War Stories on Embedded Security: Pentesting, IoT, Building Managers, and how to do Better

Presented at DerbyCon 7.0 Legacy (2017), Sept. 22, 2017, 7 p.m. (55 minutes).

If security were easy, we’d have solved it 20 years ago. Unfortunately for complex networks and systems, we need the basics and more: developer training, correct implementation, cross-training, proper deployment, event monitoring, secure updates, and response planning. It’s a tall order. But with the right partners, it’s possible. Come be entertained and encouraged by Dr. DeMott as he shows some epic fails - that could have been wins. Dr. DeMott is former NSA and Microsoft BlueHat Prize winner. He’s frequently quoted in media, and invited to speak. He’s the founder of Vulnerability Discovery & Analysis (VDA) Labs. You'll find fingerprints of VDA across the InfoSec community: fuzzing, code auditing, exploitation, incident response, malware analysis, pentests, threat intelligence, and security training. When DeMott isn’t leading a project, or bypassing a security control, he’s enjoying time with his family outdoors. @jareddemott

Presenters:

• Dr. Jared DeMott

Links:

• https://www.derbycon.com/friday-schedule/#event-54
• https://infocon.org/cons/DerbyCon/DerbyCon 7 2017/War Stories on Embedded Security Pentesting IoT Building Managers and how to do Better Dr Jared.mp4

Similar Presentations:

• DerbyCon 7.0 Legacy (2017) / Smart toys ain't that Smart, when Insecure!