A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Everything they told me about security was wrong Derbycon 2012 (Hacking Illustrated Series InfoSec Tutorial Videos)

Everything they told me about security was wrong
Derbycon 2012

If you were to believe the vendors and the trade shows, you would think everything was “OK” with IT security. You would think AV works. You would think “plug and play” IDS was effective. You would think that Data Loss Prevention would prevent data loss. Why then, is it, that very large organizations are still getting compromised? Organizations with very large budgets and staff, still get compromised in advanced and persistent ways. Something is very wrong in this industry.

Lets find out what is wrong and how we can fix it.

In this presentation we will cover many of the common misconceptions about computer security.

Below are just a few misconceptions we will destroy with harsh words and live demos:

1. AV will keep malware off of my system
2. Firewalls will keep the attackers out
3. If my system is patched, I cannot be hacked
4. Apple computers are far safer than Windows
5. Linux is more secure than Windows.
6. My users are dumb

Paul Asadoorian / John Strand

Paul Asadoorian is currently the “Product Evangelist” for Tenable Network Security, where he showcases vulnerability scanning and management through blogs, podcasts and videos. Paul is also the founder of PaulDotCom, an organization centered around the award winning “PaulDotCom Security Weekly” podcast that brings listeners the latest in security news, vulnerabilities, research and interviews with the security industry’s finest. Paul has a background in penetration testing, intrusion detection, and is the co-author of “WRT54G Ultimate Hacking”, a book dedicated to hacking Linksys routers.

John Strand co-hosts PaulDotCom Security Weekly, the world’s largest computer security podcast. He also is also the owner of Black Hills Information Security, specializing in penetration testing and security architecture services. He is a Senior Instructor with the SANS Institute. He has presented for the FBI, NASA, the NSA, and at DefCon. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing and drinks Coors Light while carrying a stick and a marshmallow.


Back to Derbycon 2012 video list

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast