RECORDED February 13, 2018
Tangled Web: Defense in Deception
Why should the Red Team have all the fun? Let's explore the tools, techniques, and processes that Blue Team can utilize to detect, deceive, detour, confound, and confuse our attackers.
What we cover:
- The goals of deception from the perspective of both the attacker and defender
- The elements and processes needed to plan, prepare, execute, and monitor effective deception
- The types of deception techniques that are effective and how they translate into actual web application capabilities
- How to identify and respond to various types of attackers
About the Presenter: Herb Todd
An electronic warfare veteran of the US Navy, Herb has been in IT for over 30 years -- 20 years as a developer and 10 in information security. He works for a Fortune 50 company on the Security Architecture team focused on Emerging Technology and Innovation. His previous security roles include: application security design, web application/service pentester, and secure coding subject matter expert. Herb holds a Bachelors in Applied Computer Science and a Masters degree in Information Assurance and Security from Illinois State University, as well as CISSP, CSSLP, GSEC, GSSP-Java, GPEN, and CRISC certifications. Use of deception as a means of defense is his current security passion.