A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Some defensive ideas from offensive guys. - Justin Elze, Robert Chuvala Derbycon 2013 (Hacking Illustrated Series InfoSec Tutorial Videos)

Some defensive ideas from offensive guys. - Justin Elze, Robert Chuvala
Derbycon 2013

Description: “As offensive security consultants, we see on a daily basis many of the same trends and mistakes. Our talk is going to address common High Impact Vulnerabilities that we continue to see on many networks. We will help people new to defense by highlighting a number of misconfigurations and common vulnerabilities along with mitigation techniques by getting back security 101 and the basics Despite what some of the big companies might want you to think, you have most of the tools that you need in order to build your network into a “more secure” network. Between event log monitoring, changing default passwords and reading some “Best known practices” for the vendors whose software you are using, you too can help secure your network. Despite what the rockstars might make you think, no one knows your network better than you do. We hope to encourage you to believe that and take control of your network. We’ll also address the common arguments that might act as roadblocks when trying to remove or mitigate legacy systems. We will lay out easy ways to set up a cheap and easy alerting system that will help you be more aware when things go “wonky” on your network.”

Bio: “Robert is an Associate Consultant at Accuvant LABS. Prior to that he worked helpdesk for a large manufacture for 8 years. I experienced first hand the shortcuts that network support people will take to make their small network run on a worldwide network to whom you are but a small byte of the global administrators concerns. I learned to be self sufficient but stayed off the radar of monitoring tools that would have gotten me in trouble. Prior to all of this, I social engineered my way into facilities as a salesman trying to find purchasing agents that needed to buy the widgets I sold.
Justin is a Security Consultant with Accuvant LAB and has been working professionally in InfoSec for 3 years. Previously he has held various positions as a network engineer, senior system engineer, and security engineer in addition to being a guest lecturer and advisor for the University of Buffalos net defense program. In his free time he works with a local pitbull rescue and tunes drag cars and other high performance vehicles.”

Back to Derbycon 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast