Russ Gideon Penetration testing came about because of real world attacks. The industry quickly realized that we need to behave like the attackers to learn how to defend against them, and thus the penetration testing industry was born. Back then
Kelly Lum Java isn’t the only managed language with bugs. This talk will cover the current state of .NET reverse engineering and exploitation, including practical examples of both application-level and framework vulnerabilities.
AbdulAziz Hariri Over the last couple of years we’ve seen a rise of use-after-free zero day vulnerabilities being exploited in Microsoft Internet Explorer. Internet Explorer has a rich attack surface that allows attackers to maximize their
Scott Wright In the reconnaissance phase of an attack, the attackers will use tools to gather information about a target organization. We often worry about what architectural vulnerabilities they can discover with scanning tools. But Open Source
Justin Seitz With the widespread adoption of social media, in particular Twitter, by extremists around the globe there is increasing interest in how to identify and monitor them. Traditional approaches include keyword monitoring, text analytics
Adam Allred and Paul Royal The detection of virtualized malware analysis environments has become increasingly popular and commoditized. Sophisticated virtualization detection techniques are now available to any novice cyber criminal. As a
François Marinier As an IT security analyst, I have spent most of the past two years applying key processes and activities of ITSG-33 to real-life IT projects. From new infrastructure services to mission-critical business applications to changes