SnowFROC Abstract Zusman
The Presentation: Poor Man's Guide to Breaking PKI: Why You Don't Need 200 Playstations
The commercial PKI system is designed to provide web site validation services that stand up to the threat of DNS spoofing and other man-in-the-middle attacks against web sites. This presentation addresses weak points in commercial PKI and discusses ways for clients to defend against an attack on a commercial certificate authority resulting in trusted certificates falling into the hands of attackers.
The Speaker: Mike Zusman, Intrepidus Group
Michael Zusman is a Senior Consultant with the Intrepidus Group. Prior to joining Intrepidus Group, Mr. Zusman has held the positions of Escalation Engineer at Whale Communications (a Microsoft subsidiary), Security Program Manager at Automatic Data Processing, and lead architect & developer at a number of smaller firms.
In addition to his corporate experience, Mr. Zusman is an independent security researcher, and has responsibly disclosed a number of critical vulnerabilities to commercial software vendors including Apple and SonicWall. He has spoken at a number of top industry events including Black Hat and regional OWASP events. Mr. Zusman also speaks and teaches about information security at NYU/Polytechnic University.
Mr. Zusman brings 10 years of security, technology, and business experience to Intrepidus Group. He is a CISSP and an active member of the OWASP foundation.