A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


The Current State of Security, an Improv-spection - Sean Metcalf & Nick Carr Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

The Current State of Security, an Improv-spection
Sean Metcalf & Nick Carr
Derbycon 2017

Think "Whose Line is It Anyway" meets InfoSec - don't expect to see many slides. This presentation is literally security theater (but this time in a good way). Sean & Nick improv their way through several current challenges in securing networks and discuss ways to improve defenses. Audience participation is mandatory and suggest topics, categories, and wacky APT names from the mundane to the bizarre. From the moment the clock starts, Sean & Nick will do what many in our industry are accused of doing anyway: making things up as we go along! We know we can give some insight, hope to make it fun, and if we're failing, we'll revert to props! The dynamic duo will wrap up the improv adventure with a handful of slides that highlight the best methods to defend against the current threats. These slides will summarize the useful information that Nick & Sean had subliminally been providing in between the props and ad hoc skits. Furthermore, the audience will walk away with some actionable tasks to better secure their environment. Suggested audience: skeptics, people a few beers deep, and anyone who wants a different take on the standard infosec talk while still learning some solid methods to protect against modern attacks.

Sean Metcalf is founder and principal consultant at Trimarc Security, LLC (www.TrimarcSecurity.com), which focuses on mitigating, detecting, and when possible, preventing modern attack techniques. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) certification, is a Microsoft MVP, and has presented on Active Directory attack and defense at BSides, Shakacon, Black Hat, DEF CON, and DerbyCon security conferences. Sean has provided Active Directory and security expertise to government, corporate, and educational entities since Active Directory was released. He currently provides security consulting services to customers and regularly posts interesting Active Directory security information on his blog, ADSecurity.org. Follow him on Twitter @PyroTek3 Nick Carr is a senior manager of security consulting and incident response at Mandiant. Nick provides expertise as a technical investigative lead and crisis manager for large-scale intrusions. He is also responsible for several monitoring and detection initiatives within Mandiant and implementing attacker methodology detection at FireEye. Prior to joining Mandiant, Nick served as Chief of Technical Analysis and incident response team lead for DHS ICS-CERT, focusing on SCADA systems and critical infrastructure cyber attack readiness and response. A computer engineer and graduate from the Naval Postgraduate School's Cyber Operations program, Nick has spent his career in computer security, network analysis, and intelligence roles in the U.S. Government and private industry.

Sean Metcalf - @PyroTek3, Nick Carr - @ItsReallyNick

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast