OWASP AppSec DC 2012/Project Basecamp News from Camp 4

From OWASP
Jump to: navigation, search

AppSecDC-468x60-banner-2012.jpg

Registration Now OPEN! | Hotel | Schedule | Convention Center | AppSecDC.org

The Presentation

For over a decade the control systems security community has been quietly saying that controllers are fragile devices that should not be scanned or fuzzed. The community debated for years about proper disclosure methods, yet the control systems themselves have seen little improvement. Project Basecamp rocked the community by releasing detailed vulnerability reports about the systems used in critical infrastructure, as well as tools needed to exploit those vulnerabilities.
Like the climbers in Yosemite, the Project Basecamp team is not going away. In Camp 4, Reid covers new industrial controller vulnerabilities, exploits, and vendor responses to the disclosures.

The Speakers

Reid Wightman

AppSecDC12-wightman.jpg
Reid Wightman has worked offensive and defensive security for the Department of Defense and the private sector. He cut his teeth in the ICS space working for Schweitzer Engineering Laboratories, where he demonstrated reverse engineering techniques against industrial controllers to drive production of more secure products. Since joining Digital Bond, Reid has been actively reverse engineering industrial control systems to find their design flaws, backdoors, and other security limitations

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors

SPL-LOGO-MED.png

Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png

Exhibitors

link=http://www.codenomicon.com/ Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg