Yury Chemerkin

Security Expert at JSC Advanced Monitoring

Yury Chemerkin has ten years of experience in information security. He is multi-skilled security expert on security & compliance and mainly focused on privacy and leakage showdown. Key activity fields are EMM and Mobile Computing, IAM, Cloud Computing, Forensics & Compliance. He published many papers on mobile and cloud security, regularly speaks at conferences such as CyberCrimeForum, DefCamp, HackerHalted, NullCon, OWASP, CONFidence, Hacktivity, Hackfest, DeepSec Intelligence, HackMiami, NotaCon, BalcCon, Intelligence Sec, InfoSec NetSysAdmins, RootCon, PHDays, etc.

Mobile, IoT, Clouds… It’s time to hire your own risk manager!

This talk is about how to use different techniques (including forensics) to break into data of mobile devices to define and quantify the severity of issues found by these methods. Some examples will be shown on popular apps everyone uses daily, some cases of various apps to highlight the exciting problems. This compilation is to answer questions about profiling of devices and apps: what, where, how, what features only and why based on your daily activities and places you visit (home, work, vacation, away from home). Also, games aka “privacy policy vs. technical audit” and practical cases are included. The scope of forensic solutions, and what it offers for security researchers and mobile customers covered by this talk include Elcomsoft, Paraben, MOBILedit, Cellebrite, and BelkaSoft.
The presentation will systematically review
i) security techniques to protect data used by developers,
ii) security techniques to protect data offered by OS vendor and either should be implemented by developers or activated by default,
iii) risk mitigation, profile activities and opportunities provided by security solutions,
iv) combining of knowledge of breaking tools into a database to manage risks,
v) current limitations and future directions of the solution. Also, future directions will be included in both common features and risk-defensive features of thinking about these problems that might help many customers.

 

Presentation @DefCamp 2018