All times are in Pacific Daylight Time (UTC-0700).

  • Track: Main Channel: Saturday 10/10 @ 1400-1455 PDT
  • Slides

When you work in information security, not everyone is thankful for the job that you do. Frequently, you’ll have to work and communicate with people who really would prefer you’d just go away.

We will enumerate some of the common adversarial scenarios you may find yourself in, such as handling vulnerability disclosure with a hostile vendor, or working for a team that doesn’t want a security test, but got one for regulatory reasons. We will also discuss how to identify that you’re in an adversarial scenario, and either get yourself out of it by correcting misconceptions about you and your work, or work through it, using strategies developed over a decade of penetration testing and vulnerability disclosure experiences.

Daniel Crowley is the head of research and a penetration tester for X-Force Red. Daniel denies all allegations regarding unicorn smuggling and questions your character for even suggesting it. Daniel is the primary author of both the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis...

Read More

twitter @dan_crowley

© 2020 ShellCon