Security Experts:

Event Preview: Kaspersky Security Analyst Summit 2016

Kaspersky Security Analyst Summit 2016

Kaspersky Lab researchers speaking on The Equation Group at SAS 2015: Igor Sumenkov, Sergery Mineev, Vitaliy Kamlyuk, Costin Raiu. (Image Credit: Kaspersky Lab)

Security firm Kaspersky Lab, known for its Internet security software and expert research in unmasking global cyber threats, will host the 2016 edition of its Security Analyst Summit (SAS) on February 7-11 at the Ritz-Carlton, Abama resort in Tenerife, Spain.

The exclusive, invite-only event will bring together anti-malware experts, law enforcement, vulnerability researchers, computer emergency response teams (CERTs), and other members of the security community for high level talks, with long days and even longer nights.

The Kaspersky Security Analyst Summit 2016 will cover topics such as cyber espionage, mobile security, botnets, law enforcement cooperation, financial threats, vulnerabilities, surveillance, and critical infrastructure.

More than 60 talks are on the agenda for the two-day event, with each session featuring several presentations on various subjects and hosted by an industry professional.

On day one, Microsoft’s John Lambert will discuss “changing the physics of defense,” and Peter Kruse of CSIS will talk about the Dyreza banking Trojan. Kaspersky’s own researchers will detail their findings on APT and cybercrime campaigns that the company has been monitoring. The day will end with a debate session entitled “Sherlock vs Moriarty”, likely to be a purposefully comical interaction between Kaspersky researchers. 

On day two, there will be two parallel tracks dedicated to APTs, Middle Eastern targeted attacks, the use of JavaScript in espionage, threat actors in Southeast Asia, the Angler exploit kit, and the evolution of threat actors’ OPSEC. Sessions will also focus on the use of tools and techniques in cyber investigations and threat analysis, ATM attacks, DDoS extortion campaigns, and bypassing security mechanisms.

Shots at Kaspersky Security Analyst Summit 2013

Also on the second day, the summit will host a special industrial track where experts specializing in ICS/SCADA security will discuss hacking the power grid, hospitals, medical devices, home appliances, and the industrial world in general. Speakers will also share insights on ICS attack vectors and recommendations for protecting industrial systems.

In the days leading up to the conference, members of Kaspersky’s Global Research & Analysis Team (GReAT) and experts from other companies will host a series of training sessions. This is the first SAS to give participants the opportunity to learn from some of the best experts in the field about reverse engineering malware, software and hardware exploitation, intelligence gathering, and analyzing APTs,

On Feb. 6-7, security professionals can learn what to know about hunting APTs using Yara rules from Kaspersky’s Costin RaiuVitaly Kamluk and Sergey Mineev. It’s worth noting that Yara rules recently helped Kaspersky researchers discover a zero-day exploit designed to target Microsoft Silverlight.

On the same days, Paul Richards and Andrew Macpherson of Paterva will host a training session on using Maltego for digital intelligence gathering.

For those fortunate enough to score the budget last minute, Ryan Naraine, Director of Kaspersky's Global Research & Analysis Team in the U.S., tells SecurityWeek that a few spots are still available for trainings, though the Yara session is sold out. 

A four-day training session, between Feb. 4 and 7, will be hosted by Kaspersky’s Nico Brulez, who will teach participants about manually unpacking malware, analyzing static shellcodes, and reverse engineering APTs. Each training session is limited to 15-20 participants.

As a sponsor of the event for the third year in a row, SecurityWeek will be on-site and providing day by day event coverage, including exclusive podcasts. Yours truly will also serve as a session host for a series of six presentations on Tuesday afternoon.

As part of my responsibilities as session host, I will be tasked with dishing out the official shot of the conference following each presentation--a tradition that has been in place since the SAS 2010 in Malaga, Spain. Naraine tells SecurityWeek that the official shot for 2016 is Whiskey. 

"We are especially excited about the conference this year because of the variety of speakers doing presentations," Naraine told SecurityWeek. "From Microsoft to BlackBerry to Salesforce, we have a really intriguing agenda covering all the major topics in the industry."

For those looking to follow on Twitter, use hashtag #TheSAS2016 to keep up with the action in Tenerife.

(Additional reporting by Eduard Kovacs)

view counter
For more than 10 years, Mike Lennon has been closely monitoring and analyzing trends in the enterprise IT security space and the threat landscape. In his role at SecurityWeek he oversees the editorial direction of the publication and manages several leading security conferences.