資安研討會及活動

2019 CYBERSEC 101

活動時間:2019/9/6(五)、9/20(五)、10/25(五)、11/8(五)、11/29(五)
活動地點:台北市松山區敦化南路一段108號 B2
活動網站:https://cybersec101.ithome.com.tw/
活動概要:CYBERSEC 101 為全新系列研討會,藉由定期舉辦,持續對資安實務做更全面更深入的探討與交流,期能擴大 IT 與資安人員的資安視野,精進資安防禦技能,持續提升企業組織的資安防禦水平。
2019 年 CYBERSEC 101 資安實務研討會的第一場次,將以當前全球最受企業與政府矚目的「NIST Cybersecurity Framework」為主題,透過此一完整涵蓋企業五大防禦構面的資安藍圖,由資安專家帶領 IT 與資安人員,以每個月一個子題的節奏,依序探討NIST Cybersecurity Framework 的五大資安防禦功能(Identify、Protect、Detect、Respond、Recover),完整檢視企業資安防禦的全貌,為企業資安防禦奠定持續改善的基礎。


CDX2.0推廣活動

活動時間:2019/09/10(二) 13:00~16:00
活動地點:臺北市和平東路二段106號4樓
活動網站:https://nchc-cdx.kktix.cc/events/cdxactivity-0910
活動概要:雲端資安攻防平台(Cyber Defense Exercise,CDX)為科技部指導國家高速網路與計算中心(國網中心)執行「資訊安全開放資料平台研發與惡意程式知識庫維運(II)」計畫之一,平台採用雲端服務的架構進行規劃與設計,主要用以改善傳統攻防平台受限於軟硬體限制、管理與使用不易等問題,以虛擬化的架構實現攻防演練場景快速部署的可行性,提供多人多場景同時進行攻防演練之環境,並可提供模擬真實的網路環境用於攻防技術相關研究,讓參與者能夠熟悉與掌握以往曾經發生過的資訊安全事件,並從中學習資訊安全的檢測與分析技巧。


Cyber Attack Taipei Series 2019

活動時間:2019/09/17 (二) 8:00~17:00
活動地點:台北市中山區中山北路二段 39 巷 3 號
活動網站:https://www.eventbrite.com/e/cyber-attack-taipei-series-2019-tickets-68951581035
活動概要:
Threat Intelligence, Cybersecurity, Digital Investigation, Cyber Forensics, Artificial Intelligence, IoT, Machine Learning, BigData, Fintech
About this Event
WHO SHOULD ATTEND

  • Administrators
  • Chief Information Security Officers (CISO)
  • Chief Information Officers (CIO)
  • Chief Technology Officers (CTO)
  • IT Directors
  • Cyber Security Heads
  • Senior Executives in Security
  • Technology and Risk Officers

Network and Information Profiles


9月台北例會-物聯網時代的資安與隱私風險管理

活動時間:2019/09/24 (二) 14:30~16:30
活動地點:台北市信義區基隆路一段143號3樓
活動網站:https://www.caa.org.tw/newsdetail-15994.html
活動概要:
1.物聯網產品資安與隱私風險管理框架介紹
2.組織採用物聯網設備之風險與管理措施
3.組織物聯網設備管理成熟度評鑑方法介紹

主講講師:
姓名:李冠樟
機構:安侯企業管理股份有限公司
單位:資訊科技諮詢服務
職稱:經理
證照:CISA、CISM、CEH、ISO 27001 LA、BS 10012 LA、ISO 20000 LA、ISO 22301 LA、ITIL Foundation
專長:資訊安全管理、資訊系統稽核、個人資料與隱私保護、資訊服務管理、營業秘密保護


9月新竹例會-機敏資料管理實務講座

活動時間:2019/09/25 (三) 09:30~12:30
活動地點:新竹市光復路二段153號2樓
活動網站:https://www.caa.org.tw/newsdetail-15990.html
活動概要:
1.營業秘密與智慧財產的法制要件
2.新版營業秘密法對企業之影響
3.營業秘密的侵害與救濟
4.案例說明與企業應有之防護佈局

講師:
張紹斌 中華民國電腦稽核協會理事長/合盛法律事務所主持律師
證照-中華民國律師、司法官、BS 10012

資安研討會及活動

2019數位政府高峰會 _ Digital Government Summit 2019

活動時間:2019/8/28 (三) 09:00 – 16:40
活動地點:台北富邦國際會議中心 B2
活動網站:https://egov.ithome.com.tw/
活動概要:數位政府高峰會將介紹外界最關心的換發數位身分識別證 (New eID) 最新規劃,說明依據智慧政府發展藍圖,在便捷生活、保障隱私、高安全性及資訊自主原則下,規劃發行數位身分識別證,將國民身分證結合自然人憑證,作為實體世界及網路身分之人別辨識之鑰匙,並說明New eID 個資、資安保護作為及相關更便利、更安全、更自主、更加值之各項情境。本議程邀請內政部戶政司司長張琬宜蒞臨分享數位身分識別證 (New eID) 虛實整合之規劃方向。2019 數位政府高峰會,內容不僅多元且豐富,一同探討數位轉型浪潮下公務員應具備的新能力,一起參與推動政府進步創新的行列。


2019 CYBERSEC 101

活動時間:2019/9/6(五)、9/20(五)、10/25(五)、11/8(五)、11/29(五)
活動地點:台北市松山區敦化南路一段108號 B2
活動網站:https://cybersec101.ithome.com.tw/
活動概要:CYBERSEC 101 為全新系列研討會,藉由定期舉辦,持續對資安實務做更全面更深入的探討與交流,期能擴大 IT 與資安人員的資安視野,精進資安防禦技能,持續提升企業組織的資安防禦水平。
2019 年 CYBERSEC 101 資安實務研討會的第一場次,將以當前全球最受企業與政府矚目的「NIST Cybersecurity Framework」為主題,透過此一完整涵蓋企業五大防禦構面的資安藍圖,由資安專家帶領 IT 與資安人員,以每個月一個子題的節奏,依序探討NIST Cybersecurity Framework 的五大資安防禦功能(Identify、Protect、Detect、Respond、Recover),完整檢視企業資安防禦的全貌,為企業資安防禦奠定持續改善的基礎。


新全民公敵—不實訊息

活動時間:108年8月19日(星期一)14時至17時
活動地點:IEAT會議中心3F第1會議室(臺北市中山區松江路350號3樓)
活動網站:https://twnic-icann.kktix.cc/events/108-5
活動概要:
網路不實訊息所導致的社會不信任與分歧的負面現象,甚至對民主的干預,已經成為許多國家的擔憂。
以5月底甫結束的歐洲議會大選為例,為防止俄羅斯以不實資訊活動干擾選情,歐盟早在去年12月5日發布《對抗不實訊息行動方案》,從增加專業資源投資、建立即時預警系統、要求業者落實自律規範、提升大眾認知等4大方向著手。
國際間也有從訂立法律或擬訂政策以為因應的做法,例如在去年通過與實施的法國《打擊資訊操弄法案》、德國《網路執行法》(NetzDG);以及今年5月通過的新加坡《防止網路虛假與操弄法案》等;這些做法中或從維護選舉公正性為出發點,也有從抑制網路仇恨言論散播的角度為立法初衷。
綜觀國際間防制不實訊息的不同做法,或可區分在短期間可奏效者包括從立法、平臺自律、或設立事實查核中心等;以及長期可收效的提升民眾媒體素養、健全媒體結構等。
本座談將聚焦於,釐清臺灣社會面對不實訊息帶來的威脅當中應優先處理的議題為何?針對優先處理議題,現有來自於政府與民間推動的措施是否足以因應?缺口為何?國際經驗中,又有哪些得以借鏡之處?
主持人    胡元輝 教授(中正大學電訊傳播研究所)
與談人(※依姓氏筆畫排序)
何吉森 副教授(世新大學廣播電視電影學系)
沈伯洋 副會長(台灣人權促進會)
黃兆徽 經理(華視新聞部)
羅秉成 政委(行政院)


2019 NGO 資安種子講師培訓

活動時間:2019/08/29(四) 09:00 – 2019/09/01(日) 17:00
活動地點:CLBC 德惠弍參 T23 / 10491台北市中山區德惠街23號
活動網站:https://ocftw.kktix.cc/events/cscs2019tot
活動概要:台灣擁有在國際間相當知名的開源社群,亦有著極為活躍的公民社會。為了促進這兩個社群之間的交流,開放文化基金會國際交流組與華人民主書院、台灣駭客協會、台灣人權促進會共四個組織共同開啟 「CSCS 專案:Civil Society Cyber Shield」,讓社會運動與組織者能夠接觸最新的資安工具、對抗資安威脅,在安全的線上環境中推動社會議題。
同時,台灣身為亞洲少數高度民主的國家,更期許以豐厚的民主土壤培養跨國資安支援網絡,將高品質的資安培訓提供到亞洲各國活躍的更多社會運動者與高危險社群。 2017 年,在台灣舉辦「東亞及華人社群人權工作者資安隱私保護工作坊」,超過 14 國、50 位跨國參加者及多個國際組織共襄盛舉,開啟後續更多深度合作,後半年起並於東南亞數國舉辦數場資安培訓。
CSCS 社群由志工講師及台灣的公民團體代表組成,由 OCF 擔任活動的統籌祕書處,協助社群發展。
課程大綱:

  • 如何向新手介紹資安?
  • 手機、電腦、線上通訊的安全性,如何教學?
  • 台灣公民團體(NGO)的資訊科技使用現狀
  • 如何建立與公民團體(NGO)的合作關係
  • NGO 資安培訓實作經驗分享

資安研討會及活動

TANET 2019 – 臺灣網際網路研討會 資訊展望 X 5新啟航

活動時間:2019/9/25 – 2019/9/27
活動地點:高雄國際會議中心
活動網站:https://tanet2019.nsysu.edu.tw/
活動概要:TANET2019臺灣網際網路研討會以「資訊展望、5新起航」為主題。因科技的日新月異,使物聯網絡擴大成熟,經濟和生活將迎來重大變革,同時影響智慧校園的發展,也為教學形式上碰撞出新的火花。本次大會圍繞著五大主軸「物聯新通訊、智慧新生活、雲端新服務、資安新防護、軟體新應用」擴展,全方面探討物聯網絡時代帶來的關鍵課題。
5新議題延伸的子議題涵蓋5G網路通訊、人工智慧及其應用、前瞻資安研發、網路規劃建置、物聯網(IOT)、深度學習、網際網路技術、區塊鏈、軟體工程等多達55個領域,將徵求各方資訊從業人員於本次大會發表優質論文,進行深度探索,交流切磋。大會也將邀請產、官、學界資深專家進行精彩的專題演講,以及各類議題討論、論壇分享、資安體驗營、戶外參訪等活動,藉由不同交流形式,共覽學術面及實務面的最新技術發展,使與會者從5新啟航,激發創意思維,共同展望智能時代的美麗新境界。


新加坡資安市場解密講座: 台灣資安浴血東南亞叢林戰鬥之起點

活動時間:2019/7/26
活動地點:臺北市大安區和平東路二段106號11樓
活動網站:https://ievents.iii.org.tw/eventS.aspx?t=0&id=547
活動概要:台灣資安浴血東南亞叢林戰鬥之起點
獅城新加坡,2005年即開始推動資安政策,2015年成立隸總理辦公室的網路安全局,宣示網路安全是國家推動的政策方針之一,須從防護、創新以及夥伴關係三方面著手。新加坡也將扮演東協網路安全的促進者,推動打造東協與新加坡網路安全卓越中心。
基於新加坡的關鍵定位,本會特別邀請Accrete Innovation創辦人 Edmas Neo先生來台傳授心法,協助國內資安業者爭取國際資金投資,提昇其接軌國際市場之能量。
Edmas Neo先生擁有超過20年的產業經驗,橫跨私人公司與政府部門,擔任科技、創新、創業、及策略顧問,他曾在IBM擔任資安顧問(Certified Solution Expert),負責金融、醫療及政府客戶。之後加入政府IDA(Infocomm Development Authority)以及Infocomm Investments,投入各種加速器計劃,包括SEA Anchor和TAGPASS等,有效推動新加坡、韓國和台灣100多個創業團隊在國際市場上的拓展。並且在他擔任 創業行動社群Action Community for Entrepreneurship (ACE) 執行長的期間,ACE國際中心成功將其足跡擴展到曼谷和中國。吸引來自16個城市的合作夥伴,創建了一個超過25,000家創業公司的網絡,為區域生態體系帶來了巨大的價值。


New Attacks against Blockchain and 5G Networks

活動時間:2019/7/29
活動地點:台北市松山區民生東路四段133號科技服務大樓1樓101會議室
活動網站:https://ievents.iii.org.tw/eventS.aspx?t=0&id=585
活動概要:資安Rank-One研討會常客講師,國立新加坡大學Min Suk Kang 助理教授
Main Research:Internet denial-of-service problems, cellular network security, and Internet privacy.
Recent Publications:2019“ Practical Verifiable In-network Filtering for DDoS Defense”
2019“SurFi: Detecting Surveillance Camera Looping Attacks with Wi-Fi Channel State Information”
國際最新攻擊技術分享:5G與區塊鏈最新型態攻擊,與可行解決方案建議
國內無線射頻資安需求交流:邀請對無線射頻資安有興趣的產學研究對象,一同探討5G世代下的射頻安全訊息


DEF CON 27

活動時間:2019/8/8 – 8/11
活動地點:Paris Las Vegas
Las Vegas, NV 89109, US
活動網站:https://www.defcon.org/
活動概要:The DEF CON 27 Theme: ‘Technology’s Promise’:
DEF CON 26 was about the inflection point between disorder and dystopia – the moment before the point of no return. The DEF CON 27 theme, in a way, responds to ‘1983’ with new questions. What does it look like when we make the better choice? What kind of world do we hack together in the sunniest timeline? How does our real best-case scenario compare to the future we’ve been dreaming of for generations?
Extra consideration will be granted for submissions that tie into this year’s theme. We want you to hear about your hacks and research, and how will it relate to the discussions below.

1) Cypherpunk and “engineering out of the problem”.:
Tim May was once quoted saying anonymity online would “alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret.” At the time his manifesto was for “both a social and economic revolution” and so began the newly formed “Cypherpunks”. Cypherpunks invented cryptography with the aim of abolishing big brother, but 30 years later we have big corporations in their place. Large corporations have insured that the 21st century hasn’t come without compromises.
Crypto-anarchism is still alive and well today in well known examples like Tor, Freenet, cryptocurrencies, etc. Tell us what you’re doing now to circumvent the future we’re living in? Corporations are developing advanced facial recognition and becoming “the new big brother”. Social media is exchanging a false sense of freedom at the expense of a total removal of anonymity. The Cypherpunk ethos will have to adapt now that we have merged the “instagram-able” life, biometrics, ML, IOT, and micro-targeting. To build a future that doesn’t limit our love of modern technology and socialization at the expense of freedom will require decentralization and anonymity technology breakthroughs. What are you doing to engineer your way out of these problems?

2) “Keep InfoSec out of Hacking”:
DEF CON wants to support the culture of hacking. Between the TV interviews and the assessments we are still the same people with funny names threading the eye of the needle to make the next breakthrough. Hackers have become mainstream, seemingly to leave the underground to make a “legitimate” living. The industry has developed policies for ethical hacking, multimillion dollar pentesting orgs, bug bounty programs, and set the foundations of security for behemoth corporations. Being paid for hacking was the dream, but now it is an industry unto itself that focuses predominantly on enterprise.
DEF CON is a hacker con, not an InfoSec conference. Hackers are more focused on the joy of discovery, irreverence, novel if impractical approaches. InfoSec is more focused on enterprise, frameworks, and protecting the interests of share holders. There is great value in both types of content, but our con is a hacker con by design.
Activities that enable the hacker mindset and demonstrate how to master a certain technique are always going to be selected over a great enterprise InfoSec talk. DEF CON has always tried to provide a way to amplify the work of hackers, to create a venue for research that allows for others to grow. The idea that technology should be free was written into the subtext of “The Hacker Manifesto” and is just as valid today as it was 33 years ago.

3) We want the computer from Star Trek, what we’re getting is HAL 9000.:
At DEF CON 24 we hosted DARPA’s Grand Cyber Challenge, a challenge to the innovation community with a $2M prize to build a computer that can hack and patch software with no one at the keyboard. This was a lot of fun, and yet there were whispers among us of a future where artificial intelligence will render some human jobs irrelevant. We can see ourselves approaching an event horizon of automation. This technology is not without a price, but how do we get to the utopian world where we ask a computer to make us a cup of earl grey without landing ourselves in a black mirror dystopia? Engineers are developing smart home devices with disembodied voices, while hackers are quick to shout tropes of “NSA listening devices”. Is the reckless misuse of technology leading us to a dark future? What can hackers do to help achieve the sunniest timeline?
Above are some suggested topics that loosely align with the theme, we consider all talk subjects. If your talk doesn’t fit in one of these topics don’t worry, the suggested themes are just a starting point. We’ve dozens of speaking slots, the tracks will be filled with a clustering of subjects; hardware hacking, lock picking, mobile hacking, reverse engineering, legalities of hacking, and more.


CLOUDSEC 企業資安高峰論壇 2019

活動時間:2019/8/21
活動地點:台北國際會議中心 (TICC)
活動網站:https://www.cloudsec.com/tw/
活動概要:PICTURE THIS! See. Secure. Go Further. 擘畫企業安全藍圖,帶您看更廣,走更遠
期許每天都能機敏地運用日益複雜和不斷移轉的IT環境,提升生產力…
期望企業能掌握威脅、抵禦攻擊,即使面對事件也能迅速恢復到日常…
形塑網路安全為一個戰略,運籌帷幄,敏銳地管理不斷變化的威脅和風險… 這一切令人嚮往,而您的企業,是否已具備如此能力?
「CLOUDSEC 企業資安高峰論壇 2019」將帶您在混亂的世代中看得更清楚, 掌握多樣化的技術和洞悉複雜的IT架構,從不同的角度、不同產業案例,看到更多事件的蛛絲馬跡;即使面對挑戰也能從容以對。
CLOUDSEC企業資安高峰論壇,是趨勢科技發表最新資安趨勢、技術和願景的時刻,如果您曾經參與,2019更不能錯過。

資安研討會及活動

TANET 2019 – 臺灣網際網路研討會 資訊展望 X 5新啟航

活動時間:2019/9/25 – 2019/9/27
活動地點:高雄國際會議中心
活動網站:https://tanet2019.nsysu.edu.tw/index.php
活動概要:TANET2019臺灣網際網路研討會以「資訊展望、5新起航」為主題。因科技的日新月異,使物聯網絡擴大成熟,經濟和生活將迎來重大變革,同時影響智慧校園的發展,也為教學形式上碰撞出新的火花。本次大會圍繞著五大主軸「物聯新通訊、智慧新生活、雲端新服務、資安新防護、軟體新應用」擴展,全方面探討物聯網絡時代帶來的關鍵課題。
5新議題延伸的子議題涵蓋5G網路通訊、人工智慧及其應用、前瞻資安研發、網路規劃建置、物聯網(IOT)、深度學習、網際網路技術、區塊鏈、軟體工程等多達55個領域,將徵求各方資訊從業人員於本次大會發表優質論文,進行深度探索,交流切磋。大會也將邀請產、官、學界資深專家進行精彩的專題演講,以及各類議題討論、論壇分享、資安體驗營、戶外參訪等活動,藉由不同交流形式,共覽學術面及實務面的最新技術發展,使與會者從5新啟航,激發創意思維,共同展望智能時代的美麗新境界。


2019 AWS 台北高峰會

活動時間:2019/6/12 – 6/13
活動地點:台北國際會議中心 (台灣台北市信義區信義路五段1號)
活動網站:https://amzn.to/2wDxiMc
活動概要:2019 AWS 台北高峰會聚集了各方雲端愛好者一同探討AWS的新技術。在這 2 天的議程裡,您可以深入了解我們的核心主題,也可以選擇參與入門課程來學習新技術。所有的主題將會由AWS技術專家和合作夥伴提供,您將會在現場聆聽他們的豐富經驗!


在 6 月 12 日的 AWS Dev Day,您將會參與一場專門設計給開發人員的半天免費技術活動。無論您是一位開發人員、數據分析師、app工程師或 IT Pro,這絕對是您不容錯過的內容!精彩的活動包括優質的技術課程、實機展示和工作坊,全都由AWS專家特別為您設計。
而 6 月 13 日的活動將會聚焦在 6 個關鍵主題上,全面概括AWS服務內容與其特色。您可以透過各種技術議程和實機展示找到您所需的解決方案,也可以把握機會與其他的雲端夥伴及AWS技術專家一同交流!
除了精彩的議程,現場還有全世界第一個開放給所有人參加的全球自動駕駛賽車聯盟及豐富的展覽。


2019 CipherTech Solution Day

活動時間:2019/6/19
活動地點:維多麗亞酒店-1F 大宴會廳 (台北市敬業四路168號)
活動網站:https://seminar.ithome.com.tw/live/20190619CT/index.html
活動概要:2019 年對資安管理人員來說,是關鍵的一年,極多關鍵的防護工作有待落實。
首先「資通安全管理法」在今年(2019)正式施行。若您的服務單位為公務機關、公營機構、八大關鍵基礎設施提供者或政府捐助之財團法人,即需警覺到資安防護的要求已提升至法令層級,若不合規,恐面臨懲處或罰鍰。
但「資通安全管理法」內含系統與資訊完整性、系統與通訊保護、識別與鑑別、稽核與可歸責性、資通安全防護等細膩要求,意謂您需要做大量功課,須趕緊研究 IDS/IPS、WAF、資料庫稽核、金鑰與資料保護等技術,還得儘速擇優導入,壓力確實不小。
假使您的服務單位正興致勃勃地投入數位轉型,也別忽略 2018 年是史上資料外洩最嚴重的一年,預期今年這些狀況只會繼續,不會轉為天下太平。為避免數位化過程導致資安門戶洞開、釀成機敏資料外洩,您需要認真思考威脅防禦、資料加密乃至金鑰管理的佈局之道。
隨著眾多議題同時發酵,您是否不知從何做起?身為企業資安好夥伴的亞利安科技,將於 6/19(三)舉辦「CipherTech Solution Day 2019」,不僅邀請陳勇君博士針對「資通安全管理法」進行合規要點說明,也將輪番介紹 Thales、Imperva、Netscout 等殺手級解決方案,讓您用適當的解決方案,有效解決接踵而來的資安難題;假使您高度關注資通安全管理法、資料庫加密與金鑰安全防護、威脅防禦等重大命題,這場活動將是您不可錯過的的知識饗宴!


國際資訊安全組織臺灣高峰會

活動時間:2019/7/9 – 7/11
活動地點:集思台大會議中心 (台北市大安區羅斯福路四段85號)
活動網站:http://2019.infosec.org.tw/
活動概要:智慧聯網的時代來臨,許多應用都與資訊安全相關,資訊安全的議題早已跨越了國境的邊界,近來幾次大型網路攻擊事件,不論國內外都引起了許多人的憂心,不論是近來經常發生的勒索攻擊威脅,或是網站遭到資料的竊取,這些都已成為全球性的資安問題,如何因應新興的資安問題所帶來的資安風險,成為我們所關注的話題。
國際資訊安全組織台灣高峰會,由Cloud Security Alliance台灣分會、The Honeynet Project台灣分會以及OWASP台灣分會共同主辦,同步接軌Cloud Security Alliance、The Honeynet Project與OWASP等國際資訊安全組織最新研究成果,提供與會人員掌握全球資訊安全發展脈動與趨勢,會議內容涵蓋雲端服務安全、誘捕資安技術、網站應用程式安全、事件掌握與應變等議題,接軌國際資安社群有助於掌握全球發展趨勢。

CSA Taiwan Summit 2019
雲端安全聯盟(CSA, Cloud Security Alliance)為全球非營利組織,CSA Taiwan Chapter自2011年底於台灣成立,在國內扮演雲端服務安全等新興資安議題的推動者,為了提高國內雲端服務供應商對於使用者信任,配合全球雲端服務安全證書CSA STAR的推動,累積到2017年底止已有七個單位取得此一殊榮,透過第三方驗證的實施,建立公正客觀的量測標準,提高使用者對於採用雲端服務平台的信賴,取得CSA STAR Level 2驗證的單位包括了國內主要電信服務供應商,中華電信、遠傳電信以及台灣大哥,國內最大的資料中心Acer eDC以及國家級研究單位-國家實驗研究院以及國家高速網路與計算中心,東海大學等,皆已獲得國際CSA STAR Level 2頂尖雲端服務安全驗證,投入雲端安全認證的單位亦陸續增加中,已成為全球一致的雲端安全服務標準。
Web:https://cloudsecurityalliance.org/

HoneyCon 2019
The Honeynet Project為誘捕技術與資安研究為主的非營利組織,由The Honeynet Project Taiwan Chapter在國內辦理的誘捕技術研討會,今年的HoneyCon已邁入第十年,自2013年之後成為每年超過400人參與的大型資安技術會議,在2017年更突破了550人次,每年同步辦理的資安實務課程(Workshop)頗受好評,透過實務的課程推廣誘捕技術的應用以及最新的資安技術;誘捕技術的運用,已成為目前應用在資安威脅偵測上的重要方法,針對不同的應用場景所部署的誘捕系統以及誘捕網路,可以搭配資安設備進行進階的預警與防禦,有效的提昇對於資安威脅的預警能力,近年來因應新興的資訊服務,例如:物聯網、關鍵基礎設施等,亦有相當多的誘捕技術發展,今年度的議題,將聚焦於這些新型態的誘捕技術運用,並接軌The Honeynet Project的最新發展。
Web:http://honeynet.org/

OWASP AppSec Taiwan 2019
OWASP(Open Web Application Security Project)為全球主要針對開放網頁應用程式安全進行研究的非營利組織,目前已有超過45,000名的志願參與者,針對頁應用程式相關的資安問題,進行關鍵的研究並發佈相關的研究成果,對於現今以網頁程式運作為主的資訊環境,更顯得OWASP正扮演著舉足輕重的角色;於2017年OWASP重新啟動台灣分會的運作,希望以更積極主動的方式,將國際間的熱闁資安議題,以及研究的成果,透過社群活動、大型會議等方式,分享給國內的參與者,OWASP台灣分會依循全球一致的原則,以中立的角色連結產管學研界,希望凝聚國內資安社群的能量,以接軌國際資安社群,能夠同步發佈全球已公開的研究資料,將有助於改善與提昇國內的資安防禦技能與產業環境。
Web:https://www.owasp.org/


DEF CON 27

活動時間:2019/8/8 – 8/11
活動地點:Paris Las Vegas (Las Vegas, NV 89109, US)
活動網站:https://www.defcon.org/
活動概要:The DEF CON 27 Theme: ‘Technology’s Promise’:
DEF CON 26 was about the inflection point between disorder and dystopia – the moment before the point of no return. The DEF CON 27 theme, in a way, responds to ‘1983’ with new questions. What does it look like when we make the better choice? What kind of world do we hack together in the sunniest timeline? How does our real best-case scenario compare to the future we’ve been dreaming of for generations?
Extra consideration will be granted for submissions that tie into this year’s theme. We want you to hear about your hacks and research, and how will it relate to the discussions below.

1) Cypherpunk and “engineering out of the problem”.:
Tim May was once quoted saying anonymity online would “alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret.” At the time his manifesto was for “both a social and economic revolution” and so began the newly formed “Cypherpunks”. Cypherpunks invented cryptography with the aim of abolishing big brother, but 30 years later we have big corporations in their place. Large corporations have insured that the 21st century hasn’t come without compromises.
Crypto-anarchism is still alive and well today in well known examples like Tor, Freenet, cryptocurrencies, etc. Tell us what you’re doing now to circumvent the future we’re living in? Corporations are developing advanced facial recognition and becoming “the new big brother”. Social media is exchanging a false sense of freedom at the expense of a total removal of anonymity. The Cypherpunk ethos will have to adapt now that we have merged the “instagram-able” life, biometrics, ML, IOT, and micro-targeting. To build a future that doesn’t limit our love of modern technology and socialization at the expense of freedom will require decentralization and anonymity technology breakthroughs. What are you doing to engineer your way out of these problems?

2) “Keep InfoSec out of Hacking”:
DEF CON wants to support the culture of hacking. Between the TV interviews and the assessments we are still the same people with funny names threading the eye of the needle to make the next breakthrough. Hackers have become mainstream, seemingly to leave the underground to make a “legitimate” living. The industry has developed policies for ethical hacking, multimillion dollar pentesting orgs, bug bounty programs, and set the foundations of security for behemoth corporations. Being paid for hacking was the dream, but now it is an industry unto itself that focuses predominantly on enterprise.
DEF CON is a hacker con, not an InfoSec conference. Hackers are more focused on the joy of discovery, irreverence, novel if impractical approaches. InfoSec is more focused on enterprise, frameworks, and protecting the interests of share holders. There is great value in both types of content, but our con is a hacker con by design.
Activities that enable the hacker mindset and demonstrate how to master a certain technique are always going to be selected over a great enterprise InfoSec talk. DEF CON has always tried to provide a way to amplify the work of hackers, to create a venue for research that allows for others to grow. The idea that technology should be free was written into the subtext of “The Hacker Manifesto” and is just as valid today as it was 33 years ago.

3) We want the computer from Star Trek, what we’re getting is HAL 9000.:
At DEF CON 24 we hosted DARPA’s Grand Cyber Challenge, a challenge to the innovation community with a $2M prize to build a computer that can hack and patch software with no one at the keyboard. This was a lot of fun, and yet there were whispers among us of a future where artificial intelligence will render some human jobs irrelevant. We can see ourselves approaching an event horizon of automation. This technology is not without a price, but how do we get to the utopian world where we ask a computer to make us a cup of earl grey without landing ourselves in a black mirror dystopia? Engineers are developing smart home devices with disembodied voices, while hackers are quick to shout tropes of “NSA listening devices”. Is the reckless misuse of technology leading us to a dark future? What can hackers do to help achieve the sunniest timeline?
Above are some suggested topics that loosely align with the theme, we consider all talk subjects. If your talk doesn’t fit in one of these topics don’t worry, the suggested themes are just a starting point. We’ve dozens of speaking slots, the tracks will be filled with a clustering of subjects; hardware hacking, lock picking, mobile hacking, reverse engineering, legalities of hacking, and more.

資安研討會及活動

「網路社群與數位合作」專家座談會

活動時間:2019/5/13
活動地點:IEAT會議中心8F國貿講堂
活動網站:https://twnic-icann.kktix.cc/events/108-3
活動概要:全球社會在數位時代中面臨了如安全、公平、道德和人權等問題,而當前的國際合作方式與合作程度仍不足以因應這些挑戰。國內外的社群成員面對這些新的科技發展議題衝擊時所形成的意見與想法也需要表達及參與討論的管道。在多方利害關係人的模式下,鼓勵各個層面的利害關係人積極參與網路治理議題的討論,即為促進利害關係人合作、瞭解相關議題,並建立對議題共識的方法之一,本次座談旨在鼓勵臺灣的網路社群作為利害關係人,一同探討國內科技發展、數位發展以及需要優先行動的領域所產生的議題。
藉由提出議題,與相關領域(學界、網路組織、公民社會等)之其他利害關係人代表交換數位科技發展情形、可協同合作的形式等方面的意見,幫助臺灣的網路社群瞭解國內網路公共政策議題可能的影響,同時提升對數位合作相關議題的認知。


TANET 2019 – 臺灣網際網路研討會 資訊展望 X 5新啟航

活動時間:2019/9/25–9/27
活動地點:高雄國際會議中心
活動網站:https://tanet2019.nsysu.edu.tw/index.php
活動概要:TANET2019臺灣網際網路研討會以「資訊展望、5新起航」為主題。因科技的日新月異,使物聯網絡擴大成熟,經濟和生活將迎來重大變革,同時影響智慧校園的發展,也為教學形式上碰撞出新的火花。本次大會圍繞著五大主軸「物聯新通訊、智慧新生活、雲端新服務、資安新防護、軟體新應用」擴展,全方面探討物聯網絡時代帶來的關鍵課題。
5新議題延伸的子議題涵蓋5G網路通訊、人工智慧及其應用、前瞻資安研發、網路規劃建置、物聯網(IOT)、深度學習、網際網路技術、區塊鏈、軟體工程等多達55個領域,將徵求各方資訊從業人員於本次大會發表優質論文,進行深度探索,交流切磋。大會也將邀請產、官、學界資深專家進行精彩的專題演講,以及各類議題討論、論壇分享、資安體驗營、戶外參訪等活動,藉由不同交流形式,共覽學術面及實務面的最新技術發展,使與會者從5新啟航,激發創意思維,共同展望智能時代的美麗新境界。


Taiwan Cloud Edge 台灣

活動時間:2019/5/15
活動地點:台北國際會議中心 (TICC)
活動網站:https://cloudsummit.ithome.com.tw/index.html
活動概要:

  • 把握數位轉型的決勝之年
    隨著5G商轉在即,可望加速邊緣運算起飛,密集催生大量的創新產品與服務,順勢揭開下一波市場淘汰賽的序幕。面對生存保衛戰,企業不容遲疑觀望,急需武裝自己、提高競爭力;透過本活動,您可深入了解混合雲、DevOps、IoT、AI…等數十種雲端技術內涵,進一步理解如何活用它們,快速強化數位創新能量。
  • 將資安內化於數位創新
    不少企業因懼怕遭受網路攻擊,延緩數位轉型的腳步。有鑑於此,本活動不僅引領您躍上雲端、擁抱科技融匯的 IT 新世界,也不忘帶您掌握企業雲端應用安全邊界,知道如何將資訊安全融入數位發展戰略,在業務創新、風險控制天平兩端之間建立最佳平衡。
  • 結合案例分享,創造臨場體驗
    臺灣雲端大會處在新技術浪潮尖端,屢屢放送包括 Cloud Native Computing、AI、IoT、Edge Computing、DevOps、Microservices、Serverless、Blockchain…等大量新知;難能可貴的是,大會不只關切技術理論,更重視管理與應用實務,因而致力規劃案例分享議程,使學員得以增加臨場感,更懂得將新技術運用在企業 IT 發展實務。
  • 互動Hands-on Lab,練就實戰功力
    一直以來,「實機體驗課」(Hands-on Lab, HOL)始終是臺灣雲端大會的一大亮點,2019 活動現場也不例外!除了特別設計互動式實機環境外,更搭配專業講師的教學引導,帶學員深入了解雲端新技術或新服務的應用環境,學習相關設定、流程或指令,透過做中學、不空談,把這份能力帶回企業工作崗位。
  • 新世代雲端資料中心
    邁向新世代雲端機房,實現雲端運算理念,滿足企業雲端商務應用!雲端主導未來新商業模式的創新與發展,資料中心則是現代數位經濟的核心能力。新世代雲端資料中心議程,旨揭分享各產業且不同規模的企業所需要的雲端資料中心專業案例。

DEF CON 27

活動時間:2019/8/8–8/11
活動地點:Paris Las Vegas. Las Vegas, NV 89109, US
活動網站:https://www.defcon.org/
活動概要:
The DEF CON 27 Theme: ‘Technology’s Promise’:
DEF CON 26 was about the inflection point between disorder and dystopia – the moment before the point of no return. The DEF CON 27 theme, in a way, responds to ‘1983’ with new questions. What does it look like when we make the better choice? What kind of world do we hack together in the sunniest timeline? How does our real best-case scenario compare to the future we’ve been dreaming of for generations?
Extra consideration will be granted for submissions that tie into this year’s theme. We want you to hear about your hacks and research, and how will it relate to the discussions below.

  1. Cypherpunk and “engineering out of the problem”.:
    Tim May was once quoted saying anonymity online would “alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret.” At the time his manifesto was for “both a social and economic revolution” and so began the newly formed “Cypherpunks”. Cypherpunks invented cryptography with the aim of abolishing big brother, but 30 years later we have big corporations in their place. Large corporations have insured that the 21st century hasn’t come without compromises.
    Crypto-anarchism is still alive and well today in well known examples like Tor, Freenet, cryptocurrencies, etc. Tell us what you’re doing now to circumvent the future we’re living in? Corporations are developing advanced facial recognition and becoming “the new big brother”. Social media is exchanging a false sense of freedom at the expense of a total removal of anonymity. The Cypherpunk ethos will have to adapt now that we have merged the “instagram-able” life, biometrics, ML, IOT, and micro-targeting. To build a future that doesn’t limit our love of modern technology and socialization at the expense of freedom will require decentralization and anonymity technology breakthroughs. What are you doing to engineer your way out of these problems?
  2. “Keep InfoSec out of Hacking”:
    DEF CON wants to support the culture of hacking. Between the TV interviews and the assessments we are still the same people with funny names threading the eye of the needle to make the next breakthrough. Hackers have become mainstream, seemingly to leave the underground to make a “legitimate” living. The industry has developed policies for ethical hacking, multimillion dollar pentesting orgs, bug bounty programs, and set the foundations of security for behemoth corporations. Being paid for hacking was the dream, but now it is an industry unto itself that focuses predominantly on enterprise.
    DEF CON is a hacker con, not an InfoSec conference. Hackers are more focused on the joy of discovery, irreverence, novel if impractical approaches. InfoSec is more focused on enterprise, frameworks, and protecting the interests of share holders. There is great value in both types of content, but our con is a hacker con by design.
    Activities that enable the hacker mindset and demonstrate how to master a certain technique are always going to be selected over a great enterprise InfoSec talk. DEF CON has always tried to provide a way to amplify the work of hackers, to create a venue for research that allows for others to grow. The idea that technology should be free was written into the subtext of “The Hacker Manifesto” and is just as valid today as it was 33 years ago.
  3. We want the computer from Star Trek, what we’re getting is HAL 9000.:
    At DEF CON 24 we hosted DARPA’s Grand Cyber Challenge, a challenge to the innovation community with a $2M prize to build a computer that can hack and patch software with no one at the keyboard. This was a lot of fun, and yet there were whispers among us of a future where artificial intelligence will render some human jobs irrelevant. We can see ourselves approaching an event horizon of automation. This technology is not without a price, but how do we get to the utopian world where we ask a computer to make us a cup of earl grey without landing ourselves in a black mirror dystopia? Engineers are developing smart home devices with disembodied voices, while hackers are quick to shout tropes of “NSA listening devices”. Is the reckless misuse of technology leading us to a dark future? What can hackers do to help achieve the sunniest timeline?
    Above are some suggested topics that loosely align with the theme, we consider all talk subjects. If your talk doesn’t fit in one of these topics don’t worry, the suggested themes are just a starting point. We’ve dozens of speaking slots, the tracks will be filled with a clustering of subjects; hardware hacking, lock picking, mobile hacking, reverse engineering, legalities of hacking, and more.

資安研討會及活動

ICANN APAC-TWNIC Engagement Forum

活動時間:2019/4/16 – 4/17
活動地點:臺大醫院國際會議中心
活動網站:https://forum.twnic.net.tw/2019/
活動概要:
ICANN 及TWNIC共同舉辦合作交流論壇 (ICANN APAC-TWNIC Engagement Forum),集合了網路相關利害關係人與國際相關網路社群,針對域名、IP位址及網路安全等主題,進行深入議題探討,這將是台灣與國際網路利害關係人共同面對面討論全球網路議題的最佳機會。
ICANN 及TWNIC建立論壇平台的目的,是讓地區內之網路相關利害關係人,可在「一個世界、一個網路」的目標下,以合作交流論壇建立一個共同合作、討論與鏈結的全球網路社群。
我們需要您的參與,為「一個世界、一個網路」共同發聲!

The ICANN APAC-TWNIC Engagement Forum is a joint effort of the two Internet organizations to bring the stakeholders of the Internet together with the local and international communities to share and discuss the latest topics on Internet policies, domain name, IP address allocation, and cybersecurity. It is the best chance to meet, discuss and share your opinions on the latest issues and know the stakeholders in Taiwan.
It is also our goal to establish a platform for the communities to ignite the discussions from a variety of aspects of stakeholders and to keep pace with dynamic technologies and rapid innovation. With our goal “One World. One Internet.”, facilitating we work together, discuss together, connect together under the global community as One.
We need you to participate and voice out for the One Internet!


2019年資訊安全列車系列-政府暨教育界資訊安全研討會

活動時間:2019/4/23、2019/4/25、2019/4/26
活動地點:

  • 台北場—集思台大國際會議中心蘇格里底廳
  • 台中場—順天經貿廣場
  • 高雄場—國立科學工藝館S105階梯教室

活動網站:http://www.software.acer.net/webc/html/activity/show.aspx?num=283&page=1

活動概要:

  • 指導單位:行政院人事行政總處
  • 主辦單位:中華民國資訊安全學會
  • 協辦廠商:宏碁資訊服務(股)商用軟體事業單位公營業務處
  • 演講主題:
    資安專題演講/台北場:區塊鏈應用之限制與安全性考量
    資安專題演講/台中高雄場:區塊鏈在數據分析與保全的應用
    機關資安實務分享:公務機關落實資安法的挑戰
    基礎建設的資安防禦
    政府暨企業進階管理與安全防護:以windows 10為例
    全方位公務機關辦公環境:資安/效率/維護

2019亞太資訊安全論壇暨展會

活動時間:2019/5/8 – 5/10
活動地點:台北世貿南港展覽館
活動網站:https://secutechinfosecurity.tw.messefrankfurt.com/taipei/zh-tw/visitors/welcome.html
活動概要:2019年第十八屆(年) 亞太資訊安全論壇暨展會,《資安人》媒體,將於三天展覽會會場上,從四個主軸出發深入探討資訊安全議題: 觀念 : 與法規同步,與協同合作夥伴共同推動資安關鍵角色的重要性。

  • 組織:企業組織設立專職單位與專職資訊安全人員。
  • 管理:採用工具的評估讓觀念具體呈現其效力。
  • 技術:新型態網路部署規劃,建置。

3天論壇,10個關鍵資安主題,50場演講 + 攤位展示。

  • 資安議題方向:
    資安管理與法規 (Security Management and Compliance)
    網際威脅 (Cybersecurity )
    雲端與行動安全 ( Cloud & Mobile Info Security )
  • 資安與監控安防聯網
    資安議題:Infra Security、Endpoint、Application Security、Wireless、Cloud、Mobile Security、SIEM、Incident Response、Identity Management …..

歡迎各界、資安領域廠商們參與,展現您們的優秀產品與高品質的服務。


DEF CON 27

活動時間:2019/8/8 – 8/11
活動地點:Paris Las Vegas (Las Vegas, NV 89109, US)
活動網站:https://www.defcon.org/
活動概要:

  • The DEF CON 27 Theme: ‘Technology’s Promise’:
    DEF CON 26 was about the inflection point between disorder and dystopia – the moment before the point of no return. The DEF CON 27 theme, in a way, responds to ‘1983’ with new questions. What does it look like when we make the better choice? What kind of world do we hack together in the sunniest timeline? How does our real best-case scenario compare to the future we’ve been dreaming of for generations?
    Extra consideration will be granted for submissions that tie into this year’s theme. We want you to hear about your hacks and research, and how will it relate to the discussions below.
  1. Cypherpunk and “engineering out of the problem”.:
    Tim May was once quoted saying anonymity online would “alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret.” At the time his manifesto was for “both a social and economic revolution” and so began the newly formed “Cypherpunks”. Cypherpunks invented cryptography with the aim of abolishing big brother, but 30 years later we have big corporations in their place. Large corporations have insured that the 21st century hasn’t come without compromises.
    Crypto-anarchism is still alive and well today in well known examples like Tor, Freenet, cryptocurrencies, etc. Tell us what you’re doing now to circumvent the future we’re living in? Corporations are developing advanced facial recognition and becoming “the new big brother”. Social media is exchanging a false sense of freedom at the expense of a total removal of anonymity. The Cypherpunk ethos will have to adapt now that we have merged the “instagram-able” life, biometrics, ML, IOT, and micro-targeting. To build a future that doesn’t limit our love of modern technology and socialization at the expense of freedom will require decentralization and anonymity technology breakthroughs. What are you doing to engineer your way out of these problems?
  2. “Keep InfoSec out of Hacking”:
    DEF CON wants to support the culture of hacking. Between the TV interviews and the assessments we are still the same people with funny names threading the eye of the needle to make the next breakthrough. Hackers have become mainstream, seemingly to leave the underground to make a “legitimate” living. The industry has developed policies for ethical hacking, multimillion dollar pentesting orgs, bug bounty programs, and set the foundations of security for behemoth corporations. Being paid for hacking was the dream, but now it is an industry unto itself that focuses predominantly on enterprise.
    DEF CON is a hacker con, not an InfoSec conference. Hackers are more focused on the joy of discovery, irreverence, novel if impractical approaches. InfoSec is more focused on enterprise, frameworks, and protecting the interests of share holders. There is great value in both types of content, but our con is a hacker con by design.
    Activities that enable the hacker mindset and demonstrate how to master a certain technique are always going to be selected over a great enterprise InfoSec talk. DEF CON has always tried to provide a way to amplify the work of hackers, to create a venue for research that allows for others to grow. The idea that technology should be free was written into the subtext of “The Hacker Manifesto” and is just as valid today as it was 33 years ago.
  3. We want the computer from Star Trek, what we’re getting is HAL 9000.:
    At DEF CON 24 we hosted DARPA’s Grand Cyber Challenge, a challenge to the innovation community with a $2M prize to build a computer that can hack and patch software with no one at the keyboard. This was a lot of fun, and yet there were whispers among us of a future where artificial intelligence will render some human jobs irrelevant. We can see ourselves approaching an event horizon of automation. This technology is not without a price, but how do we get to the utopian world where we ask a computer to make us a cup of earl grey without landing ourselves in a black mirror dystopia? Engineers are developing smart home devices with disembodied voices, while hackers are quick to shout tropes of “NSA listening devices”. Is the reckless misuse of technology leading us to a dark future? What can hackers do to help achieve the sunniest timeline?
    Above are some suggested topics that loosely align with the theme, we consider all talk subjects. If your talk doesn’t fit in one of these topics don’t worry, the suggested themes are just a starting point. We’ve dozens of speaking slots, the tracks will be filled with a clustering of subjects; hardware hacking, lock picking, mobile hacking, reverse engineering, legalities of hacking, and more.

資安研討會及活動

ICANN APAC-TWNIC Engagement Forum

活動時間:2019/4/16 – 4/17
活動地點:臺大醫院國際會議中心
活動網站:https://forum.twnic.net.tw/2019/
活動概要:ICANN 及TWNIC共同舉辦合作交流論壇 (ICANN APAC-TWNIC Engagement Forum),集合了網路相關利害關係人與國際相關網路社群,針對域名、IP位址及網路安全等主題,進行深入議題探討,這將是台灣與國際網路利害關係人共同面對面討論全球網路議題的最佳機會。
ICANN 及TWNIC建立論壇平台的目的,是讓地區內之網路相關利害關係人,可在「一個世界、一個網路」的目標下,以合作交流論壇建立一個共同合作、討論與鏈結的全球網路社群。
我們需要您的參與,為「一個世界、一個網路」共同發聲!
The ICANN APAC-TWNIC Engagement Forum is a joint effort of the two Internet organizations to bring the stakeholders of the Internet together with the local and international communities to share and discuss the latest topics on Internet policies, domain name, IP address allocation, and cybersecurity. It is the best chance to meet, discuss and share your opinions on the latest issues and know the stakeholders in Taiwan.
It is also our goal to establish a platform for the communities to ignite the discussions from a variety of aspects of stakeholders and to keep pace with dynamic technologies and rapid innovation. With our goal “One World. One Internet.”, facilitating we work together, discuss together, connect together under the global community as One.
We need you to participate and voice out for the One Internet!


2019臺灣資安大會

活動時間:2019/3/19 – 3/21
活動地點:臺北國際會議中心 & 世貿一館 2 樓
活動網站:https://cyber.ithome.com.tw/
活動概要:2019 臺灣資安大會邀請您與我們一起參與臺灣年度資安盛事,為期一週的2019臺灣資安大會 (CYBERSEC 2019) 在此集結 180 家以上的國際及臺灣在地知名資安夥伴,展示最新與最適切的資安產品與服務,提供超過180堂資安全面向的議程,探討 80種以上最熱與最廣泛的資安議題與技術。除了豐富的資安對策,更可與來自臺灣與亞太地區的6,000位與會者進行交流,拓展專業人脈成為未來工作的助力。
現今面對的攻擊已非單一人、單一部門乃至於單一企業可以有效防守,孤軍奮戰難以抗衡全球日漸壯大且有組織的縝密攻擊。不論您來自業界、專家學者、法務人士、公部門或企業用戶等,都歡迎與我們一同在此從技術層面與策略層面,探討資安百種面向、交流技術與知識。期許大家除了將資安意識與知識帶回組織中,從上至下凝聚共識與成長,並與資安產業的夥伴們偕同防禦,共同在資安戰場更加壯大,得以更快速地反應、更快速地處理,形成足以跟攻擊者匹敵的更強力防禦。
2019 臺灣資安大會特色:

  • 臺灣最大規模資安會議
  • 技術研討、主題論壇、實機操作、攻防演練一應俱全
  • 從技術到策略、從最新趨勢到日常營運
  • 產官學研齊聚一堂共商資安對策
  • 實戰演練資安攻防,提升實務防禦與鑑識能力
  • 最大規模的資安展覽,有效找到最適資安產品與服務
  • 凝聚共識與成長,偕同資安夥伴建構更強力防禦

Black hat 2019年亞洲大會

活動時間:2019/3/26 – 3/29
活動地點:新加坡濱海灣金沙會展中心
活動網站:https://ubm.io/2zZu87q
活動概要:

blackhat ASIA –針對亞洲社群資安發展需求,發表產業最新資安訊息與因應技術

  • blackhat Asia為網路安全(Cyber Security)專業會議暨展會,提供最新資安教育訓練、產業趨勢簡報會暨產品展示,吸引多國政府機構、企業資安人員、系統整合代理商、經銷商等專業人員與會。
  • 為亞洲資安發展量身訂做專業議題,邀集「亞洲區資安委員會」,收集最新議題技術
  • 新加坡為國際政治中立國家,順利邀集歐、美、中東、亞太等重要講者。
  • 亞洲市場資安需求量逐漸上升,亞太企業開始重視人員培訓與資安環境建置。

趨勢簡報會議(Briefings)–匯集全球資安專家談亞太資安議題與解決方案

  • 趨勢簡報會:為各行業從事資安相關人員提供一個學習亞太地區網路安全風險與趨勢的平台;邀請資安行業中頂尖人士主講,熱門議題包含:IOS & Andorid、車控系統、物聯網、虛擬貨幣、支付系統、加密系統運用、企業軟體漏洞、國際資安政策等漏洞攻防主題;
  • 2019年講師與簡報主題詳請請見:https://ubm.io/2rN2NRq ( 完整議題預計於2019年2月公布)
  • 2019年趨勢簡報會主題範疇:應用程式安全、密碼學、數據鑑識/事件應變、企業、資安漏洞發展、硬體/內嵌、網路防禦、人為因素、物聯網、惡意軟體、平台安全、資安開發週期、逆向工程、政策

商業大會(Business Hall) – 全球資安產品品牌拓展亞太市場的國際平台

  • 2019年指標展廠:

2018會議與展會規模

  • 來自60個國家,超過2,200名專業人士與會,亞太區88%、美國6%、歐洲3%、中東3%。
  • 邀集57名資安權威,舉辦33場專業簡報、10場教育訓練與30場產品展示,18家國際媒體出席。

匯聚60國,跨越醫療、軍警、金融、電信、資安的產官學決策代表與會

  • 系統整合商: M Tech!、Netpoleon、Westcon Comstor、Pacific Tech、Quantiq International
  • 醫療保健:IHis、MSD International Gmbh、新加坡保健集團、陳篤生醫院
  • 金融服務:2C2P Pte Ltd、Allianz Asia Pacific、FinIQ Consulting Pte Ltd、歐力士亞洲有限公司
  • 電信服務:CommzGate、Ericsson Telecommunications、華為技術有限公司、LGA Telecom Pte Ltd
  • 資訊服務:CTC Global Pte Ltd、Deskera Singapore、ITOCHU Techo-solutions、NCS Pte Ltd
  • 政府單位:新加坡中央公積金、香港警務處、新加坡資訊通信媒體發展局、新加坡內政部
  • 電腦製造商:Garhi Japan、三菱電機公司、三星公司、索尼電子公司
  • 公民與軍事防衛:DSTA、Jupiter Protection Pte.Ltd、MINDEF、S-fifteen Space Systems
  • 資訊安全:Attila CybertechPte Ltd、CDNetworks Singapore、Horangi、VenusTech

2019 智慧城市展

活動時間:2019/3/26 – 3/29
活動地點:台北南港展覽館1館
活動網站:http://smartcity.org.tw/2019smartcity.php
活動概要:

  • 大會主題:智慧物聯網引領智慧城市再升級 ( AIoT Invigorates Smart City )
    隨著人工智慧(AI)技術的成熟,AI元素的加入應用可讓市政服務更有智慧,藉由AI與IoT的整合應用可推動升級Smart City 2.0
  • 2019SCSE有以下幾項重要的活動:
    • 智慧城市首長高峰會:由台北市政府主持的一場全球智慧城市發展經驗分享會,過去幾年來一直都是整個展會最大的亮點,透過彼此間經驗的分享學習,可以加快各地智慧城市推進的腳步。今年交流的主題有兩個,分別是善用科技讓城市永續發展、創新創業與城市再造。
    • 全球智慧城市聯盟(Go Smart)成立大會:由台灣六個城市於去年SCSE倡議發起的國際組織,在今年的展會中召開成立大會,預計將有全球30個以上的城市,數十家知名企業加入本聯盟。此聯盟成立宗旨除了城市間交換智慧城市發展經驗之外,彼此互相提供場域讓廠商來做創新技術的概念性驗證POC,這種城市間的inter-City POC,廠商的創新商業模式可快速地累積多個國家應用的經驗,為進入全球性市場奠定良好的基礎。
    • 【AI‧50】活動:此乃今年新增項目,期望透過大會所安排的論壇、展示、媒合、製作AI應用手冊等活動設計,我們希望將這些設立五年內的新創企業和他們最新穎的各種AI應用,推介給全球來訪的市政官員及企業。本次活動共計有19個國家的52個新創企業報名參與本活動,最後遴選出15國36家新創企業的AI應用。所有新創企業的創業者或技術主管都將從全球各地來到論壇中分享,本活動將會是亞洲最大的人工智慧應用交流活動,人工智慧將透過本活動快速擴散到智慧城市的各個領域。
    • 智慧城市專業論壇:論壇數量超過55個,內容含括智慧城市所有重要的領域,預計英文場次將佔所有論壇場次的60%,將安排更多的城市首長及CIO到CTalk來分享各地智慧城市發展現況,因而可以了解更多的各國城市建設。歡迎國內外專業人士免費報名參加。
    • 全球電信商智慧城市大會 (World Telecom Smart City Conference):基於2020年起,全世界將陸續布建5G網路,針對這項大趨勢,我們安排了三個子論壇議題“Towards A 5G Future;” “Case Studies of Smart City Innovation;” “Smart City for A Better Tomorrow.”預計將有全球70多家的電信商參與本活動。今年透過GSM協會邀請東南亞30多家電信商來台參加本活動,智慧城市已經是電信商拓展新業務的重要領域。經濟部工業局是本活動的指導單位,工研院資通所及TSSA共同主辦。
    • 全球系統整合商大會 (World System Integrator Conference):今年首次辦理,我們預計從全世界邀請至少150家系統整合商來台參加,針對智慧城市發展經驗進行交流,所有參展廠商的解決方案將透過他們擴散到全世界智慧城市的場域之中,為此,我們將會安排他們參觀展覽、商業媒合及各種的演講。
    • 永續城市論壇 (Sustainable City Forum, Taipei):本活動是由TSSA、氣象學會智庫、及三大國際組織ICLEI、CityNET、WeGO共同主辦。今年的主論壇中邀請CityNet 城市聯盟秘書長做專題演講。歐洲復興銀行基礎建設部也將組團來參加本活動。本論壇共計探討四個議題:綠色經濟發展(Green Economic Development)、社會創新實踐及公民參與(Social Innovations and Civic Engagement)、循環經濟(circular economy)、綠色金融(Green Finance)、創造能源服務新商機-儲能與需量反應整合應用(Creating Business Opportunity for Energy Service: Energy Storage and Demand Response Applications)
    • 展覽展示(Expo),共計使用1260個攤位,約比去年成長20%。約有450家廠商參加展示,還有14個國家主題館,分別是英國、法國、德國、捷克、匈牙利、加泰隆尼亞、加拿大、巴西、澳洲、俄羅斯、日本、韓國、馬來西亞、菲律賓等,比去年增加2個國家主題館,各個國家都會組織企業參加展示,並進行商業媒合,讓本展覽成為一個重要的智慧城市解決方案的交流平台。

2019亞太資訊安全論壇暨展會

活動時間:2019/5/8 – 5/10
活動地點:台北世貿南港展覽館
活動網站:https://secutechinfosecurity.tw.messefrankfurt.com/taipei/zh-tw/visitors/welcome.html
活動概要:2019年第十八屆(年) 亞太資訊安全論壇暨展會,《資安人》媒體,將於三天展覽會會場上,從四個主軸出發深入探討資訊安全議題: 觀念 : 與法規同步,與協同合作夥伴共同推動資安關鍵角色的重要性。

  • 組織:企業組織設立專職單位與專職資訊安全人員。
  • 管理:採用工具的評估讓觀念具體呈現其效力。
  • 技術:新型態網路部署規劃,建置。

3天論壇,10個關鍵資安主題,50場演講 + 攤位展示。

  • 資安議題方向:
    • 資安管理與法規 (Security Management and Compliance)
    • 網際威脅 (Cybersecurity )
    • 雲端與行動安全 ( Cloud & Mobile Info Security )
  • 資安與監控安防聯網
    • 資安議題:Infra Security、Endpoint、Application Security、Wireless、Cloud、Mobile Security、SIEM、Incident Response、Identity Management …..

歡迎各界、資安領域廠商們參與,展現您們的優秀產品與高品質的服務。


DEF CON 27

活動時間:2019/8/8 – 8/11
活動地點:Paris Las Vegas
Las Vegas, NV 89109, US
活動網站:https://www.defcon.org/
活動概要:

The DEF CON 27 Theme: ‘Technology’s Promise’:
DEF CON 26 was about the inflection point between disorder and dystopia – the moment before the point of no return. The DEF CON 27 theme, in a way, responds to ‘1983’ with new questions. What does it look like when we make the better choice? What kind of world do we hack together in the sunniest timeline? How does our real best-case scenario compare to the future we’ve been dreaming of for generations?
Extra consideration will be granted for submissions that tie into this year’s theme. We want you to hear about your hacks and research, and how will it relate to the discussions below.

  1. Cypherpunk and “engineering out of the problem”.:
    Tim May was once quoted saying anonymity online would “alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret.” At the time his manifesto was for “both a social and economic revolution” and so began the newly formed “Cypherpunks”. Cypherpunks invented cryptography with the aim of abolishing big brother, but 30 years later we have big corporations in their place. Large corporations have insured that the 21st century hasn’t come without compromises.
    Crypto-anarchism is still alive and well today in well known examples like Tor, Freenet, cryptocurrencies, etc. Tell us what you’re doing now to circumvent the future we’re living in? Corporations are developing advanced facial recognition and becoming “the new big brother”. Social media is exchanging a false sense of freedom at the expense of a total removal of anonymity. The Cypherpunk ethos will have to adapt now that we have merged the “instagram-able” life, biometrics, ML, IOT, and micro-targeting. To build a future that doesn’t limit our love of modern technology and socialization at the expense of freedom will require decentralization and anonymity technology breakthroughs. What are you doing to engineer your way out of these problems?
  2. “Keep InfoSec out of Hacking”:
    DEF CON wants to support the culture of hacking. Between the TV interviews and the assessments we are still the same people with funny names threading the eye of the needle to make the next breakthrough. Hackers have become mainstream, seemingly to leave the underground to make a “legitimate” living. The industry has developed policies for ethical hacking, multimillion dollar pentesting orgs, bug bounty programs, and set the foundations of security for behemoth corporations. Being paid for hacking was the dream, but now it is an industry unto itself that focuses predominantly on enterprise.
    DEF CON is a hacker con, not an InfoSec conference. Hackers are more focused on the joy of discovery, irreverence, novel if impractical approaches. InfoSec is more focused on enterprise, frameworks, and protecting the interests of share holders. There is great value in both types of content, but our con is a hacker con by design.
    Activities that enable the hacker mindset and demonstrate how to master a certain technique are always going to be selected over a great enterprise InfoSec talk. DEF CON has always tried to provide a way to amplify the work of hackers, to create a venue for research that allows for others to grow. The idea that technology should be free was written into the subtext of “The Hacker Manifesto” and is just as valid today as it was 33 years ago.
  3. We want the computer from Star Trek, what we’re getting is HAL 9000.:
    At DEF CON 24 we hosted DARPA’s Grand Cyber Challenge, a challenge to the innovation community with a $2M prize to build a computer that can hack and patch software with no one at the keyboard. This was a lot of fun, and yet there were whispers among us of a future where artificial intelligence will render some human jobs irrelevant. We can see ourselves approaching an event horizon of automation. This technology is not without a price, but how do we get to the utopian world where we ask a computer to make us a cup of earl grey without landing ourselves in a black mirror dystopia? Engineers are developing smart home devices with disembodied voices, while hackers are quick to shout tropes of “NSA listening devices”. Is the reckless misuse of technology leading us to a dark future? What can hackers do to help achieve the sunniest timeline?
    Above are some suggested topics that loosely align with the theme, we consider all talk subjects. If your talk doesn’t fit in one of these topics don’t worry, the suggested themes are just a starting point. We’ve dozens of speaking slots, the tracks will be filled with a clustering of subjects; hardware hacking, lock picking, mobile hacking, reverse engineering, legalities of hacking, and more.

資安研討會及活動

時間:2019/3/19-3/21
2019臺灣資安大會

網站:https://cyber.ithome.com.tw/
概要:2019 臺灣資安大會邀請您與我們一起參與臺灣年度資安盛事,為期一週的2019臺灣資安大會 (CYBERSEC 2019) 在此集結 180 家以上的國際及臺灣在地知名資安夥伴,展示最新與最適切的資安產品與服務,提供超過180堂資安全面向的議程,探討 80種以上最熱與最廣泛的資安議題與技術。除了豐富的資安對策,更可與來自臺灣與亞太地區的6,000位與會者進行交流,拓展專業人脈成為未來工作的助力。

閱讀全文 “資安研討會及活動”

資安研討會及活動

時間 研討會/課程名稱 研討會相關資料
2019/3/19-3/21 2019臺灣資安大會 活動網站:https://cyber.ithome.com.tw/

活動概要:2019 臺灣資安大會邀請您與我們一起參與臺灣年度資安盛事,為期一週的2019臺灣資安大會 (CYBERSEC 2019) 在此集結 180 家以上的國際及臺灣在地知名資安夥伴,展示最新與最適切的資安產品與服務,提供超過180堂資安全面向的議程,探討 80種以上最熱與最廣泛的資安議題與技術。除了豐富的資安對策,更可與來自臺灣與亞太地區的6,000位與會者進行交流,拓展專業人脈成為未來工作的助力。
現今面對的攻擊已非單一人、單一部門乃至於單一企業可以有效防守,孤軍奮戰難以抗衡全球日漸壯大且有組織的縝密攻擊。不論您來自業界、專家學者、法務人士、公部門或企業用戶等,都歡迎與我們一同在此從技術層面與策略層面,探討資安百種面向、交流技術與知識。期許大家除了將資安意識與知識帶回組織中,從上至下凝聚共識與成長,並與資安產業的夥伴們偕同防禦,共同在資安戰場更加壯大,得以更快速地反應、更快速地處理,形成足以跟攻擊者匹敵的更強力防禦。

2019 臺灣資安大會特色:

  • 臺灣最大規模資安會議
  • 技術研討、主題論壇、實機操作、攻防演練一應俱全
  • 從技術到策略、從最新趨勢到日常營運
  • 產官學研齊聚一堂共商資安對策
  • 實戰演練資安攻防,提升實務防禦與鑑識能力
  • 最大規模的資安展覽,有效找到最適資安產品與服務
  • 凝聚共識與成長,偕同資安夥伴建構更強力防禦
2019/3/26-3/29 Black hat 2019年亞洲大會 活動網站:https://www.blackhat.com/asia-19/

時間:
技術培訓:2019/03/26 ~ 2019/03/27
簡報會&商業大會:2019/03/28 ~ 2019/03/29

地點:Marina Bay Sands 新加坡濱海灣金沙酒店

活動概要:黑帽簡報會和培訓課程是一個匯集世界一流的研究人員、講師和解決方案業者,闡述關於安全技術的發展與需求的活動。亞洲黑帽大會為來自亞洲和全世界的 2,200 多名資安專家提供為期四天的技術學習、業務發展和職業發展機會。

2018亞洲黑帽大會簡報會主題:

  • 應用安全
  • 密碼學
  • 數據鑑識/事件應變
  • 企業
  • 漏洞發展
  • 硬體/內嵌
  • 人為因素
  • 物聯網
  • 惡意軟體
  • 網路防禦
  • 平台安全
  • 政策
  • 逆向工程
  • 資安開發生命週期
2019/5/8-5/10 2019亞太資訊安全論壇暨展會 活動網站:https://secutechinfosecurity.tw.messefrankfurt.com/taipei/zh-tw/visitors/welcome.html

活動地點:台北世貿南港展覽館 (台北市南港區經貿二路1號)

主辦單位:資安人媒體

活動概要:2019年第十八屆(年) 亞太資訊安全論壇暨展會,《資安人》媒體,將於三天展覽會會場上,從四個主軸出發深入探討資訊安全議題: 觀念 : 與法規同步,與協同合作夥伴共同推動資安關鍵角色的重要性。 組織 : 企業組織設立專職單位與專職資訊安全人員。 管理 : 採用工具的評估讓觀念具體呈現其效力。 技術 : 新型態網路部署規劃,建置。 3天論壇,10個關鍵資安主題,50場演講 + 攤位展示。 資安議題方向: 1. 資安管理與法規 (Security Management and Compliance) 2. 網際威脅 (Cybersecurity ) 3. 雲端與行動安全 ( Cloud & Mobile Info Security ) 4. 資安與監控安防聯網 資安議題 Infra Security、Endpoint、Application Security、Wireless、Colud、Mobile Security、SIEM、Incident Response、Identity Management ….. 歡迎各界、資安領域廠商們參與,展現您們的優秀產品與高品質的服務。