SINCON 2021 Conference — Scope X: The Path to Surprise Breaches! — by Dr. Meisam Eslahi
Updated: Nov 3
SINCON 2021 Conference — BizComm Talk
Day 2 (06 Nov 2021) 1.00pm—1.30pm @ Open Stage
Scope X: The Path to Surprise Breaches!
We have all the protections in place, well designed and configured based on best practices. We have run several assessments to discover security issues, identify gaps, potential entry points, etc. Yet, we may get breached if attackers walk into our digital land through unattended cyber threats. Scope X refers to any unknowns in an organization that we may not be fully aware of their risks or even their existence! This talk discusses a technical side of Scope X discovery and a proactive approach to identifying the potential threats. Subdomains threat hunting will be used to elaborate the techniques as they provide cybercriminals with a larger attack surface consisting of security issues, sensitive information, vulnerabilities, unnoticed attack vectors, entry points, etc.
About Dr. Meisam Eslahi
DR. MEISAM ESLAHI is a technical cybersecurity practitioner with solid expertise in providing strategies and technical directions, building new service/business lines, diverse teams, and capabilities. He has over 19 years of experience in information technology, with 15 years dedicated to cybersecurity in leadership and technical roles. In his current role as a Senior Director of cybersecurity at EC-Council Global Services (EGS), Meisam is leading, managing, and delivering a wide range of cybersecurity services to multi-national clients, mainly in Red Teaming, Threat Hunting, DFIR, Cyber Drill, Compromise Assessment, and Penetration Testing. He is also a security researcher, blogger [sechub.medium.com], mentor, and speaker in many global events and conferences like Blue Team Village at Defcon29 (Scope X: Hunt in the Ocean), BSides Singapore (Hunt the Beasts in the Bits), NASSCOM, NANOSEC and Gravithon, etc. He writes regularly on LinkedIn [linkedin.com/in/meisameslahi] and Twitter [@drmeisam_ ] about cybersecurity technical tips, techniques and tools, capability building and career growth.