This is a serious laptop; No games and chatting possible OK?

Security BSides Athens 2018 (Sat, 23/Jun/2018) This is a serious laptop; No games and chatting possible OK? - Yiannis Koukouras Abstract: Secure workstation and laptop setups are not always so secure. In this presentation, we will demonstrate a series of vulnerabilities we identified during penetration testing of "Secure" laptop that utilizes IPSec VPN client, Desktop Firewall, Network Access Control, Full Disk Encryption and many other controls to prevent data extrusion and corporate network intrusion. We will try to showcase the attacker's mindset in exploiting highly secure setups for high-profile organizations where security is not only built-in but plays a substantial role in their mission. Inconspicuous misconfigurations, software bugs and race conditions, in such scenarios, if properly exploited can lead to vulnerabilities that have devastating impact in these critical systems. Bio: Yiannis Koukouras, OSCP, CISSP, CISSP-ISSAP, CISM, CISA, has over 15 years of experience in the ICT domain, specialising in the Information Security sector. He started his career as a network security administrator and then went on to offer consulting services for information security to various companies across the globe, gaining valuable, hands-on experience. Yiannis has partnered with some of the leading Information Security companies in the EMEA region and has accrued experience in working across different regions and industries, both on the field of security management and information security assurance. Yiannis specializes on web application and infrastructure penetration testing while he is an active community supporter through various engagements. He is a board member of the Hellenic (ISC)2 Chapter and a member of the Greek ISACA and OWASP chapters.