Events

It started with selling hacking tools – and now it’s about selling access and so much more.  

Cyber criminals have changed their tactics once again – and it’s giving more scale to compromises, initial access and attacks. 

Find out what your organizations is up against, what you need to do to protect it and what one education business did to survive and thrive. 

Speakers:

• Jack Fowler, Head of Information & Cyber Security, Harris Federation 
• Stephen Robinson, Senior Threat Intelligence Analyst, WithSecure
• Katie Inns, Security Consultant, WithSecure

WIN a Briefings Pass: take part in our WithSecure CTF competition to stand a chance of winning a ticket to BlackHat Asia 2023!
(Entry details to be released soon.)

Black Hat provides attendees with the latest in research, development, and trends in Information Security. Here the brightest professionals and researchers in the industry come together for a total of four days - two or four days of deeply technical hands-on trainings, followed by two days of the latest research and vulnerability disclosures in the Briefings. Black Hat Asia will be a live, in-person event in Singapore, followed one week later by a Virtual Experience including recordings of all Briefings and Sponsored Sessions.

Venue: Marina Bay Sands, Sands Expo and Convention Center, Level Four, 10 Bayfront Avenue, Singapore 018956

WithSecure booth: B08

The SPHERE unconference is a one-of-a-kind event taking place in Helsinki, Finland and broadcast live to the world on May 24–25, 2023. Join us for 2 solid days of inspiration and out-of-the-box thinking!

Join Christine Bejerasco, Chief Information Security Officer at WithSecure and featured speaker Laura Koetzle, VP, Group Director at Forrester, and, for insiders’ look at why so many organizations are making the move to outcome-based cyber security. ​

Make sure to confirm your spot at our exclusive webinar!

The 11th Edition of the New York Cyber Security Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

WithSecure will be exhibiting and participating on the afternoon panel discussion concerning Data Privacy, Compliance & Identity Protection – Implications for Cyber Security Leaders and Their Enterprises. 

Register by March 20 and use code WITHSECURE23 for FREE admission. 

Venue: Sheraton New York Times Square Hotel
811 7th Avenue, W 53rd Street
New York, NY, 10019

Our most recent flagship event took place in March 2023. Together with our partners and clients, we considered upgrading security mindsets in ever changing technology and security landscapes. For those that could not attend in person, you can find the recordings of the presentations below. 

We are delighted to be Silver sponsors at 2023’s SinCon event. Our CTF challenge will kick off on 4^th January at 10:00am SGT, you have to be registered to take part. Find your ticket here.  Or pop along to our stand to chat to the team and pick up some swag.

SinCon brings top cybersecurity leaders and experts from both the East and West together to share and discuss deep technical topics and insights, to build and advance the region’s cyber security capabilities and capacity.

Find out more https://www.infosec-city.com/about

This course, delivered by Sven Schleier, teaches you how to analyze Android and iOS apps for security vulnerabilities by going through the different phases of testing, including dynamic testing, static analysis and reverse engineering. Sven will share his experience and many small tips and tricks to attack mobile apps that he has collected throughout his career and bug-hunting adventures.

WithSecure will be attending the much anticipated CRN MSP Transform event in London. Our experts will discuss the concept of outcome-based security and what this means in practice with out partners and customers.

We’d love to meet with you at this event. Should you wish to book a meeting with us, please provide us with your details here.

MSP Transform is FREE to attend for professionals from MSPs and IT reseller organisations. We look forward to seeing you there!

WithSecure will be exhibiting at SecureWorld in New York and we’d love to meet you there.

Join your fellow InfoSec professionals for high-quality training and collaboration, attend featured keynotes, panel discussions, breakout sessions, and networking opportunities.

Should you wish to book a meeting with us or obtain a free entry pass, please provide us with your details here.

Join us for a live fireside chat with Mikko Hypponen, Chief Research Officer at WithSecure, as we discuss his predictions for the future of the internet and its transformative potential

This is Dreamforce’s 20^th anniversary, and we couldn’t miss the party. WithSecure is exhibiting for the first time and we’re proud to be a groundbreaker sponsor of the event. Join us at booth 827 as we conduct hourly presentations on upcoming cyber threats and how to secure the Salesforce Cloud.

WithSecure is proud to exhibit at the Midsize Enterprise Summit, the only event solely dedicated to midmarket IT executives who are leading their organizations through tremendous changes in this "new normal".

Are you ready to be the Ship’s Captain and sailing through the realm of Kubernetes? Kubernetes, also known as K8s is an open-source tool that is widely used by organisations for automating deployment, scaling, and management of containerized applications.

This course will guide you through an exciting journey of getting to know the fundamentals of K8s. Participants who have no prior knowledge in K8s or containerization technology are most welcome as we will be teaching you some of the basic and core concepts of a K8s cluster such as pod deployment, cluster networking and Role-Based Access Control (RBAC). Besides, the security element of each concept will also be presented during the workshop.

These concepts serve as a good starting point for someone who is new to this domain and would want to go deeper into this area. We will also navigate you through various hands-on sessions, that allows you to use tools we normally use when dealing with K8s. You will also be able to learn to identify security misconfiguration that could happen within a K8s cluster and follow the best practices to secure a K8s environment.

By the end of this workshop, you will have a better understanding of what K8s is, how K8s operates and the core components that are supporting K8s. You will also learn how to use CLI tools, such as kubectl to interact with a k8s cluster. Last but not least, you will also learn some of the basic security concepts that are critical in securing a K8s cluster.

In our latest client briefing, you’ll learn more about:

• How the threat landscape has changed and what it currently looks like
• The latest cyber threats, attacks, and trends
• Cyber security best practices for effective operations and high compliance
• Outcome based security solutions to manage new vulnerabilities and mitigate attacks

WithSecure is exhibiting at MSP Summit where our channel team will be ready to network with current and new channel partners. This event will be filled with peer group discussions, roundtable sessions, and workshops on critical channel topics including Channel M&A, changing business models, strategic marketing for leaders, and leadership secrets from winning MSP businesses.

Register with code WITHSECURE to save $100 on your conference pass, or receive a free expo-only pass.

Digital supply chain threats are high on the security agenda in 2022 and based on Salesforce research “third-party security management” is a top concern for IT-leaders this year.

The next major cyber attack is imminent, but what will it look like and where could it come from? Join our webinar to discover what we have learned from previous attacks such as Log4j, the ways in which we can prevent future attacks from happening, and how WithSecure Intelligence its playing its part in creating a safer supply chain.

Protecting - and being protected by - your customers and suppliers is of paramount importance. Lately, supply chain cyber attacks have made headlines. This webinar will look at practical, concrete actions you can take to defend your organization - as well as your supply chain partners - from cyber compromise.

Training: How to Find Vulnerabilities in Android Apps – Developer Edition, delivered by Sven Schleier

Vulnerabilities can be manifold and everywhere, in your repo, in your APK or when using the app. This workshop will guide you on how to start embedding methodologies and open-source security tools into your SDLC to catch the "low-hanging fruit" early and have continuous security scans in your pipeline.

BlueTeam Con: SaaSy detection: purple teaming Software-as-a-Service platforms, presented by Nick Jones and Chris Philipov 

This talk presents an approach to developing attack detection capability across cloud-based Software as a Service (SaaS) solutions. This approach is drawn from real world experience across a wide variety of enterprise environments and focuses on the use of purple team methodologies to identify and execute likely attack paths, evaluate telemetry and build effective detections.

Historically cloud security research has focused on cloud infrastructure providers, but the use of SaaS solutions has increased dramatically, and become deeply ingrained in how organizations operate day-to-day. Microsoft 365, GitHub, and Slack are good examples of SaaS solutions used by the majority of organizations today. The fast-paced development of these new technologies has seen a divergent approach to security within the solutions themselves. Perhaps more notably, organizations' rapid adoption of these technologies has seen engineering efforts far outpace security development and understanding.

Over the past 18 months the presenters have been helping organizations understand what attacks against SaaS look like and building an approach for building and validating detection through emulation of these threats. The dynamic nature of SaaS solutions and the cloud environments they inhabit mean that building an effective long-term framework for keeping up with these changes is more important than the individual detections themselves.

Attendees will leave the talk with a clearer understanding of:

• What real-world SaaS attacks look like
• How SaaS detection differs from more conventional detection
• How to approach designing, implementing and evaluating their SaaS detection capability

Breaking boundaries, securing perimeters: A pragmatic approach to Attack Surface Management, presented by Katie Inns 

Security teams can often become overwhelmed by large lists of vulnerabilities that affect their systems; it is hard to know which to prioritize first when it comes to remediation. This can lead to ineffective vulnerability management processes that focus on addressing issues from a top-down approach and do not reflect real-world exploitation or the risk to the organization. This becomes more problematic when organizations don’t fully understand their attack surface and their systems that may be at risk.

This talk will discuss how organizations can adopt a more pragmatic approach to attack surface management by understanding the assets at risk, how to prioritize remediation, and how to adapt based on emerging threats.

Find out more about the event here.

Nick Jones and Mohit Gupta present ‘Dismantling the Beast: Formally Proving Access at Scale in AWS’. 

WithSecure’s Nick Jones and Mohit Gupta will be presenting their talk ‘Dismantling the Beast: Formally proving access at scale in AWS’ at this year’s fwd:cloudsec. Tickets for the event are now sold out, but recordings of the talk will be uploaded to YouTube after the event. 

At fwd:cloudsec you can expect discussions about all the major cloud platforms, both attack and defense research, the limitations of security features, the pros and cons of different security strategies, and much more.

Courageous business leaders, trailblazers, and makers came together not only to co-secure but to co-create and co-innovate.

The purpose of this event was to provide:

• Technical and business-related insights
• Practical ‘how-to-tips’
• Guidance from cyber-security experts
• The opportunity to network with peers and discuss the latest industry trends with our consultants

Watch the recording to learn more about managing your security from the cloud using WithSecure™ Elements:

• A single portal in the cloud for improved visibility
• Enabled capabilities as required
• Cutting-edge defense without the updates
• Expert help at hand
• Pay as you use services
• Less focus on maintenance - more focus on security
• Benefits from cloud-based automation and scalability

In this webinar, we discussed:

• Common cloud challenges from a detection and response perspective, and how to successfully tackle them
• How to identify, investigate and mitigate common intrusion types
• Effective prevention and detection tips that can be tailored specifically to your organization’s cloud security needs
• Solutions for optimizing cloud visibility for enhanced security and beyond
• How WithSecure’s Incident Response team conducts detection and response work in the cloud for effective results
• Evolving techniques for you and your organization to maintain resilience as you adopt new ways of working.

The new era of co-security is here. During this unique online event, you’ll get new insights and all the latest news about the world-class service you’ve come to expect from WithSecure™.