Be the first to like this
Security isn’t deploying some overbearing big brother of a hardware or software solution; it’s not running scanning software which tells you you’re safe; because in reality in these type of setups you’re not.
Security is akin to high availability you deploying multiple redundancies to ensure you can still operate, the same can and should be applied to security; identify the potential areas of attack, reduces this attack surface and deploy multiple redundancies to secure your deployments.
In this session we'll wade through F.U.D
Discuss what an attack surface is, including some not so well known examples of exploitation of said surface, demo of malicious HID devices and lock picking; discuss IoT (internet of things) and how commodity internet connected devices are racing ahead of any measures of security
Discretionary vs Mandatory access controls, IPS vs IDS.
Cover the recent trend in vulnerability naming, and some of the more ridiculous examples.
Discuss attack detection and prevention, question why there's still a view that there needs to be a separation of the two.
Cover some emerging technologies of note to aid in hardening infrastructure.
The focus here is to promote an attitude change to thinking about points of vulnerability, and promote better security as a whole