• Home
• About Us
• Services
• Presentations
• Lares In Action
• Contact
• Site Map

Presentations Slideshows and Videos

Owasp5030 - Chris Nickerson - Red And Tiger Team Application Security Projects

Recorded at the Open Web Application Security Project (www.OWASP.org) NYC Conference on Sep 25, 2008
- Content produced by www.MediaArchives.com
- Many other OWASP Conference videos available on www.OWASP.tv
Get Involved Today!

RED AND TIGER TEAM APPLICATION SECURITY PROJECTS, with Chris Nickerson. Chris is a Certified Information Systems Security Professional (CISSP) whose main area of expertise is focused on information security and Social Engineering. In order to help companies better defend and protect their critical data and key information systems.

He has created a blended methodology to assess, implement, and manage information security realistically and effectively. At Lares, Chris leads a team of security consultants who conduct Security Risk Assessments, which can cover everything from penetration testing and vulnerability assessments, to policy design, computer forensics, Social Engineering, Red Team Testing and regulatory compliance. Prior to starting Lares, Chris was Director of Security Services at Alternative Technology, a Sr. Auditor for SOX compliance at KPMG, Chief Security Architect at Sprint Corporate Security, and developed an enterprise security design as network engineer for an international law firm. Chris also served in the U.S Navy.

Chris Nickerson - Red and Tiger Team Testing Part 1 - BruCon 2009

The world of Information Security is changing. Budgets are tighter, attacks are more sophisticated, and the corporate network is no longer the low hanging fruit. That leaves web-enabled applications as the vector-du-jour, but that well is quickly drying up for organized crime as well. As they creep up the OSI Model looking for easier ways to steal your corporate assets, they are quickly making their way up the stack to the unspoken 8th layer, the end user. So what is the next step in the never-ending escalation of this cyber war?

To find out, we must do as Sun Tzu taught. "Think like our enemy!" That is, after all, the primary tenet of penetration testing AKA ethical hacking, isn't it? After years of hardening physical systems, networks, OSs, and applications, we have now come full circle to a new dawn of attack. People are now the target of the advanced hacker, and the cross-hairs are focused squarely on their foreheads... literally. It is only a matter of time before corporations fall from the raw effectiveness and lack of preparedness for this all too common attack.