Upload
vanminh
View
219
Download
1
Embed Size (px)
Citation preview
CHEMA “BeanieHat” ALONSO
CDO (Chief Data Officer)
at Telefónica
YAIZA “SweetSmile” RUBIO
Intelligence Analyst at ElevenPaths
"Persistent innovation”
3
Creating a Number 1(1)
Lab:Composers,
lyrics, riff, etc..
Festival Organizers
The Rock Band: Artistssingers, keyboards,
drummers, guitars, etc..
Product:Product Warriors
Managers: 0B’s
6
The new FOCA has evolved
Track #1: FOCA Is Now Open Source
The community of users and developers of thenew FOCA will have lots of reasons to contribute on Github:
An updated design
Easier to understand and to upgrade
New search engines and discovery tools
A plugin Marketplace to extend its functionalitieshttps://github.com/ElevenPaths/FOCA
7
STRATEGIC PENTESTING
Persistent pentesting in the cloudand verified by SOC
Vulnerability management workflowwith remediation as virtual patchingwith Fortinet & F5
SID 2013
WORDPRESS
Vertical approach for WordPressvulnerability scannig
Auto-Managed feature by client
TODAY
The evolution of persistent pentesting
Track #2: Faast for WordPress
2008 – “Pentesting Driven by FOCA”
HIPSTER PENTESTING
Automation of tasks by a pentester
Discover existing assets and metadata
2013 – “Advanced Persistent Pentesting” 2017 – “Pentesting as a Service”
8
Scan vulnerabilities in the most popular CMS
Track #2: Faast for WordPress
Overflow
File inclusion
Memory Corruption
Code Execution
BypassXSS
Http response splitting
Directory Transversal
Information Exfiltration
Thus, they need to be up-to-date of all major WordPress attacks and also discover new targeted attacks:
Wordpress Core Third Party Plugins
Wordpress Themes Webserver Configuration
11
Configure your security infraestructura easily
Track #4: Security Portal
Small businesses have beenthe target of a cyberattack
Data leaks impact negativelyon revenues and reputation
37% of small business havenot securty measures
A SME can address certain securityissues without needing an expert
NERLIM Joint venture
A Nerlim solution where you can configure your network easily
Analyze and clean your files
Simpler and safer login
Second factor authentication
12
Track #5: “Code Name” Niji
HGUCleanPipes Awazza Alot Tuenti Data Transparency
Lab
McAfeeAlliance
2015 2016 2017
13
Track #6: Acquisition of SignB0X from Factum IT
2014 2015 2016 2017
SHADOWALGORITMOS BIOMÉTRICOS
DE UC3M
2013
SEALSIGN
ENGINE
BIOSIGNATURE
CENTRAL KEY CONTROL
eARCHIVE
METASHIELD
LATCH
SIGNBOX
FACTUM
14
New module that complements SealSign®
Track #6: Acquisition of SignBOX from Factum IT
Web app where users receive all documentsthat they have pending to sign using aninterface that looks like a mailbox.
Incorporate SealSign Engine Enterprise as an electronic signature engine.
Manage a list of documents easily.
Create workflows by associating userswith each step.
Include documents in an automatedway.
Other advanced options such as delegating signatures or defining rules.
16
Track #7: Managing the shadow datalake [PATH 8]
Integrity Bad reputation RepeatableTraceabilityConfidential inforevealed
Provide in document management ElevenPaths’ technologycapabilities with third parties.
Collect and generate indicators to improve the security andcontrol of the information.
17
Towards a more cybersecured future
Track #8: Working on the new records
Wifi Passwordless& Secure System
Automatic Notarization of
Paper Documents
Deep Web Crawling (Path7)
Magnetic Token
User authentication and encryption method for
SOHO environments thatmerges random, temporal
and biometric factors
A Blockchain-basedregistration of paper
documents that leaves a verifiable watermark
trace of the result
Automatic Deep Web crawling with entity
extraction and validatedrelationships with
Surface web content
Usage of the movementof a ferromagnetic tokenfor user authentication
or access control
As long as people keep listening to us…
…we will go on playing
CHEMA “BeanieHat” ALONSO
CDO (Chief Data Officer) at Telefónica
YAIZA “SweetSmile” RUBIO
Intelligence Analyst at ElevenPaths
elevenpaths.com
¡Síguenos en nuestras redes sociales y entérate de todo!