Its not everyday that you come across a LAMP machine that is running WordPress, Joomla!, Drupal, and Sharepoint -- but I have one. This talk will walk through simple things you can do to update your defense game. By altering the way our application servers (or ADCs) respond to certain requests we can fool our attackers and their scanners into thinking we are a totally different animal. We will dive into the theory of decoy and how it plays into Active Defense. We will cover why it may be beneficial to advertise to your adversary a totally different attack surface. Watch as we demonstrate certain scanners go crazy when it looks like the server has every CMS known to man, and its all vulnerable! By drawing your attackers attention off of your real infrastructure, they are not only wasting their time trying to attack a non vulnerable app -- but they won't be attacking anyone else.

Bio: John Stauffacher (@g33kspeed) spends his days working for Accuvant Labs as a Solutions Architect. John has over 15 years of experience in the industry and has spent an equal amount of time on both sides of the desk. As a consultant John has advised and received commendations from top names in the Retail, Energy, and Banking verticals. John has spoken at various Conferences including PumpCon, CircleCityCon, GrrCon, LayerOne, BSidesLA, DerbyCon, ToorCon, as well as several other Enterprise Campuses. John is considered an expert in Active Defense, and Web Application Firewall technologies.

Back to Circle City Con 2015 Videos list