Christophe Vandeplas
In addition to providing his services as an independent cybersecurity expert, Christophe actively serves as a Belgian Cyber Reservist and contributes significantly to open-source projects. He is the founder of the MISP Threat Sharing Platform. His contributions to the community also include the creation of MISP-maltego and pystemon, the active development of the sysdiagnose framework, as well as his previous involvement in organizing the FOSDEM conference.
When not immersed in the world of cybersecurity, Christophe enjoys outdoor pursuits such as hiking, climbing, mountaineering, and sailing, finding solace in the beauty of nature.
Sessions
Are you, or your organisation, concerned about potential compromise on your iPhone, iPad, or Apple Watch? This workshop equips you with the knowledge and tools to identify red flags on your iOS device. We delve into the world of sysdiagnose and explore methods to verify potential breaches.
This is the starter workshop, we invite you to also join the second deeper dive session with deeper analysis.
This is the second part, or deep dive, of the Sysdiagnose Analysis Framework Workshop.
We will continue on the topics discussed in the first workshop, but here the focus is on diving DEEP in lots of the data that is present in the sysdiagnose archive.
Please ONLY attend this workshop if you either attended previous year's session or attended the beginners session, or already used the sysdiagnose analysis framework before.
Building a pipeline to analyse iOS devices at scale
Overview and Abstract
This talk will show how the DG DIGIT is bulding a pipeline to analyse devices at scale relying on 2 key pieces:
1. The sysdiagnose analysis framework developed jointly with CERT-EU.
2. A toolset to collect artifacts over the air via a self-developped App (in collaboration with an independent security researcher) or Computer app on a PC. The self-developped app is now available on all EC-owned devices.
Globabally this is a part of a larger "mobile cybersecurity programme" which is a deliverable of the European Commission Cybersecurity Strategy.
The presenters will share with the audience hands-on experiences and share what works and what does not work with this approach.
Incident responders will leave the talk with a deeper understanding of Sysdiagnose and a novel tool in their IR arsenal.