CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

9/20 (Tue)

9/20 (Tue)

    • 9/20 10:15 - 10:30
    • Keynote

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 10:40 - 11:10
    • Keynote

    Ziv
    Trend Micro Senior Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701
    LEVEL Intermediate
    SESSION TOPIC BlockchainEV SecurityAI
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 11:10 - 11:40
    • Keynote

    Technology Roadmap for Designing Enterprise Cybersecurity

    Security concepts such as Security by Design are rapidly becoming the new norm as Electric Vehicles (EV) and Software-defined Vehicles are becoming more widely discussed. In the past two years, not only have new automotive cybersecurity standards been introduced but also promulgated, such as with the WP29, R155/R156, and ISO/SAE 21434. This presentation will showcase CyCraft research on security regarding self-driving cars.

    READ MORE
    Tsung Peikan ( aka PK )
    CyCraft Technology Corporation Co-Founder & CSO
    Hacks in Taiwan Committee
    SEMI Taiwan Cybersecurity Committee
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701
    LEVEL General
    SESSION TOPIC Cyber ResilienceSecurity by DesignSecurity Strategy
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 11:40 - 12:10
    • Keynote

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 12:30 - 14:30

    Enforcing Zero Trust Security in the Face of Pervasive Intrusion Threats – Get First-hand Experience of Intrusion Techniques and Rethink Your Defense Strategy

        Today, people connect to corporate networks, cloud databases, and a variety applications from everywhere with all kinds of devices. Enterprises can no longer make the assumption that authenticated or trusted devices/users are secure. Therefore, the zero trust security model is an important strategy for strengthening the security of critical data and systems, especially in a hybrid, dynamic workplace. It is a more advanced, agile, and effective approach to security, compared to the traditional security model.

         Comprehensive visibility and understanding of risks are the foundation of effective security prioritization and automated zero trust access controls. Unfortunately, a lot of solutions labeled as "zero trust" do not really understand how to evaluate trust. 

        Activities of this session include:

         1.) Attack and defense drills. Get first-hand experience of hackers' stealthy intrusion techniques.

         2.) Hands-on labs. From the defender's perspective, learn how to identify the root cause of an incident and determine the scope of its impact. 

         3.) Incident investigations. Collect evidence and think how to response with remediation measures, how to implement such measures with existing defenses, and how to stand in the executives' shoes to provide critical information for CISO and SOC teams to make informed decisions.

    READ MORE
    Peter Chiu
    Trend Micro Technical Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4C
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 12:30 - 14:30

    InfoSec Card Game Play Test

    Experience a highly interactive cybersecurity card game! Players not only have fun but also learn the basic concepts of the Cyber Defense Matrix (CDM) security model. By abstractly simulating real-world security incidents, players learn common attacker techniques, the effectiveness of current defensive techniques, and how to use CDM concepts to build an effective and efficient defense—on a budget!


    This course is divided into three parts: lecture, discussion, and game! 


    First, we will introduce the importance and usefulness of security models used by researchers and analysts, such as CDM, NIST CSF, and Mitre ATT&CK. We will then compare the security models and explain how researchers and analysts use these models to break down cyberattacks into individual techniques and their intended uses, stretching from initial access to data exfiltration and impact. Attendees will learn how cybersecurity analysts map out—and eventually predict—attack behavior and how to use CDM with various information security frameworks to formulate effective security strategies and fill gaps. Most importantly, attendees will be able to immediately use this knowledge in our new highly interactive card game that leverages CDM concepts in a fun, educational, and approachable way highlighting the importance of cybersecurity. 

    READ MORE
    John Jiang
    CyCraft Cyber Security Researcher
    Dange Lin
    CyCraft Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4D
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Tech Briefing

    Ensure the security of enterprise network with MDR

    Managed detection and response (MDR) is an outsourced service that provides organizations with threat hunting services and responds to threats once they are discovered.

    The speech will share MDR how to apply the unique Threat Intelligence collection data, verification mechanism, and machine learning analysis technology. Our total solution will help company to defend against unknown threats and 0-day attacks to ensure enterprises’ network security.

    READ MORE
    C.Y.C
    NEITHNET Technical Manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL General
    SESSION TOPIC Managed Detection & ResponseThreat Detection & ResponseThreat Intelligence
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Tech Briefing

    Alden Chen
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL General
    SESSION TOPIC Zero Trust ArchitectureEndpoint SecurityData Loss Prevention
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Tech Briefing

    Fast and Furious Attacks: Using AI to Surgically Respond

    Fast-moving cyber-attacks can strike at any time, and security teams are often unable to react quickly enough. Join Neil Chang, Senior Cyber Security Technologist, and April Huang, Commercial Team Lead at Darktrace to learn how Autonomous Response takes targeted action to stop in-progress attacks, without disrupting your business. Includes real-world threat finds, case studies and attack scenarios.

    READ MORE
    Neil Chang
    Darktrace Senior Cyber Security Technologist
    April Huang
    Darktrace Commercial Team Lead
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC AI SecurityThreat Detection & Response
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Brand Day - Fortinet

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL General SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702
    LEVEL Intermediate
    SESSION TOPIC Zero Trust NetworkData Loss PreventionWeb Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Threat Research Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL Intermediate
    SESSION TOPIC RansomwareCyber CrimePublic Private Partnership
    SESSION TYPE Onsite LANGUAGE English / Chinese
    • 9/20 14:00 - 14:30
    • Cyber Leadership Forum (Invite-only)

    CXO Information Security Thinking and Chanllenges under the ESG Trend

    In the wave of ESG and digitization, the definition and value of "information security" has changed dramatically. With the corporate's information security management has been included in the evaluation project of the Dow Jones Sustainability Index (DJSI) and more well-known sustainability awards, which will be an issue and a challenge that needs to be addressed more seriously at the CXO level. In this digital transformation wave that everyone can relate to, the ecosystem of the industry has turned over and reshaped the information security battlefield. 

    READ MORE
    Peter Pu
    BSI, the British Standards Institution Managing Director, NE Asia Region
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL General
    SESSION TOPIC GovernanceCyber ResilienceDigital Transformation
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL Intermediate
    SESSION TOPIC Endpoint SecurityCloud SecurityThreat Hunting
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Brand Day - Trend Micro

    Automotive Attack Matrix

    With the growth of Internet of Vehicle (IoV) devices, while give user more convenience, it also allows hackers to have more weakness point to penetrate. In this presentation, we will share the security issues of various automotive components from attacker’s vision in real cases and provide prevention solutions.

    READ MORE
    Aaron Luo
    Trend Micro Security Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate
    SESSION TOPIC Hardware SecurityReverse Engineering
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL General
    SESSION TOPIC Zero Trust Architecture
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30
    • Brand Day - VMware

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General
    SESSION TOPIC Network Access ControlZero Trust NetworkNetwork Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:00 - 14:30

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:30 - 15:00
    • Cyber Leadership Forum (Invite-only)

    Cybersecurity management key risk indicators (KRI) & key performance indicators

    Cybersecurity risk trends are changing rapidly, and companies need to proactively establish mechanisms to detect whether cyber risks affect the enterprise environment.


    I will discuss the NISTIR 8286 ERM, COBIT 2019 framework, the concept of risk monitoring and risk response, and let the audience understand the use of Key Risk Indicator (KRI) and Key Performance Indicator (KPI) in information security risk management, so as to realize enterprise business goals.

    READ MORE
    Kuro Huang
    EY Consulting Cyber Security Consultant
    Griffin Lin
    EY Consulting Deputy Manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL Intermediate
    SESSION TOPIC Risk ManagementSecurity StrategySecurity by Design
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702
    LEVEL General
    SESSION TOPIC Business Continuity ManagementSecurity ArchitectureAccess Control
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Tech Briefing

    Kenny Lee
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL General
    SESSION TOPIC StandardsIoT SecurityOT Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Threat Research Forum

    Modern Malware Evasion Strategies: Bypass Real-Time Protection in Temporal Pincer Methods

    Real-Time Protection is an essential design for all modern anti-virus and endpoint protection, which scans the executed binaries, detects and blocks the malware immediately. To achieve this protection, the security vendors have used APIs provided by Microsoft to embed their hooks at the Ring0 kernel level. However, is that game of cat and mouse over? ;)


    In this session, we will reverse engineer the Windows OS. To understand the Process Creation, Userland IRP, and Kernel Driver design for learning the modern attacker's strategies to escape virus-scan.At the end of the session, we will use several PoC as examples used in the wild to demonstrate how attackers can abuse the issue of scanning timeline, to launch temporal pincher move to avoid anti-virus scan, and we will provide suggestions on mitigation measures and suggestions on select security products for users .

    READ MORE
    Sheng-Hao Ma
    TXOne Networks Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL Advanced
    SESSION TOPIC Malware ProtectionAPTExploit of Vulnerability
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Tech Briefing

    Dr. Cheng Kun Wang
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate
    SESSION TOPIC Breach DetectionAdvanced Threat ProtectionRansomware
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate
    SESSION TOPIC Zero Trust ArchitectureCritical Infrastructure Protection
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Brand Day - Fortinet

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL General
    SESSION TOPIC OT Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 16:45

    Enforcing Zero Trust Security in the Face of Pervasive Intrusion Threats – Get First-hand Experience of Intrusion Techniques and Rethink Your Defense Strategy

        Today, people connect to corporate networks, cloud databases, and a variety applications from everywhere with all kinds of devices. Enterprises can no longer make the assumption that authenticated or trusted devices/users are secure. Therefore, the zero trust security model is an important strategy for strengthening the security of critical data and systems, especially in a hybrid, dynamic workplace. It is a more advanced, agile, and effective approach to security, compared to the traditional security model.

         Comprehensive visibility and understanding of risks are the foundation of effective security prioritization and automated zero trust access controls. Unfortunately, a lot of solutions labeled as "zero trust" do not really understand how to evaluate trust. 

        Activities of this session include:

         1.) Attack and defense drills. Get first-hand experience of hackers' stealthy intrusion techniques.

         2.) Hands-on labs. From the defender's perspective, learn how to identify the root cause of an incident and determine the scope of its impact. 

         3.) Incident investigations. Collect evidence and think how to response with remediation measures, how to implement such measures with existing defenses, and how to stand in the executives' shoes to provide critical information for CISO and SOC teams to make informed decisions.

    READ MORE
    Peter Chiu
    Trend Micro Technical Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4C
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 16:45

    InfoSec Card Game Play Test

    Experience a highly interactive cybersecurity card game! Players not only have fun but also learn the basic concepts of the Cyber Defense Matrix (CDM) security model. By abstractly simulating real-world security incidents, players learn common attacker techniques, the effectiveness of current defensive techniques, and how to use CDM concepts to build an effective and efficient defense—on a budget!


    This course is divided into three parts: lecture, discussion, and game! 


    First, we will introduce the importance and usefulness of security models used by researchers and analysts, such as CDM, NIST CSF, and Mitre ATT&CK. We will then compare the security models and explain how researchers and analysts use these models to break down cyberattacks into individual techniques and their intended uses, stretching from initial access to data exfiltration and impact. Attendees will learn how cybersecurity analysts map out—and eventually predict—attack behavior and how to use CDM with various information security frameworks to formulate effective security strategies and fill gaps. Most importantly, attendees will be able to immediately use this knowledge in our new highly interactive card game that leverages CDM concepts in a fun, educational, and approachable way highlighting the importance of cybersecurity. 

    READ MORE
    John Jiang
    CyCraft Cyber Security Researcher
    Dange Lin
    CyCraft Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4D
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Brand Day - Trend Micro

    In-depth introduction to Automotive TARA

    In order to protect the rights of road users and promote the safety awareness of vehicle manufacturers, all new vehicles in the EU after July 2022 and all new production vehicles after 2024 must comply with the UNECE WP.29/R155 standard, while the ISO21434 standard, inherited from ISO26262, will soon be fully implemented. Regardless of the standard, Automotive TARA is the core component. What is TARA? How should vehicle manufacturers implement TARA? What makes Automotive TARA special? This topic will give you an in-depth understanding of Automotive TARA, from the purpose and necessity of TARA, the implementation of Automotive in the real world and the current status of ISO Regulation.

    READ MORE
    Shin Li
    Trend Micro Automotive Threat Expert
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate
    SESSION TOPIC Supply Chain SecurityThreat Analysis & ProtectionRisk Assessment
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL General
    SESSION TOPIC API Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Brand Day - VMware

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General
    SESSION TOPIC Network Detection & ResponseFirewallZero Trust Network
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15
    • Tech Briefing

    The New Generation of Distributed Networking Architecture Disrupts Data Center Networking and Information Security Thinking

    Aruba combines best-of-breed Aruba data center L2/3 switching with the industry's only, fully programmable DPU (Pensando Elba) to introduce the industry's first Distributed Services Switch the Aruba CX 10000 Series Switch. Its key features include: 

    • IT organizations no longer need additional firewalls to control east-west traffic when building data centers, delivering 100x the scale and 10x the performance at 1/3 the TCO of traditional approaches
    • Stateful firewall
    • Extend micro segmentation capability to any type of hosts in the data center
    • The encapsulated remote switch port analyzer (ERSPAN), telemetry and DDoS protection related features will be introduced gradually
    READ MORE
    Alex Chen
    Aruba Aruba Taiwan Vice President
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL Intermediate
    SESSION TOPIC Network SecurityNetwork Visibility
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 14:45 - 15:15

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 15:00 - 15:20
    • Cyber Leadership Forum (Invite-only)

    Protect corporate data by implementing cybersecurity framework

    Adopting cybersecurity framework could be meaningful to protect corporate data, as well as a trust relationship between supply chain. Starting from choosing a cybersecurity framework that suites your business, defining guidelines to different operating systems, selecting tools to fulfill the requirement of compliance and certification. This sharing would share a real world example on how to obtain and utilize associated resources, apply management tools to different OSes

    READ MORE
    Glee Tsai
    Jamf APAC Senior Sales Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL General
    SESSION TOPIC Cyber ResilienceEndpoint Detection & ResponseZero Trust Network
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 15:50 - 16:20
    • Cyber Leadership Forum (Invite-only)

    How Insurance Company Determine Cyber Risks of Enterprise?

    Based upon Aon global database of cyber insurers’ survey and many years of local practice, will share with enterprises how insurance companies evaluate corporates’ cyber risks and define insurance policy terms. If a company plans to purchase cyber security insurance, what information or actions should be prepared in advance, and how to communicate with insurers to obtain the best terms? During a cybersecurity incident, how to cooperate with insurance companies to optimize the policy.

    READ MORE
    Maggie Hsieh
    Aon Taiwan Ltd. Associate Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL General
    SESSION TOPIC Cyber InsuranceCyber ResilienceIncident Response
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL Intermediate
    SESSION TOPIC Zero Trust Architecture
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30
    • Threat Research Forum

    To Loot or Not to Loot? That Is Not a Question When State-Nexus APT Targets Online Entertainment Industry

    The online entertainment business is not a notable victim when we talk about Advanced Persistent Threat (APT) attacks. Previously, APT research emphasized the victims in the public sector, such as the government, military, or critical infrastructure. It was not until 2020 that security researchers started to shed light on APT attacks against the online entertainment industry. For instance, TrendMicro's "Operation DRBControl" suggested that China-nexus APT41 and APT27 had targeted gambling and betting entities.

    This talk will focus on APT's targeted attack against online entertainment companies which have solid cash flow and a massive amount of personal data. Previously, many cases were believed to be financially-motivated attacks because of the usage of ransomware. However, based on our observation in the past few years, APT attacks against online entertainment companies are also driven by espionage purposes.

    We will dissect more than 20 targeted attack operations TeamT5 has tracked since 2018. Our analysis shows technical links between these targeted attacks and the infamous Chinese APT, including APT10 (aka menuPass), APT41 (aka Winnti, Amoeba), and APT27 (aka GreedyTaotie). Our presentation will cover these attacks' Tactic Technique and Procedures (TTPs). We have seen those APT groups adopt different TTPs aimed at the online entertainment industry. We detected the well-known China-origin weapons such as PlugX, ZxShell, and APT's shared tools such as Hyperbro, PlugX2016, and CoinDrop. Many campaigns even deployed ransomware for double extortion.

    More importantly, these cases gave us a peek into China's strategic move. We believe that these APT attacks are the preliminary work of the Chinese government. After these intensive attacks of APT, we have seen China is officially purging the online entertainment and gambling industry. Our strategic intelligence indicates several possible scenarios which could lead us to believe the ultimate goal of these APT attacks.

    READ MORE
    Charles Li
    TeamT5 Chief Analyst
    Che Chang
    TeamT5 Cyber Threat Analyst
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL Advanced
    SESSION TOPIC Threat IntelligenceReverse Engineering
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC API SecurityApplication Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30
    • Tech Briefing

    Holmes Fan
    Imperva Principal Security Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL General
    SESSION TOPIC Application SecurityDDoS Protection
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL General
    SESSION TOPIC Data Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30
    • Brand Day - Fortinet

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL General
    SESSION TOPIC SIEM
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30
    • Tech Briefing

    Using artificial intelligence to control remote/home/outsourced work environments

    Use Artificial Intelligence and Machine Learning technology to help companies control remote/home/outsourced work environments, such as:

    • User identification
    • Identification of bystanders in the work environment 
    • Identification of objects in the work environment that could lead to a data breach, such as cell phones, cameras, keyboards, screens, notes, and papers
    • Recognition of behaviors explicitly prohibited by the company in the work environment, such as taking pictures of the screen with a mobile phone/camera
    • Actions for violations such as warning messages, blank screen, mandatory shutdown

    This solution allows enterprises to fully control the Human Factor, protect data security, improve work efficiency, and assist Call Center to comply with the CLEAN DESK policy.

    READ MORE
    Julian Su
    iSecurity Inc. CEO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702
    LEVEL General
    SESSION TOPIC Human FactorAI Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30
    • Brand Day - Trend Micro

    Securing C.A.S.E.: Putting the brakes on cyber threats to keep you in the fast lane

    Learn how Trend Micro's automotive security solutions can help you detect and respond to future potential threats.

    READ MORE
    Peter Yang
    Trend Micro Sr. Product Manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL General
    SESSION TOPIC EV SecuritySoftware SecurityHardware Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30
    • Brand Day - VMware

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General
    SESSION TOPIC Endpoint Detection & ResponseThreat Detection & ResponseThreat Hunting
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:00 - 16:30

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:45 - 17:15
    • Tech Briefing

    Riley Liao
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL Intermediate
    SESSION TOPIC Endpoint SecurityComplianceVulnerability Management
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:45 - 17:15
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL Intermediate
    SESSION TOPIC OT SecurityICS/SCADA SecurityIndustrial Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:45 - 17:15
    • Tech Briefing

    Solution Tips for The Challenges of Big Data Network Traffic Analytics

    With the advent of the 5G era and prevalence of IoT (Internet of Things), network traffic continues to grow at exponential rate with unprecedented diversity and complexity in its content and behavior, leading to more challenges to network visibility and forensic analysis for carrier-grade networks. In this session, we take a deep dive into how GenieAnalytics assists network operators in overcoming the various challenges of large-scale network traffic analysis through methods like diverse traffic data collection, big data database building, heterogeneous network data correlation and enrichment, and multi-dimensional analytics to provide a fast, in-depth, network-wide solution for carrier-grade traffic analysis.

    READ MORE
    Jacob Chiang
    Genie Networks CTO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702
    LEVEL Advanced
    SESSION TOPIC Network VisibilityBig Data
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:45 - 17:15
    • Brand Day - Fortinet

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL General SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:45 - 17:15

    A Beacon of Light in the Darkest AD: Attack Path Visualization with AI Simulation

    Completing our CyCraft trilogy of CyberSec talks, we will discuss the critical importance of proper privilege management. Windows AD is the heart of Enterprise IT cybersecurity. Yet while it is a top security priority, it can also be the darkest enigma and a monster to unravel. AD security is difficult to measure. In this presentation, we will introduce a new AI analysis method for AD security, combining the confrontational thinking between red and blue teams to better help outline the boundaries of enterprise cybersecurity and increase visibility and metrics for AD security. This is a Birdman session you cannot miss.

    READ MORE
    Jeremy Chiu / Birdman
    CyCraft Technology Corporation Founder & CTO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate
    SESSION TOPIC Machine Learning
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:45 - 17:15

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:45 - 17:15

    Buidling Cybersecurity Center of Excellence: Embracing Adademia, Startups, and Communities

    After the incubation of around one year, CCoE (Cybersecurity Center of Excellence) is to be established early next year. Positioned to be a provider of cybersecurity assessment technologies, a trainng camp of cybersecurity blue teams, a diplomacy to collaborate with well-known international cyberseucirty organizations, CCoE shall embrace academia, entreprenurs, cyber communities, and other institutional bodies, with one third of its budget. Under three laboratories, cyber threat defense lab, cyber data analytics lab, and post quantum crypto lab, we are developing several platforms: vulerabilitiy mining, threat intelligence, cyber range, social network analytics, disinformation detection, deepfake detection, and post quantum crypto eco-system. In this talk, we argue the differences between the technologies for cyber players and the ones for assessors, the differences between training blue teams and training red teams, why spending one third of budget externally, and how we shall differ from the other institutional bodies. With these, we hope to recruit talents to build this CCoE together. 

    READ MORE
    Ying-Dar Lin
    NARLabs CCoE Program Chair Professor
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL General
    SESSION TOPIC CyberwarfareDisinformation
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:45 - 17:15
    • Brand Day - VMware

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General
    SESSION TOPIC Container SecurityDevSecOps
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/20 16:45 - 17:15
    • Brand Day - Trend Micro

    Attack and Response (Protection) Interactive Demo

    Aside from historical vehicle hacking cases, it is predicted that future attacks will increase when more and more connected vehicles are on the road. We will demo a hackers attack on the IVI, TCU, and Gateway, and how our In-Vehicle Security is purpose-built to protect against these threats. At the same time, you will have the opportunity to visualize how Vehicle One (a cloud-based management console) detects and responds to these threats. Furthermore, OEMs require suppliers to manage vulnerability in compliance with UNECE R155. We will also demo the Vulnerability Management functionality, which focuses on Vulnerability, Back Door, and Malware scanning, which benefits suppliers in gaining OEMs' trust while hardening device security.

    READ MORE
    Reece Chen
    Trend Micro Technical Manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL General
    SESSION TOPIC EV SecuritySoftware SecurityHardware Security
    SESSION TYPE Onsite LANGUAGE Chinese

9/21 (Wed)

    • 9/21 10:05 - 10:35
    • Keynote

    Keynote Session

    Audrey Tang
    Executive Yuan TANG Feng (Audrey TANG)
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 10:35 - 11:05
    • Keynote

    Defining an XDR Strategy

    XDR (eXtended Detection and Response) is the hot new buzzword in the security industry but so far there isn't a lot of agreement on what defines XDR. The goal makes sense. Extend your detection capabilities across your hybrid network to catch advanced threats like zero days, supply chain attacks, and insider threats, and respond quickly before damage can be done. This talk will explore the data sources that XDR leverages as well as the pros and cons of XDR such as: is it realistic that one vendor can offer you all the tools you need for detection and response or will you need to create a strategy to achieve your own extended detection and response ecosystem.

    READ MORE
    Daniel Chu
    ExtraHop VP of Systems Engineering, APJ
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701
    LEVEL General
    SESSION TOPIC Network Detection & ResponseThreat Detection & ResponseNetwork Visibility
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 11:05 - 11:35
    • Keynote

    Tsai Sung-Ting (TT)
    TeamT5 CEO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701
    LEVEL General
    SESSION TOPIC Security StrategyThreat HuntingThreat Intelligence
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 12:30 - 14:30

    Hack x Forensics

    In this lesson, you will be introduced to digital forensics tools and guided through hands-on lab. You will also learn about how to use the tools to analyze and evaluate the impact scope during real-world investigation and response to incidents. For an immersive experience, a hands-on lab will give participants the chance to investigate cases, experience cybersecurity experts' course of investigation, simulate hackers' tracks via remaining PC data, and to write a basic report, with our team's guidance. 

    MA, Hung-Wen
    CHT Security Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4D
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 12:30 - 14:30

    Enforcing Zero Trust Security in the Face of Pervasive Intrusion Threats – Get First-hand Experience of Intrusion Techniques and Rethink Your Defense Strategy

        Today, people connect to corporate networks, cloud databases, and a variety applications from everywhere with all kinds of devices. Enterprises can no longer make the assumption that authenticated or trusted devices/users are secure. Therefore, the zero trust security model is an important strategy for strengthening the security of critical data and systems, especially in a hybrid, dynamic workplace. It is a more advanced, agile, and effective approach to security, compared to the traditional security model.

         Comprehensive visibility and understanding of risks are the foundation of effective security prioritization and automated zero trust access controls. Unfortunately, a lot of solutions labeled as "zero trust" do not really understand how to evaluate trust. 

        Activities of this session include:

         1.) Attack and defense drills. Get first-hand experience of hackers' stealthy intrusion techniques.

         2.) Hands-on labs. From the defender's perspective, learn how to identify the root cause of an incident and determine the scope of its impact. 

         3.) Incident investigations. Collect evidence and think how to response with remediation measures, how to implement such measures with existing defenses, and how to stand in the executives' shoes to provide critical information for CISO and SOC teams to make informed decisions.

    Peter Chiu
    Trend Micro Technical Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4C
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • Tech Briefing

    Hacking trends after epidemic

    Many countries have gradually adopted an attitude of coexistence with the epidemic, and it is expected that the time for the global reopen is getting closer. However, due to the push of the epidemic, work and life styles have changed dramatically, and hackers are constantly changing to evolve their attack methods and targets. Therefore, in the post-epidemic era, enterprises need to update their thinking and strategies, and start to plan the cyber security as soon as possible. This agenda will share actual cases to analyze the evolution trends of hackers' attacks under this wave of pandemic, and provide corresponding defense strategies and solutions.

    READ MORE
    Peter Peng
    NEITHNET Technical manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL General
    SESSION TOPIC Threat Analysis & ProtectionThreat Detection & ResponseThreat Hunting
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL General
    SESSION TOPIC Endpoint SecurityData Loss PreventionData Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • Threat Research Forum

    Speedrun! The Shortest Attack Path to Breaching Linux Servers!

    Linux server security becomes more vital as more enterprises go through digitization and cloud migration. This presentation discusses both real-world attack techniques used when targeting Linux systems as well as effective defense strategies defenders can leverage to rapidly improve and harden their defenses. Understanding the attackers’ methods is only the beginning. Defenders need to understand how to properly detect, identify, and respond to each and every technique attackers have at their disposal.

    READ MORE
    Ann Tsai
    CyCraft Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL General
    SESSION TOPIC Network SecurityPenetration TestingDigital Forensics
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • Cryptography Forum

    Standardization of Post-Quantum Cryptography

    The confidentiality of modern communication and storage is highly dependent on cryptographic algorithms such as encryptions and digital signature schemes. The development of quantum computers continues to progress. In the future, large-scale universal quantum computers are able to crack all todays’ public-key cryptosystems. In order to resist the threat posed by quantum computing, PQC (Post-Quantum Cryptography) has emerged. Using PQC can resist quantum cryptanalysis.

    READ MORE
    Jimmy Chen
    National Taiwan University Adjunct Assistant Professor
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702
    LEVEL Intermediate
    SESSION TOPIC Post Quantum CryptographyQuantum ComputingStandards
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • CISO Workshop (Invite-only)

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • Zero Trust Forum

    Zero Trust Strategy, Action Plan, and Maturity

    Zero trust must initialize from the top strategy, make an appropriate action plan based on the actual requirements of the organization, promote it step by step, and design suitable measureable indicators to confirm the implementation effect. Practical operations can refer to the US CISA zero trust maturity model and the US Department of Defense's promotion practices, starting from needs, considering risks, seeking the best technology and making economical methods.

    READ MORE
    David Hsiu
    KPMG Advisory Services, Partner Cybersecurity Services
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL Intermediate
    SESSION TOPIC Zero Trust ArchitectureSecurity ArchitectureRisk Management
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • 5G Security Forum

    Yeali Sun
    National Taiwan University Information Management/Professor
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • Cybersecurity Deployment of Smart Manufacturing Forum

    Build production line information security protection from scratch

    1. In the process of digital transformation, what are the industrial demands and information security challenges that HOPAX faces?

    2. How does HOPAX effectively find relevant resources for assistance?

    3. HOPAX's information security strategy and improvement structure: strengthen self-improvement + supply chain joint defense

    4. Supply chain identity zero trust

    5. Uninterrupted intrusion detection and defense

    6. The protection of industrial control and information security is not neglected

    7. Information security team establishment and threat monitoring analysis

    READ MORE
    Aaron Wang
    HOPAX Chief Information Officer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL General
    SESSION TOPIC Security ArchitectureOT SecuritySupply Chain Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • OT Security Forum

    OT Challenges and threats faced from the perspective of dam facility safety

    Traditional industrial control system lacks security considerations. With limited human resources, the popularization of networking technology and remote control is becoming a possible solution. In this situation, these industrial control systems would be more likely to be targeted by hackers. This speech will allow the audience to understand common safety deficiencies in industrial control architecture from the actual example of dam safety, and propose relevant suggestions.

    READ MORE
    Jung-Shian Li
    National Cheng Kung University full professor, electrical engineering department
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate
    SESSION TOPIC Critical Infrastructure ProtectionICS/SCADA SecurityOT Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • Brand Day - SYSTEX

    Henry Hu
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL General
    SESSION TOPIC Threat ManagementCyber ExposureCyber Hunting
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:30
    • Vehicle Security Forum

    Session

    Chris Chiang
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL General
    SESSION TOPIC Threat Detection & ResponseSecurity by DesignEV Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:00 - 14:40

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:30 - 15:00
    • CISO Workshop (Invite-only)

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • Zero Trust Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL General
    SESSION TOPIC Zero Trust ArchitectureNetwork VisibilitySSL
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • Vehicle Security Forum

    The next battlefield for Taiwan's ICT industry Convergence with international standards for vehicle cybersecurity

    Explaining the information security risks of Internet of Vehicles(IoV) and the future operating model in this Cyber Security Management ecosystem through the framework of ISO 21434.

    READ MORE
    CJ Chang
    PricewaterhouseCoopers Risk Consulting Taiwan Ltd. Partner
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL Intermediate
    SESSION TOPIC EV SecuritySupply Chain SecurityCyber Security Management System (CSMS)
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL General
    SESSION TOPIC SOARManaged Security ServiceSecurity OperationThreat Detection & Response
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • 5G Security Forum

    Tony Wang
    PacketX CTO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL Intermediate
    SESSION TOPIC 5G SecurityNetwork VisibilityIoT Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • Threat Research Forum

    APT41 Resurfaces as Earth Baku With New Cyberespionage Campaign

    In this talk, I'll introduce analysis of Earth Baku (aka APT41)'s new cyberespionage campaign, particularly the group's use of advanced malware tools and multiple attack vectors.

    READ MORE
    Ted Lee
    Trend Micro Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL Intermediate
    SESSION TOPIC Advanced ThreatReverse Engineering
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 16:45

    Hack x Forensics

    In this lesson, you will be introduced to digital forensics tools and guided through hands-on lab. You will also learn about how to use the tools to analyze and evaluate the impact scope during real-world investigation and response to incidents. For an immersive experience, a hands-on lab will give participants the chance to investigate cases, experience cybersecurity experts' course of investigation, simulate hackers' tracks via remaining PC data, and to write a basic report, with our team's guidance. 

    MA, Hung-Wen
    CHT Security Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4D
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • Cryptography Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 16:45

    Enforcing Zero Trust Security in the Face of Pervasive Intrusion Threats – Get First-hand Experience of Intrusion Techniques and Rethink Your Defense Strategy

        Today, people connect to corporate networks, cloud databases, and a variety applications from everywhere with all kinds of devices. Enterprises can no longer make the assumption that authenticated or trusted devices/users are secure. Therefore, the zero trust security model is an important strategy for strengthening the security of critical data and systems, especially in a hybrid, dynamic workplace. It is a more advanced, agile, and effective approach to security, compared to the traditional security model.

         Comprehensive visibility and understanding of risks are the foundation of effective security prioritization and automated zero trust access controls. Unfortunately, a lot of solutions labeled as "zero trust" do not really understand how to evaluate trust. 

        Activities of this session include:

         1.) Attack and defense drills. Get first-hand experience of hackers' stealthy intrusion techniques.

         2.) Hands-on labs. From the defender's perspective, learn how to identify the root cause of an incident and determine the scope of its impact. 

         3.) Incident investigations. Collect evidence and think how to response with remediation measures, how to implement such measures with existing defenses, and how to stand in the executives' shoes to provide critical information for CISO and SOC teams to make informed decisions.

    Peter Chiu
    Trend Micro Technical Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4C
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC Purple TeamCyber RangeRed Team
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • OT Security Forum

    Cybersecurity for Smart Manufacturing with Zero Trust Approach

    Zero Trust is one of the new countermeasures that has been proposed recently to achieve effective protection and co-work with industrial AIoT technologies. In this speech, we will outline the complete solutions to realize Zero Trust cybersecurity protection, and provide the practical examples for smart manufacturing applications.

    READ MORE
    Wei-Chung Hwang
    Industrial Technology Research Institute Deputy General Director of Information and Communications Research Laboratories (ICL), Industrial Technology Research Institute (ITRI).
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate
    SESSION TOPIC Identity GovernanceZero Trust NetworkIoT Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • Cybersecurity Deployment of Smart Manufacturing Forum

    The Link bewteen Information Safety and Supply Chain Management

    After IIOT, the information security problem cannot be prevented solely from within. A complete protection mechanism from both internal and external to handle information security issue brought by the suppliers and to improve privacy requested from the clients is imperative. 

    In the speech, we will be discussing: How to control the entrance of the suppliers? How to visuallise secrurity information to raise awareness? What strategy the organisation need to deploy to improve protection? The impact of improved security protection to the industry? 

    READ MORE
    Shang-Chih Lee
    EISO Enterprise Co., Ltd General Manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL General
    SESSION TOPIC Supply Chain SecuritySecurity StrategyIoT Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:45 - 15:15
    • Brand Day - SYSTEX

    于子欣
    SYSTEX Sr. Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL Intermediate
    SESSION TOPIC Email SecuritySecurity AwarenessCyber Criminal
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 14:55 - 15:35

    Transformation Thinking:Getting started with security governance

    When information security governance has become a trend, have you ever thought about what is the correct concept of information security governance?

    The agenda will share the four information security certificates (CISA/CISM/CRISC/CGEIT) of ISACA, and introduce why they are the goal of information security practitioners, and talk about some ways to prepare for the exam. Finally, discuss the benefits and help of the research certificate.

    READ MORE
    Kuro Huang
    EY Consulting Cyber Security Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL General
    SESSION TOPIC Security TrainingGovernanceCertification
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 15:50 - 16:30
    • CISO Workshop (Invite-only)

    How to shift the CSIRT/PSIRT from cost center to OPPORTUNITY center

    In most enterprises, information and product security are still positioned as the cost center. How does the C ISO turn this situation around?

    How to strategize and take action to demonstrate that security is not only critical to business success, but is as much a driver and competitive advantage for business continuity as the digital infrastructure and smart information it protects.

    READ MORE
    Edward Yu
    Unizyx Holding Corporation Chief Information Security Officer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate
    SESSION TOPIC CSIRTPSIRTCISO
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 15:50 - 16:20

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • OT Security Forum

    A View of Organizational Resources for Cybersecurity Standard Implementation: Take IEC/ISA 62443 as Example

    International cybersecurity standards have drawn great attention from high-technology industry, particularly automotive electronics in a post-covid period. However, business logic behind those standards are little unknown. In the past, top management thinks cyberseurity standards only as an international certificate. The current and emerging trends of cyber resilience, cybersecurity standards cover both functional and organizational purposes of cybersecurity. This talk will share insight on organizational resources for standard implementation by taking IEC/ISA 62443 as an example. 

    READ MORE
    Bright Wu
    Willis Towers Watson Taiwan Senior Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL General
    SESSION TOPIC Industrial SecurityGovernance Risk & ComplianceCyber Resilience
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • Tech Briefing

    Ray Wu
    Dell Technologies Senior Systems Consulant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL Intermediate
    SESSION TOPIC Advanced Threat ProtectionBackup and Recovery
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • Cryptography Forum

    The Introduction of FIPS 140-3 Standard from the Perspectives in Security Development Lifecycle

    This session of agenda brings you a brief review about the Secure Software Development Life Process (SSDLC). Then the speaker will introduce the new Cryptography Module Verification Standard from NIST: "FIPS 140-3", with the perspectives of SSDLC, and discover the needs and impacts what FIPS 140-3 brings to SSDLC, and leads you understand the benefits and difficulties of upgrading to FIPS 140-3.

    READ MORE
    Aspen Yang
    ONWARD SECURITY Corp. Software Development Engineer + Cybersecurity Investigator
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702
    LEVEL General
    SESSION TOPIC StandardsSecurity Development LifecycleCryptography
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • Threat Research Forum

    How to process vulnerability management and new vulnerbility response with a nice attitude?

    Due to the COVID-19 situation , working style is changing from office to remote. To make the enterprise works properly , more and more external systems are used for replacing physical work flow.

    This systems like document signing or meeting services become popular and also more vulnerabilities found on them. In this presentation , the speaker will start from introducing what is a vulnerability , CVE and the interaction that enterprise should take. 

    Then , managers should understand the impact and place priority to fix the issue. The speaker will take 2021 Log4J as example to share some experience about how to mitigate the damage of new dangerous CVE appears.

    READ MORE
    Vic Huang
    UCCU Hacker Member
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL General
    SESSION TOPIC Security StrategyVulnerability Management
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • Vehicle Security Forum

    Driving Safely: Next-Gen Autonomous Vehicle Safety Analysis

    This presentation will discuss the evolution of attack and defense techniques for vehicle security systems, starting from the common architecture and components of today’s vehicles and ending in an analysis of potential attack and defense techniques for the autonomous vehicles (AV) of the future. We will also discuss the potential impact and risk posed by supply chain attacks as well as the mitigations we can take today to secure the safe arrival of passengers tomorrow. 

    READ MORE
    Dange Lin
    CyCraft Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL Intermediate
    SESSION TOPIC EV SecuritySecurity by DesignRed Team
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • 5G Security Forum

    Case Studies for 5G Core Network Penetration

    Recent years have seen 4G and 5G gaining increasing popularity and moving towards all IP technology, leading to the booming of the Open Radio Access Network (ORAN). Seeing the increase of attacks on mobile networks, we will be sharing a few case studies in this session about how mobile networks can be compromised, in addition to two fuzz testing tools specifically designed for 5G.   

    READ MORE
    Edgar Wu
    Trend Micro Senior Technical Manager
    Salim S i.
    Trend Micro Senior Technical Manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL Intermediate
    SESSION TOPIC 5G SecurityPenetration Testing
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • Zero Trust Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL Intermediate
    SESSION TOPIC Zero Trust ArchitectureIdentity ManagementThreat Detection & Response
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • Cybersecurity Deployment of Smart Manufacturing Forum

    The cybersecurity guide and opportunity in smart factory

    The IT and OT security protection capabilities with " Cyber Network Threat Scanning ", " Cybersecurity Enhancement and Deployment " and " Building a Dedicated Cybersecurity Team and System " followed by international standards IEC 62443 in smart factories. It helps users to analyze the insufficient system and assist team to operate and manage the security system efficiently.

    In response to the business opportunities of OT cybersecurity in the future, ICP DAS proposes a solution that uses machine learning to quickly establish cybersecurity detection technologies and environments for industrial network protocol anomaly detection. We solve the cybersecurity issues faced by factories in the field of IIoT, and a systematic OT cybersecurity threat detection system has also been developed at the same time.

    READ MORE
    Anold Chao
    ICP DAS RD director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate
    SESSION TOPIC OT SecurityIndustrial SecurityIntrusion Detection
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • Brand Day - SYSTEX

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL Intermediate
    SESSION TOPIC Security StrategyBlue TeamGovernance Risk & Compliance
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:00 - 16:30
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC Network VisibilityZero Trust NetworkThreat Detection & Response
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:45 - 17:15
    • OT Security Forum

    Pwning HVAC Control System

    Nowadays heating, ventilation, and air conditioning (HVAC) system are indispensable in many places, such as hospitals, factories, office buildings and even in residentials. Most of HVAC systems have a Human Machine Interface (HMI) and can be easily managed remotely. While convenience is improved, the security of HVAC control systems is often neglected.

    This time, we have investigated popular HVAC control systems that have web-accessible HMIs. During our research, some products were found to be vulnerable to attacks such as credentials disclosure and privilege escalation. Furthermore, many of them could be found on the Internet. Since HVAC control systems are usually connected to other building systems and facility equipment, if HVAC control system is taken over, other systems would be attacked easily. In this session, we will introduce possible attack scenarios and how to mitigate these attacks.

    READ MORE
    Chicoyama
    TXOne / TrendMicro 資安威脅研究員
    Canaan Kao
    TXOne Networks Inc. Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate
    SESSION TOPIC ICS/SCADA SecurityOT SecurityIndustrial Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:45 - 17:15
    • Threat Research Forum

    Type Confusion in the Wild: from the security Blindspot to Abuse

    Obfuscated File Extension (OFE) is a classic Web exploit technique. Hackers simply upload a JPG file to the server with arbitrary upload vulnerabilities, then use the contents of the image file as a PHP WebShell to execute. Boom! Take down the entire server.


    However, in today's world of cyber attacks, has this technique never been used to attack non-Web enterprises and home computers? The answer is absolutely yes!


    In this session, we will talk from the modern malware analyzer to the defense design of today's security solutions and their 1% defense blind spot. Then use several PoCs to explain how the attacker was able to increase the 1% to 100% blind spot for spoofing and winning the trust by security products by OFE tricks.

    READ MORE
    Sheng-Hao Ma
    TXOne Networks Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL Advanced
    SESSION TOPIC Malware ProtectionCyberwarfareAPT
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:45 - 17:15
    • 5G Security Forum

    Security Challenges in 5G O-RAN

    With an open architecture and interface, O-RAN is designed to build the next-generation RANs with intelligent control. It can provide a certain degree of flexibility and customization and allow new communication interfaces between network components (e.g., O-CU, O-DU) and Radio Access Network Intelligent Controllers (RICs). Moreover, it can work with real-time detection, response, and management with machine learning (ML) algorithms on applications (xAPPs). However, the open architecture and interface also significantly increase the possibility of being attacked. This presentation not only explores the current development of the O-RAN alliance in information security, but also integrates O-RAN and Software Defined Radio (SDR) to realize an experimental network and explores the possible threats of new network components and interfaces in this experimental environment. Finally, we would also discuss the implementation of information security-related xAPP on O-RAN to enhance the security of O-RAN.

    READ MORE
    Shin-Ming Cheng
    National Taiwan University of Sciecne and Technology Professor, Department of Computer Science and Information Engineering
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General
    SESSION TOPIC Network SecurityMobile SecurityTelecom Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:45 - 17:15
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL Intermediate
    SESSION TOPIC Backup and RecoveryRansomwareData Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:45 - 17:15
    • Zero Trust Forum

    Fighting Ransomware with Zero-Trust Strategy

    Ransomware is the most soaring type of security incident recently. Due to the ecosystem formation of ransomware and double extortion approach, ransomware threat to enterprises is continuously expanding. At the same time, since the US National Institute of Standards and Technology (NIST) published the SP 800-207, Zero Trust Architecture document in 2019, zero trust architecture has become the most discussed topic among security industries and enterprises. This session will describe how to take a Zero Trust security strategy to mitigate the threat of ransomware.

    READ MORE
    Albert Hsieh
    EY Advisory Services Inc. Director, Enterprise Security Architecture ( ESA )
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL General
    SESSION TOPIC Security StrategyRansomwareSecurity Architecture
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:45 - 17:15
    • Cryptography Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:45 - 17:15
    • Cybersecurity Deployment of Smart Manufacturing Forum

    How You Respond to a Customer Security Audit Matters

    Be Truthful: Use content directly from your security and compliance program

    The best way to answer a question is by sharing information directly from your security and compliance program (should you have one…and you should). Share a control and/or policy document that describes how you do something. You should try to avoid making up custom answers for a question because it is difficult to keep track of the nuances in each answer in the future, in case a customer asks you about it down the line.

    If you don’t have a control or policy, but it’s in your roadmap, state that, along with an approximate timeline on when you will adopt the new controls and policies. Always expect the customer to ask for proof, so don’t make up an answer you cannot back up with evidence.

    READ MORE
    Vado Yang
    TUL Corporation MIS Dept. Manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate
    SESSION TOPIC Supply Chain SecuritySecurity Operation
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/21 16:45 - 17:15
    • Brand Day - SYSTEX

    黃之應
    SYSTEX Operation Manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL General
    SESSION TOPIC Information GovernanceGovernance Risk & Compliance
    SESSION TYPE Onsite LANGUAGE Chinese

9/22 (Thu)

    • 9/22 09:30 - 10:00
    • Manufacturing Security Forum

    High-Tech Industry Analysis of Cybersecurity Posture: Comparing IT and Risk Management Views


    The current discussion on international cybersecurity standards tends to focus more on posture than maturity. This talk will take some examples to explain the difference between posture and maturity. Based on our third-party review experiences on NIST Cybersecurity Framework, the differences between IT and risk management views are examined. In addition, due to the implementation of NIST Cybersecurity Framework by SEMI Taiwan, its implication to semiconductor industry will be updated. 

    READ MORE
    Bright Wu
    Willis Towers Watson Taiwan Senior Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL General
    SESSION TOPIC NIST Cybersecurity FrameworkGovernance Risk & ComplianceCyber Resilience
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 10:00
    • Threat Research Forum

    Threat Intelligence: APT41's New Subgroup? Dissecting Chinese APT "Tianwu" Latest Operations in the APAC Region

    APT41 (aka Winnti, Amoeba) is a notorious Chinese APT group. In recent years, TeamT5 CTI team observes that the group has developed into multiple subgroups and it has posed a serious threat to companies in the APAC region. In this talk, we will cover an emerging Chinese APT group named "Tianwu," which was first spotted in 2020. We found that there are several TTPs overlap between Tianwu and APT41. Tianwu's proprietary tool, Pangolin8RAT, is a modular trojan that supports at least 8 communication protocols. Our talk will also provide our outlook on the group's future development as well as actionable intelligence for enterprises.

    READ MORE
    Silvia Yeh
    TeamT5 Cyber Threat Intelligence Team / Cyber Threat Analyst
    Leon Chang
    TeamT5 Cyber Threat Intelligence Team / Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC APTThreat IntelligenceReverse Engineering
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 10:00
    • Blue Team Forum

    Taking Apart Misconfiguration - The Attack Path in Active Directory Environment

    This talk briefly presents several misconfigurations that are abused by attacker to compromised domain controller. In advance, taking apart an attack path from usually ignored misconfigurations allowing attacker to control entire Active Directory service.

    READ MORE
    Mars Cheng
    TXOne Networks Manager, PSIRT and Threat Research
    Dexter Chen
    Trend Micro Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL Intermediate
    SESSION TOPIC Red TeamActive Directory SecurityEnterprise Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 10:00
    • ISG Forum

    Cyber Risk Quantification, a business focused approach to cyber risk management.

    How much cyber risk do we have? Is our cyber budget aligned with the business operational risk? Are our cyber risk management options cost-effective? In order to answer aforementioned questions, we must approach cyber from a business risk perspective where we review business processes, technology applications and risk scenarios. The FAIR approach can guide us to perform both qualification and quantification cyber risk analysis. Help us clarify any uncertainty in cyber risk, and quantify risks in financial values. This will allow cyber risk to be a crucial part of financial liquidity management.

    READ MORE
    Anthony Lee
    Marsh Asia
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL Intermediate
    SESSION TOPIC Risk ManagementGovernance Risk & ComplianceCyber Risk Quantification
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 10:00
    • xSecurity Forum

    A Beacon of Light in the Darkest AD: Attack Path Visualization with AI Simulation

    Completing our CyCraft trilogy of CyberSec talks, we will discuss the critical importance of proper privilege management. Windows AD is the heart of Enterprise IT cybersecurity. Yet while it is a top security priority, it can also be the darkest enigma and a monster to unravel. AD security is difficult to measure. In this presentation, we will introduce a new AI analysis method for AD security, combining the confrontational thinking between red and blue teams to better help outline the boundaries of enterprise cybersecurity and increase visibility and metrics for AD security. This is a Birdman session you cannot miss.

    READ MORE
    Jeremy Chiu / Birdman
    CyCraft Technology Corporation Founder & CTO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate
    SESSION TOPIC Machine Learning
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 10:00
    • Cloud Security Forum

    How to Best Assess Your Cloud Security

    Many threats to your cloud security result from improper IAM or insecure configuration settings; such threats typically need to be prevented through inventory and risk assessments. Unfortunately, many services are out of the network admins’ control, complicating assessments and severely raising risk. In this presentation, we will discuss how to best assess cloud security; how to use different frameworks/methods to examine cloud assets, their corresponding risks, and security levels; and discuss real-world security incidents.

    READ MORE
    Boik Su
    CyCraft Cyber Security Researcher
    Dange Lin
    CyCraft Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL Intermediate
    SESSION TOPIC Cloud SecurityIdentity ManagementPolicy Management
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 10:00

    Public-Private Sector Partnerships: The Key to Success in Confronting Cyber Threats

    Threat actors anonymously carry out attacks at their will, stealing sensitive information, deploying ransomware on critical infrastructures, and conduct denial-of-service attacks to disrupt services, inflicting damages to the economy and causing wide-spread panic in society. 


    Government agencies, as capable as they are, cannot defend against and mitigate these threats alone. It must be a coordinated effort between governments, corporations, NGOs, sharing information and intelligence. There must also be a change in people’s mindset on cybersecurity, from the end user to IT administrators, to the managers, to minimize the risks of the human factor.

    READ MORE
    James H
    U.S. Law Enforcement Professional
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General
    SESSION TOPIC Threat Intelligence SharingHuman Factor
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 10:00
    • Ransomware Solution Forum

    Tsai Sung-Ting (TT)
    TeamT5 CEO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL General SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 11:30

    Security! The website has been hacked again!

    The security flaws seem to be unrelated, yet altogether could cause a catastrophe? Vulnerabilities already patched, yet your website is still constantly hacked? Let the cybersecurity consultant with years of real-world experience from CHT Security share with you. Common website offensive techniques and countermeasures will be explained. You will also learn how to uncover root cause and block hackers from the defensive web via hands-on lab.

    (Suitable for: website administrator/system developer/those interested in information security)

    WANG, Kai-Ching
    CHT Security Cybersecurity Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702C
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 11:30

    We found the problem, then what ? How to effectively reduce the risk after vulnerability scanning and penetration testing

    This lab will focus on security problems that cannot be solved by software updates. We choose some common website security issues as examples. After analyzing root cause of issues. First try to modify the code from the inside to solve the problem, and try to solve the problem. Block the problem from the outside, and use a series of implementations to understand the common handling methods of vulnerabilities in practice and the impact on the original service. The goal is to help who are begin to fix security issues after completing a vulnerability scan or penetration test.

    Nick
    Cymetrics Security Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4C
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 11:30

    Automatic IoT Firmware Emulation and Dynamic Analysis

    Dyanmic analysis is a useful solution for malware analysis while the complicated IoT hardware architecture and peripherals make automatic emulation of IoT devices challenging. This course will focus on how to apply recent firmware rehosting technologies (such as Firmadyne, FirmAE) to operate commerical firmware in emulated IoT systems. Moreove, we will introduce well known vulnerability discoverying tools to enable dynamic analysis to the emulated IoT devices.

    Shin-Ming Cheng
    National Taiwan University of Sciecne and Technology Professor, Department of Computer Science and Information Engineering
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4D
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 11:30

    Practical Threat Hunting

    This course will introduce attendees to the basics of threat analysis, threat detection and designing behavioral solutions. Attendees will learn to perform threat hunting to facing red-team tactics. To keep the attendees focus on hunting thread, we leverage open source tool to design our behavioral solutions.

    Will
    Team T5 R&D Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702AB
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 10:00
    • Zero Trust Forum

    Building Zero Trust Architecture from the CISO Perspective

    Currently, the trend of digital transformation has brought several new channels to access organizational resources. Therefore, the advanced persistent threat (APT) attacks become more and more serious. If organizations just deploy security mechanism on perimeter, once cracks can access the organizational internal network, they may move laterally to attack any organizational resources. Therefore, several countries have requested their agencies and organizations in the countries to adopt measures to achieves strategic goals of zero trust. The requirements can be used for CISOs to define security blueprints for their organizations. In this speech, I will introduce how to adapt security architecture to meet the requirements of zero trust.

    READ MORE
    Shi-Cho Cha
    National Taiwan University of Science and Technology Professor and Chair of the Departmemt of Information Management, and Director of TWISC@NTUST
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate
    SESSION TOPIC Security ArchitectureAccess Control
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:30 - 10:00
    • Supply Chain Security Forum

    The Way from PSIRT to Security by Default

    Product safety is no longer a sunk cost but a sharp tool for future business competition.

    How to use the PSIRT operation experience to make rapid progress in product design towards the goal of "Security by Default", in line with general information security standards and a sound information security certification system, and strengthen product competitiveness.

    READ MORE
    Neko C. Y. Lee
    Unizyx Holding Corporation Information & Product Security Management Division / Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate
    SESSION TOPIC Security by DesignPSIRTCompliance
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 09:45 - 10:15

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:00 - 10:25

    From CTF to Threat Research

    CK Chen
    CyCraft Senior Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 10:45
    • Cloud Security Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL General
    SESSION TOPIC Network SecurityIoT SecurityInternet of Things
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 10:45
    • Blue Team Forum

    Jack Chou
    ISSDU Senior Technical Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE English / Chinese
    • 9/22 10:15 - 10:45
    • ISG Forum

    How to cope with the risk and control of information security system?

    Introduce the situational crime prevention theory and information security internal control, and how to apply to coping strategies.

    READ MORE
    Carey Sung
    TRI Head of internal audit
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL General
    SESSION TOPIC ComplianceRisk Management
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 10:45
    • Supply Chain Security Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate
    SESSION TOPIC Supply Chain SecurityOT Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 10:45
    • Manufacturing Security Forum

    The Four Steps to CISO Success: Plan, Predict, Prepare, Practice

    The digitalization of business in the 21st century continues to dramatically increase convenience and severe security risks. The CISO is tasked with navigating leadership through the ever-changing and treacherous cyber landscape. This presentation will discuss four common challenges every CISO must face:

    The CEO: Is your InfoSec budget not enough?

    The Board: Isn’t it safe enough for now?

    The CFO: Do you really need to spend so much?

    Yourself: Are we ready for a Red Team assessment?

    Each of these questions requires regularly assessing and having a comprehensive understanding of your environment’s digital assets; protection practices and policies; current cybersecurity technologies and tools; operational protocols; and the capabilities of your security team.

    READ MORE
    Benson Wu
    CyCraft Co-Founder & CEO, CyCraft Technology
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL Intermediate
    SESSION TOPIC Cyber ResilienceCISOCDM
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 10:45
    • Ransomware Solution Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL General
    SESSION TOPIC RansomwareEndpoint Detection & ResponseData Loss Prevention
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 10:45
    • Zero Trust Forum

    From "Work-from-Home" to "Work-from-Anywhere"- post-pandemic Digital Transformation in a Zero Trust approach

    Are you ready to the extend your Work-from-Home to Work-from-Anywhere? Join our speaker to know more about how to prepare for your next phase of digital transformation in a Zero Trust approach.

    READ MORE
    Aaron Tseng
    Zscaler Senior Technical Consultant, ASEAN & GCR,
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL General
    SESSION TOPIC Zero Trust ArchitectureCloud SecurityDigital Transformation
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 10:45
    • Threat Research Forum

    Collecting In the Dark: Tropic Trooper Targets Transportation and Government

    In this session, we'll be talking about an APT group that targets organizations in Taiwan -- the Tropic Trooper, which is dubbed "Earth Centaur" by Trend Micro. As our research shows, this group has targeted multiple government agencies and transportation companies using customized backdoors such as SmileSvr, ChiserClient, and Lilith RAT tailored to individual targets. According to our observation, this campaign has been going on for at least over a year now. 

    READ MORE
    Ted Lee
    Trend Micro Threat Researcher
    Vickie Su
    Trend Micro Threat Researcher
    Nick Dai
    Trend Micro Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC APTThreat IntelligenceSupply Chain Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 10:45
    • Tech Briefing

    Peter Fan
    Cyber Security Specialist, CrowdStrike North Asia
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL Intermediate
    SESSION TOPIC Threat IntelligenceThreat Analysis & ProtectionHackers & Threats
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 10:45
    • xSecurity Forum

    精選議程

    精彩內容,敬請期待。

    READ MORE
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate
    SESSION TOPIC CryptographyHardware Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:15 - 11:15
    • FINSEC Forum

    Conee Lin
    Cathay Financial Holdings Co., Ltd Executive Vice President
    Romance Su
    Mega International Commercial Bank Information Security Department / VICE PRESIDENT & DEPUTY GENERAL MANAGER
    Frank Su
    Fubon Financial Chief Information Security Officer
    Dr. Pei-Wen Liu
    First Commercial Bank Executive Vice President and Chief Information Security Officer
    Eric Hsin
    CTBC Financial Holding Executive Vice President
    陳斌
    Chang Hwa Commercial Bank Head Office / Executive Vice President
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL General
    SESSION TOPIC Threat Intelligence Sharing
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 10:50 - 11:15

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:30
    • Cloud Security Forum

    The way to sign-in is transforming! Typing passwords is becoming a legacy method.

    In the B2B world, many systems are still using ID and password to sign-in. However, it is changing rapidly. As more companies use SaaS/cloud services and as those services become more crucial to the business, many companies are now concerned about how securely they can access. Today, not only has the use of MFA(Multi-Factor Authentication) become the “must” method but also there are several new ways of keeping access secure. This session will explain the latest trend of securing access to SaaS and cloud.

    READ MORE
    Go Nakakomi
    HENNGE Taiwan Managing Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL General
    SESSION TOPIC Cloud SecurityAccess ControlMulti-Factor Authentication
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:30

    Attack Surface Management (ASM) & DNS Security: Facts and Challenges for Major Taiwanese Brands.

    ASM (Attack Surface Management) of enterprise information security is an important task for large enterprises around the world in recent years, from using domain names and IP addresses to strengthening their management models and raising them to the information security level. The keynote speech on ASM will reveal how well-known brands in Taiwan handle ASM, and the whole management cycle of ASM will also be explored, with examples from world-renowned financial institutions and Internet service providers.

    READ MORE
    Ching Chiao
    WhoisXMLAPI Senior Advisor
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:30
    • Threat Research Forum

    Tech War: EDR vs Windows Malware

    Because ETW can record detailed and diverse logging information, it has become an important source of information in tools and services such as incident response, antivirus software, and EDR. With a focus on .NET malware, this presentation will discuss how to best leverage ETW to monitor system behavior and detect malicious activity as well as how to identify critical system events, locate key digital forensic evidence of malicious activity, and filter malicious from suspicious activity.

    READ MORE
    Gary Sun
    CyCraft Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC Endpoint SecurityEndpoint Detection & ResponseThreat Analysis & Protection
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:30
    • ISG Forum

    The sustainable Road of Cyber Security of Taipei City Government

    How does Taipei City respond to the diverse governmental organization culture and structure, and how to do a good job of sustainable cyber security operations under the legal compliance of the Cyber Security Law, including management organizations, platforms, exposure management and sustainable cyber security practices, Allow government investment to effectively exert sustainable benefits.

    1. Management organization: government-level cyber security chief committee, government cyber security audit committee, audit tracking review meeting, red and blue team structure.

    2. Management Platform: Threat and Vulnerability Management Platform.

    3.Threat Exposure management: Tier-Model permission control model, firewall information security review.

    4.Sustainable Cyber Security:Secure By Default、Continous Compliance(Cyber Security check and GCB)、DevOps、SOAR。

    READ MORE
    Shih Yu Yang
    Ministry of Health and. Welfare. System Analyst
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL Intermediate
    SESSION TOPIC ComplianceDevSecOpsSecurity by Design
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:20
    • Manufacturing Security Forum

    Equip yourself with XDR solutions for Advanced Threats

    According to the research report, the proportion of the global manufacturing industry attacked by advanced threats has been increasing in recent years. It simply not enough to meet the ever-evolving threats by using the traditional security tools. Organizations require more open and comprehensive solutions that provide deeper visibility, more intelligent automation and situational insights across endpoints, networks, clouds, and applications. This session will introduce you a new approach to threat detection and response: the industry's first comprehensive Extended Detection and Response (XDR) solutions.

    READ MORE
    Ted Liu
    IBM Taiwan Senior Technical Consultant of Software Business Group
    Mike
    Pershing Data Corporation Product Manager
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL General
    SESSION TOPIC Threat ManagementZero Trust ArchitectureData Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:30
    • Blue Team Forum

    DNS security - Hidden Threats: A study on Top 100 Firms in Taiwan

    DNS security is a lesser known and often overlooked field in cybersecurity. Did you know that it only takes a few button presses and commands to completely take over a company’s website or retrieve all their subdomains? DNS vulnerabilities are mind-blowingly naive, easily neglected, ubiquitous, yet surprisingly powerful.

    In this session, we will explore a few common DNS vulnerabilities and their causes, then demonstrate the severity of these issues with a study on the top 100 companies. We hope to raise awareness on DNS security and teach the audience how to detect and fix these issues. 

    READ MORE
    Crystal Wu
    Gimmemeat 成員 Player
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL General
    SESSION TOPIC Cyber ExposureDNS Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:30
    • xSecurity Forum

    Attack surface on Metaverse

    Metaverse is a term that catches a lot of attention lately. Are you keeping up with its pace? This session will start with a discussion of Web3, which is the economic foundation of Metaverse, then moves on to topics such as crypto-currencies, decentralization, and their connection with Metaverse, rounding out with foreseeable attacks.

    READ MORE
    Sam Ku
    Trend Micro Head of Metaverse Security
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL General
    SESSION TOPIC BlockchainFraud Prevention
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:30
    • Supply Chain Security Forum

    Gordian knot - Globalization of Supply Chain

    Nowadays, the cooperation of the global supply chain is as complex as the Gordian knot in ancient Greek mythology, but today, unlike Alexander the Great in ancient times, we do not have the ability to cut off problems with a single sword. Therefore, how to deal with effective management and examination of cyber supply chain security has always been the goal of enterprises. This agenda will focus on providing corresponding solutions for the strengthening of third-party cyber security risk management.

    READ MORE
    Evelyn Tseng
    iSecurity Inc. Pre-Sales Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL General
    SESSION TOPIC Supply Chain SecurityCyber Supply Chain SecurityCyber Supply Chain
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:30
    • Ransomware Solution Forum

    Tom
    TeamT5 Cyber Security Consultant
    zha0
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL General
    SESSION TOPIC RansomwareIncident Response
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:00 - 11:30
    • Zero Trust Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:15 - 11:35
    • FINSEC Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL Intermediate
    SESSION TOPIC Digital Transformation
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:20 - 11:50
    • Manufacturing Security Forum

    Practical Attack Vectors and Their Ideal Defensive Strategies for Critical Manufacturing

    In this talk, we surveyed firsthand many real ICS and SCADA systems, performing penetration testing on several of them. We counted the attack vectors present in this real ICS environment. In our presentation, we will share serveral real-world ICS and SCADA examples on Critical Manufacturing. We will also give a behind-the-scenes view (starting with real-world ICS security assessment) based on different ICS/SCADA systems in several CI sectors. Finally, we will provide serveral sample attack demos. We recreated these in our lab to demonstrate the attacks against real-world ICS equipment in-depth. We will also review 6 common defense strategies to help secure an ICS environment. We believe that such an analysis will help the enhancement of subsequent defense strategies.

    READ MORE
    Mars Cheng
    TXOne Networks Manager, PSIRT and Threat Research
    Canaan Kao
    TXOne Networks Inc. Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL Intermediate
    SESSION TOPIC ICS/SCADA SecurityRed TeamCritical Infrastructure Protection
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:35 - 12:05
    • FINSEC Forum

    供應鏈攻擊手法解析與抵禦之道

    Technology powers everything in our lives from our personal day-to-day lives to the day-to-day operations of the world’s largest industries and enterprises. Supply chain attacks pose grave risk as their impact is far more reaching and their damage far more severe than ever before.

    In Nov 2021, it was reported that several well-known securities firms—as well as Taiwan’s greater financial sector—were targeted by credential stuffing attacks. However, an in-depth digital forensic investigation and detailed malware analysis by CyCraft concluded that the China-sponsored threat group APT10 had launched this series of sophisticated intrusions by exploiting one supply chain vulnerability, affecting multiple Taiwan institutions across the financial sector.

    In this talk, we will share our forensic investigation results into this novel attack, including analyses of the leveraged tools, attack techniques, and malware. We will also discuss what this new attack behavior in China-state threat groups means for Taiwan, our financial institutions, and Taiwan’s cyber defense strategies against supply chain attacks.

    READ MORE
    Jeremy Chiu / Birdman
    CyCraft Technology Corporation Founder & CTO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL Intermediate
    SESSION TOPIC Cyber Supply Chain SecurityBlue TeamFinTech
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 12:15
    • Tech Briefing

    Daniel LIU
    Onward Security Corporation CTO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General
    SESSION TOPIC Governance Risk & CompliancePenetration TestingCyber Supply Chain Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 12:15
    • xSecurity Forum

    Research on the Security of Smart Contracts in Decentralized Financial Applications

    Decentralized finance began to flourish in the second half of 2020, and information security incidents broke out one after another, mainly related to code security.This research intends to use the current attack process of various common DeFi projects to analyze the vulnerabilities, including flash loans, oracles, governance projects, etc., and provide smart contract security writing or solutions for cases, so that decentralized financial projects can be more intelligent The contract part can fundamentally slow down attacks from outside.

    READ MORE
    Alice Hsu
    Trend Micro Metaverse Security / Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate
    SESSION TOPIC BlockchainCryptography
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 12:15
    • Blue Team Forum

    AD Security and Maintenance: Cumulative Assessment of AD Security Issues and Expanding Security Boundaries

    Cybercriminals are capable of penetrating your defenses, accessing your Active Directory (AD), and planting backdoors to maintain persistence. This presentation covers traditional AD attack methods, explains the root causes of AD vulnerabilities, and goes into more recent AD attack methods observed in real-world security incidents. By better understanding the breadth of AD attack techniques, AD managers and defenders can better defend against active and emerging security threats. 

    READ MORE
    John Jiang
    CyCraft Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL Advanced
    SESSION TOPIC Incident ResponseHackers & ThreatsThreat Analysis & Protection
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 12:15
    • Threat Research Forum

    There's no S(Security) in macOS SIP

    Ta-Lun Yen
    TXOne Networks Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC Exploit of VulnerabilityMalware Protection
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 13:45

    Security! The website has been hacked again!

    The security flaws seem to be unrelated, yet altogether could cause a catastrophe? Vulnerabilities already patched, yet your website is still constantly hacked? Let the cybersecurity consultant with years of real-world experience from CHT Security share with you. Common website offensive techniques and countermeasures will be explained. You will also learn how to uncover root cause and block hackers from the defensive web via hands-on lab.

    (Suitable for: website administrator/system developer/those interested in information security)

    WANG, Kai-Ching
    CHT Security Cybersecurity Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702C
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 13:45

    We found the problem, then what ? How to effectively reduce the risk after vulnerability scanning and penetration testing

    This lab will focus on security problems that cannot be solved by software updates. We choose some common website security issues as examples. After analyzing root cause of issues. First try to modify the code from the inside to solve the problem, and try to solve the problem. Block the problem from the outside, and use a series of implementations to understand the common handling methods of vulnerabilities in practice and the impact on the original service. The goal is to help who are begin to fix security issues after completing a vulnerability scan or penetration test.

    Nick
    Cymetrics Security Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4C
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 13:45

    What is threat intel about anyways?

    What is threat intelligence about? What do the researchers do exactly? Where do I even begin looking into malware? All and more will be answered in our lab session!

    Still Hsu
    TeamT5 Cyber-threat Intelligence Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4D
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 13:45

    Practical Threat Hunting

    This course will introduce attendees to the basics of threat analysis, threat detection and designing behavioral solutions. Attendees will learn to perform threat hunting to facing red-team tactics. To keep the attendees focus on hunting thread, we leverage open source tool to design our behavioral solutions.

    Will
    Team T5 R&D Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    702AB
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 12:15
    • Supply Chain Security Forum

    Software Supply Chain Attacks and Weaponization - Open Source Software and Mitigation Strategies

    Take a look at the supply chain attack solutions offered by vendors and review recent months of supply chain attacks.

    READ MORE
    Ant Yi-Feng Tzeng
    TGONetworks Taipei Chapter Member
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate
    SESSION TOPIC Supply Chain SecurityCyber Supply ChainCyber Supply Chain Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 12:15
    • Ransomware Solution Forum

    Interpret REvil Ransomware Defense Using MITRE ATT&CK Framework

    This session provides introduction to the MITRE ATT&CK Framework and how to analyze notoriously REvil Ransomware based on this framework.

    Lastly, MITRE ATT&CK Framework's defense will be covered. 

    READ MORE
    Billy
    Crypto.com 資安工程師
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL Intermediate
    SESSION TOPIC MITRE ATT&CK
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 12:15
    • Zero Trust Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 12:15
    • ISG Forum

    Business Continuity & Cyber Resilience in Digital Transformation

    In this agenda, lecturers share the current status of digital transformation in the industry, as well as the trends in business continuity management regulations and corporate response trends, and discuss current corporate challenges and put forward suggestions, hoping to enable companies to promote operational transformation while also taking into account risk management.

    READ MORE
    Christina Tseng
    EY Consulting Managing Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL General
    SESSION TOPIC Cyber ResilienceBusiness Continuity & Disaster Recovery
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 11:45 - 12:15
    • Cloud Security Forum

    How to Build a Secure network Platform on AWS

    This session are talking about creating a cloud network and security architecture that meets requirements for scale, performance and automation.

    We will introduce for creating a cloud architecture, how to design network subnet and what benefit with IAM in AWS. This will take into account critical operational and autoscaling and troubleshooting requirements.

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL Intermediate
    SESSION TOPIC Cloud SecuritySecurity by Design
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 13:30 - 14:30

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30
    • Tech Briefing

    數位身分識別與存取管理策略藍圖

    Enterprises are facing great challenges due to the epidemic, but they are also accelerating the pace of digital transformation. In the post-epidemic era, while applying emerging technologies to sustainably operate, they should also pay attention to the importance of identity identification and access management. Enterprises should properly define and manage the identity role of each network user and the access rights of the resources required, and manage the access rights of the resources required by the identity role life cycle, and implement privileged account management and identity governance. and customer identification and access management.

    READ MORE
    Chris Chen
    Deloitte Taiwan VP
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL Intermediate
    SESSION TOPIC Identity Governance
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30
    • OT Security Forum

    Declare war against Cyberattack!A practical guide toward Cyber Security responsibility of Level-B.

    The agenda makes an outline with the matters about the specific non-goverment agency of Cyber Security responsibility of Level-B. By sharing experiences and recommanding useful tips, lecturer will analyze the system aspect conducted.

    READ MORE
    Caron Oran
    State-Owned Enterprises Computer and Information Security Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL General
    SESSION TOPIC LawISO 27001
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30
    • Ransomware Solution Forum

    No More Ransomware in Critical Infrastructure!

    Attacks on critical infrastructure are becoming more and more rampant, especially since 2019. Ransomware has become a necessary subject of study for stakeholders and personnel, and has also had a substantial operational impact on industrial control system (ICS) environments. The continuous evolution of ransomware and the peculiarities of the ICS environment make it difficult to ensure that ICSes are protected from ransomware attacks under operating conditions. In this talk, in addition to in-depth analysis of the ransomware behaviors and ransomware-related techniques that have affected ICS environments, we also propose effective defense methods and strategies perfected to ICS environments to strengthen protection against ransomware.

    READ MORE
    Mars Cheng
    TXOne Networks Manager, PSIRT and Threat Research
    Hank Chen
    TXOne Networks Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL Intermediate
    SESSION TOPIC RansomwareICS/SCADA SecurityThreat Detection & Response
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30
    • Threat Research Forum

    Attacking Web without JavaScript - CSS injection

    When speaking of web security in front-end, XSS is the first thing that comes to mind. But, even without JavaScript, the attacker can still use other attack vectors like HTML injection and CSS injection! 

    READ MORE
    Cymetrics Cymetrics Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC Web SecurityWeb Service SecuritySide-chanel Attack
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30
    • Red Team Forum

    How to use Red Team Assessment properly?

    Allen Own
    DEVCORE CEO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL Intermediate
    SESSION TOPIC Red TeamPenetration TestingRisk Assessment
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30
    • Blue Team Forum

    The Imitation Game: From Christopher to Modern Warfare

    In today's asymmetric cyberwarfare, how do you decipher the concepts and methods behind hackers' techniques, or even their targets? And how do security teams demonstrate their value by ramping up their defenses through higher accuracy intelligence and resources? This session will show you how to decipher hackers' attack patterns across different time and locations in order to defend against such attack.

    READ MORE
    Trend Micro Technical Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL General
    SESSION TOPIC Blue TeamThreat Intelligence SharingRansomware
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30
    • xSecurity Forum

    Mandarin-language Information Operations Regarding Russia’s Invasion of Ukraine

    In this speech, we take the Chinese and Russian media combining the Azov Battalion with Hong Kong's "Anti-ELAB Movement" as an example to illustrate how China and Russia cooperate to spread disinformation to the Mandarin-speaking world and influence the attitudes of Chinese readers. In addition, we also analyze Weibo and Facebook's data from February 22 to March 8, with "Nazis" and "Azov Battalion" as keywords, to see the trends on different platforms.

    READ MORE
    Jerry
    Doublethink Lab Analyst
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL General
    SESSION TOPIC Information OperationDisinformation
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:00 - 14:30
    • FINSEC Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:30 - 16:30

    Automatic IoT Firmware Emulation and Dynamic Analysis

    Dyanmic analysis is a useful solution for malware analysis while the complicated IoT hardware architecture and peripherals make automatic emulation of IoT devices challenging. This course will focus on how to apply recent firmware rehosting technologies (such as Firmadyne, FirmAE) to operate commerical firmware in emulated IoT systems. Moreove, we will introduce well known vulnerability discoverying tools to enable dynamic analysis to the emulated IoT devices.

    Shin-Ming Cheng
    National Taiwan University of Sciecne and Technology Professor, Department of Computer Science and Information Engineering
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4C
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:30 - 16:30

    What is threat intel about anyways?

    What is threat intelligence about? What do the researchers do exactly? Where do I even begin looking into malware? All and more will be answered in our lab session!

    Still Hsu
    TeamT5 Cyber-threat Intelligence Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4D
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:30 - 14:55

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15
    • Blue Team Forum

    Why is MITRE Promoting the Engage Framework?

    With the help of MITRE ATT&CK, EDR technologies have improved steadily over the last few years to their current level of high maturity and sophistication. According to MITRE evaluation results, many vendors can now detect 80%, 90% of the steps of simulated attacks, while the best performing vendor can even provide 100% coverage. It is indeed a great achievement. However, in real-world scenarios, there will be a lot of noise that the attackers can leverage to hide their operation, and the task of detecting attackers is similar to “looking for a needle in a haystack.” This is the main reason why MITRE is now promoting the new Engage Framework, an active defense thinking to engage with the attackers in real-time, accurately detect their presence at very early stage of the security breach, and then cut them off to prevent damage to enterprise.

    READ MORE
    Dr. Cheng Kun Wang
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL General
    SESSION TOPIC Breach DetectionAdvanced Threat ProtectionRansomware
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15
    • AI Security Forum

    AI meets MITRE ATT&CK: Let's capture the tactics, techniques, and procedures (TTPs) of threat actors

    In this talk, I will share my experience in malware behavior analysis (MAMBA) using neural networks and MITRE ATT&CK framework for understand the tactics, techniques and procedure of malware. Help security analysts to better understand the captured malicious behavior, the associated API calls and manipulated system resources constitute observable evidence.

    READ MORE
    Yi-Ting Huang
    National Taiwan University of Science and Technology Department of Electrical Engineering / Assistant Professor
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL Intermediate
    SESSION TOPIC MITRE ATT&CKBehavioral Analytics
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15
    • Red Team Forum

    Experience sharing of red teaming project

    In recent years, “Red Team Assessment” has been adopted across different industries as a method of assessing an organization’s ability to handle hackers’ attacks in their production environment. But it is hard to know how to prepare for the assessment and what kind of mindset to have before implement the assessment. The service providers are always eloquent about their red team assessment. But is it really that safe as they say? Would there be any accident happens during the assessment? We invite personnel who works in finance industry and conducted the red team assessment to share his experience.

    READ MORE
    OLAF
    Manager,Information Security Department
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL General
    SESSION TOPIC Red TeamVulnerability AssessmentBlue Team
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15
    • Threat Research Forum

    Building Next-Generation Semantic-aware Signature Engine from Disassembly

    In the era of endless new exploits, Active Defense of Antivirus have already collapsed. Also, the efficient Static Scan is the most important feature of modern antivirus against malware, designed to provide AV/EDR with the ability to detect immediately when it discovers an unknown file that is or is not a known threat, so as to avoid infection.

    This technique has evolved from the originally file hash fingerprint, to the now well-known pattern matching (YARA), and even the heuristic-based ML methods to produce patterns automatically against high variant samples as much as possible.

    As a result, hackers have advanced their pattern-bypassing tactics to identify and remove anti-virus signature in no time. This allows variant-enhanced malware in the wild to increase rather than decrease even against state-of-the-art AI based detections. However, do we want such detection techniques that chase behind attackers? The blame goes to the fact that classic pattern matching design never considers semantics of execution behavior, making it easy for hackers to bypass.

    In this session, we will talk about how the latest variant samples can beat the major pattern matching techniques heavily with simple tricks such as obfuscation, FLA (OLLVM) and RC4 encryption.

    To fight against this, we will present a next-generation static scanning idea. Instead of optical scanning of files, a full set of decompilers will be built in to analyze all the static functions in a program file and use symbolic definition of malicious functions to achieve a semantic-aware malware detection engine. Researchers can elastically define malware templates and use this engine to perform excellent detection results on multiple heavily obfuscated samples.

    READ MORE
    Sheng-Hao Ma
    TXOne Networks Threat Researcher
    Hank Chen
    TXOne Networks Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL General
    SESSION TOPIC Malware ProtectionWindowsReversing
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15
    • Tech Briefing

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15
    • OT Security Forum

    The Data Distribution Service (DDS) Protocol is Critical: Let's Use it Securely!

    In this research, we discovered and disclosed multiple vulnerabilities in most of the DDS (Data Distrubiton Service) implementations. DDS enables crucial technologies, such as autonomous driving, military tactical systems, or time-sensitive machineries. We approached DDS from the bottom up, and we'll show you how we dissected, fuzzing with and without source code, then found multiple vulnerabilities within it, including a standard-level vulnerability and others, including remote code execution and DoS.

    READ MORE
    Ta-Lun Yen
    TXOne Networks Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL Intermediate
    SESSION TOPIC OT SecurityNetwork Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15
    • xSecurity Forum

    Dramatic rise in fraud and scam complaints

    1. How Is Digital Fraud Becoming More Sophisticated As Technology Advances?

    2. How to spot a scam with new information technology.

    READ MORE
    Paul Liu
    Trend Micro Director of Global Consumer Market Development and Marketing
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL General
    SESSION TOPIC Cyber CriminalFake newsFraud Protection
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15
    • Ransomware Solution Forum

    Peter Fan
    Cyber Security Specialist, CrowdStrike North Asia
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL Intermediate
    SESSION TOPIC RansomwareEndpoint Detection & ResponseSecurity Strategy
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 14:45 - 15:15
    • FINSEC Forum

    Cyber Angle of Russian Ukrainian Conflict

    This presentation shares insights on the cyber angle of a military conflict that unfortunately takes place on the territory of Ukraine. From insights into disinformation campaigns to denial of service and targeted attacks on both sides, this presentation dives into the nature of the cyber conflict and illustrates it with a number of case studies, sharing tools and methods that could be used to analyze, detect, and possibly prevent or minimize impact from such activities.

    READ MORE
    Fyodor Yarochkin
    Trend Micro Senior threat analyst
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL Intermediate
    SESSION TOPIC Disinformation
    SESSION TYPE Onsite LANGUAGE English / Chinese
    • 9/22 14:55 - 15:20

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:20 - 15:40

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:20 - 15:45

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:30 - 16:00
    • FINSEC Forum

    The gap between realistic risk and ATT&CK

    With the widespread use of ATT&CK, companies have begun to use it to assess current threats and priorities for hardening. However, enterprises should not just use these TTPs to infer the risks of the enterprise, which may fall into the misunderstanding of the cause and effect, and then ignore the existence of more high-risk vulnerabilities that are easily exploited. This talk will share thinking and suggested ways of using ATT&CK correctly to reduce the risk of misplaced defense resources by chasing potential attackers aimlessly

    READ MORE
    Allen Own
    DEVCORE CEO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701A
    LEVEL Intermediate
    SESSION TOPIC MITRE ATT&CKSecurity StrategyRed Team
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:40 - 16:00

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:15
    • AI Security Forum

    Detect industrial control system security over HMI image process

    Since fieldbus still accounts for a part of proportion of ICS, this makes it hardly for them to deploy Ethernet based security products. This research will be targeting Windows base HMI. The concept of research including using image process and machine learning technique, finding the relation of figures and graphs to detect system security. In addition, we will share how we build our system and demo how the system work, we also propose strategies for mitigation of cyber intrusion.

    READ MORE
    Yenting Lee
    TXOne Networks Threat Researcher
    Patrick Kuo
    TXOne Networks Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL General
    SESSION TOPIC ICS/SCADA SecurityIntrusion DetectionMachine Learning
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:15
    • Supply Chain Security Forum

    The Last Mile in Product Security: Incident Response and SBOM

    Opensource libraries could be able to assist manufacturers to save the development resource , but it may also be the weakness that make your products be hacked. In this session, we will introduce how to utilize the software bill of materials (SBOM) to manage the open source libraries. In addition, in the era of millions of vulnerabilities, this session also explains how to correctly handle and respond the product cybersecurity incidents.

    READ MORE
    Daniel LIU
    Onward Security Corporation CTO
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate
    SESSION TOPIC PSIRTSecurity Development LifecycleIoT Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:15
    • Threat Research Forum

    Prototype Pollution From Zero to One

    Peter Chi
    TAIWAN RAKUTEN ICHIBA, INC. Cyber Security Defense Department / Team Leader
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4A
    LEVEL Intermediate
    SESSION TOPIC Application SecurityRed TeamWeb Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:15
    • Red Team Forum

    Domain slayer- infiltrating the Enterprise District

    In the second half year of 2021 several critical vulnerabilities were found among active directories. From Printnightmare to sam-the-admin, the speaker will share the offensive techniques and the trending lateral movement technique, Living Off the Land Binaries, Scripts and Libraries (LOLBAS). Faced with layers of defense, hackers have turned to adopt this technique; simply put, using materials at hand, and directly bypassing defensive mechanism. The speaker aspires to promote world peace and to enable security staff to leave office early instead of taking the blame for others.

    READ MORE
    hans
    CHT Security Senior Consultant
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL Intermediate
    SESSION TOPIC Red TeamPenetration TestingMITRE ATT&CK
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:15
    • Blue Team Forum

    What is Threat Hunting?

    A security event is a change in the everyday operations of a network or information technology service indicating that a security policy may have been violated or a security safeguard may have failed.

    In a computing context, events include any identifiable occurrence that has significance for system hardware or software.

    This talk wants to redefine security events are those that may have significance to the security of systems or data.

    READ MORE
    MING-CHIEH PAN (Nanika)
    TeamT5 Chief Architect
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    4B
    LEVEL Intermediate
    SESSION TOPIC Threat HuntingIncident Response
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:15

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL General SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:15
    • OT Security Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:15
    • Ransomware Solution Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL General
    SESSION TOPIC RansomwareCloud SecurityData Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:15
    • xSecurity Forum

    Security Risks in DeFi

    There are lots of DeFi security incidents that happened in 2022. Besides some big incidents such as Ronin and Wormhole, more than one DeFi security incident happens almost every week and loses millions of dollars. In this topic, we will analyze different kinds of DeFi security incidents in 2022, introduce most recently used attacks, and introduce misuse in development.

    READ MORE
    Ysc
    Secview Founder
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate
    SESSION TOPIC BlockchainFinTech
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 15:45 - 16:10

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    Cyber Talent
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 16:00 - 16:30

    Freddy Lee
    KPMG Cybersecurity Services / Associate Director
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701B
    LEVEL Intermediate
    SESSION TOPIC Governance Risk & ComplianceRisk ManagementStandards
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 16:30 - 17:00
    • OT Security Forum

    Mars Cheng
    TXOne Networks Manager, PSIRT and Threat Research
    Selmon Yang
    TXOne Networks Staff Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    703
    LEVEL Advanced
    SESSION TOPIC ICS/SCADA SecurityExploit of VulnerabilityProtocol Analysis
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 16:30 - 17:00
    • Red Team Forum

    I Defend against Your Defense: LSALSASSUSELESS ;)

    It is a well-known story that hackers are moving laterally inside organizations through Mimikatz for password theft and Credential Dumping in large cyber-army APT operations across countries.


    The specifics of this technique entail a variety of high-risk behaviors, including privilege escation, accessing LSASS, and memory dumping, and so on. The major endpoint security products will undoubtedly claim that they can detect and prevent such attacks, but this is not the case.


    In this session, we will focus on the tactics of password theft and take an overview of the security solutions used by modern enterprises. And to demonstrate the attacker's point of view with the Project Zero attack practice How to break each one. The end of the session will provide multiple Proof of Concept, suggestions of mitigation, and advice on selecting protection solutions. 

    READ MORE
    Sheng-Hao Ma
    TXOne Networks Threat Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701F
    LEVEL Advanced
    SESSION TOPIC Malware ProtectionCyberwarfareExploit of Vulnerability
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 16:30 - 17:00
    • Supply Chain Security Forum

    Open Source Vulnerabilities

    Open Source Developer Experience Sharing - Managing Open Source Vulnerabilities through the Product Development Process

    READ MORE
    SZ Lin
    Bureau Veritas Cybersecurity Chief Expert
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701G
    LEVEL Intermediate
    SESSION TOPIC Vulnerability ManagementSupply Chain SecuritySecurity Development Lifecycle
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 16:30 - 17:00
    • AI Security Forum

    Detecting Obfuscated Malware: Pushing the Frontiers of Machine Learning

    The application of machine learning in malware detection and response has been at the forefront of cybersecurity research for decades. More and more research papers in this field achieve results that effectively push research and application forward with most malware detection engines leveraging machine learning algorithms. In this presentation, we will share our methodology and results from evaluating various algorithms and their effectiveness against real-world obfuscation techniques used by attackers in the wild.

    READ MORE
    CK Chen
    CyCraft Senior Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701D
    LEVEL Advanced
    SESSION TOPIC Reverse EngineeringMachine LearningAI Security
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 16:30 - 17:00
    • Ransomware Solution Forum

    Winning the War Against Ransomware: Mass Automated Malware Sequencing & Analysis

    In this presentation, we will discuss our in-depth analysis of ransomware behavior, summarize several key behavior characteristics, our uniquely customized sandbox used for analysis, and propose our new and more effective methods of ransomware detection and mitigation.

    READ MORE
    Alien Chao
    CyCraft Cyber Security Researcher
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701C
    LEVEL Intermediate
    SESSION TOPIC RansomwareReverse Engineering
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 16:30 - 17:00

    Android native library reverse engineering and countermeasures

    Android application code protection consists of two types including Java layer and native layer. Java code protection has been well studied and most developers already know how to protect Java code from reverse engineering by using obfuscation or packers. However, there are relatively few studies on native layer code protection. In this session, we will introduce some techniques and countermeasures for native library reverse engineering, which will help developers improve the code protection on native layer.

    READ MORE
    Jason Wang
    Fourdesire Senior Security Engineer
    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701E
    LEVEL Advanced
    SESSION TOPIC Mobile SecurityReverse EngineeringSecure Coding
    SESSION TYPE Onsite LANGUAGE Chinese
    • 9/22 16:30 - 17:00
    • xSecurity Forum

    LOCATION Taipei Nangang Exhibition Center, Hall 2
    701H
    LEVEL Intermediate SESSION TYPE Onsite LANGUAGE Chinese