Presented at DEF CON 20 (2012)
July 27, 2012, 3 p.m.
You know you can't stay away! The most talked about panel at DEF CON! Nearly two hours of non-stop FAIL. Come hear some of the loudest mouths in the industry talk about the epic security failures of the last year. So much fail, you'll need the food cooked on stage to survive. Nothing is sacred not even each other. This years fail includes cloud, mobile and apt to name just a few topics. If that's not enough, we'll also be making crepes on stage. Over the last two years, we've raised over $1,500 for the EFF, let's see how much we can do this year....
Robert David Graham
- Errata Security, @ErrataRob
Robert David Graham created BlackICE Defender (one of the first personal firewalls) and BlackICE Guard (first IPS). Developed various attack tools and methods, like "sidejacking", a component of most attack toolkits. Expert in SCADA hacking.
James Arlen / Myrcurial
- Liquid Matrix, @myrcurial
as James Arlen
James Arlen sometimes known as Myrcurial, is a security consultant usually found in tall buildings wearing a suit, founder of the Think|Haus hackerspace, contributing analyst for Securosis, columnist at Liquidmatrix Security Digest, Infosec geek, hacker, social activist, author, speaker, and parent. He's been at this security game for more than 15 years and loves blinky lights and shiny things.
- pauldotcom.com, @haxorthematrix
Larry Pesce is a penetration tester with NWN Corporation's NProtect team. He spends his days hacking in his underwear, playing with various radios and often burning his fingertips with a soldering iron, while not hanging out with the pauldotcom.com crew.
- Errata, @donicer
as Dave Maynor
Dave Maynor is a founder of Errata Security and serves as the Chief Technical Officer. Mr. Maynor is responsible for day-to-day technical decisions of Errata Security and also employs a strong background in reverse engineering and exploit development to produce Hacker Eye View reports. Mr. Maynor has previously been the Senior Researcher for Secureworks and a research engineer with the ISS Xforce R&D team where his primary responsibilities included reverse engineering high risk applications, researching new evasion techniques for security tools, and researching new threats before they become widespread. Before ISS Maynor spent the 3 years at Georgia Institute of Technology (GaTech), with the last two years as a part of the information security group as an application developer to help make the sheer size and magnitude of security incidents on campus manageable. Before that Maynor contracted with a variety of different companies in a widespread of industries ranging from digital TV development to protection of top 25 websites to security consulting and penetration testing to online banking and ISPs.
- Rational Security, @beaker
Chris Hoff is a senior director at Juniper Networks where he serves as chief security architect. He was previously director of cloud & virtualization solutions at Cisco Systems where he focused on virtualization and cloud computing security, spending most of his time interacting with global enterprises and service providers, governments, and the defense and intelligence communities. Prior to Cisco, he was Unisys Corporation's chief security architect, served as Crossbeam Systems' chief security strategist, was the CISO and director of enterprise security at a $25 billion financial services company and was founder/CTO of a national security consultancy amongst other startup endeavors.
Hoff is interviewed regularly by the media and press, is a featured guest on numerous podcasts and has keynoted and presented at numerous high-profile security conferences including Black Hat, DEF CON, Microsoft's Bluehat, RSA, Source, SecTor, FIRST, SANS and Troopers.
Hoff is a founding member and technical advisor to the Cloud Security Alliance, founder of the CloudAudit project and the HacKid conference and blogs at http://www.rationalsurvivability.com/blog. He serves on numerous advisory boards.
Hoff was a CISSP, CISA, CISM and NSA IAM but he spends the AMF's on coffee now, instead. He was twice nominated as the Information Security Executive of the Year and won the Security 7 award in Financial Services in 2005. Hoff is a 2010, 2011 Microsoft MVP (Security) and a 2010 VMware vExpert.
- Securosis, @rmogull
Rich Mogull is a recovering industry analyst and the C-something-or-other of Securosis. Deep in his past he worked as a systems and network administrator, before moving on to a web developer and then focusing on security. Previous Fail panel exploits include impersonating an aspiring money mule, running a robot off the stage, some cool wireless stuff that surprisingly worked, and mucking with cloud APIs.
He promises to keep his pants on this year. He dislikes hippies and hipsters.
- Chief Security Architect, enStratus
David Mortman is the Chief Security Architect at enStratus and is a Contributing Analyst at Securosis. Before enStratus, he ran operations and security for C3. Formerly the Chief Information Security Officer for Siebel Systems, Inc., Previously, Mr. Mortman was Manager of IT Security at Network Associates. Mr. Mortman has also been a regular panelist and speaker at RSA, Black Hat, DEF CON and Source Boston as well. Mr. Mortman sits on a variety of advisory boards including Qualys. He holds a BS in Chemistry from the University of Chicago. David writes for Securosis, Emergent Chaos and the New School blogs. David was an editor for the 2nd Ed of the Cloud Security Alliance Guidance.