Jump to navigation Jump to content

Speaker

Filipi Pires

Filipi Pires

Security Researcher and Security Advocate

Espinho, Portugal

I’ve been working as Security and Threat Researcher at Saporo, Founder at Black&White Technology, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many countries such as US, Canada, France, Spain, Germany, Poland, and others, I’ve been served as University Professor in Graduation and MBA courses at Brazilian colleges, in addition, I'm Creator and Instructor of the Course Malware Attack Types with Kill Chain Methodology (PentestMagazine) and Malware Analysis - Fundamentals (HackerSec).

Links

Area of Expertise

  • Information & Communications Technology

Topics

  • Security
  • Malware
  • MalwareHunting
  • Cloud Security
  • Cyberthreats
  • cyber security
  • malware analysis
  • Application Security
  • Azure Security
  • Information Security
  • Pentesting
  • Offensive Security
  • Red Team
  • Blue Team
  • Defender Advanced Threat Protection
  • Threat Hunting
  • Threat Intel
  • Advanced Threat Analytics
  • Advanced Threat Protection
  • Threat Intelligence

Sessions

Keep your code safe during the development path using Opensource tools.

Practical demonstration of how a Developer can use a SAST tool for static analysis in code vulnerability, executing it in source code, byte code and/or binary and identifying security holes during the development process, analyzing many languages and codes.
The ecosystem will have the opportunity to know about an open source tool that orchestrates other security tools and identifies security flaws or vulnerabilities in projects and put all results in a database for analysis and generation of metrics, working this analysis with select the languages ​​and/or tools to be used on the project based on the available stack.

Effects Malware hunting in Cloud environment

During this presentation, I’ll demonstrate the risks that a PDF can bring to your Cloud environment if it’s exploited by malware, I’ll be explaining how each session works within a binary, and explain how cyber attackers are using different techniques, like packers, obfuscation with JavaScript (PDF), demonstrating how these malware works and where it would be possible to locate the malicious code.
At the end of this conversation, it will be clear to everyone how Dev/ Research should look better at their cloud environment, in addition to providing clear guidance on how people can seek more basic knowledge, with file structures, software architecture and language. schedule.

Dissecting and Comparing differents Binaries to Malware Analysis

Demonstrate differents kind of structures in the binaries as a PE (header and your sessions) , ELF (header and your sessions), PDF(header/ body/cross-reference table/trailer), explaining how each session works within a binary, what are the techniques used such as packers, obfuscation with JavaScript (PDF) and more, explaning too about some anti-desassembly techniques, demonstrating as a is the action of these malwares and where it would be possible to "include" a malicious code.
By the end of this "talk" it will be clear to everyone, differences in binaries structures, how can the researcher should conduct each of these kind of analyzes, besides of course, it should seek more basic knowledge, with file structures, software architecture and programming language.

Filipi Pires

Security Researcher and Security Advocate

Espinho, Portugal

Links

Jump to top