SANS Abu Dhabi May 2025 Community Night

SANS Community Nights are a great way to stay in touch with your local InfoSec community and to hear the latest in technical wizardry, industry intelligence, and thought leadership from our amazing instructors.

View the agenda below:

Date: Monday, 19^th May 2025

Location
Fairmont Bab al Bahr
Khor Al Maqta - Rabdan - Abu Dhabi, UAE

Parking & Directions
Valet parking is available.
Google Maps

5:00pm – 5:30 pm Gulf Standard Time (UTC+4)
Registration, drinks, and canapes

5:30pm – 6:30 pm Gulf Standard Time (UTC+4)
Presentation: Tales from the Cryptography
Principal Instructor David Szili

Register In Person | Register Virtually

Abstract The terms "rolling your own encryption" or "in-house built cryptography" should give everyone the chills. But what if a developer uses all the right tools and libraries without understanding the building blocks or cryptography in general? Just because you had Argon2, bcrypt, scrypt, AES, RSA, or any other ingredients of the cryptography acronym soup in your code, it does not make your application secure! In this talk, I will bring you fresh examples of cryptographic faliures from 2024.

From an open-source project used by millions through proprietary Java code to a Fortune 500 developer company's software product, we will look at the mistakes made by programmers to demonstrate the truth in the common (although not very elaborate) saying in the industry; "cryptography is hard!" We will try to understand why these issues were still a thing in 2024 (and most likely, they will still exist in 2025) and what we can do about them. Also, as every coin has two sides, we need to talk about the fact that defenders can also leverage these mistakes to their advantage. Whether they are fighting ransomware or attempting to decrypt C2 communications, breaking weak cryptography can be the key to success, so practical cryptanalysis is a useful skill to have.