Seccubus - Analyzing Vulnerability Assessment Data the Easy Way

Presented at DEF CON 18 (2010), Aug. 1, 2010, 2 p.m. (50 minutes).

As part of his job as Security Engineer at Schuberg Philis, Frank Breedijk performs regular security scans. The repetitive nature of scanning the same customer infrastructure over and over again made him decide to look for a more automated approach. After building his first scanning scheduler he realized that it actually does not make sense to look at all findings every time they are reported. It would be much better to only investigate the deltas between the scans. The philosophy behind Seccubus was born. In his presentation Frank will demonstrate Seccubus by performing scans of a live demo environment and explain its inner working and the philosophy behind it.

Presenters:

  • Frank Breedijk - Schuberg Philis
    Frank Breedijk (@Seccubus) is employed as a Security Engineer at Schuberg Philis since 2006. He is responsible for the technical information security of Schuberg Philis Mission Critical outsourcing services. This includes, but is not limited to: * Security Awareness * Vulnerability management * Internal security consultancy * Internal technical audits * Seccubus development Frank Breedijk has been active in IT Security for over 10 years. Before joining Schuberg Philis he worked as a Security Consultant for INS/BT and Security Officer for Interxion. He managed the European Security Operations Center (SOC) for Unisys' managed security services. During this period Gartner labeled Unisys leader in the magic quadrant for Managed Security Services in Europe. Besides his day job Frank Breedijk develops Seccubus, is an active on Twitter and writes blog entries for CupFighter.net. He has also written magazine articles about Seccubus and security awareness. My Twitter: @Seccubus Email: fbreedijk@schubergphilis.com

Links:

Similar Presentations: