[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: hitb cinema :: lock picking village :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Conference Materials: http://conference.hitb.org/hitbsecconf2007kl/materials/

Official Photos: http://photos.hitb.org

Fetri Miftach (Principal Consultant, PT. Bellua Asia Pacific)

Filed under: Main Page — Administrator @ 2:51 pm

Presentation Title: Enterprise Hacking: Who Needs Exploit Codes?
Presentation Details:

Traditional business drivers (time to market, cost basis etc) are still the dominant factors when formulating technology strategy. Security issues, although recognised as being of primary concern, are usually left behind to catch up. In an era where turnkey solutions, outsourcing, enterprise application integration across traditional boundaries are becoming the norm, this approach is causing more of a headache in the long run than the perceived (short-term) economic gains.

Highlighting lessons learned during several assignments, we found that the roles played by third parties and the lack of visibility of extended business processes (and related technology infrastructure) are becoming the main challenge for an enterprises information security team. In several cases, access to sensitive systems were engineered through the simple use of guile and cunning, identifying weak links introduced by the complexity of third party relationships and the many inter-connections between business entities. And in a significant number of these cases, exploit codes were not even deployed.

Several ideas on how to mitigate these situations will be offered for further discussion.

About Fetri

Fetri Miftach is a Principal Consultant at Bellua Asia Pacific. Fetri has a deep understanding of security methodology for the banking and telecommunication industries in Indonesia since 1999 and provided services to government agencies and private sectors. Expert in business process analysis from an information security perspective, risk assessment analysis, analysis and policy development that fit to specific industry need, educational and socialization, and forensic analysis. Fetri hails from aerospace engineering background and has an extensive background in Airborne Systems and Real Time System technology, especially in the aerospace, banking and telecommunication industries.

** Presenting with Jim Geovedi (Member HERT & Security Consultant, PT Bellua Asia Pacific)

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By

Malaysian Communications and Multimedia Commission (MCMC)

Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors

Microsoft Corporation

Gold Sponsors


Official Airline Partner

Internet Bandwidth Sponsor

Global Transit

CTF Sponsor

Scan Associates

CTF Prize Sponsor

Scan Associates

Sponsor for Zone-H/HITB Hacking Challenge


HITB Cinema Sponsor

Avenuz Sdn. Bhd.

Official Creation Station

The Womb.com

Our Speakers are Supported By

F-Secure Corporation

Arbor Networks


Bellua Asia Pacific


Mozilla Corporation

Mu Security

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations

Chaos Computer Club

ISECOM - Insititue for Security and Open Methodologies


IT Underground

X-Focus China

Zone-H Defacement Mirror

Xatrix Security

Special Interest Group in Security & Information InteGrity Singapore