Incident Response & Forensics

 

Education Level: Intermediate

5218 - Building an Infrastructure on Deception Techniques

Tuesday, September 26
1:45 PM - 2:45 PM

As an attacker, there are certain things that I will go after that should never be seen in a network. This presentation will focus on deception techniques that any organization can implement in order to create fake infrastructure that attackers will use in order to identify them in the early stages of an attack. Deception techniques are interesting, because it really needs to be believable for an attacker to go after them. This presentation talks about different techniques that make it hard for an attacker to differentiate with what’s real and what’s not, and how to best build better defenses.

Learning Objectives:

David Kennedy

Founder
TrustedSec

David started TrustedSec and Binary Defense Systems (BDS) with the vision in working with companies for information security. TrustedSec provides information security consulting services for organizations all around the world. BDS is a global Managed Security Service Provider (MSSP) and software security company which detects attackers in the early stages and prevents large-scale attacks.

Prior to TrustedSec and BDS, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company located in over 80 countries with over 20,000 employees. David developed a global security program that tackled all aspects of information security. David is considered a forward thinker in the security field and has presented at several hundred conferences worldwide.

David has had the privilege to speak and keynote at some of the nations largest conferences. This includes keynoting Microsoft’s Bluehat, DEF CON, Blackhat, DerbyCon, Grace Hopper, and a number of widely popular conferences. David has had numerous guest appearances on Fox News, CNN, CNBC, MSNBC, Huffington Post, Bloomberg, BBC, The Katie Show, and other high-profile media outlets. In addition, his tools have been featured on a number of TV

shows including the History Channel, Mr. Robot, and movies. David has assisted in some of the content for the widely popular Mr. Robot TV show, and advises on other news organizations and TV shows. David is the founder of DerbyCon, a large-scale information security conference.

David has testified in front of Congress on multiple occasions on the threats we face in security and in the government space. David also co-authored Metasploit: The Penetration Testers Guide book, which was number one on Amazon in security for over a year. David was also one of the founding members of the “Penetration Testing Execution Standard (PTES)“. PTES is the industry leading standard and guidelines around how penetration tests should be performed and methodologies which is also now adopted by the Payment Card Industry (PCI) Data Security Standard (DSS) Guidelines for Penetration Testing.

David is the creator of several widely popular open-source tools including “The Social-Engineer Toolkit” (SET), PenTesters Framework (PTF), Artillery, and Fast-Track. David has also released security advisories including zero-days and focuses on security research. David has over 15 years of security experience, with over 10 specifically in security consulting and services. Prior to the private sector, David worked in the United States Marines (USMC) for cyber warfare and forensics analysis activities for the intelligence community including two tours to Iraq.

David is also a board of director for the ISC2 organization which is one of the largest security collectives which offers certifications such as the CISSP.

Presentation(s):

Send Email for David Kennedy


Assets

5218 - Building an Infrastructure on Deception Techniques

MP3 Audio Video

Attendees who have favorited this

Please enter your access key

The asset you are trying to access is locked. Please enter your access key to unlock.

Send Email for Building an Infrastructure on Deception Techniques