A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Digital Energy – BPT - Paul Coggin Derbycon 2013 (Hacking Illustrated Series InfoSec Tutorial Videos)

Digital Energy – BPT - Paul Coggin
Derbycon 2013

Description:There are a great deal of conversations today regarding APT and critical infrastructure networks for ICS/SCADA, smart grid and service provider networks. The basic persistent threat (BPT) issues are being ignored in many cases. How can the APT be mitigated when the BPT issues have not been resolved? Typically, the technical features and capabilities required to mitigate BPT issues are present in existing hardware and software on the network. Proper attention to information flows, trust relationships, integration and interdependencies are often not secured during a network architecture design and implementation. When the BPT issues are addressed an APT threat will find it more difficult to spread horizontally and vertically throughout a network. In this presentation common network BPT issues that are often discovered during security consulting engagements will be discussed. BPT network architecture mitigations including separation of services for control, management and data traffic as well as securing and monitoring trust relationships and interdependencies will be covered.

Bio:Paul Coggin is an Internetwork Consulting Solutions Architect with Dynetics in Huntsville, Alabama. Paul is responsible for designing and building broadband multi-service networks supporting Smart Grid, MPLS, VoIP, and IPTV for service providers, leading cyber security research efforts, in addition to performing network security architecture assessments and penetration tests for enterprises, utilities and service providers. Paul is a Cisco Systems Certified Instructor # 32230 and a Certified EC-Council Instructor. He has a BS in Mathematics, MS in Computer Information Systems. In addition he holds a wide array of certifications, including CEH, ECSA, CPTS, CISSP, CCNA SPOPS, CCNP, CCDP, CCIP, CCSP, and CCNP-Voice.

Back to Derbycon 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast