The International Cybersecurity Forum (FIC) is Europe’s leading cyber security event – covering everything from privacy and digital identity, to risk management and operational security.
The Airbus CyberSecurity team will be at FIC 2023 (5-7 April 2023, Lille Grand Palais, France) on stand #D7. Come and meet us to hear how we’re helping our clients build their cyber resilience and watch our live product demos.
SPEAKING SLOTS
Hacking Lab: Ghildralligator: Fuzz software running on exotic architecture
Wednesday, April 5 2023 – 2:35 PM to 3:05 PM – Flavian Dola and Yann Breut, Solutions Area
Ghidralligator is a C++ multi-architecture emulator based on the Ghidra libsla, designed for fuzzing
with AFL++. It allows performing emulation-based fuzzing while keeping interesting performances
when dealing with binaries running on exotic architectures.
On the agenda:
- Watch an overview of fuzzer technics (code coverage, snapshot, …) and tools (AFL, …) ;
- Dive into Ghidra RE Internals and libsla ;
- Learn more about Ghidralligator software architecture ;
- Experience a realistic demo : Fuzzing programs running on Xtensa/PowerPc/Mips/Arm CPU ;
- Get to know the limitations and future features.
Hacking Lab: Beating Malwarebytes by reusing its own software component
Thursday, April 6 – 10 AM to 10:30 AM – Nicolas Delhaye, Solutions Area
This presentation aims to demonstrate that it may be necessary to determine a basic architecture of a target product to advance in the vulnerability research process.
Did you know that, sometimes interacting with a component can be more complex than using a simple socket and sending data directly? And that much more complex communication channels can be developed with synchronization mechanisms, shared memory and randomly generated resource names?
Don’t miss our demonstration explaining how understanding and implementing such a communication channel costs a lot of time and forces the vulnerability researcher to give up his initial idea.
Hacking Lab: NMAP- Tricks and traps for pentesters
Thursday, April 6 – 2 PM to 2:30 PM – Yann Breut, Solutions Area
Known by all IT professionals for its efficiency and ease of use,Nmap is the essential tool when you want to discover a network.
It is certainly the tool most used by IT security specialists when they have to carry out a service related to when they have to carry out a service related to the network.
However, it must be acknowledged that knowledge of its internal workings is often neglected.
It is however the small difference that can give an attacker or a defender an advantage.
Through this presentation, we will deepen our knowledge of Nmap in order to highlight some of the pitfalls to avoid when you want to remain discreet, such as during Red Team missions; or particular markers
to look for if you are defending a network.
Technical demonstration: Sentinel platform
Thursday, April 6 – 4:20 PM to 4:50 PM – Thomas Oudin, R&T Project Manager
SENTINEL is a European project with 13 partners, the objective of the project is to bridge the security, privacy and data protection gap for smaller enterprises in Europe. Once registered on the platform, and the self-assessment workflow completed, the SME user will get policy recommendations, information on data and privacy breached, and training materials. AIRBUS provides a new training approach with a Gaming interface based on the CyberRange in order to raise awareness of end users. The users will learn in an interactive way the best practice to better protect personal and sensitive data.
During the presentation, you will discover the SENTINEL platform, and a training on the AIRBUS Gaming interface.
European Cyber Cup
Wednesday, April 5 to Thursday, April 6 – 9 AM to 5:00 PM
The EC2 is the first ethical hacking competition that pits engineering and cyber security students against esports security professionals. Who will be victorious?
Join us to find out! Airbus Defence and Space Cyber is providing its gaming platform to manage teams, events and scoring. During the competition, we’ll also set up SpeedRun events, allowing teams to gain – or lose – extra points.
Orion Malware : Static and dynamic analysis of Microsoft Exchange attachments
From Tuesday, April 5 to Thursday, April 7 2023 – 9:30 AM & 3:00 PM – Booth Airbus D7
Eric Carles, IT Project Manager, Software Engineer at Airbus Defence and Space Cyber
Orion Malware is a network file analysis platform designed to empower all security teams (SOC, CERT and CTI) by analysing files extracted from networks or submitted by users. Sorting techniques, static analysis and dynamic analysis are coupled to extract data on analysed files and qualify threats.
For example, Orion Malware can integrate into Microsoft Exchange messaging infrastructure to detect and neutralise malicious attachments.
This presentation will demonstrate Orion Malware’s ability to detect and block malware, such as ransomware received by email.
We will present the different configuration options as well as the logging and traceability aspects of the analysis system integrated with Microsoft Exchange.
PROPHECy : Simulation of a cyber attack and implementation of an incident response
From Tuesday, April 5 to Thursday, April 7 2023 – 9:30 AM & 3:00 PM – Booth Airbus n°D7
Our experts will illustrate the main phases of the attack and demonstrate how to orchestrate an automatic incident response that slows down and blocks attackers.
Don’t miss Airbus Protect’s demos on booth, they will present FENCE. Fence is Airbus Protect’s proprietary security risk management software tool.
Back to Events
