Offensive talks are easy, I know. But the goal of offensive security at the end of the day is to make us better defenders. And that's hard.
Usually after the pentesters/auditors (or worst - red team) leaves, there's a whole lot of mess of vulnerabilities, exposures, threats, risks and wounded egos. Now comes the money time - can you fix this so your security posture will actually be better the next time these guys come around? This talk focuses mainly on what should be done (note - no what should be BOUGHT - you probably have most of what you need already in place and you just don't know it yet).
Methodically, defensively, decisively. Just like the red-team can play ball cross-court, so should you! This talk will walk through some of the finer lines between legality and ethics to see just how aggressive can the defenders be. Some examples from actual organizations that practice "SexyDefense" will be provided - both at the intelligence gathering aspect, as well as the incident management and re-action to attacks.
Ian Amit is an IOActive Director of Services with over a decade of experience in both hands-on and strategic roles, working fluently in all manner of security-related fields: business, industry, technical, and research. Currently positioned to represent IOActive in the EMEA, Ian brings our customers the benefit of his proven leadership, innovative management style, and established expert media presence while overseeing engagements for technical, financial, and government clients. He speaks publicly on security topics that include the technical and strategic, as well as marketing, strategy, and policies, working at the highest levels of corporate and multi-national engagements. A skilled researcher, Mr. Amit also has deep technical knowledge around programming, operating systems (particularly Unix and Win32), applications (including most network server applications), databases, and networking/infrastructures. He founded the Tel-Aviv DefCon chapter (DC9723) and also was a founding member of the Penetration Testing Execution Standard (PTES)