[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: hitb cinema :: lock picking village :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Conference Materials: http://conference.hitb.org/hitbsecconf2007kl/materials/

Official Photos: http://photos.hitb.org

Jim Geovedi (Member of HERT & Security Consultant PT. Bellua Asia Pacific)

Filed under: Main Page — Administrator @ 2:52 pm

Presentation Title: Enterprise Hacking: Who Needs Exploit Codes?
Presentation Details:

Traditional business drivers (time to market, cost basis etc) are still the dominant factors when formulating technology strategy. Security issues, although recognised as being of primary concern, are usually left behind to catch up. In an era where turnkey solutions, outsourcing, enterprise application integration across traditional boundaries are becoming the norm, this approach is causing more of a headache in the long run than the perceived (short-term) economic gains.

Highlighting lessons learned during several assignments, we found that the roles played by third parties and the lack of visibility of extended business processes (and related technology infrastructure) are becoming the main challenge for an enterprises information security team. In several cases, access to sensitive systems were engineered through the simple use of guile and cunning, identifying weak links introduced by the complexity of third party relationships and the many inter-connections between business entities. And in a significant number of these cases, exploit codes were not even deployed.

Several ideas on how to mitigate these situations will be offered for further discussion.

About Jim

Jim Geovedi works as an Information Security consultant at Bellua Asia Pacific. He has over seven years of experience performing professional security assessment and penetration testing, ISMS Audit & Implementation and computer forensics. Jim prefers to approach security from an attacker’s perspective in order to readily pinpoint weaknesses. He was an invited speaker at international security conferences as well university and government symposia.

** Presenting with Fetri Miftach (Principal Consultant, PT. Bellua Asia Pacific)

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By

Malaysian Communications and Multimedia Commission (MCMC)

Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors

Microsoft Corporation

Gold Sponsors


Official Airline Partner

Internet Bandwidth Sponsor

Global Transit

CTF Sponsor

Scan Associates

CTF Prize Sponsor

Scan Associates

Sponsor for Zone-H/HITB Hacking Challenge


HITB Cinema Sponsor

Avenuz Sdn. Bhd.

Official Creation Station

The Womb.com

Our Speakers are Supported By

F-Secure Corporation

Arbor Networks


Bellua Asia Pacific


Mozilla Corporation

Mu Security

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations

Chaos Computer Club

ISECOM - Insititue for Security and Open Methodologies


IT Underground

X-Focus China

Zone-H Defacement Mirror

Xatrix Security

Special Interest Group in Security & Information InteGrity Singapore