Information Security Workshop
Presented by Jon Kibler, CTO
Advanced Systems Engineering Technology, Inc., Charleston, SC

Threats and Countermeasures: What You Need To Know To Defend Your Systems Against Cyber Attacks
Learn What Hackers Know About Your Systems, Software, Web Sites, Networks, Intellectual Property, and Confidential Data That You Should Know, But Do Not Know

You Will Learn:

• How information is stolen through simple flaws in systems
• Why attacks against users are so successful
• How firewalls, IDS/IPS, anti-virus, content filtering, and other defenses are bypassed to compromise systems
• How attackers evade detection
• How your systems and security are being used against you
• Countermeasures required to detect and mitigate advanced attacks
• Managers will learn concepts and see how systems are compromised
• Engineers and analysts will learn the technical details of the attacks

Overview of Workshop Topics:

• Attacks against system services
• Attacks against users
• Data and database security
• Data exfiltration, data loss prevention, and protecting intellectual property
• Evading your defenses
• Identity, authentication, and authorization attacks (including high-performance password cracking)
• Infrastructure attacks and defense
• Network layer two attacks
• Network protocol attacks
• Not all security evaluations are created equal: Check lists vs. network mapping vs. vulnerability assessments vs. penetration tests vs. ethical hacks
• Removable media
• Validating software security
• Web application software security
• Web browser, plug-in, and thick-client security
• Web server security
• Wireless insecurity

Workshop Format:

• Interactive and fast paced — multiple attacks presented each hour
• Workshop will present an attack, ask attendees to analyze why it was successful, discuss the concepts behind the attack, and present countermeasures required to prevent, detect, or mitigate the attack
• Bring your laptop for hands-on experience as both attacker and victim!

Who Should Attend:

• All information systems security specialists
• Anyone concerned with data loss prevention, data exfiltration, data privacy, or intellectual property protection
• Anyone involved in software development, database development, web application development, or software quality assurance
• Anyone involved in data or voice networking, or network security
• Law enforcement and digital forensics investigators
• Accountants, engineers, lawyers, and other consulting professionals whose clients may have information security, privacy, or intellectual property security concerns