A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Securing Trust - Defending Against Next-generation Attacks - John Muirhead-Gould GrrCON 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Securing Trust - Defending Against Next-generation Attacks
John Muirhead-Gould
GrrCON 2016

New threats target the trust provided by keys and certificates, and allow bad guys to look legitimate so they can surveil networks, stay undetected, steal data and bypass other security systems. Attacks using SSL/TLS to bypass critical controls is increasing, for instance. Gartner expects that by 2017, more than 50% of network attacks will use encrypted SSL/TLS. The ability to quickly decrypt and inspect SSL traffic in real time and detect threats is imperative Trust-based attacks range from exploits of accidental vulnerabilities, like Heartbleed, to APTs designed to circumvent and misuse keys and certificates like Mask, Crouching Yeti, and APT18?to name a few. It?s becoming mission critical to have visibility into and control of key and certificate inventories, enterprise wide, especially given most other IT security technologies depend on the trust they provide.

Back to GrrCON 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast