an attack. The talk will include case studies and lessons learned on the use of weaponized psychology from the fields of business and human intelligence operations (HUMINT). Recommend ations and defense mechanisms will conclude this presentation.

Mohammad Zulhelmi Azmi

Mr. Azmi is currently a Digital Crime Officer working under the ASEAN Cyber Capability Desk (ASEAN Desk) team on the INTERPOL Cybercrime Directorate. The ASEAN Desk seeks to further deepen the engagement in the ASEAN region by facilitat ing the design and developme nt of an ASEAN Coordination Framework to combat Cybercrime that caters to the unique challenges and needs of the region.

He is seconded from the Royal Brunei Police Force. Azmi has over 8 years of experience in the police. He has led and planned frontline police operations. One of his previous postings was in investigations, which also included cybercrime. His most recent posting was in the Royal Brunei Police force’s International Cooperati on Affairs Department.

Mr Azmi has a University Degree in Business Marketing from Bangor University, United Kingdom

Combating Cybercrime with Actionable Intelligence

In the current world, criminals use new technologies to commit cyberattacks against governments, businesses and individuals. These crimes know no borders, either physical or virtual, and can cause serious harm and pose very real threats to victims worldwide.

Traditional forms of crime have also evolved as criminal organizations turn increasingly to the Internet to facilitate their activities and maximize their profit in the shortest time. These ‘cyberenabled’ crimes are not necessarily new but they have taken on a new online dimension.

Cybercrime is progressing at an incredibly fast pace, with new trends constantly emerging. INTERPOL together with Police from around the World must therefore work together to keep pace with new technologies, to understand the possibilities they create for criminals and how they can be used as tools for fighting cybercrime.

Jay Yaneza
Jay is the senior manager for the Trend Micro Managed Detection and Response Operations and is based in the US. An open source enthusiast and seasonal programmer, he actively investigates noteworthy incidents within the North America Business Unit (NABU) caused by interesting threats or targeted attacks.

Reducing Complexity Through Increased Visibility

The computing landscape promises a lot of challenges for the internetusing public. As an organization’s first line of defense, IT professionals need to have a deep understanding of these issues. What can they learn from the past? What can they do now to prepare for, withstand , and quickly recover from cybersecurity threats? What possible risks should they expect from emerging trends and technologies?

In the fight to keep the connected world safe and secure, today's cyber defenders need to gear up and be battleready, anytime, anywhere.

REGISTRATION IS CLOSED

October 10, 2019

Rizal Ballroom, Makati Shangri-La Manila

Powered by

Decode Logo

ABOUT THE CONFERENCE

DECODE is the premier cyber security conference in the Philippines hosted by Trend Micro. It aims to decode to local technology professionals the up-to-date information about the threat landscape, industry trends, and new technologies in order to empower them to secure the digital infrastructures of their organizations, as well as to inspire them to embark on a continuous learning journey.

GEAR UP! Defending the Connected World

The computing landscape promises a lot of challenges for the internet-using public. As an organization’s first line of defense, IT professionals need to have a deep understanding of these issues. What can they learn from the past? What can they do now to prepare for, withstand, and quickly recover from cybersecurity threats? What possible risks should they expect from emerging trends and technologies?

In the fight to keep the connected world safe and secure, today's cyber defenders need to gear up and be battle-ready, anytime, anywhere.

Modal

KEYNOTE SPEAKERS

Robert McArdle

FTR

Christina Lekati

External

Mohammad Zulhelmi Azmi

Interpol

Jay Yaneza

MDR

TRACK SESSIONS

MAN & MACHINE

IoT, IIoT, ML, AI

View Speakers
TAKE CONTROL

Incident Response/Cybercrime

View Speakers
PROTECT AND DEFEND

New and Emerging Threats /Vulnerabilities

View Speakers

HANDS-ON LAB

Ambrosio Berdijo

PowerShell For The Blue Team

Erwin Dusojan

PowerShell For The Blue Team

AGENDA

START END ACTIVITY SPEAKER DETAILS
06:30 09:00 REGISTRATION
09:00 09:10 Opening Number Juleaus the Violinist with the Whiplash Dancers
9:10 9:40

Keynote 1

Robert McArdle

Director, Cybercrime Research

Trend Micro

Ready for Battle: Today's Cybercrime Threats and Gearing Up to Defend Against Them

9:40 10:10

Keynote 2

Christina Lekati

Social Engineer and Psychologist

Cyber Risk GmbH

Information Security is up Against Weaponized Psychology

10:10 10:30 BREAK
10:30 11:00

Keynote 3

Mohammed Zulhelmi Azmi

Digital Crime Office

Interpol

Combating Cybercrime with Actionable Intelligence

11:00 11:30

Keynote 4

Jay Yaneza

Global Operations Manager for Managed XDR

Trend Micro

Reducing Complexity Through Increased Visibility

11:30 12:00

PANEL DISCUSSION

12:00 13:00

LUNCH BREAK

TRACK SESSIONS

Man and Machine

(IoT, IIoT, ML, AI)

Room ISABELA A & B

Protect and Defend

(New and Emerging Threats/Vulnerabilities)

Room ISABELA C

Take Control

(Incident Response/Cybercrime)

Room MANILA A & B

HANDS ON LAB - PowerShell For The Blue Team

Room MAKATI A & B

13:00 13:40

Securing Your Journey to Industry 4.0

Ryan Flores

Code execution on a Connected Car: A Practical Analysis of the Tesla Model 3

Jasiel Spelman

Fraud Wars

Marvin Cruz

Session 1

PowerShell For The Blue Team

Ambrosio Berdijo / Erwin Dusojan

13:40 13:50 Transfer Sessions / Break
13:50 14:30

SDR for Fun: Make Your Own TV Show

Philippe Lin

Security Group speak a common language: MITRE ATT&CK

Pawan Kinger

Suraj Sahu

IoT in the Underground

David Sancho

14:30 14:40 Transfer Sessions / Break

Break

14:40 15:20

Digital Home Invasion: Exploiting Home Automation with Logic Manipulation Smart Attacks

Stephen Hilt

An Analyst Day at the Zero Day Initiative

Hossein Lofti

Attacks on Telco’s in the transition to 5G Era: the view from the cyber-underground

Vladimir Kropotov

15:20 15:30 Transfer Sessions / Break
15:30 6:10

The role of Machine Learning in Cyber Security

Jon Oliver

What I learned investigating DevOps honeypots for 6 months

Alfredo Oliveira

Discovering Enterprise Networks Weaknesses through Managed Detection and Response

Jana Cabuhat

Session 2

PowerShell For The Blue Team

Ambrosio Berdijo / Erwin Dusojan

16:10 16:20 Transfer Sessions / Break
16:20 17:00

IOT Hacking that won’t cost you a Penny

Manuel Gatbunton

Discovery, Disclosure and Closure: Adventures in Finding and Reporting a Critical 0-Day Vulnerability in Solarwinds NPM

Ron Waisberg

Threat detection with open source Intelligence/Malware Market Analysis and accelerate the incident response

Aliakbar Zahravi

17:00 17:30 CLOSING