Description: If you were to believe the vendors and the trade shows, you would think everything was “OK” with IT security. You would think AV works. You would think “plug and play” IDS was effective. You would think that Data Loss Prevention would prevent data loss. Why then, is it, that very large organizations are still getting compromised? Organizations with very large budgets and staff, still get compromised in advanced and persistent ways. Something is very wrong in this industry.
Lets find out what is wrong and how we can fix it.
In this presentation we will cover many of the common misconceptions about computer security.
Below are just a few misconceptions we will destroy with harsh words and live demos:
1. AV will keep malware off of my system
2. Firewalls will keep the attackers out
3. If my system is patched, I cannot be hacked
4. Apple computers are far safer than Windows
5. Linux is more secure than Windows.
6. My users are dumb
Paul Asadoorian / John Strand
Paul Asadoorian is currently the “Product Evangelist” for Tenable Network Security, where he showcases vulnerability scanning and management through blogs, podcasts and videos. Paul is also the founder of PaulDotCom, an organization centered around the award winning “PaulDotCom Security Weekly” podcast that brings listeners the latest in security news, vulnerabilities, research and interviews with the security industry’s finest. Paul has a background in penetration testing, intrusion detection, and is the co-author of “WRT54G Ultimate Hacking”, a book dedicated to hacking Linksys routers.
John Strand co-hosts PaulDotCom Security Weekly, the world’s largest computer security podcast. He also is also the owner of Black Hills Information Security, specializing in penetration testing and security architecture services. He is a Senior Instructor with the SANS Institute. He has presented for the FBI, NASA, the NSA, and at DefCon. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing and drinks Coors Light while carrying a stick and a marshmallow.
Latest from the SecurityTube Blog:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Original Source: http://www.youtube.com/watch?v=JX45TBJY1ac