Presented at Notacon 10 (2013)
April 20, 2013, 1 p.m.
Are we getting better as an industry? We have NextGen firewalls, APT prevention, DLP, and technology that can solve our technological needs from hackers. Why do we continue to see an increase in data breaches if the technology is working. Let's take a look at todays technology and hack it. This talk will cover some advanced techniques used to infiltrate a number of organizations during real world penetration tests. The talk will also discuss why these technologies fail us and why the reliance has to be on a proactive security strategy versus trying to patch it with a band aid. Lets find out if we are getting better or if its the same old struggle. Hackers are here to stay, are we going to be able to withstand an attack?
David Kennedy / ReL1K
as Dave Kennedy
Dave Kennedy is founder and principal security consultant of TrustedSec, LLC - An information security consulting firm located in Cleveland Ohio. David was the former Chief Security Officer (CSO) for a Fortune 1000 where he ran the entire information security program. Kennedy is a co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and the creator of Artillery. Kennedy has presented on a number of occasions at Black Hat, Defcon, ShmooCon, BSIDES, Infosec World, Notacon, AIDE, ISACA, ISSA, Infragard, Infosec Summit, and a number of other security-related conferences. Kennedy has been interviewed by several news organizations including CNN, Fox News, and BBC World News. Kennedy is on the Back|Track and Exploit-DB development team and co-host of the Social-Engineer.org podcast and regular on ISDPodcast. Kennedy is one of the co-authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. Kennedy is the co-founder of DerbyCon, a large-scale conference in Louisville Kentucky. Prior to Diebold, Kennedy was a VP of Consulting and Partner of a mid-size information security consulting company running the security consulting practice. Prior to the private sector, Kennedy worked for the three letter agencies and deployed to Iraq twice for intelligence related missions.