Presented at
BruCON 0x07 (2015),
Oct. 9, 2015, 10 a.m.
(60 minutes).
Wow. We’ve come a long way. Some would say not nearly far enough – but will it never be perfect? This industry has a lot of problems, and issues that need fixing but there’s so many good things that we’ve done to make the world a safer place. This talk will look at what we’ve done so far, the breaches we see and why they are still there, and what we need to continue to do to move forward. I’ll also be demonstrating (with live demos) some of the pitfalls of a lot of the “advanced” prevention technologies and why technology still struggles with stopping attackers.
Presenters:
-
David Kennedy / ReL1K
as Dave Kennedy
Dave Kennedy is founder of TrustedSec and Binary Defense Systems. Both organizations focus on the betterment of the security industry from an offense and a defense perspective.
David was the former Chief Security Officer (CSO) for a Fortune 1000 company where he ran the entire information security program. Kennedy is a co-author of the book "Metasploit: The Penetration Testers Guide", the creator of the Social-Engineer Toolkit (SET), and Artillery.
Kennedy has been interviewed by several news organizations including CNN, Fox News, MSNBC, CNBC, Katie Couric, and BBC World News. Kennedy is the co-host of the social-engineer podcast and on a number of additional podcasts.
Kennedy has testified in front of Congress on two occasions on the security around government websites. Kennedy is one of the co-authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. Kennedy is the co-founder of DerbyCon, a large-scale conference in Louisville, Kentucky. Prior to Diebold, Kennedy was a VP of Consulting and Partner of a mid-size information security consulting company running the security consulting practice. Prior to the private sector, Kennedy worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.
Links:
Similar Presentations: