Scylla: Because There's no Patch for Human Stupidity

Presented at DEF CON 20 (2012), July 27, 2012, 2 p.m. (20 minutes).

When there's no technical vulnerability to exploit, you should try to hack what humans left for you, and believe me, this always works. Scylla provides all the power of what a real audit, intrusion, exclusion and analysis tool needs, giving the possibility of scanning misconfiguration bugs dynamically. Scylla aims to be a better tool for security auditors, extremely fast, designed based on real scenarios, developed by experienced coders and constructed with actual IT work methods. The words "Configuration Tracer" are the best definition for Scylla, a tool to help on IT audits.

Presenters:

  • Sergio 'flacman' Valderrama - Consulting Manager, 2Secure
    Sergio 'flacman' Valderrama has been a coder and hacker since he was in school (15 Years old?). Consulting Manager of 2Secure S.A.S, he has worked as security consultant for more than 6 years. Founder of ColombiaUnderground Team, he studied Computer Engineer at the Universidad de los Andes... (lot of non interesting crap about titles and experience). And of course, he's the main developer of Scylla.
  • Carlos Alberto Rodriguez - Co-Founder, 2Secure
    Carlos Alberto Rodriguez is Co-Founder at 2Secure, a Colombia-based company that provides specialized security services for multiple sector companies. Senior Developer focused in security development with emphasis in cryptographic algorithms, Senior Security Consultant, R&D Manager and Security Applications Leader for 2Secure with over 7 years of experience in security and incident handling. Twitter: @_S_aint_Iker

Links:

Similar Presentations: