TEACHING HACKERS TO HACKto IMPROVE the security of our networks

Bill Swearingen CISSP / EMAW

http://www.lockpicking101.com

Thursday, October 27, 11

Send a text to 40404

“rt hevnsnt”Thanks to NTS, CABEM, @NQAUS, @KState, NISTAC, @CoRiskSolutions and all the sponsors for #CyberSeP!

Without quotes of course

THANK YOUR HOSTS

Thursday, October 27, 11

ABOUT MEDuring the day I manage an elite team of CyberSecurity experts protecting a local telco.

Our job is to catch hackers, unauthorized access, cyber-spies and to understand the latest threats.

One of the founders of the CCCKC HackerSpace.

I also serve as the VP of CyberSecurity for the FBI Infragard (KC Chapter), and host the Annual CyberRAID Exercise.

I like to train hackers on unauthorized access, cyber-spying and the latest threats. It’s like the circle of life really :)

Thursday, October 27, 11

-Confucius

“It does not matter how slowly you go so long as

you do not stop.”

Thursday, October 27, 11

TRADITIONAL TRAINING

Configuration and best practice oriented

Vendor training is very product focused

Specialized information security training (SANS, InfoSec Institute, Offensive Security, etc)

Information Security best practice

Security tools / Techniques

Thursday, October 27, 11

Ed Skoudis :: http://www.inguardians.com/research/docs/Skoudis_pentestsecrets.pdf

Thursday, October 27, 11

So, why do all our defensive people want

to take offensive training?

Thursday, October 27, 11

Can learning offensive techniques make you a better

defender?

Thursday, October 27, 11

To know your adversary’s weapons, is to know how to effectively

defend against them.

Thursday, October 27, 11

How do we better apply traditional training to protect our networks?

Thursday, October 27, 11

“The more you sweat in training, the less you will bleed in battle”

- Navy Seal Motto

Thursday, October 27, 11

Thursday, October 27, 11

CyberRAID

Regional

Attack and

Intrusion

Detection

An exercise putting the “best practices” to the test on a replicated

commercial network. 

Thursday, October 27, 11

Since the exercise network is hosted on a private managed network that is not on the Internet, production data and systems are not at risk.

Thursday, October 27, 11

IT IS NOT FAIR

Beginning

Thursday, October 27, 11

IT IS NOT FAIR

Thursday, October 27, 11

End

IT IS NOT FAIR

Thursday, October 27, 11

While securing an operational environment under attack, participants will also get the opportunity to

see how other teams handled similar circumstances. 

Thursday, October 27, 11

Participants will better know the strengths and weaknesses of their people, processes,

policies and technology.

Thursday, October 27, 11

And understand how to better apply traditional training to

protect our real life networks.

Thursday, October 27, 11

AboutInformal meetup on the second Wednesday of the month for information security professionals to discuss topics of interest over some food and drinks.

Current location: Coach’s Bar & Grill414 W 103rd St, Kansas City, MO 64114  (I-435 and Wornall)

http://seckc.org

Thaisdays!

Every TUESDAY at

Thaiplace on 87th

CyberRAID

2012

Thursday, October 27, 11

QUESTIONS?

Bill Swearingen, CISSPTwitter: @hevnsntemail: bill.swearingen@centurylink.com

Slides are available now:http://bit.ly/swe-cybersep2011

Thursday, October 27, 11