–By Angelina L. Gokhale and Kaustubh Chavan
Symbiosis Centre for Information Technology (SCIT), Pune
The Null Pune Chapter hosted the first Winja Session on the 5th of January 2019 inviting women speakers to discuss on the upcoming trends and research in information security. The session received enthusiastic participation from over 45 attendees making it a successful null meet. In addition, the entire session was streamed live on the nullcon Facebook page inviting participants from across the globe as well. Our null Pune moderator Sudhakar Verma (Security Researcher, Payatu Technologies ) commenced the session with a brief introduction about the null community and the activities taken up by the null Pune chapter following which the Winja team volunteer Angelina Gokhale (Junior Research Fellow, SCIT ) was invited to introduce the “Winja” initiative.
Angelina introducing Winja initiative
Sayali Ambure (Security consultant Intern, SecureLayer7 ) enlightened the audience regarding the trending security news featuring new attacks and threat landscape for the year 2018. She covered a wide array of the recent security breaches such as Facebook, Orbitiz, Singhealth, Shein.com, Uber, Quora, Aadhar, Cosmos bank and Ransomware to name a few. She also mentioned how social engineering still continues to be one of the successful attack vectors and stressed the importance of cultivating a habit of securing personal data among users in their daily routine. The session was well received by the audience. The next talk was presented by Nimisha Singh (final year MBA-ITBM student, SCIT) on “Blockchain technology in IoT networks – The new applied Science”. The talk introduced the components of blockchain and how one can achieve integrity, availability and accounting by incorporating this peer-to-peer decentralized network system. The next part of the discussion highlighted some of the challenges when considering IoT implementation such as security, compatibility and longevity, connectivity and standards. She then presented her published use case on “Smart waste management system using IoT”. In conclusion, she highlighted the various use cases and benefits of how blockchain could be integrated with IoT in the near future.
Sayali Ambure giving News Megabytes
Priya Singh (final year MBA-ITBM student, SCIT) then introduced the meaning of Compliance and its importance from the security perspective. She discussed how complying to certain security standards like ISO/IEC 27001 and regulations like GDPR can help in mitigating security risks to a greater extent. This view was debated upon suggesting that compliance does not guarantee 100% security but helps in reducing security risks. Further she highlighted the risk management process and defined the various principles of security like Confidentiality, Integrity, Availability, Authentication, Non-repudiation and Access control. In conclusion she advised companies to not look at compliance as an act of depriving organisations of their super powers but to take it positively as an act of building trust with their stakeholders. After a quick networking break, Namrata Bhuiya ( Assistant Manager, Vodafone Shared Services ) introduced her topic on “Multifactor Authentication for Securing Host and Application”. She highlighted the importance of multi-factor authentication through various use cases and demos.The last speaker, Akansha Kesharwani discussed ways to break access control through interesting demos and use cases. She concluded the session with a Winja-CTF where the audience had to put their brains to the test in order to break into the system. The event was fun and challenging and the winner Swapnil (Software Engineer, PureID ) was awarded with the “Gray Hat hacking book”.
The final event involved an interesting and interactive security quiz hosted by Pratik, Sudhakar, Akansha and Angelina to motivate the audience and encourage them to actively participate in this initiative. This quiz was well received by the audience and the winners were awarded with “Hacker” t-shirts.
Team SCIT : From left to right – Angelina, Kaustubh, Nimisha, Mohini, Priya and Vidyavati
This session was a definite hit among the attendees and the live audience and received constructive feedback. This was just the beginning and there is more to come! Stay tuned for the other Null-Winja sessions! The next one is hosted by the null Bangalore chapter on the 12th of January 2019 by Neelu Tripathy and team!
For more details and information, visit https://nullcon.net/website/ https://winja.nullcon.net/, https://twitter.com/winja_ctf, https://reflections.scit.edu/