| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Abstract:E-Commerce merchants love credit card tokenization as a way to minimize PCI regulationsâ€"but can tokenization stop adversaries? In this talk, we will exploit tokenization services to steal credit cards through subtle design flaws, lazy web practic Bio: Tim MalcomVetter (@malcomvetter) has fifteen years in defending, building, and breaking systems, built upon a thorough academic foundation. Currently, Tim holds the position of “Director, Advanced Security Testing" Red Team” at the world’s largest commercial entity, Walmart, where he is privileged to lead a team of very skilled Red Team engineers. Before that, Tim was a Principal Consultant in Optiv’s Software Security Group, their top offensive security blogger during his tenure, performing penetration tests and code reviews on web apps, web services, mobile apps, point of sale systems, proprietary TCP socket services, and even fuel pumps and car washes (yes, fuel pumps!). Before that, Tim led agile e-commerce dev teams, led PCI compliance projects at Level 1 merchants, and was the security generalist wearer-of-many-hats. Tim has presented in numerous venues, including Black Hat USA Tools Arsenal, Security BSides, ArchC0N, Secure World Expo, St. Louis Day of .NET, and other developer conferences. Born and raised in the Show Me State, right here in St. Louis, Tim also donates time to coach the Missouri S&T Collegiate Cyber-Defense Team, and spent way too much time in school, including a couple campuses of the University of Missouri system.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast