Workshop-1: Establishment of Common Criteria Evaluation Lab

By: Securelytics Pvt Ltd, Malaysia

Speaker: Mr. Muzamir Bin Muhamad

Date: 8th December, 2022

Time: 9:00 AM - 01:00 PM

Target Audience: Professionals Only

Registration Payment: 30,000 Rs.

Registration: Click Here for Registration
(This is paid workshop, any interested participant has to seperatly register for this workshop on the given registration link)

Workshop-2: Security Auditing and Testing in Line with International Standards & Best Practices

By: NCCS NCSAEL Lab, MCS NUST

Speaker: Ms. Maheen Fatima Bhutta, Ms. Nabeela Bibi

Date: 8th December, 2022

Time: 9:00 AM - 01:00 PM

Intended Audience: Conference attendees, researchers/students/faculty, industry professionals

Workshop Contents:
• Cybersecurity Audit Vs Pen Testing
• Internal Vs External Audit
• Cybersecurity Risk Assessment and Management
• Cybersecurity Maturity Model
• Gap Analysis
• ISO 27001 & ISO 27002-22

Registration Payment: Free for registered attendees

Registration: Click Here for Registration

Workshop-3: Network Protection Using Intrusion Detection System

By: NCCS CIPMA Lab, PIEAS

Speakers:
Professor Dr. Muhammad Hanif Durad (PI – CIPMA Lab PIEAS)
Muhammad Arsalan Paracha (PhD Scholar, DCIS, PIEAS)
Umair Farooq(MS Cyber Security, DCIS, PIEAS)
Muhammad Rizwan Yousaf (MS Cyber Security, DCIS, PIEAS)
Mr. Aftab Ul Haq (Lab Administrator - CIPMA Lab PIEAS)

Date: 8th December, 2022

Time: 9:00 AM - 01:00 PM

Target Audience:
• Students and curious security professionals who would like to expand their skills in intrusion detection.
• Anyone interested in use of intrusion detection concepts and tools.

Objectives: Computer attacks and data breaches are inevitable. It seems like every day a data breach occurs and the victims of the data breach suffer. Their information is stolen or posted online. This workshop looks at detection of threats & attack vectors and discusses how to use tools and principles to protect information. SNORT® Intrusion Detection/Prevention System (IDS/IPS), the world's foremost open source IPS/IDS, has officially launched Snort 3, a sweeping upgrade featuring improvements and new features resulting in enhanced performance, faster processing, improved scalability for networks. The latest Snort 3 IDS will be used to collect and analyze potential attacks.

Prerequisite Knowledge: Participants should be familiar with using Windows/Linux and have an understanding of basic programming concepts, while programming experience is not mandatory.

Duration: 3 Hours

Workshop Contents:
Network Intrusion Detection
Course
• Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
• Classification of Intrusion Detection System
• IDS Architecture
• Snort - an network intrusion prevention and detection system
• Snort Modes
• Logical Components of Snort
Hands-on Lab
• Installation
• Configurations
• Snort Rules
• Writing Rules to Detect Attacks

Expected Outcomes:
• Knowledge of TCP/IP and common application protocols to gain insight about your network traffic, enabling you to distinguish normal from abnormal traffic
• The benefits and problems inherent in using signature-based network monitoring tools
• The power of behavioral network monitoring tools for enterprise-wide automated correlation, and how to use them effectively

Registration Payment: Free for registered attendees

Registration: Click Here for Registration

Workshop-4: High-speed Packet Analysis and Visualization

By: NCCS DPI Lab, UET Taxila

Speaker: Dr. Sobia Arshad, Mr. Amad Talat, Mr. M. Shaheem Raza

Date: 8th December, 2022

Time: 9:00 AM - 01:00 PM

Target Audience: Conference attendees, researchers/students/faculty, industry professionals

Workshop Contents:
Part 1: High Speed Packet capturing
• Overview of Conventional Packet Capturing Approaches
•Introduction to DPDK
•Features and Projects of DPDK
• Framework of DPDK
•Core Components of DPDK
•Packet Processing Models of DPDK
•Demo: Installation and Configuration of DPDK
Part 2: Analysis and Visualization through ELK stack
• Introduction to ELK
• Elastic Beats
• Elasticsearch
• Logstash pipelines
• Logstash filters
• Kibana visuals
• Kibana dashboards
• Demo: Installation and configuration of ELK stack

Registration Payment: Free for registered attendees

Registration: Click Here for Registration

Workshop-5: Software Security Assessment Workshop

By: Horizon Tech Services (Pvt) Ltd

Date: 8th December, 2022

Time: 2:00 PM - 05:00 PM

Target Audience: Conference attendees, developers/researchers/students/faculty, and industry professionalss

Workshop Contents:
1. Introduction to Software Security Assessment
a. Security Assessment Overview and Purpose
b. Security Assessment Lifecycle
c. Software Security Standards, Guidelines and Best Practices
d. Common Software Security Attacks
2. Web-Based Application Evaluation/Testing
a. Static Testing
b. Dynamic Testing
c. Penetration Testing
d. Demo/Hands-on Session
3. Desktop Application Evaluation/Testing
a. Static Testing
b. Dynamic Testing
c. Penetration Testing
d. Demo/Hands-on Session
4. Mobile application Evaluation/Testing
a. Static Testing
b. Dynamic Testing
c. Penetration Testing
d. Demo/Hands-on Session
5. Reporting
a. Report Outline
b. Executive summary
(a) Test Results
(b) Conclusions
(c) Recommendations
c. Evaluation/Testing Details
d. Annexures

Registration Payment:
Students 5000 PKR,
Professionals 10,000 PKR

Registration: Click Here for Registration
(This is paid workshop, any interested participant has to seperatly register for this workshop on the given registration link)

Workshop-6: Cyber Threat Intelligence leveraging MITRE ATTACK Framework

By: NCCS CRC Lab, Bahria University

Speaker: Mr. Hafiz Muhammad Arsalan

Date: 8th December, 2022

Time: 2:00 PM - 05:00 PM

Target Audience: Conference attendees, researchers/students/faculty, industry professionals

Workshop Contents:
Module 1: Introduction and Understanding ATT&CK
Module 2: Mapping to ATT&CK from finished reporting
Module 3: Mapping to ATT&CK from raw data
Module 4:Storing and analyzing ATT&CK-mapped intelligence
Module 5: Making ATT&CK-mapped data actionable with defensive recommendations

Registration Payment: Free for registered attendees

Registration: Click Here for Registration

Workshop-7: Web Exploitation

By: NCCS ISQT Lab, NED UET Karachi

Speaker: Ms. Syeda Fatima Navaid, Ms. Shumaila Ahmed

Date: 8th December, 2022

Time: 2:00 PM - 05:00 PM

Target Audience: Conference attendees, researchers/students/faculty, industry professionals

Workshop Contents:
SQL Injection
• Injection techniques using SQLMAP tool
Subdomain Enumeration
• Techniques and mechanisms to find the valid subdomains using tools, Turbolist3r or Sublist3r or Amass
Binary Exploitation
• Techniques to crack executable files using tools IDA pro, Immunity debugger
Cross-site scripting
• What it is & how to prevent it
File Upload Vulnerability
• Exploiting file upload vulnerabilities in web applications

Registration Payment: Free for registered attendees

Registration: Click Here for Registration

Workshop-8: Security in IoT

By: NCCS IRIL Lab, UET Lahore

Speaker: Mr. Shaharyar Yaqub, Mr. Farooq Ali

Date: 8th December, 2022

Time: 2:00 PM - 05:00 PM

Target Audience: Conference attendees, researchers/students/faculty, industry professionals

Workshop Contents:
• Vulnerability and Compliance Assessment of IoT/Industrial IoT
• Manual Tools and Techniques used to perform the above operations for IoT
• Automate the above process (ThingzAnalyzer product with Demo)
• Offensive side: Exploitation of exposed vulnerabilities in the IoT System
• Tools and Techniques to exploit the system
• Defensive side: Prevention from the exploitation of the IoT devices
• Introduction of IoT Security Lab and its products line for premium defense
• Thingzfirewall product with Demo
• SIEM for Industrial IoT

Registration Payment: Free for registered attendees

Registration: Click Here for Registration