Defcon Security Jam 2: The Fails Keep on Coming

Presented at DEF CON 17 (2009), July 31, 2009, 2 p.m. (110 minutes)

We're baaaack. Yup that's right, some of the biggest mouths in Information Security and once again, we will show you all new of security FAIL. Our panelists will demonstrate innovative hacking techniques in naked wireless networking, GPS, intranet routing, web based applications and goats.

Presenters:

  • Robert Hansen / RSnake - ha.ckers.org   as Robert "RSnake" Hansen
    Mr. Hansen (CISSP) has worked for Digital Island, Exodus Communications and Cable & Wireless in varying roles from Sr. Security Architect and eventually product managing many of the managed security services product lines. He also worked at eBay as a Sr. Global Product Manager of Trust and Safety, focusing on anti-phishing, anti-DHTML malware and anti-virus strategies. Later he worked as a director of product management for Realtor.com. Robert sits on the advisory board for the Intrepidus Group, Just Thrive, previously sat on the technical advisory board of ClickForensics and currently contributes to the security strategy of several startup companies.
  • Larry Pesce - Paul.com
    Larry Pesce (Chief Research Officer, PaulDotCom Enterprises) - In the last 13 years in the computer industry, Larry has become a jack of all trades, most recently focused on the computer security field. In addition to his industry experience, Larry is also a Security Evangelist and co-host for the PaulDotCom Security Weekly podcast at www.pauldotcom.com. Larry is also Co-Author of "Linksys WRT54G Ultimate Hacking" and Contributing author of "Using Wireshark and Ethereal" and "How to Cheat at Configuring Open Source Security Tools", all from Syngress publishing.
  • Dave Maynor - Founder & CTO Errata Security
    David Maynor is a founder of Errata Security and serves as the Chief Technical Officer. Mr. Maynor is responsible for day-to-day technical decisions of Errata Security and also employs a strong background in reverse engineering and exploit development to produce Hacker Eye View reports. Mr. Maynor has previously been the Senior Researcher for Secureworks and a research engineer with the ISS Xforce R&D team where his primary responsibilities included reverse engineering high risk applications, researching new evasion techniques for security tools, and researching new threats before they become widespread. Before ISS Maynor spent the 3 years at Georgia Institute of Technology (GaTech), with the last two years as a part of the information security group as an application developer to help make the sheer size and magnitude of security incidents on campus manageable. Before that Maynor contracted with a variety of different companies in a widespread of industries ranging from digital TV development to protection of top 25 websites to security consulting and penetration testing to online banking and ISPs.
  • Rich Mogull - Securosis
    Rich Mogull Rich is a recovering Gartner analyst that founded Securosis, an independent research firm that has a bad habit of giving everything away for free. He specializes in data security, application security, emerging security technologies, and security management. Prior to his seven years at Gartner, Rich worked as an independent consultant and web application developer, software development manager at the University of Colorado, and a systems and network administrator. He is a frequent industry speaker at events including the RSA Security Conference and DefCon, and has spoken on every continent except Antarctica (where he's happy to speak for free- assuming travel is covered). He writes about Apple as the Security Editor for TidBITS, occasionally contributes to Macworld, and frequently contributes to security publications like Dark Reading and Information Security magazine. Prior to his technology career, Rich also worked as a security director for major events such as football games and concerts. He was once a bouncer at the age of 19, weighing about 135 lbs (wet). He's worked or volunteered as a paramedic, firefighter, ski patroller at a major resort (on a snowboard), and spent over a decade with Rocky Mountain Rescue. He currently serves as a responder on a federal disaster medicine and terrorism response team, where he mostly drives a truck and lifts heavy objects. He has a black belt, but does not play golf.
  • Panel
  • David Mortman - CSO in Residence, Echelon One
    As CSO-in-Residence, David Mortman is responsible for Echelon One's research and analysis program. Formerly the Chief Information Security Officer for Siebel Systems, Inc., David and his team were responsible for Siebel's worldwide IT security infrastructure, both internal and external. He also worked closely with Siebel's product groups and the company's physical security team and is leading up Siebel's product security and privacy efforts. Previously, Mr. Mortman was Manager of IT Security at Network Associates, where, in addition to managing data security, he deployed and tested all of NAI's security products before they were released to customers. Before that, Mortman was a Security Engineer for Swiss Bank. A CISSP, member of USENIX/SAGE and ISSA, and an invited speaker at RSA 2002 and 2005 security conferences, Mr. Mortman has also been a panelist and speaker at RSA 2007, InfoSecurity 2003, Blackhat 2004, 2005, 2006 and 2007, Defcon 2005, 2006 and 2007 and Information Security Decisions 2007 as well. David Mortman sits on a variety of advisory boards including Qualys, Applied Identity and Reflective amongst others. He holds a BS in Chemistry from the University of Chicago.

Links: