Sponsors
Mobile Security Solutions Forum
Join the Interactive Slack Workspace. Earn 6 CPE credits for attending live.
Slack Workspace: sansurl.com/sans-mobile-solutions-forum
Event Overview
Industry experts agree that smartphone users often assign a higher value to the data stored on their mobile device than actual value of the smartphone itself. This logic also applies to laptops and tablets. Yet, while many people know they should secure the valuable data on their computers, they frequently don't extend that protection to what's on their mobile devices.
With the popularity of smartphones and tablets continuing to rise, mobile devices are becoming more of a target to cybercriminals. Many individuals are using smaller devices as they would a desktop or laptop computer. They are storing more personal data and connecting apps to GPS, financial, storage, health, and more without taking the time to read and understand what information they 're allowing them to track, store, and share.
Taking time to understand the latest malware, smartphone operating systems, third-party applications, acquisition shortfalls, extraction techniques (jailbreaks and roots) and encryption is key in keeping mobile security safe in the digital era. Getting a basic understanding of mobile device forensics will arm users with the knowledge needed to protect information on their equipment that could otherwise be used to harm them.
This forum will explore various mobile security topics through invited speakers while showcasing current capabilities available today. Presentations will focus on case-studies and thought leadership using specific examples relevant to the industry as we know it.
Agenda
10:30 - 11:00 AM EST - Event Welcome
Heather Mahalik, @HeatherMahalik, Chairperson, SANS Institute, @SANSInstitute
11:00 - 11:35 AM EST - Best Practices for Securing Remote Workers
Steve Banda, Senior Manager, Security Solutions, Lookout, @Lookout
As organizations enable employees to work remotely, mobile devices and wireless networks will be key tools for maintaining communication and remaining productive allowing employees to work productively from any device and any location can open users to the risks that come with the shared nature of a mobile device. When your employees work from a personal device with access to corporate data, the device's health must be taken into account. It must be assessed for compliance with corporate security and risk policies.
Join Steve Banda, Senior Manager of Security Solutions at Lookout, to learn best practices for securing your mobile workforce, including:
- Critical considerations for allowing personal devices to access corporate resources
- What rights should be granted for devices accessing corporate data
- How to control specific operating systems from gaining unauthorized access
- What guidance to give users to remain productive and secure while working remotely
11:35 AM - 12:20 PM EST - The Going Dark Problem: Finding the Light Using Hidden App Data
James Eichbaum, @jeichbaum Global Training Manager, MSAB, @MSAB
In an increasingly privacy-conscious world, app developers are building their software with anonymity and encryption top of mind. But when bad actors exploit these protections, investigators are becoming more often left in the dark, locked out of crucial pieces of evidence critical to solving crimes. Investigators must understand that while mobile forensic tools cannot possibly decode or decrypt every app on the market, there are methods to retrieve hidden app data. Being able to manually analyze and parse data from SQLite databases, WAL files, and other files associated with mobile apps is essential to ensuring you are getting the information needed for your investigations.
This hands-on lab will explore the challenges investigators face analyzing encrypted and privacy-centric apps, and provide the tools you need to dissect them - from understanding the different types of data found within SQLite databases to how the WAL and SHM files work and how they may be the key to a successful investigation.
12:20 - 12:30 PM EST - Break
12:30 - 1:05 PM EST - Life Has No CTRL+ALT+DELETE Interactive Podcast: 30 Minute Malware
Host - Heather Mahalik, @HeatherMahalik, Director of Digital Intelligence, Cellebrite, @Cellebrite_UFED
Guest - Lee Crognale, @domenicacrognal Certified Instructor, SANS Institute, @SANSInstitute
If you are an Apple user, it's no secret that you receive more than just a few nudges to upgrade your iOS firmware, but users may have noticed a bit more urgency in the latest patch, 14.4, made available by the vendor. So why was this plea to upgrade issued with such urgency?
This talk will cover a brief history of iOS malware including vulnerabilities and how they've been exploited, how to protect your devices, and the implications iOS vulnerabilities have on mobile forensic investigations.
1:05 PM - 1:40 PM EST - How to Strengthen Your Mobile Strategy
John Gfeller VI, Principal Solution Engineer, Symantec, A Division of Broadcom, @symantec
Now that work from home has become a regular routine, mobile devices are playing an even more critical role in business. At the same time, mobile has increasingly become an attractive target for malicious actors. Join us to hear Symantec Mobile Engineers Mike Soto and Devyn Prasad who will discuss the key factors every enterprise should consider when building their mobile defense. 'In this session, you will:
- Find out why skipping mobile protection in your security plan is not an option
- Learn why you need mobile technologies that protect against a wide range of mobile threats without sacrificing employee productivity
- Hear the details of the important elements of a robust mobile defense
- See a real-world attack illustrating what can happen if a malicious actor successfully pulls off an attack
1:40 - 2:05 PM EST - SANS.edu Penetration Testing and Incident Response Programs
Kimberly Kafka, Admissions Specialist, SANS Institute, @SANSInstitute
Brendan McKeague, Senior Threat Analyst, FireEye, Inc., @FireEye
Learn more about SANS Technology Institute's Penetration Testing and Incident Response Programs, featuring current student and alumni, Brendan McKeague from Mandiant/FireEye.
This presentation will highlight information pertaining to SANS Technology Institute. The SANS Technology Institute is an accredited college and offers programs at the graduate and undergraduate level. We'll cover an overview of the school's graduate programs, including; admissions requirements, curriculum review, funding and frequently asked questions. In addition, you will have the opportunity to hear from a current student about his experience at the graduate school.
2:05 - 2:15 PM EST - Closing Remarks
Heather Mahalik, @HeatherMahalik, Chairperson, SANS Institute, @SANSInstitute
