PANEL: Wait Wait... Don't Pwn Me!

Presented at AppSec USA 2013, Nov. 21, 2013, 1 p.m. (50 minutes).

Audio of panel: https://www.youtube.com/watch?v=2F7wPQASWZY&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=43 Test your wits and current AppSec news knowledge against our panel of distinguished guests Joshua Corman, Chris Eng, Space Rogue and Gal Shpantzer. "Wait Wait... Don't Pwn Me!" is patterned after the NPR news quiz show where we challenge the panel and the audience with "Bluff the Listener", "This Week's Security News", "The Security Limerick Challenge" and "Lightning Fill In the Blank".  Think you know your stuff? Get selected as an audience participant and prove it! Join us for a rollicking hour as we test the panel and the audience on recent security stories in the news. Who knows? Maybe you can pwn the panel.

Presenters:

  • Joshua Corman - Director of Security Intelligence - Akamai Technologies   as Josh Corman
    Joshua Corman is the Director of Security Intelligence for Akamai. Most recently he served as Research Director for Enterprise Security at The 451 Group. Mr. Corman's cross-domain research highlights adversaries, game theory and motivational structures. His analysis cuts across sectors to the core security challenges plaguing the IT industry, and helps to drive evolutionary strategies toward emerging technologies and shifting incentives. A staunch advocate for CISOs, Corman also serves as a Fellow with the Ponemon Institute, on the Faculty for IANS, co-founder of Rugged Software and was a Top Influencer of IT in NetworkWorld. Corman received his bachelor's degree in philosophy, graduating summa cum laude, from the University of New Hampshire.
  • Chris Eng - VP Research - Veracode
    Chris Eng is vice president of research at Veracode, where he leads the team responsible for integrating security expertise into Veracode's core product offerings. Prior to Veracode, he was technical director at Symantec (formerly @stake) and an engineer at the National Security Agency. Chris is a frequent speaker at premier industry conferences, and he has been featured in media outlets such as Bloomberg, Fox Business, and CBS. He currently serves on program committees for the O'Reilly Security Conference and the Kaspersky Security Analyst Summit and was a founding member of the SOURCE Boston advisory board. Chris is an unabashed supporter of the Oxford comma and hates it when you use the word "ask" as a noun. @chriseng
  • Cris Thomas / Space Rogue - Strategist - Tenable   as Space Rogue
    Space Rogue and his colleagues created the first security research think tank known as L0pht Heavy Industries and was a co-founder of the Internet security consultancy @Stake. While at L0pht Heavy Industries Space Rogue created the widely popular Hacker News Network, which quickly became a major resource on the Internet for daily information security news. Before HNN he ran the The Whacked Mac Archives, which at the time, was the largest and the most popular Macintosh security site on the Internet."
  • Gal Shpantzer
    Gal Shpantzer has 12 years of experience as an independent security professional and is a trusted advisor to CSOs of large corporations, technology and pharma startups, Ivy League universities and non-profits/NGOs specializing in critical infrastructure protection. Gal is a Contributing Analyst with Securosis and is involved in the Infosec Burnout research project and co-presented on this topic at BSides-Las Vegas (2011) and RSA (2012). Gal has been involved in multiple SANS Institute projects, including co-editing the SANS Newsbites, revising the E-Warfare course and presenting SANS@Night talks on cyberstalking, CAPTCHAs and endpoint security. In 2009, he founded and led the privacy subgroup of the NIST Smart Grid cybersecurity task group, resulting in the privacy chapter of NIST IR 7628. He is a co-author of the Managing Mobile Device Security chapter in the 6th ed. Vol 4 of the Information Security Management Handbook (2010) with the late Dr. Eugene Schultz. Gal collaborated with Dr. Christophe Veltsos to present the ongoing Security Outliers project, focusing on the role of culture in risk management at RSA, CSI, BSides and Baythreat conferences. Most recently, he was involved as a subject matter expert in the development of the U.S. Department of Energy's Electric Sector Cybersecurity Capability Maturity Model (ESC2M2) in 2012 and is re-launching the Publicly Accessible Control Systems Working Group (PACS-WG) in December of 2013.

Links:

Similar Presentations: