Alex Kirk from the Vulnerability Research Team (VRT)!
If you are in the area, be sure and attend!
An excerpt from SkyDogCon's own website:
As the process of owning systems and dragging them into botnets becomes ever more commercialized, exploit kits have emerged as a favorite of attackers; their point-click-own nature means even non-technical people with a little cash can control your PC today. This talk will examine how some popular exploit kits work, from lure through payload; and discuss detection and prevention methodologies, with a focus on IDS/IPS. Live examples from the wild will be used throughout.Alex Kirk is a senior researcher with the Sourcefire Vulnerability Research Team (VRT), and the head of that group's Awareness, Education, Guidance, and Intelligence Sharing (AEGIS) program, which is designed to increase direct collaboration between Sourcefire customers, the Snort user community, and the VRT in the interests of improved detection and coverage. In his 8 years with the VRT, Alex has become one of the world's leading experts on Snort rules, and has honed skills in reverse engineering, network traffic analysis, and systems security. He recently contributed a pair of Snort-related chapters to "Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century," and is a regular contributor to the widely-read VRT blog (http://vrt-blog.snort.org). His current major technical project at Sourcefire involves automated collection of network data generated by malicious binaries, including Android packages, and analysis of that data for detection purposes.
No comments:
Post a Comment