Posts tagged "women in cybersecurity"

The Adobe Team Reigns Again at the Winja CTF Competition

Nishtha Behal from our corporate security team in Noida, India, was the winner of the recent Winja Capture the Flag (CTF) competition hosted at the NullCon Goa security conference. The Winja CTF this year comprised of a set of simulated hacking challenges relating to “Web Security”. The winning prize was a scholarship from The SANS Institute for security training courses. The competition saw great participation with almost 60 women coming together to challenge their knowledge of the security domain. The contest is organized as a set of rounds of increasing difficulty. It began with teams of two or three women solving the challenges. The first round comprised of multiple choice questions aimed at testing the participant’s knowledge in different areas of web application security. The second round comprised of six problems where each question comprised of a mini web application and the participant’s task was to identify the single most vulnerable snippet of the code and name the vulnerability that could be exploited. The final challenges pitted the members of winning teams against each other to determine the individual winner. We would like to congratulate Nishtha on this well-deserved win! This marks the second year in a row that some of our participating Adobe team members have won this competition.

Adobe is an ongoing proud supporter of events and activities encouraging women to pursue careers in cybersecurity. We are also sponsoring the upcoming Women in Cybersecurity conference March 31st to April 1st in Tucson, Arizona. Members of our security team will be there at the conference. If you are attending, please take the time to meet and network with them. We also work with and sponsor many other important programs to encourage more women to enter the technology field including Girls Who Code and the Executive Women’s Forum.

David Lenoe
Director, Product Security

Adobe Works with BYU Summer Security Camp for Girls

Adobe Works with the BYU Cybersecurity Summer Camp for Girls

This summer members of the Adobe security teams worked with Brigham Young University (BYU) on a free cybersecurity summer camp for girls in grades 8 – 12.  This event is organized by the BYU Cybersecurity Research Lab and Adobe helps with funding, curriculum development, and mentoring for the program. The camp included 4 days of hands-on cybersecurity workshops, classes, and experiences. The students learned about many topics designed to get them excited about pursuing cybersecurity as a career including hacking, privacy, viruses and how to stay safe online. At the core of the event was a space-themed “escape” challenge. This challenge required teams to solve, through a simulated space ship command bridge, common cybersecurity problems to avoid power failures, hostile alien encounters, and other pitfalls. It was a good combination of training from experts and fun experiential learning experiences.

“All the research and our own experience has shown that this age range is a critical time for young women to develop an interest in cybersecurity” says Dr. Dale Rowe, Director of the BYU Cybersecurity Research Lab. Not only was it beneficial for the participants, Adobe employees serving as mentors also had a great time. CJ Cornel, student director of the camp, said, “the camp was a great way to help us share our passion for cybersecurity with some of the next generation in a safe environment.”

This camp is one of many activities Adobe sponsors to encourage girls and young women to enter the cybersecurity field including Women in Cybersecurity, Girls Who Code, Winja “Capture the Flag” (“CTF”) Competition, and r00tz @ BlackHat.

2016-08-13-2 fromthedailyherald

Chandler Newby
Information Security Engineer

Donald Porter
Sr. Manager, Security Engineering

Adobe @ Women in Cybersecurity 2016

Adobe was a supporter of the Women in Cybersecurity (WiCys) conference again this year. This year’s conference was organized by Tennessee Tech and held in Dallas, Texas. We had a great experience over the three days of the conference which saw women from across industry and academia come together to discuss important security topics and encourage more women to pursue careers in security. Adobe was joined by several major industry peers including Google, Facebook, Cisco, and IBM.

The conference provided a good mix of technical and non-technical sessions. First off was a keynote by Heather Adkins, Director of Information Security at Google. She talked a little bit about how she became the first woman hired in an operational role at Google and also the first woman on Google’s corporate security team. She then discussed her ideas for structuring an incident response organization. Key components of a good incident response organization per Ms. Adkins are: 1) Figure out what happened (forensics), 2) Are we still under attack (Monitoring), 3) Who did it (Threat intelligence), and 4) Restoring the business (Remediation). It was helpful to hear how another large peer organization like Google handles incident response.

One of the workshop sessions we found most interesting was on the topic of “Big Data Analytics for Cyber Security Applications.” It discussed how to leverage big data frameworks in the field of cyber security. The workshop taught us how to create smaller data sets from the huge amount of threat intelligence information received nowadays and process the data sets using tools such a Hadoop or Spark. It also described the varying levels of sanitization and risk associated with using different malware data sets. Data sets in academia are highly sanitized, and low risk, but typically out-of-date. Research data sets are moderately sanitized and have moderate risk associated with download, but are more current. Individual malware collections are the least sanitized, and have the most risk associated with download, but are up-to-date. Adversaries are thus actively modifying their patterns of behavior to avoid detection (polymorphism) – so multiple techniques and tools are needed to adapt our defenses.

We particularly enjoyed the non-technical sessions that included women leaders in the industry talking about their career journey and how they got to where they are today. Particularly impressive was the talk by Shelley Westman, VP of Operations and Strategic Initiatives, from IBM. Shelley talked about the various stages of her career and experiences as a woman at each of those stages. Shelley also discussed the importance of building relationships with male allies who will support opportunities for women in the workplace.

The conference also had some great networking opportunities during the social events hosted by several companies. We got a chance to attend one hosted by Facebook and participate in a “lean-in” circle conversation. We also attended the Cisco event where we had great interactions with their security team and got to learn more about their security and trust organization.

It was a great conference again this year and we’re happy that Adobe continues to support organizations working to make more opportunities available for women in our industry.

Disha Agarwal
Product Security Manager

Jeanette Azevedo
Security Engagement Specialist