“DevSecOps Compliance” – Fabiola Moyon
DevSecOps play a growing importance in software engineering. Due to that implementing compliance with security regulations and standards is an essential, but challenging task. In this guest lecture, Fabiola Moyon will explain practical approaches to address this challenge through the improvement of DevOps practices (including modeling and specifying compliance artifacts) relevant both for external compliance checks and internal audits of security compliance in DevOps.
“Cyber Security Certification” – Oleksii Baranovskyi
For those working in information or cyber security, certification is an excellent way to verify the knowledge and prove obtained skills. Top-rated credentials are also conducive to job mobility and maintaining organization’s reputation and the level of the professional service. Earning a reputable cybersecurity certification requires an investment and during our PROMIS breakfast seminar we will discuss what kind of certifications are the most recognized, which certifications should professionals select and how to maintain the certification. We will touch the most well-known and recognized cybersecurity vendor-related and vendor-neutral certifications including ICS2, ISACA, EC-Council, Offensive Security, SANS, Microsoft, etc.
“Software Compliance Requirements for Software Supply Chain Security” – Oleksandr Kosenkov & Alexander Adamov
Software supply chain threats have become one of the most alarming types of attacks existing so far. Regulators paid special attention to software supply chain security in some of the recent regulations (such as the Cyber Resilience Act and Executive Order 14028). In this seminar, we provided an overview of some of the software supply chain security regulations and considered an example of one of the attacks that such regulations could address. In addition, we considered the software bill of materials (SBOM) as one of the cybersecurity risk mitigation measures required by recent regulations for achieving software supply chain security. Also, we briefly touched practical aspects of SBOM implementation.
“Using SIEM for Anomaly Detection” – Volodymyr Tkach
In this seminar we considered using Security Information and Event Management (SIEM) systems for collecting and processing data from your security perimeter in order to detect anomalies. We looked at Machine Learning Toolkits and its possible ways to detect anomalies to turn your SIEM into some kind of IDS/IPS.
Download slides
“Indicator of compromise lifecycle and evaluation during threat hunting” by Oleksii Baranovskyi
The steady increase in the volume of indicators of compromise (IoC) as well as their volatile nature makes their processing challenging. Once compromised infrastructures are cleaned up, threat actors are moving on to other target infrastructures or simply change attack strategies.
In this presentation, we discussed the approaches for scoring models for decaying IoCs shared within different platforms to match their heterogeneous objectives. We described the using meta-information shared along with indicators of compromise, facilitating the decision-making process for machines in regards to the validity of the shared indicator of compromise.
Download slides
“Vulnerability of modern society exemplified with large cyber-attack against Ukraine” by Alexander Adamov
As the second seminar in the series: “Vulnerability of modern society exemplified with large cyber-attack against Ukraine”, Dr. Alexander Adamov will devote this webinar to an analysis of WhisperGate threats. We will get under the hood of three malicious components of this malware family, namely MBR Writer, Trojan-Downloader, and File Corrupter that were used in the #attack13 to destroy target servers supposedly running the websites of the Ukrainian government agencies.
The background for the seminar series is the destructive cyber-attack on several Ukrainian government agencies on January 13th, 2022. This was the largest such attack on Ukraine in four years and about 70 government websites were temporarily down.
“Finding the patterns behind hybrid wardare against Ukraine” by A. Carlsson, O. Baranovskyi, A Adamov
This seminar will focus on the events of 13 January 2022, when several Ukrainian government networks were subject to a destructive cyber-attack. With help of information from sources proximity to the investigation we will provide a hypothetic scenario of this attack known as #attack13. This was the largest such attack on Ukraine in four years and about 70 government websites were temporarily down.
During the seminar we will try to reconstruct the timeline of the attack and demonstrate those key points which can be useful to prevent such attacks in the future.
This seminar is given by Dr. Anders Carlsson and Dr. Oleksii Baranovskyi.