Day 1 – 14th of December 2018:
CSCAMP2018 | 9th year Opening
By Moataz Salah (Bluekaizen founder).
Cairo Security Camp is an annual event targeting the Information Security Community of the Middle East and North Africa (MENA Region). IT Professionals and security practitioners from throughout the region are invited to attend. The Conference purpose is to gather, in one place, everyone interested in helping to improve and enrich the Information Security field in the MENA region. Our Goal is to raise the level of information security field in the MENA region, hoping that one day we live up to international standards.
Day 1 CyVentures Hackathon.
Agenda 1- Idea Generation Workshop 2- New Trends in Cybersecurity 3- Hackathon Activities.
Revealing Clickjacking Secrets – Workshop
By Ahmed Anas (Security Researcher)
the attack the victims may be trapped to perform unintended actions on social media applications, initiate critical transactions or even it would be extended to reveal confidential information. In this session I am presenting a new technique that protects from Clickjacking attacks enforcing user awareness regarding the sensitive user interface elements actions he is willing to perform.
Reviewing Teleco Security Consideration & Risks Evaluation – A Starter Kit
By Ahmed Atef Selim (Sr. Information Security Consultant)
Most of security in Telecommunication talks may have targeted a deep teleco technical audience, This session is targeting security professional that working in the teleco field, where a foundation to telecommunication security concepts and existing risk due to IP shifting done lately (3G/4G/5G) will be introduce, moving forward with the session will introduce risk assessment challenges due to the nature of Teleco, Calculating the risk (Identifying Risk Factors & it’s Parameter) is not same as IT infrastructure, For example Asset value can’t be depending only on the data type, other factor take places (Interconnection, Revenue …etc) since most attacks come from the signaling protocol which doesn’t contain Data (Voice Calls) by it’s nature, ending by sharing suggested ideas to properly assess the risks.
This session is designed to enable the security professional into the teleco security field, sharing knowledge gained through the last 5 years entering the teleco security field so that new comers can start faster and increase the learning curve.
Day 1 : Ask The Experts. – at Hacking Village
By Ahmed Nabil (IT Manager | Security, Networking, System Engineering)
specific cyber security field. Prepare all your top of mind questions and share your experience to better improve our community. Each user will have maximum of 10 minutes with one of the experts on different tables. Discussions are served based on First In First Out.
P.S: Prepare your questions, you have only 10 minutes per expert and try not put vague questions. so, that the expert can help as much as they can.
Experts will cover variable topics between :
1. Cyber Security Career Advice
2. Malware Analysis
3. Capture the Flag Competitions
4. Digital Forensics
5. Working in International Companies
6. Security Management
7. Pen Testing
8. Secure Coding
The challenge of Building effective SOC with limited resources.
By Mohamed Sadat (Information Security Section Head at THE EGYPTIAN CREDIT BUREAU)
Some organizations have formal security operations centers(SOCs). where teams of dedicated analysts carefully monitor for threats around the clock, every day of the year.Unfortunately, most organizations cannot afford a 24×7 SOC.The cost of having well-trained analysts onsite at all times outweighs the benefit for almost every organization. Instead, most organizations either make do with an informal SOC comprised of a small number of analysts who have many other duties to perform or have no SOC at all and rely on borrowing people from other roles when needed.Security events are not consistently monitored around the clock. This leads to major delays in responding to many incidents, while other incidents go completely unnoticed. It’s a dangerous situation that results in damaging cyber incidents.For organizations caught between the prohibitive cost of a formal SOC and the wholly inadequate protection from an informal SOC, there is a solution: building a SOC that automates as much of the SOC work as possible.
Hardening Corporate Printer. Workshop
By Amr Ragheb (Assistant Manager, Deloitte Egypt)
In this talk, Amr be illustrating most of the attack vectors applicable for network printers and how can an attacker compromise the security of a corporate through its printers.
The purpose of this talk is to learn how to defend your corporate by knowing the root causes of each threat and how to eliminate this threat factor.
Crashing The Continent : Introduction to exploitation. Workshop
By Hady Azzam (Computer Science student)
Binary exploitation bugs reside on the top of the vulnerabilities stack due to their severe impacts , such bugs could lead to memory leaks , remote code execution , and DoS attacks , it could be the worst nightmare for a company due to the impact on either the confidentiality , integrity , or the availability, for that reason we are going review a study case , and take a look at such vulnerabilities from the implementation side.
Demystifying people’s role in cyber security.
By Mahmoud Tawfik (senior cyber security advisor and technology entrepreneur.)
In the era of digital transformation, people’s role needs to be redefined as the most critical role in protecting the digital environments, this role needs to be demystified to effectively mitigate present and future cyber security risks.
Day 1 Closing Note: Amateur Persistence Attack (APT) in the Middle East.
By Dr. Ahmed Shosha (Security Researcher, Microsoft.)
When the term APT surfaced the news, we assume hearing about complex cyber tactics and techniques and advanced malware capability. This is not always the case. This Talk will discuss few campaigns of inexperienced APT attacks surfaced the social media and targeted the Middle East. The talk will go through how those campaigns started, what was the attack vector and how they targeted their victims.
Gala Dinner & Entertainment Night.
We are delighted to invite all attendees, speakers and sponsors to CSCAMP2018 | 9th year Gala Dinner . Don’t miss this fantastic evening full of entertainment, amazing food and a friendly atmosphere.
Spaces are limited to this awesome annual event, so don’t delay
Professional and Corporate tickets will be able to access the Gala Dinner For free. Academic tickets will need to add an extra 100 EGP.