Hackers of India

2016: The Infosec Crossroads

By Saumil Shah on 19 Oct 2016 @ Hacklu
๐Ÿ“Š Presentation ๐Ÿ”— Link
#philosophy #security-strategy #incident-management #threat-modeling #security-training #security-analytics
Focus Areas: โš–๏ธ Governance, Risk & Compliance , ๐Ÿ›ก๏ธ Security Operations & Defense , ๐Ÿšจ Incident Response , ๐Ÿ—๏ธ Security Architecture , ๐Ÿ“š Security Awareness

Presentation Material

Hack.LU - The Infosec Crossroads from Saumil Shah

Abstract

โ€œTodayโ€™s attacks succeed because the defense is reactiveโ€. I have been researching attacks and offensive techniques since the past 16 years. As the defenses kept catching up and closing open doors, we attackers looked for new avenues and vectors. This talk looks back on the state of defenses during my days of One-Way Web Hacking in 2001 to Stegosploit in 2016, and a common pattern emerges. Defense boils down to reacting to new attacks and then playing catch-up. It is time to take another look at defense strategy. In this talk I present the basics of what should be the next evolution of pro-active defense architecture.