Highlights from 44CON: London 2023

Oct 8

Location: Novotel London West
Date: 13-15 September 2023

MITRE ATT&CK, Cloud Security Risks, Physical Security and More

Recently, I had the incredible opportunity to attend the 44CON for the very first time. As a cybersecurity enthusiast, this event had been on my radar for quite a while, and I can confidently say that it did not disappoint. With the exceptional quality of speakers featured, no wonder this conference shines in London. However, it’s not all about talk - 44CON strikes an impressive balance.

From Workshops where you can roll up your sleeves and dive into hands-on learning, villages that beckon with their unique challenges and vendor booths teeming with cutting-edge solutions. What truly sets this conference apart is the absence of long lines or the need to make those agonizing choices about which sessions to attend. It's the freedom to craft your experience precisely as you desire that’s large enough to offer different activities and options, yet intimate to ensure you can fully immerse yourself in every aspect.

Whether your interests lean towards policy discussions, lockpicking, OSINT (Open-Source Intelligence), or the adrenaline-pumping of Capture The Flags (CTFs), it's entirely possible to cater to a diverse audience! In this article, I'll take you through some of the absolute highlights - from Physical Security talks to cyber wargames, MITRE ATT&CK, Cloud Security Risks, and SaaS Solutions, this conference had it all.

So, without further ado, let's dive into it.

Physical Security Breaking the Unbreakable

A standout moment was the series of talks on Physical Security, particularly the set of discussions centred around Physical Penetration Testing. Robert Sell and Justin Wynn, seasoned experts in this field, delivered captivating presentations that was nothing short of awe-inspiring. There is no decent information security conference without learning about the tools and tricks to break into banks and high security facilities.

Physical Security often assumes a secondary role in comparison to its digital counterparts. Yet, it's imperative to recognize that the physical layer constitutes the primary line of defense for every organization. Robert and Justin explored the intricacies of tools and tactics necessary to infiltrate even the most ‘unbreakable’ institutions, including high-security banks and facilities. This served as a stark reminder that, regardless of the ever-increasing sophistication of our digital security measures, the physical world remains an arena vulnerable to exploitation.

What added a layer of inspiration to this was the resounding emphasis on legitimate and ethical practices. Rather than promoting illicit activities, the spotlight was on the significance of comprehending Physical Security to enhance protection against tangible, real-world threats. The knowledge from these sessions were truly invaluable and I couldn't help but contemplate the idea of venturing into this field to enhance my skill set… legitimately, of course.

THREATCON, Cloud Security and Cyber Wargames

Another experience at 44CON was participating in THREATCON - a cyber wargame meticulously designed to simulate information security incident response communications. I found myself voluntold (as you do!) to be the Incident Commander, and it turned out to be a pretty fun.

This position places you in orchestrating the incident response efforts while also coordinating the actions of various team members and making crucial decisions. It was like stepping into the shoes of a cybersecurity hero, responding to a simulated cyber crisis. The wargame scenario was intense and it will really test you to respond swiftly and effectively to emerging threats. A realistic glimpse into the high-stakes world of cybersecurity, participants may find themselves addressing scenarios that involve cloud-based assets, data breaches, or attacks targeting cloud services. The dynamic nature of the games mean that every decision made as Incident Commander can have a significant impact on aspects like Cloud Security.

For professional individuals or businesses that operate in hybrid or fully cloud-based environments, should seek out activities such as this when attending a conference. The ability to respond to incidents, even in the cloud, is a crucial facet of an organization's overall cybersecurity posture.

THREATCON exposed me to the intricacies of incident response in an environment where Cloud Security and Third Party Security was inextricably linked. The scenarios we encountered often involved threats targeting cloud resources, data stored in the cloud, or cloud-based applications. As the Incident Commander, I had to consider not just the traditional aspects of incident response but also the nuances of cloud security, which required a distinct skill set and approach.

I can eagerly affirm that I would attend 44CON again just for the chance to be in such an engaging and educational experience.

Exploring MITRE ATT&CK and SaaS Cyber Kill-Chain

One session that particularly caught my attention was the discussion on the SaaS Cyber Kill-chain, presented by Luke Jennings from Push Security. As someone who has been a fan of the MITRE ATT&CK matrix since my days focusing on security events logging and monitoring, seeing it presented in a new format was both exciting and insightful. The MITRE ATT&CK matrix is a comprehensive framework that categorizes adversary tactics and techniques, and it has been an invaluable resource for cybersecurity professionals.

In Luke Jennings' presentation, the focus was on applying the MITRE ATT&CK framework to Software-as-a-Service(SaaS) environments. SaaS Solutions have become an integral part of modern business operations, and they present unique security challenges. The SaaS Cyber Kill-chain concept provides a structured approach to understanding and defending against threats in this context.

By leveraging the MITRE ATT&CK framework, security professionals can gain a deeper understanding of the tactics and techniques employed by adversaries targeting SaaS platforms. This knowledge enables organizations to enhance their security posture and proactively defend against cyber threats.

See more about Saas Attacks by Push Security.

Final Thoughts

Events like 44CON LONDON 2023 provide an invaluable platform for security professionals to come together, learn from one another, collaborate, and grow. As I conclude my thoughts, one message remains clear: our dedication to learning and adapting is our strongest defense against cyber threats.

The conference didn’t just involve around the speakers. The overall organisation went the extra mile by offering hands-on training workshops. These workshops are carefully crafted to equip attendees with practical skills that can be directly applied to their daily work. Covering a wide range of topics, from penetration testing to digital forensics and network security, these workshops provide a diverse learning experience. An approach that empowers all to not only expand their knowledge but also specialize in specific areas of interest.

Thanks to the organizers!

Let us know in the comments below, which cyber security events are you looking forward to attend? Did we miss your favorite? Learn more about Superuser OÜ next events by following us on LinkedIn.

Have a question? Find the following resources on our Services Page for other enquires, contact us.

Stay up-to-date! Register your interest for upcoming new products and services launching soon.

44CON44CON London 2023Cyber SecuritySoftware-as-a-serviceSaaSPhysical SecurityCloud SecurityCloud Security RisksMITRE ATT&CKInformation SecurityCyber RiskRisk ManagementSecurity Risk ManagementCyber Security EventsLeading Cybersecurity Compliance Services

Hazel Suarez