[iwar] Top Security Experts Address the Real Issues in Computer Security

From: Fred Cohen (fc@all.net)
Date: 2002-06-05 15:52:43
Next message: Fred Cohen: "[iwar] [fc:Is.Linux.Ready.for.National.Security?]"
Previous message: Fred Cohen: "[iwar] [fc:Dead.Men.Tell.No.Passwords]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200206052252.g55Mqh810815@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Wed, 5 Jun 2002 15:52:43 -0700 (PDT)
Subject: [iwar] Top Security Experts Address the Real Issues in Computer Security
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Black Hat Briefings 2002 Sessions Examine Best Practices & The Best Tools

Top Security Experts Address the Real Issues in Computer Security - Richard 
Clarke to Keynote

http://www.blackhat.com/ -- Black Hat Inc. announced today preliminary 
speaker sessions for this summer's Black Hat Briefings and Training 2002, 
the annual conference and workshop designed to help computer professionals 
better understand the security risks to their computer and information 
infrastructures by potential threats. This year's show will focus on 
several tracks of hot topics including Wireless, Firewalls, Access Control, 
PKI & Single Signon, Routing and Infrastructure, Application Security, 
Intrusion Detection, Incident Response & Computer Forensics, Privacy & 
Anonymity, Web, Mail and Other Related Servers, and Deep Knowledge. The 
event is being held 31 July through 1 August 2002 at the Caesars Palace 
Hotel and Casino in the heart of Las Vegas.

Top-notch speakers will deliver to the conference's core audience of IT & 
network security experts, consultants and administrators the newest 
developments on the vital security issues facing organizations using large 
networks with a mix of operating systems.

"Our goal is to present a vendor-neutral environment where conference 
attendees can receive key intelligence in a face-to-face environment with 
the people developing the tools used by and against hackers," says Jeff 
Moss, founder of Black Hat Inc. "Our speakers discuss the strategies 
involved in correcting existing problems and inform attendees on upcoming 
issues, preparing them for the future."

Richard Clarke, Special Advisor to President Bush for Cyberspace Security, 
will be one of the keynotes headlining the event. Mr. Clarke has served in 
several senior national security posts. Most recently he served as National 
Coordinator for Security, Infrastructure Protection, and Counter-terrorism 
on the National Security Council. As National Coordinator, he led the U.S. 
government's efforts on counter-terrorism, cyber security, continuity of 
government operations, domestic preparedness for weapons of mass 
destruction, and international organized crime. He will be speaking about 
our nation's strategy for securing cyberspace.

The lineup of Black Hat Briefings presenters for 2002 include:

         -- Thomas Akin, Founding Director, Southeast Cybercrime Institute. 
Akin is a Certified Information Systems Security Professional (CISSP) who 
has worked in Information Security for almost a decade. He is the founding 
director of the Southeast Cybercrime Institute where he also serves as 
chairman for the Institute's Board of Advisors. He is an active member of 
the Georgia Cybercrime Task Force where he heads up the Task Force's 
Education committee. Thomas also works with Atlanta's ISSA, InfraGard, and 
HTCIA professional organizations.

          -- Ofir Arkin, Managing Security Architect, @stake. Prior to 
joining @stake, Arkin has worked as a consultant for several European 
finance institutes where he played the rule of Senior Security Analyst, and 
Chief Security Architect in major projects. His experience includes working 
for a leading European Swiss bank architecting the security of the bank's
E-banking project.

         -- Rebecca Bace, President/CEO, Infidel Inc. Bace provides 
strategic and operational consulting services for clients that include 
security point product developers, legal firms, and Internet solutions 
providers. She is also a noted author on topics in intrusion detection and 
network security, with credits including the white paper series for ICSA's 
Intrusion Detection Consortium. Her book on Intrusion Detection was 
published by Macmillan Technical Publishing in January, 2000.

         -- Don Cavender, Senior Special Agent, FBI Academy. SSA Cavender 
has twelve years experience as an FBI Agent. The past seven years he has 
been involved in high technology investigations and/or digital forensics. 
He is presently responsible for instruction in Internet and Network 
Investigations for FBI, Federal, State and Local Law Enforcement 
Investigators, case support and consultation and research.

         -- Sean Convery, Network Architect, Cisco. Convery is a network 
architect in Cisco's VPN and security business unit. Sean works primarily 
on the SAFE blueprint, and is an author several of its whitepapers. Prior 
to his four years at Cisco, Sean held various positions in both IT and 
security consulting during his 11 years in networking.

         -- Mark Eckenwiler, Senior Counsel in the Computer Crime & 
Intellectual Property Section, Criminal Division, U.S. Department of 
Justice. Eckenwiler is Senior Counsel in the Computer Crime and 
Intellectual Property Section, Criminal Division, U.S. Department of 
Justice. His areas of responsibility include federal wiretap law, computer 
search and seizure, and online investigations. An Internet veteran for 
almost two decades, Mark has written and spoken widely on such issues as 
anonymity and free speech, e-mail stalking laws, Internet jurisdiction, 
electronic privacy, and the Fifth Amendment implications of cryptographic 
keys.

         -- Halvar Flake, Reverse Engineer, Black Hat Consulting. 
Originating in the fields of copy protection and digital rights management, 
he gravitated more and more towards network security over time as he 
realized that constructive copy protection is more or less fighting 
windmills. After writing his first few exploits he was hooked and realized 
that reverse engineering experience is a very handy asset when dealing with 
COTS software. With extensive experience in reverse engineering, network 
security, penetration testing and exploit development he recently joined 
BlackHat as their primary reverse engineer.

         -- Dr. Ian Goldberg is internationally recognized as one of the 
world's leading cryptographers and cypherpunks. Dr. Goldberg is a founder 
of Berkeley's Internet Security, Applications, Authentication and 
Cryptography group. In addition to developing many of the leading network 
software titles for the Palm Pilot, he is known for his part in cracking 
the first RSA Secret Key Challenge in three and a half hours; breaking 
Netscape's implementation of the encryption system SSL; and breaking the 
cryptography in the GSM cellular phone standard. In November 1998, Wired 
magazine selected Dr. Goldberg as one of the "Wired 25" - the twenty-five 
people who in 1998 are "about to change the rules all over again." In 
December 2000 he obtained his Ph.D. from UC Berkeley for his thesis "A 
Pseudonymous Communications Infrastructure for the Internet," which 
examined the technical and social issues involved in designing the Freedom 
Network.

         -- Jennifer Granick, Litigation Director, Center for Internet and 
Society, Stanford Law School. Ms. Granick's work focuses on the interaction 
of free speech, privacy, computer security, law and technology. She is on 
the Board of Directors for the Honeynet Project and has spoken at the NSA, 
to law enforcement and to computer security professionals from the public 
and private sectors in the United States and abroad. Before coming to 
Stanford Law School, Ms. Granick practiced criminal defense of unauthorized 
access and email interception cases nationally. She has published articles 
on wiretap laws, workplace
privacy and trademark law.

         -- The Honeynet Project is a non-profit, all volunteer security 
research organization dedicated to researching the blackhat community, and 
sharing the lessons learned. Made up of thirty security professional, the 
Project deploys Honeynet around the world to capture and analyze blackhat 
activity. These lessons are then shared with the security community. The 
Honeynet Project began in 1999 and continues to grow with the founding of 
the Honeynet Research Alliance.

         -- Jesse Kornblum, Chief, Research and Development, Air Force 
Office of Special Investigations. SA Kornblum is the Chief of Research and 
Development for the Air Force Office of Special Investigations Computer 
Investigations and Operations Branch . A graduate of the Massachusetts 
Institute of Technology, he has experience running intrusion investigations 
and supporting other agents in more traditional investigations. He is 
currently responsible for developing tools and techniques to allow agents 
to conduct investigations.

         -- Larry Leibrock, Associate Dean and Technology Officer, 
University of Texas McCombs Business School. Leibrock has held or currently 
holds clinical teaching and research appointments at McCombs Business 
School, Institute for Advanced Technology, The University of Texas Law 
School, Emory University, Helsinki School of Economics and Monterrey 
Technologica in Mexico City and Monterrey. He is a member of IEEE, ACM, 
Internet Society, FIRST and USENIX/SAGE. He is also a member of the 
Department of Defense Software Engineering Institute and a participant in 
the Air Force Software Technology Conference.

         -- David Litchfield, Managing Director & Co-Founder, Next 
Generation Security Software. Litchfield is a world-renowned security 
expert specializing in Windows NT and Internet security. His discovery and 
remediation of over 100 major vulnerabilities in products such as 
Microsoft's Internet Information Server and Oracle's Application Server 
have lead to the tightening of sites around the world. David Litchfield is 
also the author of Cerberus' Internet Scanner (previously NTInfoscan), one 
of the world's most popular free vulnerability scanners. In addition to 
CIS, David has written many other utilities to help identify and fix 
security holes. David is the author of many technical documents on security 
issues including his tutorial on Exploiting Windows NT Buffer Overruns 
referenced in the book "Hacking Exposed".

         -- Dr. William Tafoya, Senior Member of the Executive Staff, 
Computer Sciences Corporation Federal Sector - Defense Group. Tafoya is 
formerly Director of the Information System Security and Education Center, 
Washington, DC. Prior to that he was Professor of Criminal Justice at 
Governors State University and before that he was Director of Research for 
the Office of International Criminal Justice at the University of Illinois 
at Chicago. He is a retired Special Agent of the Federal Bureau of 
Investigation.

A full list of speakers can be found at:
http://www.blackhat.com/html/bh-usa-02/bh-usa-02-speakers.html

Black Hat Inc. will also conduct computer security training for several 
different topics the two days prior to the briefings - 29 through 30 July.

Subjects include:

         -- Hacking by Numbers
         -- Secure Development of Data-Driven Web Applications
         -- System and Process for Digital Evidence Ramp-Up Course
         -- Forensics Tools and Processes for Windows 2000 and Windows XP 
Platforms
         -- Using Active Directory to Manage Security
         -- Advanced Scanning with ICMP
         -- Securing Solaris and Locking Down Linux
         -- NSA InfoSec Assessment Methodology Course
         -- Ultimate Hacking: Black Hat Edition
         -- Analyzing Software for Security Vulnerabilities
         -- Infrastructure Attacktecs & Defentec "Hacking into a Cisco Network"

The instructors for the training segment of this year's Black Hat are some 
of the top experts in their field and are fully active in the computer 
security community. You won't find most of these speakers anywhere else and 
these handpicked security gurus will train participants in understanding 
the real threats to any network and how to keep them from being exploited.

To register for BlackHat Briefings, visit the Web site at 
http://www.blackhat.com. Direct any conference-related questions to 
info@blackhat.com.

For press registration, contact B.K. DeLong at +1.617.877.3271 or
via email at press@blackhat.com.

About Black Hat Inc.

Black Hat Inc. was originally founded in 1997 by Jeff Moss to fill the need 
for computer security professionals to better understand the security risks 
and potential threats to their information infrastructures and computer 
systems. Black Hat accomplishes this by assembling a group of 
vendor-neutral security professionals and having them speak candidly about 
the problems businesses face and their solutions to those problems. Black 
Hat Inc. produces 5 briefing & training events a year on 3 different 
continents. Speakers and attendees travel from all over the world to meet 
and share in the latest advances in computer security. For more 
information, visit their Web site at
http://www.blackhat.com

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tied to your PC? Cut Loose and
Stay connected with Yahoo! Mobile
http://us.click.yahoo.com/QBCcSD/o1CEAA/sXBHAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: Fred Cohen: "[iwar] [fc:Is.Linux.Ready.for.National.Security?]"
Previous message: Fred Cohen: "[iwar] [fc:Dead.Men.Tell.No.Passwords]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT