Most of us struggle every day in our IT departments just to "keep the lights on". It seems that merely rolling out new devices, services, features, infrastructure and ensuring your customers are happy should be quite enough in a days work. The security newsfeeds, vulnerability alerts, and hacking reports all fly by at a dizzying speed. It is all too much to worry about, right? Shouldn't you just wait for the vendors and the rest of the industry to "just take care of it"? Surely it won't affect us; if it were only that simple. You are the industry, and you are the affected. Please join Travis Carelock of Black Hat as he presents an in-depth look at the impact that 0-day exploits and cutting-edge research have on today's technology – as presented at the Black Hat conference series. In addition Mr. Carelock will give a preview of topics to be covered at the upcoming Black Hat Abu Dhabi conference.
Travis Carelock is the Resident Technologist with Black Hat. He has been an active member in the security community for over a decade. Prior to joining Black Hat, Mr. Carelock was the Senior Systems Administrator with the Louisiana Department of Justice, where he was instrumental in spearheading the complete security redesign of the department's infrastructure and forensic lab as well as served in the roll of a special investigator on the request of the State Police and other State Agencies. He has numerous certifications which he believes pales in comparison to real world experience.
Incident Response within an organization is a critical aspect to any cyber security program. Unfortunately, it is often an after thought. The result of ignoring this aspect will be the difference between a contained incident with little affect, and an entire network disconnect from the Internet for a prolonged period.
In this talk, we will discuss the basic planning steps. These planning steps include network design issues that contribute to incident management issues as well as procedures for incident response. Steps to keep in mind during an incident. The pitfalls that many organizations hit during and after an intrusion. Post-incident analysis, the most over looked step in the process, will also be covered.
Paul Criscuolo, currently the Vice President of Global Services at Peak Security, has been involved in the computer security industry for over 15 years, with the rare distinction of having expert experience in both the defensive and offensive aspects of INFOSEC. Paul has consulted as a security expert with Fortune 500 companies, assisting in incident response and recovery, involving the interaction with the FBI and Incident Response programs worldwide. Paul created procedures and wrote a number of intrusion detection tools that have resulted in technology licenses from the United States, and created technology startups with those licenses. Paul has presented at a number of conferences, authored books and papers, instructed training seminars about network security, incident response, and forensics.
Security professionals see the compromise of networked systems on a day to day basis. The blatant exploitation of operating systems, applications, and configurations is a common event and is taken into account by most security engineers. But a different type of security compromise threatens to crumble the underlying security of the modern organization.
There are forms of communication that hide and transfer sensitive data outside of organizations every day. Covert channels are used to move proprietary information in and out of commercial, private, and government entities on a daily basis. These covert channels include things such as Steganography, Covert network channels, Data File Header and Footer Appending, and Alternate Data Streams. Media to be covered include images, audio files, TCP covert channels, Word substitution mechanisms, the Windows file system and others.
This presentation will show the attendees common means of covert communication by hiding information through multiple means. We'll also discuss the future of Covert Channels and how hidden information is becoming more and more difficult to detect. Detection of these forms of communication is trailing well behind the technology creating them, this presentation will discuss some of the newest concepts in utilizing Covert Channels and Steganography.
Russ Rogers (CISSP, IAM, IEM) has been the author and/or editor of 18 books on information security, and has been one of the senior organizers of the DefCon hacker conference for 14 years. Russ taught audit, assessment, and evaluation methodologies to hundreds of students across all Critical Infrastructure Areas. His primary areas of expertise include network penetration testing, red team activities, and security research.
For the last 8 years he has been the Professor of Network Security for University of Advancing Technology (UAT) out of Tempe, Arizona, where he provides direction for the Network Security programs and teaches both undergraduate and graduate level network security courseware. Russ is a world renowned security expert who has spoken and taught at security conferences around the world, including Tokyo, Singapore, Amsterdam, Sao Paulo, Abu Dhabi and dozens of cities around the United States.
He has a Bachelor of Science in Computer Information Systems from the University of Maryland, a Master's Degree of Science in Computer Management Systems from the University of Maryland, and an Honorary Doctorate of Science in Applied Computer Technology from the University of Advancing Technology.
Russ Rogers is the CEO and President of Peak Security, Inc., a veteran owned company based in Colorado Springs, Colorado.
Ten years ago hacking was a frontier; ten years from now, hacking will be embedded in everything we do, defined by the context in which it emerges. Real hackers will be pushing the frontiers of information networks, perception management, the wetware/dryware interface, and the exploration of our galactic neighbouhood. Mastery means not only having the tools in your hands but knowing that you have them ... and using them to build the Big Picture. Richard Thieme illuminates how to do that
Richard Thieme has published hundreds of articles, dozens of short stories, two books with more coming, and given several thousand speeches. He speaks professionally about the challenges posed by new technologies and the future, how to redesign ourselves to meet these challenges, and creativity in response to radical change. Many recent speeches have addressed security and intelligence issues for professionals around the world. He has keynoted conferences in Sydney and Brisbane, Wellington and Auckland, Dublin and Berlin, Amsterdam and and Heidelberg, Johannesburg, Montreal, Tel Aviv, and all around the USA. Clients range from GE, Microsoft and Medtronic to the Pentagon, the FBI, and the US Secret Service. His pre-blog column, "Islands in the Clickstream," was distributed to thousands of subscribers in sixty countries before collection as a book by Syngress, a division of Elsevier. "Mind Games," his first fiction collection, was published by Duncan Long Publications in April 2010. His work has been taught at universities in Europe, Australia, Canada, and the United States.