BREAKFAST SEMINAR - OSLO
Hacking Tesla: why should you care about vulnerabilities?
At our next breakfast seminar we are joined by Trend Micro and the Zero Day Initiative (ZDI).
ZDI is the world's largest vendor-agnostic bug bounty program, and so far this year they have published close to 500 advisories. ZDI is also responsible for Pwn2Own, the world’s largest hacking contest.
Join us to see ZDI’s Jasiel Spelman as he presents how he helped a team successfully exploit a Tesla Model 3 in this year’s Pwn2Own competition.
From Trend Micro we will hear how they leverage findings from ZDI in their products like TippingPoint and Deep Security. And mnemonic’s Harrison Edward Sand will share some of the main challenges he encounters when working with breaches and vulnerabilities, using recent examples resulting in real-world incidents.
See you there!
Breakfast and registration
Hacking Tesla Model 3
In March this year ZDI’s Pwn2Own hacking contest took place in Vancouver. In the automotive category Tesla provided a Model 3 for participants to attempt to exploit. One team was successful and got to drive away in the Tesla Model 3!
In this presentation we will meet Jasiel Spelman, Vulnerability Analyst and Exploit Developer from the ZDI team in the US. Jasiel did all of the black box analysis on the Tesla, wrote the exploit for the Tesla, and facilitated the Tesla hacking attempt at Pwn2Own. In his session, Jasiel will provide a unique in-depth presentation on how he went about attacking Norway’s favorite electric car.
Technical level: 3/5
Trend Micro and ZDI – what’s in it for me?
The breadth and depth of the vulnerability research in the ZDI program is leveraged by Trend Micro to give customers a high level of protection coverage against vulnerabilities.
Thomas will show how this also is used to create preemptive protections against vulnerabilities and what this preemptive protection looks like "in action".
In his presentation, Thomas will have a practical look at use-cases where ZDI findings are implemented, such as in TippingPoint and Deep Security, and what this means for the user.
Technical level: 2/5
Attackers are exploiting your vulnerabilities: how are they doing it, and how can you stop them?
Vulnerability management is a continuous effort, demanding competence, structure and commitment. It’s no easy task, which is why many organisations struggle to keep up – and attackers know this.
Using some of the real-world breaches that have been in the news recently, Harrison will demonstrate how different types of threat actors can go about abusing different types of vulnerabilities. The presentation will also highlight the challenges organisations face with managing vulnerabilities, and how a continuous vulnerability monitoring program can help solve the problem.