Bay Area IoT Security Meetup - May 2017

Get ready to learn insights into IoT Exploitation, techniques used by attackers and real-world ways to pentest and gain access to IoT devices in the May edition of Bay Area IoT Security meetup.

This time we are having the meetup in Santa Clara, so that all our friends from South Bay could also attend.

AGENDA

6.30 - 7.00: Networking

7.00 - 8.30: Presentations

Details:

Session 1: Daddy, Why Did the Lights Go Out? - Ben Draffin

Session 2: Mobile App Exploitation for IoT Devices - Oguzhan Topgul

Session 1: Daddy, Why Did the Lights Go Out?

Industrial control (ICS) and SCADA systems enable great efficiency and automation but create an unprecedented risk to our world's utilities and infrastructure. Even though these systems are highly critical in nature, they are often unprotected and susceptible to compromise by malicious hackers.

Ben will provide an overview of ICS and SCADA systems as well as explore a few of their major security challenges in depth including Engineer Training, Network Analysis, Cryptology, and Patching.

The talk will also contain specific actionable insights into how security issues can be prevented or detected. The session will be concluded with a Q&A where he will discuss his own experience with ICS/SCADA security, and answer audience questions.

About Ben Draffin -

Ben Draffin (http://bendraffin.com/) is a security engineer specializing in secure system design with a history of consulting in authentication, mobile security and embedded systems.

Session 2: Mobile App Exploitation for IoT devices

In this talk, Oguz will walk through the common security flaws found in mobile application which leads to the IoT devices being vulnerable.

This talk compromises of case studies, demos and real world examples on how IoT devices security are affected by poor security of Android and iOS applications.

Some of the topics that will be discussed are Reverse Engineering, Network based vulnerabilities and more.

About Oguzhan Topgul -

Oguzhan Topgul (http://www.oguzhantopgul.com) is an application security researcher who is currently focused on mobile application security and mobile malware analysis.