Author: Ionut – Daniel BARBU
SPARKS #1 was a short but very interesting Security and Hacking event that took place on March 4, 2014 at TechHub, Bucharest. It is the first in a new – born series of information security related meetings.
To my consideration, this is intended as a place to meet security enthusiasts after work. Its purpose is to create a bridge between Security IT specialists working in the field and passionate home security practitioners. I see this as a very good opportunity to be up to date with the news of the field.
The first event of this series started with presentation of a new method of data encapsulation. The hacker approach of this, can be observed as this method describes a way to bypass firewall protection. After an initial overview of the current methods in use, the presenter offered a personal solution: a layer was developed with the intention to encapsulate the malicious payloads. As a consequence, this implementation offers transparency against the attack discovery applications. The speaker, Valentin ILIE, kept the auditorium very connected to the subject as he enthusiastically presented one of his security related studies. As a member of Cyber Security Research Center from Romania and Romanian Security Team, he is in constantly studying the newest malware samples.
As previously stated, SPARKS accommodates both security home practitioners and corporate employees. Among this second group I discovered Ionel CHIRITA who works as an Application & Infrastructure Security Analyst at Electronic Arts Romania. His passion about Information Security field drove him through 7 years of experience. As a member of Open Web Application Security Project his involvement include presenting and taking part in training and organizing IT Security related conferences for OWASP Romania chapter. The OWASP objective is to raise awareness about application security, so that people and organizations could make better and more informed decisions about valid application security risks. His presentation walked us through the wide variety of available vulnerability scanners. To my consideration his approach was very interesting as he both analyzed enterprise and open – source scanners. What I liked most is that the speaker did not offered the solution, the best scanner, as such thing does not exists. As a general opinion this was a guide based on a series of conducted tests. Furthermore, there was a very good communication with the auditorium, the speaker encouraged questions and opinions and kept everyone interested.
As expected, by the end of the presentations, the attendants started sharing ideas and experience so the first SPARKS session finished a very friendly manner.
The attendance was free of charge which made it available to a wide variety of technical fellows from university students, IT employees, security specialists to just passionate people. However for administrative purposes, prior registration and confirmation was required. For further details and for future events I strongly recommend the conference’s web page: sparks.ccsir.org.
Already as a tradition in Bucharest Information Security community, the host of this event was Andrei AVADANEI representing CCSIR. This interesting organization is also yearly organizing the DefCamp meeting.
To conclude, I feel that anyone interested in IT Security should subscribe to this conference site and look for the next month meeting. Complementary to this, it is worth mentioning that very useful information can be gathered from OWASP community. The Open Web Application Security Project is a worldwide not-for-profit charitable organization focused on improving the security of software. OWASP does not endorse or recommend commercial products or services, allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide. If you want to be a part of this go to OWASP page and join the mailing list.
Finally I would respectfully thank to the organizing team for the idea and effort.
Information and photos: sparks.ccsir.org