11.30.16

December DC206 Meeting: Zach on Social Engineering

Posted in Uncategorized at 09:26 by Lee Fisher

What: December DC206 Meeting
When: 3rd Sundays (Dec 18th), 1-3pm
Where: Black Lodge Research; 17725 NE 65th St, A-155; Evans Business Park, Building A; Redmond, WA 98052 USA

Introduction to Social Engineering

by Zach

In this introductory presentation on social engineering, the speaker will dissect a few of his more fun engagements and walk through the prep work and psychological techniques that made the attacks work

Zach has over 10 years of experience with social engineering in a variety of roles, from defusing hostile people and drunk wrangling, to conning creds and gaining access as “your IT guy”. His enjoyment of studying human behavior and learning what makes people tick in combination with his ability to talk to anyone is what makes him successful in his practices.

http://blacklodgeresearch.org/
http://dc206.org/

11.16.16

Nov DC206 Meeting: Adam Shostack on Thread Modeling

Posted in Uncategorized at 14:31 by Lee Fisher

When: 3rd Sundays (November 20th), 1-3pm
What: November DC206 Meeting, http://dc206.org/
Where: Black Lodge Research; 17725 NE 65th St, A-155; Evans Business Park, Building A; Redmond, WA 98052, http://blacklodgeresearch.org/

“Threat Modeling Lessons From Star Wars”
by Adam Shostack

Everyone knows you ought to threat model, but in practical reality it turns out to be tricky. If past efforts to threat model haven’t panned out, perhaps part of the problem is confusion over what works, and how the various approaches conflict or align. This talk captures lessons from years of work helping people throughout the software industry threat model more effectively.  It’s designed to help security pros, developers and systems managers, all of whom will leave with both threat modeling lessons from Star Wars and a proven foundation, enabling them to threat model effectively.

Adam is an entrepreneur, technologist, author and game designer. He’s a member of the BlackHat Review Board, and helped found the CVE and many other things. He’s currently building his 5th startup, focused on improving security effectiveness, and mentors startups as a Mach37 Star Mentor. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the “Elevation of Privilege” game. Adam is the author of “Threat Modeling: Designing for Security,” and the co-author of “The New School of Information Security.”