At a time when the NSA’s SIGINT operations face intense scrutiny by the public and media, these two Infiltrate talks will provide an insider’s view of the agency’s 'spy versus spy' tactics
Miami Beach, FL (PRWEB) March 11, 2014
Infiltrate Con, a boutique cybersecurity conference focused entirely on offensive security and unethical hacking, is pleased to announce its selection of two former senior National Security Agency officials - Richard “Dickie” George, former technical director of the NSA’s Information Assurance Directorate, and Bill Arbaugh, former senior technical advisor for the NSA - as keynote speakers at this year’s event.
At a time when the NSA’s SIGINT operations face intense scrutiny by the public and media, these two Infiltrate talks will provide an insider’s view of the agency’s “spy versus spy” tactics and methodologies over the years and key lessons on offensive operations learned from the field which can benefit today’s practitioners.
“We’re pleased that both Dickie and Bill will be able to speak at this year’s conference and expect both talks to provide extremely interesting content for the offensive security crowd,” said Dave Aitel, CEO of Immunity Inc. and founder of Infiltrate Con. “Love them or hate them, the NSA runs the best SIGINT operations in the world, and these talks will not only prove instructive from a strategic and practical sense, but they will also provide a greater understanding of the changes coming down the line from both an attacker’s and defender’s standpoint.”
Here is a brief overview of the two keynote talks:
- “Life at Both Ends of the Barrel: An NSA Targeting Retrospective” - by Richard “Dickie” George, currently senior advisor for cybersecurity at Johns Hopkins University Applied Physics Laboratory - This talk will discuss a 40 year retrospective of the NSA’s role on both sides of the spy-versus-spy game. It will cover steps that the NSA took to protect the country’s valuable information through encryption – like data encryption standard (DES), the role the agency played in ensuring DES was as secure as advertised, and the steps that the adversary took to circumvent that security to gain access to our nation’s secrets. And it will address how the NSA SIGINT mission pursued its goals of providing requested intelligence to the US government. George’s talk will also discuss what is happening in this arena today, predictions for future attacks and ways in which tomorrow’s technology might be used to protect us.
- “Red Team Deadwood: Why Red Teams are Useless” - Bill Arbaugh, currently associate professor emeritus at the University of Maryland College Park - This talk will present the history of “red teams,” i.e., simulation of real-world attacks to determine how far an attacker could penetrate into an environment. Red teams are a required element in many compliance assessments today - but are they outdated? All of the recent high-profile intrusions aptly demonstrate how far an adversary can penetrate an environment. The extent and duration of recent comprises begs the question of the value of red team exercises. This talk will discuss where such exercises are currently useless and where they may still provide value. Arbaugh’s talk will also propose that red teams are answering the wrong question: “Can my enterprise be compromised?” and that the question instead should be, “How has my enterprise been compromised?”
Now in its fourth year, Infiltrate Con is a single-track, two-day conference in Miami Beach, running from May 15-16, 2014 at the Fontainebleau Hotel. In addition to the briefings, Immunity Inc. offers a variety of training classes (including Web Hacking, Unethical Hacking and Master Class) before and after the conference.
About Infiltrate Con:
Infiltrate (http://www.infiltratecon.com) is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere. Infiltrate is the single most important event for those who are focused on the technical aspects of offensive security issues - for example, computer and network exploitation, vulnerability discovery, and rootkit and trojan covert protocols. Infiltrate eschews policy and high-level presentations in favor of hardcore thought-provoking technical meat.
Founded in 2011, Infiltrate Con is organized by Dave Aitel and Immunity Inc. Past speakers include Stephen Watt, a.k.a. “The UNIX Terrorist,” Charlie Miller, Chris Eagle, Brad “Renderman” Haines and more.