Technical Hands-On Workshop

05 July 2017 (Wed) | 09:00 - 17:00 (inclusive of lunch buffet and tea breaks)
Venue: Sheraton Hotel & Towers, Hong Kong

Workshop Fee: Standard Price - USD 499 | (ISC)² Member Price - USD 375

Looking for more ways to deepen your information security knowledge? Join the post-conference technical hands-on workshop on July 5 (Wednesday). The workshop is a unique opportunity for you to gain additional educational resources, focus on your professional development and connect with your peers.

Morning Session: Using Data Analytics to Investigate Security Intelligence in Large Scale 

As the continual growth of IoT, threat intelligence of information security (such as vulnerability, exploits and so on) becomes difficult to aware. Most of this intelligence could be observed from social media, vulnerability repository, however, the time consuming underhuman manual investigation will become more and more difficult in the future. In this workshop, we will use real data in 2016 to help audience to conduct a hands-on analysis for the vulnerabilities. We will use spark and anaconda python based on docker environment to practice the analysis tactics and methods. In addition, we will work on a small project on "To predict the vulnerabilities whether it will have exploits or not based on machine learning approach" to illustrate the analysis details for the audience.


Dr. Ching-Hao Mao
Section Manager, Cyber Trust Technology Institute (CTTI)
Institute for Information Industry (III)


Afternoon Session: Subverting The Dark Corners of Embedded Devices

With the increased reliance on connected devices to simplify our lives, there's a growing need to ensure that embedded devices are secure by design. There have been various news headlines that report that adversaries are getting much more sophisticated in their attacks. Thus, this technical workshop aims to educate security professionals on how advanced adversaries think and the techniques that they use when attacking embedded devices. The presenter shall attempt to guide the participants on conducting security and vulnerability analysis on an embedded device using bespoke methods such as hardware interfacing, firmware reverse-engineering and pinpoint weak defences that allow an attacker to achieve command and control over it. Additionally, the presenter shall also share on best practices in securing devices from a defender's perspective. 



Pishu Mahtani, CSSLP
Software & Embedded Security Professional





For any inquiries, please contact myuen@isc2.org or (852) 28506957.