(ISC)2 Melbourne Event
Chathura Abeydeera, CISSP, "Giving away the keys to the kingdom via Citrix"
By enabling employees to access a centralised infrastructure, organisations are able to better equip their workforce with the necessary tools to work remotely, encouraging a sound work to life balance. With an increased number of organisations adopting Citrix implementations, it is essential to ensure these environments are designed and configured in a secure manner.
Citrix commonly deployed in internet facing environments and these application deployments are rarely locked down enough to prevent an attacker from breaking out to the underlying operating system.
As a result, these systems can often be used as an entry point into the internal network.
Due to residual vulnerabilities in the internal network and systems, often attackers get unauthorized access to other network systems, applications, and sensitive data.
This talk will use a scenario based approach to demonstrate numerous ways to compromise organisations via Citrix.
Bio: Chathura Abeydeera - Chathura is the Security Assurance Manager and Red Team Lead at eSecure; with more than 14 years of hands-on industry experience in information security. He is also a CREST Certified Tester. He has worked with clients across the State & Federal Government, Power & Energy, Technology, Engineering, Education, telecommunication and Financial Services sectors, specialising in objective based penetration testing, red teaming and running customised technical security training. Chathura has received a BSc from London Metropolitan University and an MSc, Information Technology from Sikkim Manipal University of Health, Medical and Technological Sciences. In addition to the above, he also holds numerous professional qualifications including the CISSP, CISM, CCNA, CASP.
- 5:30 – 6:00 pm: Networking opportunity
- 6:00 – 6:05 pm: Welcome, plus (if needed) chapter business and updates
- 6:05 – 6:45 pm: Presentation by Chathura Abeydeera, CISSP
- 6:45 - 7:00 pm: Q&A and networking until 7:30 pm
RSVP via EventBrite for Entry: Please register using your real full name and bring your ticket with you (paper / mobile), for two reasons. First, it is more likely that building security lets you into the event. Second, it is easier of us to record your Continuing Professional Education credits. If possible, please RSVP by noon Monday 8 January 2018.