Speakers: Guillaume Ross Jordan Rogers
Level: Fundamental, Lecture
Excerpt: This talk will cover scenarios from real incidents and how simple solutions that are very cost effective can be used to prevent them from occurring.
How should decisions related to security program development be performed, if the goal is truly to improve security and prevent breaches, as opposed to re-using myths, legends, bad best practices and compliance?
Description: This talk will cover scenarios from real incidents and how simple solutions that are very cost effective can be used to prevent them from occurring.
1. A scenario based on real incidents will be presented.
2. The typical state of security in enterprise will be presented.
3. Specific gaps that allowed the incident to occur and for data to be exfiltrated will be scrutinized.
For each observation, a review of how enterprises are protecting themselves, successfully or not, as well as what
can be done to potentially prevent the incident from occurring in the first place will be performed.
The presentation will conclude with a discussion on the importance of incident response lessons learned being leveraged to further guide decisions related to security program development, with a focus on solutions that truly work, as opposed to myths, legends, bad best practices and compliance.
About the speakers
Guillaume Ross – Senior Security Consultant – Rapid7 (Twitter: @gepeto42)
Guillaume is a Senior Consultant working for Rapid7’s Global Services team, responsible for Information Security Program development. With a background in IT and Security Architecture, he advises clients on their Information Security Programs as well as on technical topics such as threat modeling, mobile and cloud security, and dreams of well hardened, well designed, secure Active Directory deployments. He has previously presented at multiple events such as AtlSecCon, NorthSec, Converge and BSidesLV and private events.
Jordan Rogers – Senior Consultant – Rapid7 (Twitter: @jordanrog)
Jordan is a Senior Consultant for Rapid7’s Analytic Response team, responsible for building out and leading Incident Response Program Development, Tabletop Exercise, Breach Readiness Assessment, and Forensic programs. His background includes incident response, forensics and malware reverse engineering, as well as security architecture design, implementation and review. He has lead training at CircleCityCon, worked security at DerbyCon and CircleCityCon. He has also lead training for private and government entities on malware reverse engineering, incident response and forensics.