| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Ghost In The Shadows - Identifying Hidden Threats Lurking On Our Networks Keynote - Deral Heiland
As a senior consultant, hired to assess and conduct penetration testing on corporate and government networks, I continue to encounter organizations that place all of their security focus on traditional computing systems (desktops, servers, etc.) but ignore common embedded devices. These common devices (printers, cameras, UPS, etc.) are commonly used to compromise critical systems. During this presentation we will examine the nature of these devices, their importance to the network, and associated attack vectors. We will discuss ways that common security failures in embedded devices can lead to a larger compromise of the enterprise, and how to more effectively mitigate the associated risk. Bio:
Certifications: CISSP, GWAPT
Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 7+ years Deral's career has focused on security assessments, penetration testing, and consulting for corporations and government agencies. Deral is the creator of the open source tool "Praeda" used for harvesting data from embedded devices. Deral also conducted security research on a numerous technical subject, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, Derbycon, Hackcon Norway, Hack in Paris. Deral has been interviewed by and quoted by several media outlets and publications including Bloomberg UTV, MIT Technical Review, MSNBC, SC Magazine, Threat Post and The Register.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast