Skip navigation
  • RSA Conference Twitter
  • RSA Conference Facebook
  • RSA Conference RSS
  • RSA Conference Youtube
  • RSA Conference Flickr
  • RSA Conference LinkedIn
  • RSA Conference iTunes
RSA Conference > Connect > Blog > 2012 > January
Up to Blog Posts in Connect
Previous Next

Connect

January 2012
0

Dmitri Alperovitch, President, Asymmetric Cyber Operations LLC


A panel of leading experts in the field will explore complex policy issues tied to conflict in cyberspace. The session will discuss the current state of nation-state espionage, armed reconnaissance and cyber warfare operations, the evolution in strategic cyber deterrence doctrines and review the dmitri-alperovitchv2.jpgdiplomatic initiatives to establish norms of behavior in cyberspace between US, Russia and China.

 

Moderator:

Dmitri Alperovitch, President, Asymmetric Cyber Operations LLC

Panelists:

James Lewis, Senior Fellow & Program Director, Center for Strategic and International Studies

Martin Libicki, Senior Scientist, RAND

Adam Segal, Senior Fellow for Counterterrorism & National Security Studies, Council on Foreign Relations

Eric Rosenbach, Deputy Assistant Secretary of Defense for Cyber Policy         

 

Dmitri Alperovitch is President of Asymmetric Cyber Operations. As former VP of Threat Research at McAfee, he led research in Internet threat intelligence analysis and correlation. With more than a decade years of experience in the field of information security, he has significant experience working as a subject-matter expert with all levels of U.S.  and International law enforcement on analysis, investigations and profiling of transnational organized criminal and cyberespionage activities. Dmitri led the global team that investigated and produced the definitive reports of Operation Aurora, Night Dragon and Shady Rat intrusions, and named those incidents.

 

Download <09:37>

512 Views 0 Comments 0 References Permalink Tags: rsa_conference, dmitri_alperovitch, podcast, rsac_2012, san_francisco
0

Jeremiah Grossman, Chief Technology Officer, WhiteHat SecurityJeremiah Grossman.jpg


In 2011, attitude towards hacks shifted from "It happens," to "It is happening.” A poorly coded website and web application is all that’s needed to wreak havoc – expensive firewall, pervasive anti-virus and multi-factor authentication be damned. But what is possible? What types of attacks and attackers should we be mindful of? This presentation will show the real risks in a post-2011 Internet.  

 

Jeremiah Grossman founded WhiteHat Security in August 2001. Grossman is a world-renowned expert in Web security, a founder of the Web Application Security Consortium, and was named one of InfoWorld's Top 25 CTOs for 2007. He is a frequent speaker at industry events including the Black Hat Briefings, RSA Conference, ISACA, CSI, InfoSec World, OWASP, ISSA, and Defcon. He has authored dozens of articles and white papers, is credited with the discovery of many cutting-edge attack and defensive techniques, and is a co-author of XSS Attacks: Cross Site Scripting Exploits and Defense. Prior to WhiteHat, he was an information security officer at Yahoo! responsible for performing security reviews on the company's hundreds of websites.

 

Download <08:09>

363 Views 0 Comments 0 References Permalink Tags: rsa_conference, jeremiah_grossman, podcast, rsac2012, san_francisco
0

Mitja Kolsek, Chief Executive Officer, Acros Security

 

Mitja Kolsek.bmpThose of you familiar with binary planting and DLL hijacking already know that hundreds of applications can be tricked into executing DLLs and executables from remote servers. However, there’s much misunderstanding when it comes to hard technical details. This session will provide concrete instructions and tips for developers, researchers and whitehats with exploit scenarios.

 

In over 12 years of security addiction, Mitja Kolsek has perforated an array of business-critical products, computer systems and protocols by leading software vendors, searching for atypical vulnerabilities and effective ways of fixing them. Kolsek’s passion is security research, discovering new types of security problems, such as “session fixation”, and new twists on the known ones, such as “binary planting”.

 

Download <05:30>

508 Views 0 Comments 0 References Permalink Tags: hackers_and_threats, rsa_conference, podcast, rsac2012, mitja_kolsek, rsa_conference_2012, san_francisco
0

Dan Cornell, Chief Technology Officer, Denim Group


Dan Cornell.bmpThis session presents analysis of data drawn from fifteen software security remediation projects. Data is presented both on the time required to remediate specific classes of vulnerabilities as well as the overall composition of remediation projects so that attendees can see what percentage of remediation projects is spent actually fixing vulnerabilities and what time is spent on other activities.

 

Dan Cornell has over twelve years of experience architecting and developing web-based software systems. As Denim Group’s Chief Technology Officer, he leads the company's security research team in investigating the application of secure coding and development techniques to improve web-based software development methodologies. Dan was the founding coordinator and chairman for the Java Users Group of San Antonio (JUGSA) and currently serves as the OWASP San Antonio chapter leader, member of the OWASP Global Membership Committee and co-lead of the OWASP Open Review Project. Dan has spoken at such international conferences as ROOTs in Norway, OWASP EU AppSec in Dublin and OWASP EU Summit in Portugal.

 

Download <07:49>

553 Views 0 Comments 0 References Permalink Tags: rsa_conference, podcast, rsac2012, san_francisco, rsa_conference2012, dan_cornell
0

Michael Angelo, Chief Security Architect, NetIQ

Ronald LaPedis, Principal, Seacliff Partners International, LLC

 

This year RSA was hacked and numerous companies are trying to take advantage of this event. A number of these companies are proposing biometrics, token technologies and other things. Well it has been over 10 years since a PC company released its first commercial fingerprint and smartcard readers are readily available. So, are these devices ready for primetime?

 

michael_f._angelo.jpg

Michael F. Angelo - CRISC, CISSP - is the Chief Security Architect for NetIQ and chair of the ISSA Web Conferences Committee. Angelo is a technical advisor to the US Department of Commerce and is the chair of the team working on security export controls. He has presented on issues of legislative impacts on corporate IT infrastructures at numerous conferences including the ESPP at the US RSA Conference. Amongst his many accomplishments - he was a Staff Fellow at Compaq and HP with over 25 years in the security arena, the 2011 ISSA Professional of the year, a Sigma-Xi Distinguished Lecturer; and a City of Houston Inventor of the Year (with 52 granted patents in the area of security). His blogs can be found on the NetIQ Community site, RSA360 site.

 

sess-ron-lapedis.jpg

Ron LaPedis is director of product management and marketing at SPYRUS, Inc., a manufacturer of secure USB encryption, authentication and storage devices, and security products. LaPedis is also principal advisor for Seacliff Partners International, LLC, a company that melds technical expertise with business sense in the business continuity and security fields. He is a CISSP with ISSAP & ISSMP endorsements, a Master Business Continuity Professional (MBCP), and a Member of the Business Continuity Institute (MBCI). He is frequently published and blogs regularly on business continuity and security topics.

 

Download <07:30>

572 Views 0 Comments 0 References Permalink Tags: rsa_conference, michael_angelo, podcast, ron_lapedis, rsac2012, san_francisco
0

Dawn Cappelli, Technical Manager, CERT Insider Threat Center, Carnegie Mellon SEI CERT Program

 

Dawn_Cappelli.JPGThe CERT Insider Threat Center has studied insider threat for ten years. We have worked with federal law enforcement, psychologists, cyber analysts, visionary sponsors, academics and practitioners in government and industry. This session will present the top 10 list for winning the battle against malicious insiders based on a decade of work and the nearly 700 actual insider attacks we have examined.

 

Dawn Cappelli, CISSP, is Technical Manager of CERT’s Enterprise Threat & Vulnerability Management Team and the Insider Threat Center at Carnegie Mellon’s Software Engineering Institute. Her teams research technical threat areas; develop and conduct assessments; and provide solutions and training for preventing, detecting, and responding to illicit activity. Dawn is often an invited speaker at national and international venues, is adjunct professor in Carnegie Mellon’s Heinz College, Vice-Chair for the CERT CSIH Certification Advisory Board, on the program committee for RSA and HICSS conferences, and was awarded the 2011 Software Engineering Institute Director's Office Award of Excellence. Before joining CMU she worked at Westinghouse as a software engineer developing nuclear power systems.

 

Download <09:35>

230 Views 0 Comments 0 References Permalink Tags: rsa_conference, dawn_cappelli, podcast, rsac2012, rsa_conference_2012, san_francisco
0

Mark Russinovich, Technical Fellow, Microsoft Windows Azure Group

 

mark_russinovich.jpgLast year, Mark Russinovich published the cyberthriller ‘Zero Day’ chronicling a terrorist scheme to unleash a cyber-apocalypse. In this session, Mark explains the scenario, tools, and techniques that the attackers would have used and their feasibility and risk with demonstrations and references to real-world incidents. He also proposes how we can defend systems against this threat. Spoiler alert!

 

Mark Russinovich is a Technical Fellow in the Windows Azure group at Microsoft working on Microsoft’s cloud operating system. He is a widely recognized expert in Windows operating system internals as well as operating system security and design. Russinovich is the author of the recently published cyberthriller Zero Day, co-author of the Microsoft Press Windows Internals books, and co-author of the Sysinternals Administrator’s Reference.  Russinovich joined Microsoft in 2006 when Microsoft acquired Winternals Software, the company he cofounded in 1996, as well as Sysinternals, where still he authors and publishes dozens of popular Windows administration and diagnostic utilities.

 

Download <07:45>

939 Views 0 Comments 0 References Permalink Tags: rsa_conference, podcast, rsac2012, rsa_conference2012, mark_russinovich
0

Evan Wheeler, Director, Information Security, Omgeo (A DTCC/Thomson Reuters Company)


evan wheeler.jpg

There has been a lot of published work on how to perform risk assessments and various analysis methods, but they never tell you how to actually build a

Risk Management Program from scratch and successfully integrate it into your organization. This session will demonstrate how to build out the core components and successfully integrate it into your environment with minimal resistance.

 

Evan Wheeler leads the information security risk management effort as a Director of Corporate Information Security for Omgeo, and previously spent six years as a Security Consultant for the U.S. Dept. of Defense. As a complement to this diverse experience in the field, he has earned a Master of Science in Information Assurance from the National Security Agency certified program at Northeastern University. Currently, Evan continues to contribute to the security industry as an instructor at Northeastern University, and a course author and instructor for the SANS Institute.  Evan has both published a book, "Security Risk Management: Building an Information Security Risk Management Program from the Ground Up," and is also the author of the popular Security Risk Management course for SANS.

 

Download <08:52>

571 Views 0 Comments Permalink Tags: rsa_conference, evan_wheeler, podcast, us, 2012, rsac2012, san_francisco
0

Ira Winkler, President, Internet Security Advisors Group

 

Clearly social networking is the latest killer app that has changed society as we know it. From helping long lost loves get back together to better Ira_Winkler_picture.jpgorganizing the London riots to alerting criminals when their victims are away from home to enabling APTs to establishing footholds inside their intended targets. This presentation covers cases and issues that show how social networks are becoming a major security attack vector, and what organizations can do to better protect against the vulnerabilities.

 

Ira Winkler is recognized as one of the world's experts in Internet security, information warfare, information-related crime investigation, and industrial espionage. He is a specialist in penetration testing, where he infiltrates companies, both technically and physically, to find and repair an organization's weaknesses. Winkler began his career at the National Security Agency, where he performed cryptanalysis and was responsible for security elements in intelligence collection. He is also the author of "Spies Among Us".


Download <08:03>

 


601 Views 0 Comments Permalink Tags: rsa_conference, ira_winkler, podcast, us, 2012, rsac2012, san_francisco
0

Joshua Corman, Director, Security Intelligence, Akamai Technologies

David Etue, Vice President, Corporate Development Strategy, SafeNet, Inc.    

 

The security community has spent years on failed approaches to Return On Investment (ROI) on security offerings and Return On Security Investment (ROSI). It’s failed as it evaluates from the wrong perspective. This session flips ROI on its head, looking from the adversary’s perspective. We’ll introduce an “Adversary ROI” model, and show how it can change how you evaluate cyber security investment.

 

JoshuaCorman2_100x125.jpg

Joshua Corman is Director of Security Intelligence for Akamai Technologies. Corman has more than a decade of security experience, most recently serving as Research Director for The 451 Group. His research cuts across sectors to the core challenges of the industry, and drives adaptive strategies amidst changing landscapes. He is a candid and highly coveted speaker and has spoken at leading industry events such as RSA, Interop, ISACA, SANS, DEFCON, and ShmooCon – and was recognized by NetworkWorld as a top Influencer of IT for 2009. As a staunch advocate for CISOs, he serves as a Ponemon Institute Fellow, as an IANS Faculty, and co-founded www.ruggedsoftware.org. He received a bachelor’s degree in philosophy, Phi Beta Kappa, summa cum laude, from the University of New Hampshire.

david etue-small.jpg


David Etue brings experience including security program leadership, management consulting, product management, and technical implementation. David is the vice president of corporate development strategy at SafeNet, where he is responsible for SafeNet's strategic decisions regarding product and solution partnerships, as well as mergers and acquisitions.  He was previously the cyber security practice lead at management consultancy PRTM, VP of Products & Markets at Fidelis Security Systems, led General Electric's global computer security program, and held various positions in technology strategy, operations and product management. He is a Certified Information Privacy Professional, a graduate of GE's Information Management Leadership Program, and a certified Six Sigma Green Belt.

 

Download <15:27>

990 Views 0 Comments Permalink Tags: rsa_conference, podcast, us, 2012, josh_corman, rsac2012, san_francisco, david_etue
0

Grayson Milbourne, Manager, Threat Research, Webroot, Inc.
Armando Orozco, Senior Threat Research Analyst, Webroot, Inc.


Automating the analysis of unknown programs is the only way a modern anti-malware company can keep up with the volume of unknown programs. While the volume of Android apps is relatively small in comparison to the Windows environment, automation makes the tedious manual process of breaking apart Android apps far easier. We'll discuss techniques and tools we use to dig into Android apps.

 

Grayson Milbourne.bmp

Grayson Milbourne manages the Threat Research team for Internet security company Webroot. Over the past seven years Milbourne has worked in various areas of the company, spending the past five years focused on threat analysis. His areas of threat research expertise range from proactive to reversing to automation. Additionally, he writes and provides technical review for the Webroot blog.

armando_orozco.jpg


Armando Orozco researches malware for Internet security company Webroot. Orozco is the principal researcher for the company’s mobile security team. As a member of the Threat Research team, he analyzes malware specifically targeting Android, iOS, and other mobile operating systems, and Windows for PCs. He also contributes to the Webroot Threat Blog, writing about breaking news in the mobile security landscape.

 

Download <07:28>

625 Views 0 Comments Permalink Tags: malware, rsaconference, podcast, us, 2012, rsac2012, san_francisco, automation, grayson_milbourne, armando_orozco
0

Davi Ottenheimer, President, flyingpenguin

davi10.jpg
Breach data is now available from a wide  variety of sources and perspectives. This session will explore issues like why some industries receive more attention yet see fewer breaches and how to  re-frame the insider/outsider threat model given the rise of mules and hybrid  attacks.

 

Davi Ottenheimer has more than sixteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. Ottenheimer is an expert in compliance, a qualified PCI DSS and PA-DSS assessor with K3DES, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He is an award-winning public speaker and has been quoted or written articles on security, risk management and compliance for publications including Bank Info Security, Network World, Red Herring, Chain Store Age and SC Magazine.

 

Download <07:44>

211 Views 0 Comments Permalink Tags: rsaconference, podcast, us, davi_ottenheimer, 2012, rsac2012, san_francisco
0

Dave Shackleford, CTO, IANS, SANS Certified Instructor

 

The security community started paying attention to virtualization technology around 2006. Many new threats were discussed (some real, somehypothetical), attack vectors were described, and vendors started offering “virtualization security” products soon after. Where do we stand today? This session will take a look at the landscape of virtualization security, what’s changed, and what’s yet to come.

Dave Shackleford.bmp


Dave Shackleford is Senior Vice President of Research and CTO at IANS, former principal at Voodoo Security, and a SANS analyst, instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. He is a VMware vExpert and has extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies. Dave is the co-author of Hands-On Information Security from Course Technology and has a book on virtualization security due out in late 2012 with a major tech publisher. Recently, Dave co-authored the first published course on virtualization security for the SANS Institute. Dave currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.

 

Download <10:01>

730 Views 0 Comments Permalink Tags: virtualization, rsa_conference, podcast, us, cloud_security, rsac2012, dave_shackelford
0

Brad Arkin, Senior Director, Product Security & Privacy, Adobe

Brad Arkin.bmp


Security practitioners struggle with the predicament: How do I get the engineering teams to wake up and start taking software security seriously? Rapid, dramatic change is most quickly achieved via a crisis. This session will share some lessons on how to prepare for a crisis and what to do once it arrives to ensure you leave your software security program in a stronger position once it’s all over.


Brad Arkin is the Director of Product Security and Privacy at Adobe. In his role, Arkin leads the Adobe Secure Software Engineering Team (ASSET) responsible for ensuring Adobe's products are designed, engineered and validated using security best practices, as well as the Product Security Incident Response Team (PSIRT) dedicated to responding to and communicating about security issues.

 

Download <07:10>

615 Views 0 Comments Permalink Tags: privacy, rsa_conference, podcast, us, rsac2012, brad_arkin
0

Matthew Prince, Chief Executive Officer & Co-Founder, CloudFlare

matthewprince.jpg


On Thursday, June 2, 2011, LulzSecurity.com registered for CloudFlare. Over the next 3 weeks, from behind our network, LulzSec wreaked havoc on the Internet. Meanwhile, rival hackers launched attacks to knock them offline. We documented the full spectrum of attacks as they hit CloudFlare. This is the inside story of how we survived, and how LulzSec effectively hid as the world hunted them.


Matthew Prince is the Co-founder & CEO of CloudFlare. Prince wrote his first computer program when he was 7, and hasn't been able to shake the bug since. After attending the University of Chicago Law School, he worked as an attorney for one day before jumping at the opportunity to be a founding member of a tech startup. He hasn't looked back. CloudFlare is his third entrepreneurial venture. On the side, he teaches Internet law as an adjunct professor, and is a certified ski instructor and regular attendee of the Sundance Film Festival.

 

Download <10:29>

586 Views 0 Comments Permalink Tags: rsa_conference, podcast, us, 2012, rsac2012, lulzsec, matthew_prince
0

Marc Stiegler, Research Scientist, Hewlett-Packard Laboratories

 

Marc Stiegler.bmp

Cloud based elasticity lets us build apps that are supposed to scale to arbitrary numbers of users. Alas, even though these apps may scale their

horsepower seamlessly, they use traditional access control models that do not scale. IT teams end up being large, expensive, and still unresponsive. Why not crowdsource access control to the users themselves?

 

Marc Stiegler has 30 years of experience building collaborative and distributed systems. For the last 12 years Stiegler has focused on systems supporting secure cooperation. His CapDesk secure graphical desktop presented ideas that have since been adopted by Google Chrome. His DecideRight decision analysis software was selected by the Software Publishers' Association as the Best New Business software of 1996. His book on Programming Languages for the IBM PC was selected as one of 20 key books on the PC by Byte Magazine in 1986.


Download <08:58>

 


Crowd Source Rap Version

We are the IT gurus
controlling data states
without our patient guidance
the users meet bad fates

But users need to work free
without our muss and fuss
they need the tools to do it
or else they'll whine and cuss

The six degrees of sharing
supply them all they need
they solve each other's problems
so no IT folk bleed

The users need dynamic
attenuated chains
they need to be accountable
although they cross domains

And this is why the email
is both our boon and bane
Email alone shares all six ways
to keep the worker sane

But sometimes email fails us
the solution is at hand
we use credential sharing
security be ... slammed

ZBAC techniques enable
rich sharing easily
authorizations not passwords
to fix  things properly

We show a cloud based system
rich sharing to display
we crowd source most access control
least privilege rules the day

A problem here arises
Sock puppets in deep trees
Revoking deep descendants
brings users to their knees

So now we vet the ids
whereever we can see
we stop our revoke pruning
The user keeps his key

Apply this to our systems?
Start with a simple choice
Let users grant with webkeys
Crowd sourcing gets a voice

With zbac based rich sharing
safe users work away
while we the IT gurus
Kick back on the beach and play.

455 Views 0 Comments Permalink Tags: marc_stiegler, podcast, us, 2012, rap, rsac2012, crowdsourcing

Popular Blog Posts