Custom Managed Installers for Windows Defender Application Control

Organisations are compelled to implement Application Control solutions to meet security regulations for both internal organisational policy as well as guidance from bodies such as NCSC, ACSC or NIST.

Often the decision to implement these security controls are made by people who do not understand the impact on productivity for advanced technology workers such as developers and engineers, creating the need for complicated configurations and solutions to meet the regulatory obligation and needs of the workforce.

This talk will provide a meaningful compromise to this problem using Managed Installers in Windows Defender Application Control. Attend this session to learn how to create flexibility while still maintaining control of your environment.

There will be demonstrations of the solution including example configurations and installations using a popular package managers such as brew or chocolatey enabling professionals productivity, yet reducing the risk of ransomware or other malicious software being able to have free reign on the system.

What I learnt about automating security

By 2025 there will be an estimated 3.5 million cyber security jobs open globally. This is up from 1 million in 2014. This is a problem that will impact most organisations globally as they struggle to find qualified talent to manage their daily cyber security operations as well as engage in projects and product development.

Cyber Security can be often delegated as 'someone else's problem' much like you don't think it will be your house broken into or your belongings being stolen, sadly this being a priority often too late, usually after an incident occurs and remediation after the activity is needed.

To combat this, I wanted to investigate what an organisation can do to automate as many security functions as possible to supplement staff, not replace and lighten the workload of already beleaguered security teams. This session will describe what I have found, what is working, and where the short falls are. The session will cover as many broad aspects as possible of an organisations IT operations and projects life cycles including systems and application development. Building and managing infrastructure as well as the humans that rely on these systems.

This session won't be a deep dive in any one area, it will be a bird's eye view of end-to-end cyber security for a business.

How to go from NO to GO! Developers working with Security.

Developers care about writing code. They want to solve problems, efficiently, and ship products. They use methodologies like Agile and Scrum, full of sprints to produce features and releases; fast. Security on the other hand, want safe and secure code, even if it slows delivery.

Co-operation between Developers and Operations has been "solved" with DevOps. Security came along and tried to shoehorn in the middle with "DevSecOps", but has it worked? Is it enough? Are Developers and security working together or are they beaten into submission of compliance with company security policy and governance controls.

This talk will look at practical ways that Developers and Security Teams can work together to secure code and product, reduce risk in the organisation, and change the perception of Security as being the the handbrake, to a partner safely shipping code; fast.

From Tech Confidence to Cyber Victim: The Irony of Pig Butchering Scams

"From Tech Confidence to Cyber Victim" offers a compelling look into the world of 'pig butchering' scams, where the very strengths that define IT professionals can become their greatest vulnerabilities. This talk explores the ironic twist where high confidence in technological expertise leads even the most seasoned IT experts into the traps of sophisticated online fraud.

We'll examine how the unique skills and attributes of IT professionals—such as a deep understanding of complex systems, problem-solving abilities, and routine exposure to cyber risks—can paradoxically make them more susceptible to these emotionally driven scams. Delving into real-life examples, we illustrate how scammers artfully blend technical jargon with psychological manipulation, exploiting the blind spots created by tech confidence.

This session is designed to bridge the gap between technical know-how and the often-overlooked human element of cybersecurity. Attendees will learn about the subtle intricacies of 'pig butchering' scams, why their professional expertise might not be the complete armour they thought it was, and how to develop a more holistic approach to digital safety and scepticism.

Join us for an enlightening journey from the peaks of tech confidence to the unforeseen valleys of cyber victimhood and arm yourself with the knowledge to defend against the ironies of modern cyber threats.

Microsoft Security Fundamentals Exam Prep Workshop

Microsoft is the fastest growing Cyber Security company by market size and spans your entire digital estate, leading the way by leveraging AI to protect, detect and respond to incidents in your environment.

The SC-900: Microsoft Security, Compliance, and Identity Fundamentals exam assists a candidate with getting a foundational knowledge of the breadth of the Microsoft Security solution, and provides a solid base of knowledge for a professional to engage with their business on these topics, or progress with their professional development in other certification.

Our intensive prep session will be conducted by two Microsoft-certified trainers who have extensive experience in preparing candidates to pass this exam. The session will provide participants with comprehensive guidance, insider tips, and practical insights to ensure their as they pass this exam and continue their Microsoft certification journey.

Securing Cloud API Access

All public cloud providers have multiple interfaces for managing your infrastructure and applications hosted within. If you were to follow a journey of cloud maturity you start with click-ops authenticated via username and password, and progress towards automation leveraging programmatic methods using API.

A recent survey showed that 75% of participants found it daunting to leverage Cloud API due to getting credentialed access. Starting to learn this can be daunting even if you are a seasoned IT professional. Where do you start? How do you authenticate? How do you secure your solution using best practice?

Attend this session to get a kick start on leveraging APIs in public cloud, ways to get API access, how to secure this access, and resources you can take away to continue your learning journey.

Developers, the new targets in the cyber battleground.

Developers are the driving force behind value creation in today's digital age. They have the superpower to turn code into revenue-generating products that can scale to unicorn proportions. However, with great power comes great responsibility. Developers are granted extensive permissions to do their work, but these same permissions can also pose a security risk if they fall into the wrong hands. That's why it's crucial to implement security measures that protect your organization without hindering your developers' productivity.

Join us for a talk on practical tips for securing your developers. We'll discuss tools, techniques, and procedures for securing both human and automated workflows. You'll learn how to:

* Identify and mitigate common security risks in the developer environment
* Implement security controls that balance protection and productivity
* Empower developers to work securely and efficiently

Don't let security be an afterthought. Join us and learn how to build a culture of security that starts with the developer.

Microsoft Security Copilot - your new best friend!

Microsoft Security Copilot leverages with the full power of Generative AI with specially trained models focused on Security Operations within a Microsoft Security environment.

Attend this session to go on a deep dive for Microsoft Security Copilot. Learn how it can assist security operations teams to prioritise workloads, facilitate incident response and remediation, understand how it can assist on understanding best practice to manage environments in ways to reduce the likelihood of repeat successful attacks.

Maximize Developer Velocity Without Compromise - Let’s [CoPilot] Chat About Security

Join us for an exciting session where we will explore how to maximize developer velocity without compromising security. We will show you how to use GitHub CoPilot Chat, Codespaces and GitHub Advanced Security features to build secure applications faster. You’ll come away with tips and best practices from the lessons we learned from experimenting with the tools. Don’t miss out on this fun and informative session!

Dungeons, Dragons, and Data Breaches: Exploring the Synergy of Security Crisis Response

In the world of cybersecurity, where hackers lurk in the darkest digital dungeons, everyone must face the music—especially seasoned tech wizards like yourself. While we may have mastered the art of basic security hygiene (no more clicking suspicious links, right?), the question remains: Are you prepared for the ultimate boss battle? Can you navigate the treacherous maze of a cyber crisis with grace and finesse? Or will you be caught off guard like a goblin stumbling into a gelatinous cube?

But fear not, brave adventurers! Our session is here to equip you with the comedic +5 sword of knowledge and the hilarious cloak of preparedness. We'll explore the whimsical parallels between running a successful security crisis response and leading an epic D&D campaign. Together, we'll slay misconceptions, dodge digital fireballs, and emerge victorious, ready to face whatever the realms of cybersecurity throw our way. So grab your dice, gather your team, and get ready to embark on a quest that will have you laughing in the face of cyber danger!

Why you should be using Microsoft Defender for Cloud

In today's cloud-first world, it's rare for any organization not to have a presence in a public cloud, whether hosting virtual machines via Infrastructure as a Service or running web applications via Platform as a Service. But with the constantly evolving cybersecurity landscape, it's essential to adopt a security posture that reflects contemporary business needs while providing necessary security controls.

Microsoft Defender for Cloud offers cloud security posture management (CSPM) services that include Security Recommendations, Asset Inventory, Reporting, Automation, Benchmarking, and more – all for free. These features are available in Azure, AWS, and GCP.

In addition, Defender for Cloud offers rich capabilities for both CSPM and Cloud Workload Protection Platform available on a subscription service, with many features available on a per-hour incremental cost to actively protect, monitor, and alert across your cloud infrastructure.

In this session, you'll learn how to leverage Microsoft Defender for Cloud to secure your environment and take advantage of the specific premium Defenders to secure your servers, databases, containers, and more. You'll also learn how to evaluate your own environment and implement changes to secure it against unknown threats and potentially add additional protections.

Join us to gain valuable insights into how you can use Defender for Cloud to enhance your cloud security posture and protect your organization's assets.

How your simple application could lead to your customers losing their life savings!

Cyber criminals are becoming incredibly intelligent with sophisticated methods used to link information across multiple platforms to build profiles on victims enabling devastating attacks to take place cleaning out bank accounts and crypto wallets.

In a world of big data, machine learning and open source tools correlating seemingly innocent information to profile a user has never been easier.

Find out how an application you develop could be linked to these activities, and what you can do to help your current or future users protect their data and limit their exposure.

Leveraging Generative AI for Cybersecurity. Attack, Defence and Ethics.

As cyber threats become more sophisticated, it's crucial to leverage advanced technologies to defend against them. One technology that has gained significant attention in recently is generative AI such as the Open AI GPT based models. In this session, we will explore how they could be used to carry out, and defend against, cyber-attacks.

We will discuss how generative AI can be leveraged to assist with targeted phishing attacks. Using a GPT based AI, an attacker can quickly create convincing phishing emails that are more likely to succeed. Further to this GPT based AI can guide the attacker with building the necessary infrastructure to host the whole attack chain. We will demonstrate this potential and discuss the implications of these attacks for cybersecurity.

Next, we explore how generative AI can assist defence against cyber threats. This technology can detect and advise on threats in real-time, allowing organizations to quickly identify and neutralize attacks to limit damage. We will provide examples of GPT based AI is used for defence, such as Microsoft Security Co-Pilot, and demonstrate this technology for organizations looking to improve their cybersecurity posture.
Lastly, we discuss the ethical implications of using generative AI for cybersecurity. As with any emerging technology, there are potential risks and drawbacks to consider, including issues related to privacy, bias, and accountability. We explore these issues and discuss how organizations can balance the benefits of this modern technology with the potential risks.

This will be the first conference delivery for this session but will be delivered at a local security meetup before the conference.

This is a dual delivery leveraging the specialties of the two speakers.

Michelle Sandford is a Developer Engagement Lead for Microsoft focusing on AI and George Coldham is a Cloud Solution Architect in Cyber Security for Microsoft.

This session will require internet access to gain access for the demonstrations. If Internet access is not required pre-recorded video demonstrations can be used.