Description: Does your organization’s security program need a jump start? What if you could implement security practices that would defend against the most advanced attacks? What if you could do this all for little to no cost? Many advanced offensive attacks will be demonstrated that would typically rain shells. Then, we will dive into the defensive techniques that will frustrate, annoy, and protect against the best hackers. You will see some real-life vulnerabilities that will surprise, scare, and make you anxious to begin re-evaluating your own organization’s security posture.
Speaker(s) Ryan Elkins (sniper)
BIO:
Ryan Elkins is an Information Security Engineer in the financial services industry. He has extensive experience in application security, penetration testing, systems administration, and database security. Ryan is finishing up his Master’s degree in Information Security. He is also the proud own of the “pea shooter” single shot nerf gun.
BIO:
Jason Gunnoe has more than 16 years experience in various capacities of the IT industry. He got his start in front of a Radio Shack TRS-80 changing lines of GW-basic code in “Android NIM” to assure his constant victory. By 1993 he was a sysadmin instructing peers on how the use big UNIX. Then he was off to work for Cincinnati bell in their DSL provisioning and web hosting group. There he spent some time as web and hostmaster@fuse.net managing LAMP stacks before LAMP was LAMP. At the RBOC he eventually stumbled into a security team where he was made responsible for building and deploying security infrastructure for fortune 500′s. After the bell experience he moved on to Thomson Learning, a 2.2 Billion dollar market group of the Thomson Reuters corporation. At Thomson Learning he was responsible for leading the strategic information security program that presided over 15,000 employees, 17 Business Units spread across 100 different countries. Thomson Learning was sold to VC’s which led to his departure and current position as CISO for the State of Tennessee. There he as been leading the development and implementation of the State’s enterprise security program since 2005. The State has 45,000 employees and 53 different departments. He believes that all vendors are evil and that “hackers” are the answer to our problem, not the cause.
Chris has been donning his white hat for about 9 years. He is currently a security consultant for the State of Tennessee working mainly on red teaming exercises and assessments. Loves him some Python, whiskey, and is still waiting on his check from PokerStars.
Tags: securitytube , hacking , hackers , information security , convention , computer security , derbycon-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.