Ja, de site mag op basis van mijn klikgedrag suggesties doen en voorkeuren onthouden. Meer over cookies.

Cyber graduate

Do you want to graduate at Deloitte Cyber Risk Services? Cool! Graduate at Deloitte to receive great support, and get introduced to Deloitte while getting paid. 

While you work on your thesis, you are treated as a Deloitte staff member. This gives you access to our extracurricular activities such as:

  • Cyber Risk Services Ski-trip
  • LAN parties
  • Pizza-sessions
  • Training, such as Deloitte HackLabs.
  • Regular drinks @ The Edge
  • Teambuilding activities
  • Conferences and seminars, hosted and/or organized by Deloitte

Each project can obviously be tailored to your specific needs!

If you are at Deloitte for an internship while writing your thesis, you will receive compensation. Depending on the kind of internship and the number of days that you are with us, we offer compensation in line with the market. You will also be provided with a laptop during your internship period. Read more about our employment benefits.

Cyber Strategy

Topic: Robot security
Area of expertise: technical security.
Abstract: Robots zullen in de toekomst een grote rol spelen in onze samenleving, zoals in de zorg of op het gebied van beveiliging. Bedrijven willen in de toekomst robots breed in gaan zetten om zo lagere personeelskosten en een betrouwbaardere uitvoering van diverse taken te bewerkstelligen. Naast het gemak en de kostenbesparing brengt deze ontwikkeling ook digitale risico's met zich mee. In samenwerking met Deloitte en Robot Security Systems (RSS) ga je een framework ontwikkelen dat kan worden gebruikt om de security risico's van robots in kaart te brengen en deze beter te beveiligen. Vervolgens zal je dit framework in de praktijk brengen op een robot die is ontwikkeld door RSS.​
Duration: 6 maanden

Topic: IBM Watson
Area of expertise: Strategy & Transformations
Abstract: Cognitive computing is still in its infancy. However, it’s not too soon to imagine businesses and industries could be positively disrupted by this new technology. The question is to what extent this new technology can be used for cyber security purposes. By gaining insight in the pro’s and con’s of using cognitive computing you will unravel this question.
Duration: 6 months

Topic: The role of cyber risk in M&A
Area of expertise: Cyber Risk Quantification
Abstract: Cyber security and cyber risks have so far rarely been part of M&A due diligence. Potential M&A targets might be riddled with vulnerabilities. Mitigating these risks will cost a lot of money which should have been part of the initial purchasing deal. Your goal is to develop insight into these risks by examining M&A deals from the past.
Duration: 3-6 months

Topic: Understanding and simulating adversarial risk
Area of expertise: Cyber Risk Quantification
Abstract: Compared to the risk associated to natural disasters, cyber risk is special because it is caused by intelligent adversaries who can strategize and learn about their opponents and decide to adapt their strategies and actions. To make cyber security proactive, the cyber attack cat-and-mouse game between hackers and defending parties needs to be better understood. You will use methods such as game theory and agent-based modeling to develop these insights.
Duration: 6 months

Do you have other cool ideas? Let us know! You are always welcome to present your topic to us.

Cyber Secure

Topic: Quantum Key Distribution
Area of expertise: Cryptography
Abstract: Quantum key distribution is technologically much easier to implement than a full quantum computer and the first commercial implementations are already available today. Yet many challenges remain in bringing quantum key distribution into practise. What are the practical applications of quantum key distribution?
Duration: 6 months   

Topic: ICS/SCADA monitoring system
Area of expertise: Hacking
Abstract:  Interconnected ICS/SCADA systems around the world are exposed to risk due to lack of security countermeasures or misconfiguration issues. This project aims to regularly perform online scanning on the country i.e. (Netherlands) to identify permanent or mistakenly interconnected ICS/SCADA systems by recognizing default ICS ports, vendors’ interfaces and online search engines’ results.
Duration: 1 month

Topic: Adding some new tests to our existing QuickScan vulnerability scanner
Area of expertise: Development / Hacking.
Abstract: We are in the process of updating our existing QuickScan vulnerability scanner. It currently scans for issues such as improperly configured certificates, existence of admin interfaces, vulnerabilities such as Heartbleed, etc. We would like to add some tests, such as a check for Shellshock, HttPoxy, support for Perfect Forward Secrecy and Secure Renegotiation.
Duration: 1 month (UvA students only)

Topic: Evaluating various executable packers (MS Windows) and understanding how A/V products behave
Area of expertise: Red Teaming Operations
Abstract:  An executable packer is a software that modifies the actual executable code while maintaining the files behavior. Commonly used to reduce the file size of large executables for added portability or most commonly to obfuscate them and make reverse engineering an complicated and costly or intensive process. There are multiple legitimate and underground software packers. The purpose of this research is to identify the most common of them and evaluate them against a number of common Antivirus (A/V) products in order to understand the particularities between different A/V products, signature based detection and heuristic algorithms.
Duration: 1 month (UvA students only)

Topic: Building an A/V assessment platform
Area of expertise: Red Teaming Operations
Abstract:  Using common tools such as Puppet, Docker or other mass-deployment solutions create a Windows and Linux blended solution that enables the automatic creation of a virtualized test lab for the evaluation of a potential malware across multiple Antivirus (A/V) products concurrently and securely. This does not involve analysis of the potential malware in a sandbox such as Cuckoo sandbox but the evaluation of an executable across multiple free and commercial A/V products.
Duration: 1 month (UvA students only)

Topic: Researching possibilities for individual labels assets (barcodes, rfid, etc) and implement them in to a new planning tool
Area of expertise: software development, maybe some hardware skills depending on the output of the research.
Abstract: We are looking for an automated way for people to pick up and return assets.  They need to register them via a website, but we want to explore methods to make the (return)process better.  We are thinking about a unique identifier per asset so people can scan them, and when returned it will be marked as available again on the website.
Duration: 1-3 months

Topic: Creation of various CTF challenges in our online Hackazon portal
Area of expertise: technical security: hacking, reverse engineering, red teaming, blue teaming
Abstract: We have developed an online Capture the Flag (CTF) platform “Hackazon” to train our professionals, our clients, and host CTF events world-wide. We are constantly updating the platform’s content with new challenges and are looking for students that would like to contribute new challenges under the supervision of our senior security specialists.
Duration: 1-6 months

Topic: Development of a worldwide online hacking course for students
Area of expertise: software engineering, or other technical computer skills
Abstract: The Deloitte Hacklab Massive Online Open Course aims to enthuse kids and students about cyber security by providing a challenge-based, exciting learning experience which is freely accessible to all. But how do we optimally reach the right target audience? How to create hacking challenges in a digital environment, without the need for a dedicated server farm? How to ensure that the challenges are at the right difficulty level? Many practical questions are possible around this subject, both technical and non-technical. You are also more than welcome to come up with your own. Multi-student projects are also possible. 
Duration: 6 months

Topic: General development of our online Hackazon portal
Area of expertise: software engineering, efficient programming skills
Abstract: We have developed an online Capture the Flag (CTF) platform “Hackazon” to train our professionals, our clients, and host CTF events world-wide. We are constantly updating and  improving our platform. Please join us if you are looking for a practical (programming) assignment. Assignments are too be determined in good cooperation.
Duration: 1-6 months

Topic: Researching and building an online tracker for IoT devices to demonstrate privacy and security issues
Area of expertise: IoT, development, SDR, privacy, security
Abstract: Existing IoT devices can leak information in their communication and for a specific kind of devices we would like you to dive into this. Investigate which kind of information is leaked and how this best can be intercepted. Based on the unique identifiers an online tracker portal will have to be developed in order to track the IoT devices and show the leaked information. This can be done as a Proof of Concept and will ultimately be used in demonstrations around IoT, privacy and security.
Duration: 1-3 months

Topic: Identity & Access Management Issues
Area of expertise: Identity and Data Protection
Abstract: Identifying who is who online becomes the basis for digital business. Both externally, towards customers and partners, as well as internally, towards employees and guests. How their identities are established and how they can be used will enable or disable digital business. What are the most common problems in specific sectors with regards to identities and access? By interviewing different stakeholders you will identify and analyze the most common issues. Are there any differences per sector? The goal is to give specific sector related solutions for the identified problems.
Duration: 3-6 months       

Topic: The Passwordless World
Area of expertise: Identity and Data Protection
Abstract: Passwords are increasingly seen as one of the main weaknesses in data security. What are the drivers, the main solutions, and their handicaps? Knowing this, what is the way forward to transition a company to this nirvana?
Duration: 3-6 months

Do you have other cool ideas? Let us know! You are always welcome to present your topic to us.

Cyber Vigilant

Topic: Custom crypto in Redstar OS
Area of expertise: Cryptography
Abstract: During the 32C3 conference, two researchers showed that Redstar OS - North Koreas OS - implements custom cryptography in the pilsung.ko kernel module. Reverse engineer this module. Understand what is different in the pilsung implementation of AES compared to normal AES. Is there some kind of backdoor or weakness in pilsung?
Duration: 6 months

​​​​​​​Topic: Deep & Dark Web
Area of expertise: Cyber Threat Intelligence
Abstract: Gathering information from Deep & Dark web social services and channels. IRC - Most of the communication within this hidden services is done via anonymous IRC services. IRC Bots could be used to log communication in public channels, and also keeping track of the users who are posting it. Those bots could analyze the conversations and record sensitive information like links, names, companies, security issues, and offensive discussions.
Duration: 6 months

Topic: Building an IDS/IPS solution for inline usage during Red Teaming
Area of expertise: Red Teaming Operations
Abstract:  Customize an existing IDS sensor device in a way that can be used as an IDS/IPS during Red Teaming Operations inline between the attackers (red team) and the client's network (defensive team), that will pre-emptively alert and block known attack patterns used by the RTO. Additionally the device should monitor potential scans performed by the defensive team and targeting the attacker (red team) systems, for example to fingerprint the attackers (red team). Signatures that you should think of are ones to detect man-in-the-middle attacks, port scans and commonly used attacks such as PSEXEC/WMIEXEC with(out) pass-the-hash.
Duration: 1 month (UvA students only)

Topic: How to remain undetected in an environment with Microsoft Advanced Threat Analytics (ATA)
Area of expertise: Red Teaming Operations
Abstract: In 2015 Microsoft launched an on-premises platform that protects Microsoft-driven environments from advanced targeted attacks by automatically analyzing, learning and identifying normal and abnormal behavior of users, devices and resources. This platform can detect a number of attacks commonly used during Red Teaming  engagements such as Pass-the-Hash and abnormal usage of the Kerberos Golden Ticket within a domain. The purpose of this research is to figure out how to identify one or more of the following items; the usage of ATA within a network, the location of the "beacons" that can be used to detect an attack and to investigate what specific Windows events, network signatures or other events (could) trigger an alert.
Duration: 1 month (UvA students only)

Topic: Hunting stack
Area of expertise: Cyber Incident Response
Abstract: During cyber security breaches it is important to act quickly. However, the responders are faced with multiple challenges under a time pressure: first, the client may not have the tools they need, and, second, the client’s network and systems may be compromised and cannot be relied upon. The solution is to have a stack of software that can be configured per client (either on-premise or remotely) that supports the teams with a secure and trustworthy toolset. The stack will include threat hunting, communication, and file sharing tools. You will be asked to create an architecture, develop and document deployment scripts, and evaluate the stack in the field.
Duration: 1-2 months

Topic: The connection of incident management and crisis management
Area of expertise: Crisis Management & Resilience
Abstract: What are the critical success factors on process, organizational and human level to effectively link the incident management and crisis management processes? By doing desk research, and interviewing stakeholders you will identify the success factors for an effective link between incident and crisis management. The objective is to have clear indicators / best practices on process, organizational, and human level for the connection of incident and crisis management.
Duration: 6 months

Topic: Security Operations Centre (SOC)
Area of expertise: Strategy & Transformations
Abstract: A modern Security Operations Center (SOC) contains a vast array of sophisticated detection and prevention technologies using a virtual sea of cyber intelligence. The access to security talent is however limited which makes it necessary to make hard choices on which capabilities to prioritize. This research will help cyber security leadership optimize the effectiveness and development of their SOC analysts for the best possible long term results.
Duration: 6 months

Do you have other cool ideas? Let us know! You are always welcome to present your topic to us.


Naar boven