IR-dventures from the vendors basements, Circa early 2000s

Presented at THOTCON 0xA (2019), May 3, 2019, 1 p.m. (25 minutes)

This presentation will cover four real Incident Response stories from a hardware vendor's perspective in the early-mid 2000s. These are not stories for the modern life where all organizations are prepared with solid security programs and ready to respond to anything *smirk*. These are adventures for when organizations were (way) less prepared to respond to security related incidents and developers would ask ""why would someone ever do this?"" once they found out people were either messing with packets or reversing firmware images. Other than old story-telling, the objective of the talk is to get attendees to see what we all have (not) learned for over a decade, and really, reflect on how prepared are we these days to deal with certain types of incidents. Not only from a vendor perspective, but for any organization. From fighting DDoS with ACLs and talking to maybe ISPs, to putting your rep on the line when 1337 hackers get a hold of one of your products and do what 1337 hackers do.

Presenters:

• Luiz Eduardo / effffn   as effffn
  Security Enthusiast, Con organizer, Beer lover https://about.me/effffn

Similar Presentations:

• DEF CON 30 (2022) / Hundreds of incidents, what can we share?
• Diana Initiative 2022 / The Log4J Rollercoaster - from an incident response perspective