Shows and Events

DEF CON 24 - Las Vegas, NV
The term Honey Pot is one that most people are very aware of. It is a form of detection that is designed to lure an attacker into targeting a simulated system so that you can identify their techniques and tools. Honey pots have been used to gather intelligence about bot nets, malware in the wild and many other forms of malicious activity. The problem now is that these simulated systems are very easy to identify and avoid by today’s advanced attackers.

Last year at Black Hat USA 2014 we met up with a company that was looking to make some changes in the way we protect our data, Ionic Security. The concept was very simple, but the implementation was sure to be complex. I was not sure that what they wanted to accomplish could even happen. However, after a conversation with them I became more than interested. It was a simple concept, but it did not need to be overly complex. To make things even more interesting this was not a truly new idea, but it was one that had never been implemented for real data security.

In addition to seeing more than a few products and ideas during Black Hat and DEF CON we also had the chance to see something really cool from the team at Trustwave. This was not a product, but a chance to see the back end of the command and control servers for a new and improved version of the RIG exploit kit. To say that what they showed was impressive is an understatement.

The one common thing that I keep hearing everyone talk about at Black Hat and even DEF CON is how to protect your data. It is pretty much a given that if someone wants to get into your network they are going to get in. The number of flaws, vulnerabilities and compromises that are out there are simply too many to protect against. So there needs to be some other method to make sure that any sensitive data that you have is keep out of the hands of the “bad guys”. There are many suggestions about this, but most of them still try to do the same things stop the barbarians at the gate.