Tech Talk Blog : Adelaide Security Interchange Event!

Tuesday, 28 February 2006 6:08 AM Rocky

Adelaide Security Interchange Event!

Well tonight we kicked off the Security Seminar at the Adelaide Oval. I suppose that if you are going to go to a cricket oval for the first time, this is the one you want to go to. it's a very beautifil oval with loads of historybuilt right in. But a word to the wise, the Bradman Room, isn't in the Bradman Stands. It's on the other side of the Oval.

We had a good turnout of about 60 people and I was impressed that about 1/2 of them were developers! It's good to see that both sides of the team are out there ready lean about security.

Anyway, Andrew Coates MCed the evening and introduced Steve Riley first up. In his usual captivating style Steve set the scene asking questions like 'Do you believe your network is secure?' and 'When you're implementing security, how do you know when you're done?' In most circumstances, you don't. You just have to keep on top of things.

There was a lot of interest in Jamie's talk on mobile devices. It seems the gadget factor has definitely crossed the desks of a lot of IT people from their management. Most people carry mobile phones, and soon they'll be carrying smart phones connected to Exchange and the corporate VPN. Are you ready for that? Can your infrastructure supply secure access on mobile devices? Be sure and sign up for the Security Seminar and Jamie will tell you how you can do it!

After a bit of a Pizza and Beer break the developer side of the crew made a good showing on short time. A guest speaker, local South Australian Carl Jongsma went over some of the more recent cases of security breaches. Graeme covered some of the issues around the protection of personal data which got people thinking. The future is going to change the way reporting of breaches of personal information is handled.

I was able to demonstrate the new Torpedo tool, which I promised I would, to demonstrate how to Threat Model you applications. Dave Glover followed up with some examples of how your applications can be attacked. One of the most impressive attacks is how you can get the contents of the web.config file even when IIS is configured not to display it. Scary stuff.

We were running pretty late so Andrew closed the evening about 9:30. Thanks to the Adelaide Oval who served some great gourmet pizza, and especially to all the attendees that came along.

Tomorrow we give Adelaide our best with our first full day Seminar. Judging by the Security Interchange event, it's going to be worth it for the speakers as much as the attendees.

I'll post some pictures as soon as I find my USB cable. :-)

Filed Under: Security Events
Attachment(s): MonKleefieGraham.JPG

Comments

No Comments

New Comments to this post are disabled

About Rocky

Rocky is currently consulting for Readify as a Senior Consultant and is the technical lead for Readify's Security and Monitoring practice. He is an MCSD and a CISSP as well as pursuing a PhD based on research into securing the software development life cycle. In January of 2006 he was awarded an MVP form Microsoft in Developer Security. Since moving to Australia in 2000 he has been working with companies such as Vish Corporation, Softlaw, and the Australian Taxation Office on various projects ranging from personal portals, to expert systems and major government systems.