Podcasts about Foundstone

Students: this is a hybrid event. You are strongly encouraged to attend in-person. Location:  STEW G52 (Suite 050B) WL Campus.  Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't! I can send you a regular phishing email and completely take control of your account even if you use a super-duper MFA token or smartphone app. I can hack ANY MFA solution at least a handful of different ways, although some forms of MFA are more resilient than others. Attend this presentation and learn the 12+ ways hackers can and do get around your favorite MFA solution. The presentation will include a (pre-filmed) hacking demo and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security. About the speaker: Roger A. Grimes, CPA, CISSP, CEH, MCSE, CISA, CISM, CNE, yada, yada, Data-Driven Defense Evangelist for KnowBe4, Inc., is the author of 14 books and over 1400 articles on computer security, specializing in host security and preventing hacker and malware attacks. Roger is a frequent speaker at national computer security conferences and was the weekly security columnist at InfoWorld and CSO magazines between 2005 - 2019. He has worked at some of the world's largest computer security companies, including, Foundstone, McAfee, and Microsoft. Roger is frequently interviewed and quoted in the media including Newsweek, CNN, NPR, and WSJ. His presentations are fast-paced and filled with useful facts and recommendations.

Dave Cole is the CEO and Co-Founder of Open Raven, a Kleiner Perkins-backed post-series B company focused on reimagining data security for the modern era. He also started the Security Voices podcast as a sponsorless show focused on highlighting the diverse people and perspectives in cybersecurity. Dave's fingerprints are visible across the cybersecurity industry from his 26 years of working as a leader in consulting (at Deloitte and ISS), enterprise products (at Foundstone, CrowdStrike, and Tenable), and consumer products (at Norton). Dave is a frequent spokesperson, making appearances on NBC, CNN, and elsewhere while speaking at industry events such as RSA, Black Hat, and B-Sides Las Vegas. He holds a Bachelor of Business Administration from the University of Michigan Ann Arbor and is a member of the board of UM School of Information and Inspectiv. Dave is an investor focused on helping to grow businesses in his hometown of Los Angeles where he lives with his wife and son. See omnystudio.com/listener for privacy information.

GuestNathan SportsmanCEO at Praetorian Labs [@praetorianlabs]On LinkedIn | https://www.linkedin.com/in/nathansportsman/HostPhillip WylieOn ITSPmagazine  

GuestNathan SportsmanCEO at Praetorian Labs [@praetorianlabs]On LinkedIn | https://www.linkedin.com/in/nathansportsman/HostPhillip WylieOn ITSPmagazine  

Our guest for the show is Brian Kenyon, Brian serves as the Chief Strategy Officer at Island, a hot start-up that recently emerged from stealth to deliver the industry's first Enterprise Browser. Season 4 KickOff episode with Chase https://www.youtube.com/watch?v=YWB05cb7XRQ Demo: https://www.island.io/contact-us Whitepaper: https://connect.island.io/hubfs/White%20Papers/whitepaper%20013122_c.pdf About Island: Island is the developer of the Enterprise Browser – the ideal enterprise workplace, where work flows freely while remaining fundamentally secure. With the core needs of the enterprise naturally embedded in the browser itself, Island gives organizations complete control, visibility and governance over the last mile, while delivering the same smooth Chromium-based browser experience users expect. Led by experienced leaders of the enterprise security and browser technology space and backed by leading venture funds – Insight Partners, Sequoia Capital, Cyberstarts and Stripes – Island is redefining the future of work for some of the largest, most respected enterprises in the world. Island is based in Dallas with research and development in Tel Aviv About Brian: https://www.linkedin.com/in/brianmkenyon Brian comes from more than 20 years of experience driving product strategy, growth initiatives and go-to-market for organizations across all stages. Currently, Brian serves as the Chief Strategy Officer at Island, a hot start up that recently emerged from stealth to deliver the industry's first Enterprise Browser. As a founding team member of Island, Brian was essential in driving in establishing Island's product and go-to-market strategies, as well as part of the leadership team that secured over $100 million in financing from leading early-stage investors including Insight Partners, Sequoia Capital, Cyberstarts and Stripes. In addition to being a crucial member of Island's early stage success, Brian also served as Senior Vice President and Chief Strategy Officer at Blue Coat Systems (which was acquired by Symantec in 2016 where he held the same position), as well as chief architect at Foundstone, which McAfee acquired in 2004, where he played an integral role in designing and developing the company's cutting-edge hardware and software solutions. Upon joining McAfee, he served in a variety of roles including Chief Technology Officer as well as Chief Technical Strategist. Throughout Brian's career he has been responsible for the strategy engagements of these major company success stories and has the right experience to help entrepreneurs navigate the challenges, successes and roadblocks of early-stage growth.

Summary:As threat volume and complexity grows, cyber attacks are quickly becoming one of the biggest concerns facing companies today. When the pandemic accelerated the shift towards digital, and employees around the world began logging in to work from anywhere, the threat of data being compromised only deepened. This is a big problem, not only for businesses, but for the stakeholders who put their trust in them. Cybercriminals are getting bolder, and cyber risks are always evolving. To protect your organization, you need a solution that evolves alongside the threat. Today's guest is doing the critically important work of developing effective cybersecurity solutions. James C. Foster is a world-renowned thought leader on cybersecurity, and founder and CEO of ZeroFOX. Foster has published over a dozen books, holds several patents, and has spoken on Capitol Hill about the increase in international cyber threats. Prior to founding ZeroFOX in 2013, Foster founded the cybersecurity company Ciphent which he grew to almost a hundred employees and a thousand customer before it was acquired by Accuvant in 2010. He's also worked with several high-growth cybersecurity organizations and executed on exit strategies for companies like  Foundstone, Guardent, and Information Security Magazine, and as an advisor for the United States Department of Defense.In this episode, I speak with Foster about pressing external cybersecurity concerns, ZeroFOX's recent public transaction with L&F Acquisition Corp, and where he sees market opportunity in the coming years.Highlights: Foster explains external cybersecurity, and how ZeroFOX works to eradicate those risks for businesses (02:52) Foster describes the effects the pandemic and the ongoing shift towards digital have had on the business (05:46) What is the market opportunity for external cybersecurity? (07:14) Foster explains the rate of cyberattack in recent years, and how a company like ZeroFOX can help ease the minds of execs (08:55) ZeroFOX's public transaction with L&F Acquisition Corp, and their acquisition of IDX (12:37) Foster talks through ZeroFOX's recurring revenue model (18:22) Who are ZeroFOX's clients, and where do they see opportunity in the market for expansion?(20:02) Foster comments on the way global events like Russia's invasion of Ukraine affect cybersecurity around the world (22:22) Links:ICR TwitterICR LinkedInICR WebsiteJames C. Foster LinkedInJames C. Foster TwitterJames C. Foster BioZeroFOX LinkedInZeroFOX WebsiteFeedback:If you have questions about the show, or have a topic in mind you'd like discussed in future episodes, email our producer, elizabeth@lowerstreet.co.

For the second episode in a row, we've caught a seasoned entrepreneur at that perfect moment when they've started a new company but still have time for a conversation before their new adventure kicks into high gear. Oliver Friedrichs, founder of several security companies including Immunenet and Phantom, joins us to talk product strategy as he embarks on a new journey to disrupt the security industry once again with his new venture Pangea.The most critical, first question for any young company is “what are we making”? And equally important is the follow-on question of what category does the offering fit into or how should people think about it? Is it a better version of something that exists? A new type of something that's meaningfully different? Or is it an entirely new category of product they've never seen before?Oliver and Dave discuss examples of each type of strategy from their own experience and the industry in general. The “better mousetrap” approach is covered with examples from antivirus and more recently cloud security posture management. We discuss when it is a good time to “next gen” a category to revitalize it and return it to growth. Examples here include Palo Alto Networks firewall and Vulnerability Management (from its early days as vulnerability assessment). Oliver and Dave call out the fatal mistake so many market incumbents make that result in them missing out on a refresh cycle.Creating new categories dominates our conversation and we explore Oliver's case study of Phantom in depth. We start by explaining the core principles of a new category and lay bare some indicators that a product group hasn't yet made the leap to a full blown category. Oliver then shares the spark of idea that led him to found Phantom as the first SOAR followed by how he built the boundaries for their product and ultimately the companies that followed their lead as the first mover. While most of our time is spent discussing what worked and didn't from a product perspective, Oliver also shares his go-to-market playbook, including what he will avoid this time around and what he intends to do again with Pangea.We wrap up with a quick look at the future of SOAR and Oliver shares an early peek at what he's building now at his new company. This episode is perfect for early cybersecurity companies looking for product advice, product professionals wrestling with category questions, or anyone who wants to listen in on a dialogue between 2 industry veterans geeking out on product. BioFriedrichs serves as Founder and CEO of Pangea. Prior to Pangea, Friedrichs served as Vice President, Security Products at Splunk, driving the vision and direction of Splunk's security portfolio. With a record in building four successful enterprise security companies over the past two decades, Friedrichs founded and served as CEO of Phantom (creators of the SOAR category, acquired by Splunk), founder and CEO of Immunet (early innovators in the cloud EDR category, acquired by Sourcefire/Cisco), co-founder of SecurityFocus (creators of Bugtraq and DeepSight, the world's first Internet early warning system, acquired by Symantec), and Secure Networks (one of the industry's first vulnerability management solutions, acquired by McAfee). Friedrichs also architected and developed a prototype of the first commercial penetration-testing product, SNIPER, acquired by Core Security Technologies in 2001 and further developed into CORE IMPACT. He attended the University of Manitoba and is the co-author of three security books and a recipient of 33 patents.

2+ years to interview Alfred Huger wasn't too long to wait. After spending 8 years at Cisco following the acquisition of SourceFire, Al recently departed the networking giant to do his 4th startup in as many decades. Unbound from the usual PR police, Al candidly speaks on a wide range of topics from why he has stayed at companies long past acquisition and how to distinguish between a miserable and a winning acquirer. Having raised venture capital funding in the 90s until now, Al's experience charts a timeline of what's happened to cybersecurity funding over the last 4 decades. From hardscrabble early days to today's megarounds and eyepopping valuations, Alfred explains how he's raising funding for his new company and why even a successful entrepreneur is not likely to bootstrap their business on their own funds alone.Al shares his playbook for spotting the right product ideas along with some blunt words of caution for those excited about the latest industry analyst report. While cybersecurity veterans critiquing reviews and analysts is by no means novel, we go beyond an explanation of the negative implications to a new development from an unexpected place that is improving transparency and the industry in general. And that marketing plan? Al explains how it starts with your product and not your website.If you've ever thought about starting a cybersecurity company and wanted to sit down with a “been there done that” serial entrepreneur for a clear-headed, no nonsense dialogue, this episode is for you.

Have you heard the cliché about sharks? The one that says if they don't keep swimming they'll die? Turns out it's pretty much true… stick around for the metaphor    -- I believe that one defines oneself by reinvention. To not be like your parents. To not be like your friends. To be yourself. To cut yourself out of stone.  -- Henry Rollins   On this episode of pm73media, Matt Stephenson sat down with Epiphany Systems co-founder and ZZ Top Level beard sophisticant Rob Bathurst for a chat about why he continues to live this startup life as opposed to staying comfortable under a large corporate or government umbrella. If you know Rob, this is a fun walk with him… if you haven't met him yet, dig it… you'll want to meet him when you see him at DEFCON… and believe me, you'll recognize him the moment you see him. Dig it   About Rob Bathurst Rob Bathurst is the co-founder and Chief Technology Officer at Epiphany Systems. In his 20-year career as an offensive cybersecurity expert, solution developer, and technology leader, Rob has led cybersecurity initiatives for Fortune 100 companies and major government agencies. He specializes in secure system design, device security, and risk mitigation.   At Epiphany, Rob is responsible for technology strategy, solution development, and market positioning. He oversees the engineering and product management teams, and acts as “chief client advocate.”   Previously, Rob was Managing Director of Embedded Systems Security at Blackberry Cylance; Principal Architect for Clinical Security and Cyber Risk at the Mayo Clinic; Cyber Exploitation Specialist for the US DOE; Lead Engineer for the US Information Systems Agency; and Cyber/Physical Security Expert at Foundstone.   Rob earned a PgD in Software and Systems Security at the University of Oxford, and undergraduate degrees in Organizational Technology and Programming/Software Development at the University of Toledo. Rob was also Technical Lead for Cyber Evaluation for the US Air Force.   About Matt Stephenson   My name is Matt Stephenson (@packmatt73) and I have hosted podcasts, videos and live events all over the world which put me with experts on every corner of the cybersecurity landscape. pm73media is my first solo endeavor. On this platform and others to come, I will continue to expand upon the tradition we started with the Insecurity podcast as I seek out the leading minds in the tech industry and beyond. I am always looking for fun people who may break things every now and again.   In 20 years in the ecosystem of Data Protection and Cybersecurity I have toured the world extolling the virtues of Artificial Intelligence and Machine Learning and how, when applied to information security, these technologies can wrong-foot the bad guys.   Whether in person, live virtual events or podcasting, I get to interview interesting people doing interesting things all over the world of technology and the extended world of hacking. Sometimes, that means hacking elections or the coffee supply chain... other times that means social manipulation or the sovereign wealth fund of a national economy.   Wherever I go, my job is all about talking with the people who build, manage or wreck the systems that we have put in place to make the world go round...   If you tuned in to any of my previous podcasts, there's great news…! pm73media is here! I will be bringing the same kind of energy and array of guests you know and love. Best part? We're still at the same spot. You can find it at Spotify, Apple, Amazon Music & Audible as well as GooglePlay, Gaana, Himalaya, I Heart Radioand wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Standard compliance doesn't mean you're completely safe. On this episode of Let's Talk FinCrime, we're joined by Corey White, CEO and Co-Founder of Cyvatar, as we discuss his storied career in the cybersecurity industry, how cybersecurity has changed over the years and how bad actors attack and breach your accounts in the modern age.Corey White is a proven security industry veteran with more than twenty-five years of success building and implementing security strategies and leading consulting teams. His work encompasses virtually every industry, including government, high tech, hospitality, critical infrastructure, finance, healthcare and manufacturing.Currently the CEO and co-founder of Cyvatar, Corey also served as the SVP of Worldwide Consulting, Chief Experience Officer at Cylance and as the Southwest Director of Consulting for Foundstone & McAfee/Intel Professional Services. He's an avid lover of bio-hacking, manifestation, and meditation.You can hear more of our conversation with Corey  by visiting actimize.nice.com/podcast

George Kurtz is the CEO and co-founder of CrowdStrike, a leading provider of next-generation endpoint protection, threat intelligence, and services. Prior to Crowdstrike's incredibly successful IPO in 2019, George raised funding from the likes of Accel, General Atlantic, CapitalG, IVP and Warburg Pincus to name a few. Before founding Crowdstrike, George spent close to 7 years at McAfee in roles such as Worldwide Chief Technology Officer and GM as well as EVP of Enterprise. Finally, before McAfee, George started Foundstone in 1999 leading them very successfully to their acquisition by McAfee in 2004.  In Today's Episode with George Kurtz You Will Learn: 1.) How George came to found Crowdstrike having been Worldwide CTO @ McAfee? How did the founding of his prior companies impact how George thought about the early days of Crowdstrike? What does George believe are the pros and cons of serial entrepreneurship? 2.) Funding: With the benefit of hindsight, how does George reflect on his approach to fundraising? How did what George needed from VCs change over time? How does George approach investor selection? Through what framework does George advise founders as the right way to construct their cap table? Where do many go wrong on investor selection? 3.) Talent Acquisition: What has enabled George to hire some of the best talent in the world? What is the right way to construct the hiring process to recruit the best? What does George mean when he says, "you cannot forget the spouse factor"? Why is cash a moat and important when it comes to talent acquisition? 4.) Leadership: How has George's style of leadership changed over time? What stage of leadership did George find the most challenging? How does George find being a public markets CEO? What elements does he enjoy the most? What does he enjoy the least? Why does George believe the company has been so well received by public markets? Item's Mentioned In Today's Episode with George Kurtz George's Favourite Book: Good to Great: Why Some Companies Make the Leap...and Others Don't

George Kurtz is the CEO and co-founder of CrowdStrike, a leading provider of next-generation endpoint protection, threat intelligence, and services. Kurtz is an internationally recognized security expert, author, entrepreneur, and speaker. He has more than 28 years of experience in the security space, including extensive experience driving revenue growth and scaling organizations across the globe. His entrepreneurial background and ability to commercialize nascent technologies have enabled him to drive innovation to market throughout his career. His prior roles at McAfee, a $2.5 billion security company, include Worldwide Chief Technology Officer and GM as well as EVP of Enterprise. Prior to joining McAfee, Kurtz started Foundstone in October 1999 as the founder and CEO responsible for recruiting the other founding team members. Foundstone, a worldwide security products and services company, had one of the leading incident response practices in the industry, and was acquired by McAfee in October of 2004. Kurtz has been quoted or featured in many major publications, media outlets, and television programs including CNN, Fox News, ABC World News, Bloomberg, CNBC, New York Times, USA Today, Wall Street Journal, The Washington Post, Associated Press, Network World, and may others. He also authored the best-selling security book of all time, Hacking Exposed: Network Security Secrets & Solutions.

Roger A. Grimes is Data-Driven Defense Evangelist for KnowBe4. Roger is a 33-year computer security consultant, instructor, holder of dozens of computer certifications, and author of 12 books and over 1,100 magazine articles on computer security. He has spoken at many of the world's biggest computer security conferences, been in Newsweek magazine, appeared on television, been interviewed for NPR's All Things Considered, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts. He has worked at some of the world's largest computer security companies, including Foundstone, McAfee, and Microsoft. He specializes in host and network security, quantum security, identity management, anti-malware, hackers, honeypots, Public Key Infrastructure, cloud security, cryptography, policy, and technical writing. Scott Schober is a #cybersecurity​ and wireless technology expert, author of Hacked Again and Cybersecurity is Everybody's Business, host of 2 Minute CyberSecurity Briefing video podcast and CEO of Berkeley Varitronics Systems who appears regularly on Bloomberg TV, Fox Business & Fox News, CGTN America, Canadian TV News, as well as CNN, CBS Morning Show, MSNBC, CNBC, The Blaze, WPIX as well as local and syndicated Radio including Sirius/XM & Bloomberg Radio and NPR. Subscribe and follow: Apple Podcasts: https://podcasts.apple.com/us/podcast... Google Podcasts: https://podcasts.google.com/feed/aHR0... iHeart Podcasts: https://www.iheart.com/podcast/70626340/ Amazon Music Podcasts: https://scottschober.com/wp-content/u... YouTube: https://www.youtube.com/channel/UCxqx... Twitter: @ScottBVS LinkedIn: https://www.linkedin.com/in/snschober​ Website: www.ScottSchober.com

Roger A. Grimes is Data-Driven Defense Evangelist for KnowBe4. Roger is a 33-year computer security consultant, instructor, holder of dozens of computer certifications, and author of 12 books and over 1,100 magazine articles on computer security. He has spoken at many of the world's biggest computer security conferences, been in Newsweek magazine, appeared on television, been interviewed for NPR's All Things Considered, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts. He has worked at some of the world's largest computer security companies, including Foundstone, McAfee, and Microsoft. He specializes in host and network security, quantum security, identity management, anti-malware, hackers, honeypots, Public Key Infrastructure, cloud security, cryptography, policy, and technical writing. Scott Schober is a #cybersecurity​ and wireless technology expert, author of Hacked Again and Cybersecurity is Everybody's Business, host of 2 Minute CyberSecurity Briefing video podcast and CEO of Berkeley Varitronics Systems who appears regularly on Bloomberg TV, Fox Business & Fox News, CGTN America, Canadian TV News, as well as CNN, CBS Morning Show, MSNBC, CNBC, The Blaze, WPIX as well as local and syndicated Radio including Sirius/XM & Bloomberg Radio and NPR. Subscribe and follow: Apple Podcasts: https://podcasts.apple.com/us/podcast... Google Podcasts: https://podcasts.google.com/feed/aHR0... iHeart Podcasts: https://www.iheart.com/podcast/70626340/ Amazon Music Podcasts: https://scottschober.com/wp-content/u... YouTube: https://www.youtube.com/channel/UCxqx... Twitter: @ScottBVS LinkedIn: https://www.linkedin.com/in/snschober​ Website: www.ScottSchober.com

In today's episode, we will be talking with our good friends, Corey White and Craig Goodwin. They are the co-founders of Cyvatar (www.cyvatar.ai), a cybersecurity-as-a-service firm that is truly doing disruptive things in the ecosystem. Corey White (https://www.linkedin.com/in/coreydwhite) is a proven security industry veteran with more than twenty-five years of success managing security practices and consulting teams. His work encompasses virtually every industry, including government, critical infrastructure, finance, healthcare, and manufacturing. Corey has created Cyvatar.AI to enable vendor partners to deliver reliable, repeatable, and measurable business outcomes to clients. Corey also served as the SVP of Worldwide Consulting and Chief Experience Officer at Cylance as well as the Southwest Director of Consulting for Foundstone & McAfee/Intel Professional Services. Craig Goodwin (https://www.linkedin.com/in/craiggoodwin) leads product strategy, product management, and engineering functions as a member of Cyvatar's senior leadership team. Prior to that he has spent 20 years in the security industry, starting with the intelligence services in the United Kingdom, he then went on to hold the role of Global Chief Security Officer (CSO) for a number of large public and private sector organizations including Fujitsu, Monster Worldwide, Wolseley Group PLC and CDK Global. Craig has spent his career driving real business outcomes from his security organizations, positioning security as an enabler for digital trust and transformation rather than a hindrance. Craig is a Certified Chief Information Security Officer (CCISO) and a Certified Information Systems Security Professional (CISSP). At Tech & Main, we want to be YOUR technology partner. Let our 20+ years of expertise help you achieve the outcomes that are best for your business: cybersecurity, cloud, SD-WAN and data center. We have engineers and project managers available to assist you. Call our office at 678-575-8515, email us at info@techandmain.com or visit us at www.techandmain.com. Thanks for listening! --- Send in a voice message: https://anchor.fm/techandmain/message

Mark Curphey is the cofounder and Chief Product Officer at Open Raven, a data security visibility and compliance tool built for the cloud. Prior to this position, Mark was the founder and CEO of SourceClear, a software security company acquired by Veracode. Before that, he worked in software security and software development at Foundstone, a product unit manager at Microsoft, as an information security director at Schwab, among other positions. He's also the founder of the Open Web Application Security Project (OWASP). Join Corey and Mark as they talk about how security officers don't know where data is, don't know what data they have, and don't know how that data is being protected; how companies that manage other people's data have a massive obligation to protect it but few take that seriously; why Mark gave up trying to sell developers on the importance of security; what the OWASP is and the origin story behind it; the increasingly important role security will play in the data economy; Amazon Macie's terrible pricing story; and more.

In this episode of What The Hack?!, we talk with Roger Grimes, Author, Ambassador and Advocate for KnowBe4. Roger is the author of 12 books and over 1000 national magazine articles on computer security, specializing in host security and preventing hacker and malware attacks. He is a frequent speaker at national computer security conferences and was the weekly security columnist at InfoWorld and CSO magazines between 2005 - 2019. He has worked at some of the world's largest computer security companies, including, Foundstone, McAfee, and Microsoft. Roger is frequently interviewed and quoted in the media including Newsweek, CNN, NPR, and WSJ. In this episode, we discuss the ins and outs of Blockchain and Cryptocurrency, including what the future of Bitcoin and other major 'currencies' looks like. To contact Roger, please email - info@opensourceguardian.com Our LinkedIn Our Facebook Please like and subscribe if you enjoyed this episode.

Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is a 33-year computer securityconsultant, instructor, holder of dozens of computer certifications, and author of 12 books and over 1,000magazine articles on computer security. He has spoken at many of the world’s biggest computer securityconferences, been in Newsweek™ magazine, appeared on television, been interviewed for NPR’s AllThings Considered™, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts.He has worked at some of the world’s largest computer security companies, including Foundstone,McAfee, and Microsoft. He has consulted for hundreds of companies, from the largest to the smallest,around the world. He specializes in host and network security, quantum security, identity management,anti-malware, hackers, honeypots, Public Key Infrastructure, cloud security, cryptography, policy, andtechnical writing. His certifications have included CPA, CISSP, CISA, CISM, CEH, MSCE: Security,Security+, and yada-yada others, and he has been an instructor for many of them. His writings andpresentations are often known for their real-world, contrarian views. He was the weekly security columnistfor InfoWorld and CSO magazines between 2005 - 2019.Roger A. Grimes, CPA, CISSP, CEH, MCSE, CISA, CISM, CNE, yada, yada, is the author of 12 books and over1000 national magazine articles on computer security, specializing in host security and preventinghacker and malware attacks. Roger is a frequent speaker at national computer security conferences, andwas the weekly security columnist at InfoWorld and CSO magazines between 2005 - 2019. He hasworked at some of the world’s largest computer security companies, including, Foundstone, McAfee,and Microsoft. Roger is frequently interviewed and quoted in the media including Newsweek, CNN, NPR,and WSJ. His presentations are fast-paced and filled with useful facts and recommendations.Contact the Author:Email: roger@banneretcs.comLinkedIn: https://www.linkedin.com/in/rogeragrimes/Twitter: @rogeragrimesCSOOnline: https://www.csoonline.com/author/Roger-A.-Grimes/Author’s other books on Amazon: https://www.amazon.com/Roger-A.-Grimes/e/B001IQUMT4/

Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is a 33-year computer securityconsultant, instructor, holder of dozens of computer certifications, and author of 12 books and over 1,000magazine articles on computer security. He has spoken at many of the world’s biggest computer securityconferences, been in Newsweek™ magazine, appeared on television, been interviewed for NPR’s AllThings Considered™, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts.He has worked at some of the world’s largest computer security companies, including Foundstone,McAfee, and Microsoft. He has consulted for hundreds of companies, from the largest to the smallest,around the world. He specializes in host and network security, quantum security, identity management,anti-malware, hackers, honeypots, Public Key Infrastructure, cloud security, cryptography, policy, andtechnical writing. His certifications have included CPA, CISSP, CISA, CISM, CEH, MSCE: Security,Security+, and yada-yada others, and he has been an instructor for many of them. His writings andpresentations are often known for their real-world, contrarian views. He was the weekly security columnistfor InfoWorld and CSO magazines between 2005 - 2019.Roger A. Grimes, CPA, CISSP, CEH, MCSE, CISA, CISM, CNE, yada, yada, is the author of 12 books and over1000 national magazine articles on computer security, specializing in host security and preventinghacker and malware attacks. Roger is a frequent speaker at national computer security conferences, andwas the weekly security columnist at InfoWorld and CSO magazines between 2005 - 2019. He hasworked at some of the world’s largest computer security companies, including, Foundstone, McAfee,and Microsoft. Roger is frequently interviewed and quoted in the media including Newsweek, CNN, NPR,and WSJ. His presentations are fast-paced and filled with useful facts and recommendations.Contact the Author:Email: roger@banneretcs.com LinkedIn: https://www.linkedin.com/in/rogeragrimes/Twitter: @rogeragrimesCSOOnline: https://www.csoonline.com/author/Roger-A.-Grimes/Author’s other books on Amazon: https://www.amazon.com/Roger-A.-Grimes/e/B001IQUMT4/

Topic: Hacking MFA    In the first episode of Tech Corner for 2021 The legendary Roger Grimes joins host James Azar to discuss the truth behind MFA and how secure it really is. Roger shares best use cases, types of MFA to avoid, Fido2 and much more… Guest Bio: Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is a 33-year computer security consultant, instructor, holder of dozens of computer certifications, and author of 12 books and over 1,000 magazine articles on computer security. He has spoken at many of the world's biggest computer security conferences, been in Newsweek™ magazine, appeared on television, been interviewed for NPR's All Things Considered™, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts. He has worked at some of the world's largest computer security companies, including Foundstone, McAfee, and Microsoft. He has consulted for hundreds of companies, from the largest to the smallest, around the world. He specializes in host and network security, quantum security, identity management, anti-malware, hackers, honeypots, Public Key Infrastructure, cloud security, cryptography, policy, and technical writing. His certifications have included CPA, CISSP, CISA, CISM, CEH, MSCE: Security, Security+, and yada-yada others, and he has been an instructor for many of them. His writings and presentations are often known for their real-world, contrarian views. He was the weekly security columnist for InfoWorld and CSO magazines between 2005 - 2019.   Roger A. Grimes, CPA, CISSP, CEH, MCSE, CISA, CISM, CNE, yada, yada, is the author of 12 books and over 1000 national magazine articles on computer security, specializing in host security and preventing hacker and malware attacks. Roger is a frequent speaker at national computer security conferences, and was the weekly security columnist at InfoWorld and CSO magazines between 2005 - 2019. He has worked at some of the world's largest computer security companies, including, Foundstone, McAfee, and Microsoft. Roger is frequently interviewed and quoted in the media including Newsweek, CNN, NPR, and WSJ. His presentations are fast-paced and filled with useful facts and recommendations.   Tech Corner is supported by these great partners please make sure to check them out: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub    James Azar Host of CyberHub Podcast James on Twitter: https://twitter.com/james_azar1 James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast CISO Talk Podcast: https://linktr.ee/CISOtalk

Today, my guest is Roger Grimes.  Roger's expertise in the field of computer security is unparalleled. He describes himself as the best in the world when it comes to computer security defense- and he has the credentials to back up this assertion. He works with Kevin Mitnick who he calls the best Offensive Security guy in the world, but he calls himself the best when it comes to Defense. As all of you know by now I love Offense and Defense Innovation so this interview falls squarely into the category of Defense Innovation for sure. With more than 40 computer certifications and twelve books authored or (Co-authored) on computer security, Roger has spent over three decades imparting his knowledge to audiences worldwide. His current title is Data-Driven Defense Evangelist at KnowBe4. He is the author of the new book, Hacking Multifactor Authentication. Roger is a 33-year senior computer security architect and cybersecurity veteran specializing in general computer security, identity management, PKI, Windows computer security, host security, cloud security, honeypots, APT, and defending against hackers and malware. He has worked at some of the world's largest computer security companies, including Foundstone, McAfee, and Microsoft. In this time of remote workforces and distributed endpoints, Roger advocates for Multi-Factor Authentication. However, MFA is not the end all be all for security. The vast majority of hacking doesn't care about your MFA. It's all about reducing your risk, according to Roger. Throughout his many years in the industry, Roger a universal mission that drives all of his actions- to make the internet a safer place. Roger says if he leaves the Earth without accomplishing that feat, he has failed. I also provide how you can connect with him on Linkedin. He has over 25k followers. We've been sold by the industry that MFA is a Warm Blanky and Panacea for all security ills. Learn more deeply about this topic as it is critical to your distributed security architectures moving forward I'm excited to share this conversation with such a distinguished and world-renowned Security Defense Specialist. Here are useful topics, books, and resources discussed and what you will learn as you listen: Why most companies today fail in risk-based security and how to avoid the most common pitfalls. The benefits of enabling application control software like AppLocker in audit only mode. Why assuming just because you have MFA that you can't be hacked is false and how smart application of MFA will reduce your risk of getting hacked. Why push applications like FIDO are more effective than SMS-based multi-factor authentication. The highest risk areas CIO's and CISO's need to avoid falling into when dealing with MFA. Why MFA and other security measures like it are all about reducing your risk instead of eliminating it completely. How to Connect with this Guest: LinkedIn  Twitter      Books    Articles  Technologies referenced in podcast: Troy Hunt’s “Have I Been Pwned?”  Kevin Mitnick's “Mitnick Security” FIDO Alliance Framework Books Published by Roger A. Grimes Referenced in Podcast: Hacking Multifactor Authentication , 1st Edition, By Roger A. Grimes. Published by Wiley, 2020 A Data-Driven Computer Security Defense: THE Computer Security Defense You Should Be Using, 1st Edition, By Roger A. Grimes, Published Independently, 2017 Transcript: You can go to the show notes to get more information about this interview and what we discussed in this episode. You'll find the show notes at redzonetech.net/podcasts. Leave A Review: Love this episode? Share it with your LinkedIn community here. If you haven't already, please make sure you leave us a review on iTunes or Stitcher. Not sure how to leave a review? Check out the instructions here. About Bill Murphy: Bill Murphy is a world-renowned IT Security Expert dedicated to your success as an IT business leader. Follow Bill on LinkedIn and Twitter. If you are interested in learning more about RedZone and our security expertise in particular related to Cloud and Email Security Kill Chain Strategy, Techniques, and Tactics you can email cloudkill@redzonetech.net. Music provided by Ben's Sound: http://www.bensound.com/ Other Ways to Listen to the Podcast: iTunes | Libsyn | Soundcloud | RSS | LinkedIn

In this one-of-a-kind episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview two amazing founders who are disrupting the industry and bringing in unique perspectives.  They are Corey White and Craig Goodwin, the founders of Cyvatar, a cybersecurity-as-a-service startup.  The conversation centers on the business itself, Corey and Craig’s journey as founders, and more!The conversation starts with Craig and Corey sharing a bit about their respective backgrounds.  Craig has been a CISO for about 20 years, having moved into that line of work after spending the previous years working for the government of the UK and in security services.  Corey has been in his current industry for about 25 years, and he details his work with companies such as Foundstone and Cylance that eventually led him to his present work.  Craig and Corey share an entrepreneurial spirit that they’ve each had since childhood, but they have complementary backgrounds that help them to work well together, with Corey approaching the company from an industry perspective, and Craig from a CISO perspective.Corey and Craig talk with their hosts about Cyvatar.  They share about their first seed round, the gaining of their first customers, and their aim to be cyber avatars for their customers - putting customer needs first and taking a background role to make the customers look good.  Further, Corey and Craig discuss the way they navigate dynamics of team synergy and collaboration when they live on different sides of the world, address their decision to include services with their startup, explain their slogan and the terminology they’ve developed, and finally share lessons they’ve learned from their journey.0:56 - This is a one-of-a-kind episode!2:05 - The conversation turns to Corey and Craig’s respective backgrounds.5:18 - What is the background of the company?8:45 - The focus shifts to Craig and Corey’s complementary skills.13:19 - How did Corey and Craig realize they had an entrepreneurial spirit?17:06 - A team needs synergy and collaboration.20:40 - Corey and Craig decided to include services with their startup.24:57 - The two founders introduced new technology.27:21 - Corey and Craig are asked about lessons they’ve learned. Get your free audiobook from Audible.comLearn more about Hacker Valley StudioConnect with Cyvatar on LinkedIn.Follow Cyvatar on Twitter.Connect with Corey White on LinkedIn.Follow Corey White on Twitter.Connect with Craig Goodwin on LinkedIn.Follow Craig Goodwin on Twitter.Email Corey at corey@cyvatar.aiEmail Craig at craig@cyvatar.aiLearn about Cyvatar’s recent seed round and press release.

In This episode we discuss data driven decision making by cybersecurity practitioners and CISO's. What is the standard of data we need in order to make the right decision in cybersecurity, what data is important and what isn't and how can we set a global standard.   Roger Grimes is Data-Driven Defense Evangelist for KnowBe4, Inc., is a 33-year computer security consultant, instructor, holder of dozens of computer certifications, and author of 12 books and over 1,000 magazine articles on computer security. He has spoken at many of the world's biggest computer security conferences, been in Newsweek™ magazine, appeared on television, been interviewed for NPR's All Things Considered™, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts. He has worked at some of the world's largest computer security companies, including Foundstone, McAfee, and Microsoft.   Comment below and let us know what you think?   Please support our sponsor KnowBe4 by viewing the link below https://info.knowbe4.com/mailserver-security-assessment-cyberhub   James Azar Host of CyberHub Podcast James on Twitter: https://twitter.com/james_azar1 James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/   ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter   ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Our first guest is Christaan Beek. He manages threat intelligence research within McAfee's Office of the CTO. He leads research in advanced attacks and assists in cyberattack take-down operations. In previous roles, Beek was Director of Threat Intelligence in McAfee Labs and Director of Incident Response and Forensics at Foundstone, Intel Security’s forensic services arm.Our next guest is Dave Piscitello. Dave has been involved in Internet technology for over 40 years. He has authored books on internet and remote access, including Understanding Voice over Internet Protocol Security. Dave publishes articles regularly on security, DNS, anti-phishing, malware, Internet policy and privacy. He maintains a highly active, insightful, and entertaining info site as The Security Skeptic. Dave is a Partner at Interisle Consulting Group.Our guests will share their incredible experiences dealing with ransomware and related cybercrime. Watch and learn about real-life stories of ransomware answering three questions,1. What happened?2. What were the consequences?3. What were the lessons learned?You'll enjoy hearing about how cyber criminals are leveraging Covid-19 to deploy ransomware which sectors are the MOST vulnerable and why, should a victim pay the ransom?All of that and more on today's show.We hope this helps...Gary Berman 

DirtySecurity Podcast: Israel Perez & Wajnih Yassine are The Real CSI Cyber Guys It’s Sunday afternoon, about a quarter past 3.  You are in your backyard with friends and family members… Everyone is relaxed with a refreshing beverage… sharing stories… laughing at jokes… life is good. Then it happens…. You get that call from one of your C-Level Execs That buzz kill moment when you realize extremely sensitive corporate data is now in the hands of a stranger capable of causing significant damage to your corporate reputation.   Your heart races… Your stomach aches… Your head is spins trying to figure out one thing… who am I going to call to help me return my world to normal? In this week’s episode of DirtySecurity, host Edward Preston talks with Cylance Incident Response teammates Israel Perez and Wajih Yassine about the Stages of a Cybersecurity Incident and what their team does to get the world spinning back on its axis again. About Israel Perez Israel is a Consulting Director, IR & Forensics at Cylance. Specializing in incident response, network intrusions, malware reverse engineering and digital forensics. Israel’s expertise with digital forensics has taken him from the Orange County District Attorney’s office, through the ranks at Foundstone and McAfee to Cylance, where he was the very first member of the Incident Response team.  About Wajih Yassine Wajih began his time at Cylance as an intern and quickly moved through the ranks thanks to his stellar work with the Threat Analysis team. He is now a Sr. Incident Response & Forensics consultant with a focus on forensic investigation. About Edward Preston   Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better.  Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html  iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!

Humans Of InfoSec Episode 1, Mike Shema started out as a gamer and hacker in the late 90's. He was part of the elite Foundstone consulting group, built a web application security scanner at Qualys, and led the Product Security team at Yahoo. Today, Mike is the VP of SecOps and Research at Cobalt. Caroline Wong sits down with Mike and discusses his journey and talks about how he has gotten to where he is today.

Widely recognized as Co-Author of the Hacking Exposed book series, Joel has worked/consulted for companies like Foundstone (co-founder), Microsoft, Amazon, Costco, Softcard, and Ernst & Young. Joel came on the show to talk about how he got started in security, the changes in vulnerability management, cloud security and IoT. Joel currently is a Technical Director at NCC Group. Full Show Notes: https://wiki.securityweekly.com/Episode514 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Widely recognized as Co-Author of the Hacking Exposed book series, Joel has worked/consulted for companies like Foundstone (co-founder), Microsoft, Amazon, Costco, Softcard, and Ernst & Young. Joel came on the show to talk about how he got started in security, the changes in vulnerability management, cloud security and IoT. Joel currently is a Technical Director at NCC Group. Full Show Notes: https://wiki.securityweekly.com/Episode514 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

This week, Inc. editors and writers talk about how companies are successfully attracting top engineering talent without using crazy perks, and how one company is using the Myers-Briggs personality test and employee horoscopes to increase engagement in its virtual workplace. Lastly, the crew interviews George Kurtz, founder of Crowdstrike, about how he sold his first company Foundstone to McAfee in 2004. Learn more about your ad choices. Visit megaphone.fm/adchoices

Erik Caso is co-founder and Chief Executive Officer of Entangled Media, a San Diego-based consumer software company and maker of younity, a patented personal media streaming platform that allows consumers to access, stream and share all owned files and media libraries across multiple devices. Erik brings over 15 years of industry leadership, product management expertise, and executive management experience to his role. Erik oversees company strategy for Entangled Media, driving organization development, marketing strategy and product innovation. He has also led the company through the company’s West Coast expansion and multiple funding rounds. Prior to founding Entangled Media and launching younity, Erik was founder and principle consultant for Blueprint, where he advised large multinational software companies and emerging startups on go-to-market strategies, business process optimization, risk management and security. Erik’s passion for unique business and security solutions is evident through his work at NT OBJECTives, Inc., acquired by Rapid7, NASDAQ: RPD, where he was co-founder and president, and Foundstone, acquired by McAfee. In these roles, Erik launched industry-leading technology with marquis reference customers including Hewlett-Packard, Microsoft, Intuit, Oracle, NASDAQ, the US Navy, Goldman Sachs, Fidelity, and dozens of Global 2000 customers. Erik is a graduate of California Polytechnic State University (Cal Poly), in San Luis Obispo, where he studied Finance and Economics. When Erik isn’t at work, he enjoys outdoor recreation including surfing and snowboarding. https://www.getyounity.com https://www.facebook.com/getyounity https://twitter.com/getyounity

"The Business * Timeline?how did we get into this mess? * The players * How their business works * Legislative environment The Technology * Technical overview of different types of programs (taxonomy) * Describe how the programs function * How adware/spyware is installed * Hijacking the system * How it updates itself * Proven techniques to prevent & remove Looking ahead * Market polarization, bad get worse, good get better (more white, less grey) * Order from chaos * Installations: Beyond the website * Growing sophistication * Exploiting Adware Saumil Udayan Shah, Founder and CEO, Net-Square Solutions Pvt. Ltd. Saumil continues to lead the efforts in e-commerce security research and product development at Net-Square. His focus is on researching vulnerabilities with various e-commerce and web based application systems, system architecture for Net-Square's tools and products, and developing short term training programmes. Saumil also provides information security consulting services to Net-Square clients, specializing in ethical hacking and security architecture. He holds a designation of Certified Information Systems Security Professional. Saumil has had more than ten years experience with system administration, network architecture, integrating heterogenous platforms, and information security and has perfomed numerous ethical hacking exercises for many significant companies in the IT area. Saumil is a regular speaker and trainer at security conferences such as BlackHat, RSA, etc. Previously, Saumil was the Director of Indian operations for Foundstone Inc, where he was instrumental in developing their web application security assessment methodology, the web assessment component of FoundScan - Foundstone's Managed Security Services software and was instrumental in pioneering Foundstone's Ultimate Web Hacking training class. Prior to joining Foundstone, Saumil was a senior consultant with Ernst & Young, where he was responsible for the company's ethical hacking and security architecture solutions. Saumil has also worked at the Indian Institute of Management, Ahmedabad, as a research assistant and is currently a visiting faculty member there. Saumil graduated from Purdue University with a master's degree in computer science and a strong research background in operating systems, networking, infomation security, and cryptography. At Purdue, he was a research assistant in the COAST (Computer Operations, Audit and Security Technology) laboratory. He got his undergraduate degree in computer engineering from Gujarat University, India. Saumil is a co-author of "Web Hacking: Attacks and Defense"(Addison Wesley, 2002) and is the author of "The Anti-Virus Book"(Tata McGraw-Hill, 1996) David Cole, Director, Symantec Dave Cole serves as director of product management for Symantec Security Response. Cole is responsible for the overall strategy and management of Symantec Security Response research and services. In this position, Cole also leads the execution of delivering timely and critical security content to Symantec customers and partners worldwide. Symantec Security Response, part of Symantec Global Services & Support, is a team of dedicated intrusion experts, security engineers, virus hunters, threat analysts, and global technical support teams that work in tandem to provide extensive coverage for enterprise businesses and consumers. Cole?s 10 years of information security experience includes a wide variety of information security services, including security architecture design, legislative compliance, penetration testing, and incident response. As a recognized pioneer of vulnerability management, Cole has led the design and development of an award-winning vulnerability management system. Cole?s background includes working with Fortune 500 organizations and Federal government agencies, and he is currently a leading spokesperson for Symantec on spyware and adware topics. Prior to working at Symantec, Cole held numerous senior positions within market leading organizations such as Deloitte & Touche and security technology companies. Cole?s design work on security metrics, reporting, and remediation technology has been submitted for U.S. patents. Cole has served as an authoritative speaker at a number of industry events and for the media. Cole is a contributing author of Special Ops: Host and Network Security for Microsoft, UNIX, and Oracle and has been a featured author in publications such as Government Security News. Cole graduated Magna Cum Laude from the University of Michigan Business School where he obtained his bachelor's of business administration in computer & information systems. Cole is a certified information systems security professional (CISSP). Return to the top of the page"

"Looking for instant gratification from the latest client side attack? Your search may be over when you see the data that can be harvested from popular web browser caches. This discussion will focus on what web application programmers are NOT doing to prevent data like credit card and social security numbers from being cached. It will explore what popular websites are not disabling these features and what tools an attacker can use to gather this information from a compromised machine. A general overview of web browser caching will be included and countermeasures from both the client and server side. Corey Benninger, CISSP, is a Security Consultant with Foundstone, a division of McAfee, where he commonly performs web application assessments for leading financial institutions and Fortune 500 companies. He also is involved with teaching Ultimate Hacking Exposed courses to clients throughout the United States. Prior to joining Foundstone, Corey worked on developing web applications for a nation wide medical tracking system as well as infrastructure applications for internet service providers."

"Web applications are normally the most exposed and the most easily compromised part of an organization's network presence. This combination requires that organizations be prepared for web application compromises and have an efficient plan for dealing with them. Unfortunately, traditional techniques for forensics and incident response do not take into account the unique requirements of web applications. The multi-level architecture, business criticality, reliance on major database and middleware software components, and custom nature of web applications all create unique challenges for the security professional. Responding to a web application attack brings many unique issues, often with no clear right and wrong answers, but this talk will provide useful information to guide attendees down this bumpy path. Chuck Willis is a Senior Consultant with Mandiant, a full spectrum information security company in Alexandria, Virginia, where he concentrates in incident response, computer forensics, tool development and application security. Prior to joining MANDIANT, Chuck performed security software engineering, penetration testing, and vulnerability assessments at a large government contractor and also conducted computer forensics and network intrusion investigations as a U.S. Army Counterintelligence Special Agent. Chuck holds a Master of Science in Computer Science from the University of Illinois at Urbana-Champaign and has previously spoken at the Black Hat Briefings USA, the IT Underground security conference in Europe, and DefCon. Chuck has contributed to several open source security software projects and is a member of the Open Web Application Security Project, a Certified Information Systems Security Professional, and a Certified Forensic Computer Examiner. Chuck's past presentations are available on his Web site. Rohyt Belani is a Director at Mandiant and specializes in assisting organizations with securing their network infrastructure and applications. His expertise encompasses the areas of wireless security, application security and incident response. Rohyt is also an experienced and talented instructor of technical security education courses. Prior to joining MANDIANT, Rohyt was a Principal Consultant at Foundstone. Earlier in his career, he was a Research Group Member for the Networked Systems Survivability Group at the Computer Emergency Response Team (CERT). Rohyt is a frequent author of articles on SecurityFocus and is also a contributing author for "Hack Notes-Network Security" and "Extrusion Detection: Security Monitoring for Internal Intrusions". Rohyt is a regular speaker at various industry conferences and forums like OWASP, HTCIA, FBI-Cyber Security Summit, ASIS, HP World, New York State Cyber Security Conference, HackInTheBox-Malaysia, and CPM. Rohyt holds a Bachelor of Engineering in Computer Engineering from Bombay University and a Master of Science in Information Networking from Carnegie Mellon University and is a Certified Information Systems Security Professional (CISSP)."

Web applications are normally the most exposed and the most easily compromised part of an organization's network presence. This combination requires that organizations be prepared for web application compromises and have an efficient plan for dealing with them. Unfortunately, traditional techniques for forensics and incident response do not take into account the unique requirements of web applications. The multi-level architecture, business criticality, reliance on major database and middleware software components, and custom nature of web applications all create unique challenges for the security professional. Responding to a web application attack brings many unique issues, often with no clear right and wrong answers, but this talk will provide useful information to guide attendees down this bumpy path. Chuck Willis is a Senior Consultant with Mandiant, a full spectrum information security company in Alexandria, Virginia, where he concentrates in incident response, computer forensics, tool development and application security. Prior to joining MANDIANT, Chuck performed security software engineering, penetration testing, and vulnerability assessments at a large government contractor and also conducted computer forensics and network intrusion investigations as a U.S. Army Counterintelligence Special Agent. Chuck holds a Master of Science in Computer Science from the University of Illinois at Urbana-Champaign and has previously spoken at the Black Hat Briefings USA, the IT Underground security conference in Europe, and DefCon. Chuck has contributed to several open source security software projects and is a member of the Open Web Application Security Project, a Certified Information Systems Security Professional, and a Certified Forensic Computer Examiner. Chuck's past presentations are available on his Web site. Rohyt Belani is a Director at Mandiant and specializes in assisting organizations with securing their network infrastructure and applications. His expertise encompasses the areas of wireless security, application security and incident response. Rohyt is also an experienced and talented instructor of technical security education courses. Prior to joining MANDIANT, Rohyt was a Principal Consultant at Foundstone. Earlier in his career, he was a Research Group Member for the Networked Systems Survivability Group at the Computer Emergency Response Team (CERT). Rohyt is a frequent author of articles on SecurityFocus and is also a contributing author for "Hack Notes-Network Security" and "Extrusion Detection: Security Monitoring for Internal Intrusions". Rohyt is a regular speaker at various industry conferences and forums like OWASP, HTCIA, FBI-Cyber Security Summit, ASIS, HP World, New York State Cyber Security Conference, HackInTheBox-Malaysia, and CPM. Rohyt holds a Bachelor of Engineering in Computer Engineering from Bombay University and a Master of Science in Information Networking from Carnegie Mellon University and is a Certified Information Systems Security Professional (CISSP)."

Don't get caught. Building off of Foster's log manipulation and bypassing forensics session at BlackHat Windows 2004, James C. Foster and Vincent T. Liu will share over eighteen months of continued private forensic research with the Black Hat audience including ground-breaking vulnerabilities and key weaknesses in some of the most popular tools used by forensic examiners including EnCase, CA eTrustAudit, and Microsoft ISA Server. Watch live demonstrations as Foster and Vinnie detail how to leverage these weaknesses to avoid being detected, and discover the theory and practice behind the most effective and cutting-edge anti-forensics techniques. Finally, learn how to turn a forensic analyst's training against himself by joining the speakers in a lively discussion of the "Top 10 Ways to Exploit a Forensic Examiner". This talk should be required viewing for all those on both sides of the fence, so come prepared to watch trusted forensics tools crumble. James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation. Foster is responsible for directing and managing the vision, technology, and operational design for CSC's global security services. Prior to joining CSC, Foster was the Director of Research and Development for Foundstone Inc (acquired by McAfee). and was responsible for all aspects of product, consulting, and corporate Rresearch and developmentD initiatives. Prior to joining Foundstone, Foster was a Senior Advisor and Research Scientist with Guardent Inc (acquired by Verisign) and an editor at Information Security Magazine(acquired by TechTarget Media), subsequent to working as an Information Security and Research Specialist for the Department of Defense. Foster's core competencies include high-tech management, international software development and expansion, web-based application security, cryptography, protocol analysis, and search algorithm technology. Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial and government cryptography implementations. Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, BlackHat, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been cited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds degrees in Business Administration, Software Engineering, and Management of Information Systems and has attended the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's Wharton School of Business. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include "Snort 2.0", "Snort 2.1" 2nd Edition, "Hacking Exposed" 4th Ed and 5th Ed, "Special Ops Security", "Anti-Hacker Toolkit" 2nd Ed, "Advanced Intrusion Detection", "Hacking the Code", "Anti-Spam Toolkit", "Programmer's Ultimate Security DeskRef", "Google for Penetration Testers", "Buffer Overflow Attacks", and "Sockets, Shellcode, Porting, and Coding". Vincent Liu is an IT security specialist at a Fortune 100 company where he is responsible for assessing the security of the enterprise network infrastructure and participating as a member of the global incident response team.Before moving to his current position, Vincent worked as a consultant with the Ernst and Young Advanced Security Center and as an analyst at the National Security Agency. His specialties include penetration testing, web application assessments, incident response, binary reverse engineering, and exploit development. Vincent holds a degree in Computer Science and Engineering from the University of Pennsylvania. While at Penn, Vincent taught courses on operating system implementation and C programming, and was involved with DARPA-funded research into advanced intrusion detection techniques. He is currently a contributor to the Metasploit project, and is a contributing author for Sockets, Shellcode, Porting, and Coding. Vincent has also studied at the University of Maryland and the University of Kentucky.>

In a refreshing different format, Foster cracks the audience with a twenty minute comedic dissertation of the past year in the information security industry. Performing standup, Foster will roast the year's worst companies' business mistakes, stereotypes, books, websites, Fucked Company security excerpts in addition to posing fun of those who don't have the dream job, boatloads of cash, the supermodel girlfriend, or cabana boy - boyfriend with humorous hints of how to get there. Wrapping up the session, Foster will make his 2006 security predictions. James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation. Foster is responsible for directing and managing the vision, technology, and operational design for CSC's global security services. Prior to joining CSC, Foster was the Director of Research and Development for Foundstone Inc (acquired by McAfee). and was responsible for all aspects of product, consulting, and corporate research and development initiatives. Prior to joining Foundstone, Foster was a Senior Advisor and Research Scientist with Guardent Inc (acquired by Verisign) and an editor at Information Security Magazine(acquired by TechTarget Media), subsequent to working as an Information Security and Research Specialist for the Department of Defense. Foster's core competencies include high-tech management, international software development and expansion, web-based application security, cryptography, protocol analysis, and search algorithm technology. Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial and government cryptography implementations. Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, BlackHat, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been cited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds degrees in Business Administration, Software Engineering, and Management of Information Systems and has attended the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's Wharton School of Business. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.0, Snort 2.1 2nd Edition, Hacking Exposed 4th Ed and 5th Edition, Special Ops Security, Anti-Hacker Toolkit 2nd Ed, Advanced Intrusion Detection, Hacking the Code, Anti-Spam Toolkit, Programmer's Ultimate Security DeskRef, Google for Penetration Testers, Buffer Overflow Attacks, and Sockets/Porting/and Shellcode.

During the course of 2004 and 2005, we have responded to dozens of computer security incidents at some of America's largest organizations. Mr. Mandia was on the front lines assisting these organizations in responding to international computer intrusions, theft of intellectual property, electronic discovery issues, and widespread compromise of sensitive data. Our methods of performing incident response have altered little in the past few years, yet the attacks have greatly increased in sophistication. Mr. Mandia addresses the widening gap between the sophistication of the attacks and the sophistication of the incident response techniques deployed by "best practices." During this presentation, Mr. Mandia re-enacts some of the incidents; provides examples of how these incidents impacted organizations; and discusses the challenges that each organization faced. He demonstrates the "state-of-the-art" methods being used to perform Incident Response, and how these methods are not evolving at a pace equal to the threats. He outlines the need for new technologies to address these challenges, and what these technologies would offer. He concludes the presentation by discussing emerging trends and technologies that offer strategic approaches to minimize the risks that an organization faces from the liabilities the information age has brought. Kevin Mandia is an internationally recognized expert in the field of information security. He has been involved with information security for over fifteen years, beginning in the military as a computer security officer at the Pentagon. He has assisted attorneys, corporations, and government organizations with matters involving information security compliance, complex litigation support, computer forensics, expert testimony, network attack and penetration testing, fraud investigations, computer security incident response, and counterintelligence matters. Mr. Mandia established Red Cliff specifically to bring together a core group of industry leaders in this field and solve client's most difficult information security challenges. Prior to forming Red Cliff, Kevin built the computer forensics and investigations group at Foundstone from its infancy to a multi-million dollar global practice that performed civil litigation support and incident response services. As technical and investigative lead, Mr. Mandia responded on-site to dozens of computer security incidents per year. He assisted numerous financial services and large organizations in handling and discretely resolving computer security incidents. He also led Foundstone's computer forensic examiners in supporting numerous criminal and civil cases. He has provided expert testimony on matters involving theft of intellectual property and international computer intrusion cases.

Don't get caught. Building off of Foster's log manipulation and bypassing forensics session at BlackHat Windows 2004, James C. Foster and Vincent T. Liu will share over eighteen months of continued private forensic research with the Black Hat audience including ground-breaking vulnerabilities and key weaknesses in some of the most popular tools used by forensic examiners including EnCase, CA eTrustAudit, and Microsoft ISA Server. Watch live demonstrations as Foster and Vinnie detail how to leverage these weaknesses to avoid being detected, and discover the theory and practice behind the most effective and cutting-edge anti-forensics techniques. Finally, learn how to turn a forensic analyst's training against himself by joining the speakers in a lively discussion of the "Top 10 Ways to Exploit a Forensic Examiner". This talk should be required viewing for all those on both sides of the fence, so come prepared to watch trusted forensics tools crumble. James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation. Foster is responsible for directing and managing the vision, technology, and operational design for CSC's global security services. Prior to joining CSC, Foster was the Director of Research and Development for Foundstone Inc (acquired by McAfee). and was responsible for all aspects of product, consulting, and corporate Rresearch and developmentD initiatives. Prior to joining Foundstone, Foster was a Senior Advisor and Research Scientist with Guardent Inc (acquired by Verisign) and an editor at Information Security Magazine(acquired by TechTarget Media), subsequent to working as an Information Security and Research Specialist for the Department of Defense. Foster's core competencies include high-tech management, international software development and expansion, web-based application security, cryptography, protocol analysis, and search algorithm technology. Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial and government cryptography implementations. Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, BlackHat, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been cited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds degrees in Business Administration, Software Engineering, and Management of Information Systems and has attended the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's Wharton School of Business. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include "Snort 2.0", "Snort 2.1" 2nd Edition, "Hacking Exposed" 4th Ed and 5th Ed, "Special Ops Security", "Anti-Hacker Toolkit" 2nd Ed, "Advanced Intrusion Detection", "Hacking the Code", "Anti-Spam Toolkit", "Programmer's Ultimate Security DeskRef", "Google for Penetration Testers", "Buffer Overflow Attacks", and "Sockets, Shellcode, Porting, and Coding". Vincent Liu is an IT security specialist at a Fortune 100 company where he is responsible for assessing the security of the enterprise network infrastructure and participating as a member of the global incident response team.Before moving to his current position, Vincent worked as a consultant with the Ernst and Young Advanced Security Center and as an analyst at the National Security Agency. His specialties include penetration testing, web application assessments, incident response, binary reverse engineering, and exploit development. Vincent holds a degree in Computer Science and Engineering from the University of Pennsylvania. While at Penn, Vincent taught courses on operating system implementation and C programming, and was involved with DARPA-funded research into advanced intrusion detection techniques. He is currently a contributor to the Metasploit project, and is a contributing author for Sockets, Shellcode, Porting, and Coding. Vincent has also studied at the University of Maryland and the University of Kentucky.>

Looking for instant gratification from the latest client side attack? Your search may be over when you see the data that can be harvested from popular web browser caches. This discussion will focus on what web application programmers are NOT doing to prevent data like credit card and social security numbers from being cached. It will explore what popular websites are not disabling these features and what tools an attacker can use to gather this information from a compromised machine. A general overview of web browser caching will be included and countermeasures from both the client and server side. Corey Benninger, CISSP, is a Security Consultant with Foundstone, a division of McAfee, where he commonly performs web application assessments for leading financial institutions and Fortune 500 companies. He also is involved with teaching Ultimate Hacking Exposed courses to clients throughout the United States. Prior to joining Foundstone, Corey worked on developing web applications for a nation wide medical tracking system as well as infrastructure applications for internet service providers."

In a refreshing different format, Foster cracks the audience with a twenty minute comedic dissertation of the past year in the information security industry. Performing standup, Foster will roast the year's worst companies' business mistakes, stereotypes, books, websites, Fucked Company security excerpts in addition to posing fun of those who don't have the dream job, boatloads of cash, the supermodel girlfriend, or cabana boy - boyfriend with humorous hints of how to get there. Wrapping up the session, Foster will make his 2006 security predictions. James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation. Foster is responsible for directing and managing the vision, technology, and operational design for CSC's global security services. Prior to joining CSC, Foster was the Director of Research and Development for Foundstone Inc (acquired by McAfee). and was responsible for all aspects of product, consulting, and corporate research and development initiatives. Prior to joining Foundstone, Foster was a Senior Advisor and Research Scientist with Guardent Inc (acquired by Verisign) and an editor at Information Security Magazine(acquired by TechTarget Media), subsequent to working as an Information Security and Research Specialist for the Department of Defense. Foster's core competencies include high-tech management, international software development and expansion, web-based application security, cryptography, protocol analysis, and search algorithm technology. Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial and government cryptography implementations. Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, BlackHat, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been cited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds degrees in Business Administration, Software Engineering, and Management of Information Systems and has attended the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's Wharton School of Business. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.0, Snort 2.1 2nd Edition, Hacking Exposed 4th Ed and 5th Edition, Special Ops Security, Anti-Hacker Toolkit 2nd Ed, Advanced Intrusion Detection, Hacking the Code, Anti-Spam Toolkit, Programmer's Ultimate Security DeskRef, Google for Penetration Testers, Buffer Overflow Attacks, and Sockets/Porting/and Shellcode.

During the course of 2004 and 2005, we have responded to dozens of computer security incidents at some of America's largest organizations. Mr. Mandia was on the front lines assisting these organizations in responding to international computer intrusions, theft of intellectual property, electronic discovery issues, and widespread compromise of sensitive data. Our methods of performing incident response have altered little in the past few years, yet the attacks have greatly increased in sophistication. Mr. Mandia addresses the widening gap between the sophistication of the attacks and the sophistication of the incident response techniques deployed by "best practices." During this presentation, Mr. Mandia re-enacts some of the incidents; provides examples of how these incidents impacted organizations; and discusses the challenges that each organization faced. He demonstrates the "state-of-the-art" methods being used to perform Incident Response, and how these methods are not evolving at a pace equal to the threats. He outlines the need for new technologies to address these challenges, and what these technologies would offer. He concludes the presentation by discussing emerging trends and technologies that offer strategic approaches to minimize the risks that an organization faces from the liabilities the information age has brought. Kevin Mandia is an internationally recognized expert in the field of information security. He has been involved with information security for over fifteen years, beginning in the military as a computer security officer at the Pentagon. He has assisted attorneys, corporations, and government organizations with matters involving information security compliance, complex litigation support, computer forensics, expert testimony, network attack and penetration testing, fraud investigations, computer security incident response, and counterintelligence matters. Mr. Mandia established Red Cliff specifically to bring together a core group of industry leaders in this field and solve client's most difficult information security challenges. Prior to forming Red Cliff, Kevin built the computer forensics and investigations group at Foundstone from its infancy to a multi-million dollar global practice that performed civil litigation support and incident response services. As technical and investigative lead, Mr. Mandia responded on-site to dozens of computer security incidents per year. He assisted numerous financial services and large organizations in handling and discretely resolving computer security incidents. He also led Foundstone's computer forensic examiners in supporting numerous criminal and civil cases. He has provided expert testimony on matters involving theft of intellectual property and international computer intrusion cases.