Detroit SecureWorld

2016 Agenda
Open Sessions
Conference Pass
SecureWorld Plus
VIP / Executive
View All

Day 1

  • 7:00am - 3:00pm16 Registration Open

    Click here to view registration types and pricing.

    Room: Registration Desk
    0
  • 8:00am - 9:15am16 Executive Advisory Board Breakfast: (VIP / INVITE ONLY)

    Executive Advisory Board Breakfast: VIP / INVITE ONLY

    Room: Lookout
    3
    James Beeson
  • 8:00am - 9:30am16 SecureWorld Plus: Building a Successful Information Security Awareness Program (SecureWorld Plus Registrants ONLY)

    Every organization seeks a security-aware culture, but how can you build an effective information security awareness program that addresses compliance and changes employee behavior for the better? People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise; therefore, a well-organized security awareness program is essential.
    You will learn how an effective program that offers lasting solutions requires the right mix of skills, knowledge, executive support and resources. This hands-on workshop will teach you what you need to know to implement just such a program. Offering award-winning case studies, interactive discussions and group participation in exercises, this SecureWorld Plus-session will enable you to hit the ground running with a customized plan that meets your organization’s needs when you head back to the office.

    Dan Lohrmann offers an interactive, engaging style that is both fun and informative. The 4.5-hour workshop covers these essential topics:

    Part 1: Information Security Awareness Fundamentals and War Stories
    What important building blocks, resources and communication strategies are essential to successfully implement your program? How can you reduce the risk of a data breach or other unwanted outcomes using a comprehensive approach to information security awareness? What best practices and examples have succeeded that can be emulated?

    Part 2: Building and Maintaining Your Organization’s Information Security Awareness Plan
    After several checklists and overall program templates are presented in detail, the second part of this workshop will include peer interactions and discussions that can be used to tailor your specific plan to implement a customized security awareness program. Depending on the size and complexity of your organization, participants will either build their plan or create the outline of their information security awareness program – with details to be inserted later.

    Part 3: Reinventing Your Information Security Awareness Program
    So you already have an Information Security Awareness Program, but it’s not working. Is it time to start-over or tweak the plan? What strategies work to get executive buy-in? What are your missing? What are some common mistakes to avoid? How can you improve what you’re already doing? Small group discussions, break-out Q/A as well as several successful toolkits are covered.

    Room: 203A
    2
    Dan Lohrmann
  • 8:30am - 9:15am16 Cybersecurity Integration - A New Approach For Linking Everything That Matters

    Organizations today are faced with an increasing number of challenges related to securely running their operations. Every day seems to bring to light new security dangers related to people, processes and technology. This presentation will explore some of the ways organizations can gain better visibility into its security posture and risks by integrating traditional security operations information with IT Governance, Risk & Compliance / Analytics tools.

    Room: 103
    1
    Jeff Recor Brian Gawne
  • 8:30am - 9:15am16 Raytheon / Websense: 9 Steps to Building an Effective Audit Program

    Dan Velez will share lessons learned from implementing successful programs with enterprise commercial and Federal customers for over a decade. He will focus on the steps every organization can take to implement a successful insider threat program. Every complete insider threat program contains these elements: policies, processes, technology controls, risk management and auditing/monitoring. If there’s a unifying message within all of the steps of an insider threat program, it’s that it is not about technology but rather about people and technology. Mr. Velez will go into detail of what he considers are the nine steps that every organization must take if they want to have a successful insider threat program.

    Room: 105
    0
    Daniel Velez
  • 8:30am - 9:15am16 Searching for the Silver Bullet

    We continue to look for that “silver bullet” that will help us defend against cyber-attacks. We began with firewalls and intrusion detection but, as the sophistication of attacks grew, our defenses became less effective. Today’s silver bullets include software-defined networks (SDN) and threat intelligence systems. This presentation will discuss whether these and other current solutions are providing us with successful defenses. Have we finally found our silver bullets?

    Room: Suite 3
    1
    Richard Chasdi PH.D.
  • 8:30am - 9:15am16 Understanding the Processes of Stolen Data Markets

    Data breaches have become commonplace, though research on the sale of data is in its infancy. This introductory, non-technical presentation will explore the economy and organizational composition of stolen data markets hosted on both the open web and Tor to aid CISOs, security directors and anyone interested in cybercrime markets.

    Room: Theater
    1
    Thomas J. Holt
  • 9:00am - 3:00pm16 Exhibit Floor Open

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    Room: SecureWorld Exhibit Floor
    0
  • 9:30am - 10:15am16 OPENING KEYNOTE: Insanity – Cyberspace 3.0 is Coming Your Way

    Major disruption in cyberspace is happening at ridiculous speed and the bad actors are taking advantage of this. We must learn to act at market speed and think 10x innovation as work to develop solutions and approaches to mitigate risk in this dynamic, lightning speed environment. This discussion focuses on those disruptive changes, the challenges we face, and how we must shift our thinking and accelerate our pace.

    Room: Keynote Theater
    0
    James Beeson
  • 10:15am - 11:15am16 Conference Break / Exhibitor Product Demonstration Please check back for presentation details. Room: SecureWorld Exhibit Floor
    0
  • 11:00am - 12:00pm16 Executive Roundtable: Incident Response - Manage The Damage (INVITE ONLY)

    VIP / INVITE ONLY

    Room: Executive Boardroom
    3
  • 11:15am - 12:00pm16 Always be Pen Testing

    Ethan will be presenting on Domino’s approach to ethical hacking. In a nutshell, an organization should either be planning for, starting, or responding to the findings of a penetration test. This should be a 12 month a year exercise. Ethan will focus on Domino’s overall strategy and design to its Black Operations program. He will give details on the different techniques Domino’s uses to help understand their risk profile. Ethan will review their “Capture the Flag” exercises where we divide up the security organization into two teams; red team and blue team. The red team leverages their extensive knowledge of the Domino’s environment to simulate an attack while the SOC functions as a blue team and defends the network. Ethan will also cover the other techniques Domino’s uses such as third parties ethical hacks, social engineering exercises and is even considering contracting former hackers to ensure that all door handles are turned and all locks are shaken.

    Room: 103
    0
    Ethan Steiger
  • 11:15am - 12:00pm16 Check Point Software Technologies: 2015 Security Report and Moving to a Prevent Based Security Posture

    This presentation will cover typical cyber threats seen in commercial and government businesses today as well as provide tips and examples on how moving to a prevent based security posture can save your organization time and money.

    Room: 105
    0
    Rich Comber
  • 11:15am - 12:00pm16 Online Tech: Covering Your ASSets, a Guide to Protecting Your Data and How to Sell the Proper Security Solutions to Your Board

    Has your neck been on the line for protecting your company data assets, but declined for additional budget on cybersecurity measures? We will visit the value of data and it’s protection in this session, along with tips on garnering buy-in from your executives and boards. Come witness a conversation between a CTO and CEO on security, the value of data and protecting your company assets.

    Room: Theater
    0
    Nick Lumsden
  • 11:15am - 12:00pm16 Privacy and Security Law: Current Events

    A discussion on current events and case law that impact how we view data breach insurance and the potential damages for unauthorized disclosures of data that require security by law, regulation or contract. An upcoming October 1st deadline for EMV cards will impact retail and other industries – will they be ready and what does it mean?

    Room: 101
    1
    Carol Romej
  • 11:15am - 12:00pm16 Radware: War Stories from the Trenches – Information Security Survival

    Cyber-attacks are becoming increasingly complex and persistent, making it difficult for security professionals to protect their organizations as they head into the virtualized, IoT era. In this session, Radware will share real world experiences gathered by its Emergency Response Team and discuss how leading enterprises are using Radware’s integrated Attack Mitigation Systems to successfully defend against the latest generation of attacks.

    Room: Suite 3
    0
    Jeff Dolence
  • 12:00pm - 1:00pm16 Executive Roundtable: Managing / Auditing 3rd Party Partnerships - (VIP / Invite Only)

    Executive Track- VIP / INVITE ONLY
    Lunch Served at Noon

    Room: Executive Boardroom
    3
  • 12:15pm - 1:00pm16 LUNCH KEYNOTE: Radware - Safety, Sanctuary and Security: The Societal Impact of Ever-Permeating Connectivity

    Every day, we network-enable more aspects of our professional and personal lives. We make conscious decisions to adopt technologies in the pursuit of convenience or an apparent need to feel connected. Often the decisions are thrust upon us by employers, service providers or even those we’ve come to rely on in the physical world. Each step towards deeper and total connectivity comes with consequences; risks associated with our personal privacy, the security of our business and even our safety. In this session, Radware will explore the changes we’ve already allowed into our lives, where things are leading and portents for personal, business and public security.

    Room: Keynote Theater
    0
    Carl Herberger
  • 1:15pm - 2:00pm16 Arbor Networks: Your Bitcoins or Your Site: An Analysis of the DDoS For Bitcoins (DD4BC) DDoS Extortion Campaign

    The ongoing DDoS for Bitcoins (DD4BC) DDoS extortion campaign has targeted multiple organizations in North America, Europe, Australia and New Zealand. In this session, we will discuss the attack methodologies, evolution of the attack campaign, the nature of the attacker(s), and a discussion of DDoS mitigation techniques that have proven effective against these attacks.

    Room: 105
    0
    Kirk Soluk
  • 1:15pm - 2:15pm16 Industry Expert Panel: Protecting Your Data as it Roams

    Today your data moves fast and across platforms. Security professionals are charged with protecting valuable information as it moves from data centers to employee devices and into third party networks. Join this discussion on the technologies and policies that can help you manage these risks while still allowing business productivity. Ask our experts at this educational panel discussion.

    SafeNet / Gemalto - Jack Varney 

    Optiv - Chris Lawrence

    Absolute - Ali Solehdin

    Moderator: Larry Wilson

     

    Room: Suite 3
    0
  • 1:15pm - 2:15pm16 Industry Expert Panel: The Emerging Threat Landscape

    The number of cybersecurity threats is growing every day forcing the need for thorough security assessment and analysis. Join industry leaders discussing emerging threats in the industry for the opportunity to learn what is next in the future of cybersecurity.

    Radware - Carl Herberger

    LogRhythm - Richard Patrick

    OpenDNS

    Tenable Networks - Cris Thomas

    Moderator: Dan Lohrman

     

     

     

     

    Room: Keynote Theater
    0
  • 2:15pm - 3:00pm16 Conference Dessert Break / Exhibitor Product Demonstrations Please check back for presentation details. Room: SecureWorld Exhibit Floor
    0
  • 3:00pm - 3:45pm16 Cybersecurity: Past, Present and Future

    The threat landscape has evolved. Cybersecurity is of major concern now to both the public and private sector, and organizations are working tirelessly trying to defend their entire enterprise from a breach. This presentation will cover some of the most significant breaches from 2014, and discuss present day threats to organizations and how we can best prepare for mitigating against future attacks.

    Room: 105
    1
    Alex Kayayian, MS
  • 3:00pm - 3:45pm16 Proactive Incident Management

    This presentation will introduce a framework to build a proactive incident management program that is supported by the four pillars of planning, preparing, practicing, and measuring. This framework has also been designed to be compliant with multiple standards, including PCI, ISO, NIST, NERC, and HIPPA.

    Room: Theater
    1
    Owen C. Creger
  • 3:00pm - 4:30pm16 SecureWorld Plus: Building a Successful Information Security Awareness Program (SecureWorld Plus Registrants ONLY)

    Every organization seeks a security-aware culture, but how can you build an effective information security awareness program that addresses compliance and changes employee behavior for the better? People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise; therefore, a well-organized security awareness program is essential.
    You will learn how an effective program that offers lasting solutions requires the right mix of skills, knowledge, executive support and resources. This hands-on workshop will teach you what you need to know to implement just such a program. Offering award-winning case studies, interactive discussions and group participation in exercises, this SecureWorld Plus-session will enable you to hit the ground running with a customized plan that meets your organization’s needs when you head back to the office.

    Dan Lohrmann offers an interactive, engaging style that is both fun and informative. The 4.5-hour workshop covers these essential topics:

    Part 1: Information Security Awareness Fundamentals and War Stories
    What important building blocks, resources and communication strategies are essential to successfully implement your program? How can you reduce the risk of a data breach or other unwanted outcomes using a comprehensive approach to information security awareness? What best practices and examples have succeeded that can be emulated?

    Part 2: Building and Maintaining Your Organization’s Information Security Awareness Plan
    After several checklists and overall program templates are presented in detail, the second part of this workshop will include peer interactions and discussions that can be used to tailor your specific plan to implement a customized security awareness program. Depending on the size and complexity of your organization, participants will either build their plan or create the outline of their information security awareness program – with details to be inserted later.

    Part 3: Reinventing Your Information Security Awareness Program
    So you already have an Information Security Awareness Program, but it’s not working. Is it time to start-over or tweak the plan? What strategies work to get executive buy-in? What are your missing? What are some common mistakes to avoid? How can you improve what you’re already doing? Small group discussions, break-out Q/A as well as several successful toolkits are covered.

    Room: 203A
    2
    Dan Lohrmann
  • 3:00pm - 3:45pm16 Security and Privacy: The Connected Vehicle Credential Management System

    Vehicle-to-Vehicle (V2V) communication requires both security and privacy which are often opposing goals. Learn about the current state and future directions of the proposed certificate management system for V2V communications.

    Room: 103
    1
    John Turner
  • 3:15pm - 6:00pm16 Optiv & Partners Happy Hour

    Join Optiv and partners for hors d'oeuvres, drinks and magic show at The Outlook (located inside the Ford Motor Conference & Event Center) following the first day of SecureWorld.

    Room: The Outlook
    0

Day 2

  • 7:00am - 3:00pm17 Registration Open

    Click here to view registration types and pricing.

    Room: Registration Desk
    0
  • 8:00am - 9:15am17 InfraGard Breakfast Meeting - Members Only

    InfraGard Chapter Meeting for members only
    Keynote Speaker: Matt LaVigna from National Cyber Forensics Training Alliance (NCFTA)
    Continental Breakfast Served

    Room: Keynote Theater
    3
    Matt LaVigna
  • 8:00am - 9:30am17 SecureWorld Plus: Building a Successful Information Security Awareness Program (SecureWorld Plus Registrants ONLY)

    Every organization seeks a security-aware culture, but how can you build an effective information security awareness program that addresses compliance and changes employee behavior for the better? People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise; therefore, a well-organized security awareness program is essential.
    You will learn how an effective program that offers lasting solutions requires the right mix of skills, knowledge, executive support and resources. This hands-on workshop will teach you what you need to know to implement just such a program. Offering award-winning case studies, interactive discussions and group participation in exercises, this SecureWorld Plus-session will enable you to hit the ground running with a customized plan that meets your organization’s needs when you head back to the office.

    Dan Lohrmann offers an interactive, engaging style that is both fun and informative. The 4.5-hour workshop covers these essential topics:

    Part 1: Information Security Awareness Fundamentals and War Stories
    What important building blocks, resources and communication strategies are essential to successfully implement your program? How can you reduce the risk of a data breach or other unwanted outcomes using a comprehensive approach to information security awareness? What best practices and examples have succeeded that can be emulated?

    Part 2: Building and Maintaining Your Organization’s Information Security Awareness Plan
    After several checklists and overall program templates are presented in detail, the second part of this workshop will include peer interactions and discussions that can be used to tailor your specific plan to implement a customized security awareness program. Depending on the size and complexity of your organization, participants will either build their plan or create the outline of their information security awareness program – with details to be inserted later.

    Part 3: Reinventing Your Information Security Awareness Program
    So you already have an Information Security Awareness Program, but it’s not working. Is it time to start-over or tweak the plan? What strategies work to get executive buy-in? What are your missing? What are some common mistakes to avoid? How can you improve what you’re already doing? Small group discussions, break-out Q/A as well as several successful toolkits are covered.

    Room: 203A
    2
    Dan Lohrmann
  • 8:30am - 9:15am17 Changing Culture: A Framework and Methodology

    Today’s security leaders are business leaders who manage culture. Culture separates security awareness from secure behaviors, and passive compliance from active engagement. In this session, we will discuss the Security Culture Framework (SCF) and present on its impact on awareness, vendor risk management, and Governance / Risk / Compliance (GRC).

    Room: Suite 3
    1
    J Wolfgang Goerlich
  • 8:30am - 9:15am17 Governance, Risk and Compliance Technology- Maturing Out of Existence

    Organizations have been making investments into Governance, Risk and Compliance (GRC) technology platforms to gain better efficiencies and better reporting of risks and controls. This session will discuss some of the more common problems associated with GRC technology platforms and address where the future of GRC may be heading.

    Room: 103
    1
    Brian Gawne Jeff Recor
  • 8:30am - 9:15am17 Risk Management – What Went Wrong?

    The session will cover some practical examples of risk management and how to leverage risk management to help with cybersecurity risk and exploit schemes.

    Room: 105
    1
    Jane Harper
  • 8:30am - 9:15am17 SANS 20 and Business Context: Finding Your Way Through The Woods

    No matter which control set is used as a basis for your security program, choosing what to implement first can be overwhelming. This presentation explores the process of combining SANS 20 Critical Security Controls and business context to optimize the organization’s time, effort and budget while improving its security posture.

    Room: Theater
    1
    Jen Fox
  • 9:00am - 3:00pm17 Exhibit Floor Open Please check back for presentation details. Room: SecureWorld Exhibit Floor
    0
  • 9:30am - 10:15am17 OPENING KEYNOTE: U.S. Secret Service Capabilities in Cyber Investigations & the Emerging Trends in Cyber Crime Please check back for presentation details. Room: Keynote Theater
    0
    Joe Scargill
  • 10:15am - 11:15am17 Conference Break / Exhibitor Product Demonstration Please check back for presentation details. Room: SecureWorld Exhibit Floor
    0
  • 11:00am - 12:00pm17 Executive Roundtable: Locking Down the Endpoints - (VIP / Invite Only)

    Executive Track - VIP/Invite Only

    Room: Executive Boardroom
    3
  • 11:15am - 12:00pm17 Absolute: Hedging Your Bets - A Layered Approach to Security

    Ten years ago it was all about keeping things out with most organizations focused on firewalls, anti-virus and encryption. Today it’s a given that many risks have already made it past the front door – which, with mobility, can be accessed from just about anywhere in the world. As a result, many organizations have upped their game, employing a strong playbook involving multiple players so they can tackle and respond to each play as it happens – and with significant back-up if a player goes down. Join Ali Solehdin from Absolute for an insightful presentation on the strategic benefits of applying a layered approach to security. The session will include examples of security incidents that could have been avoided if this approach had been in place.

    Room: 103
    0
    Ali Solehdin
  • 11:15am - 12:00pm17 Certes Network: Crypto Chaos - Why Hackers Love Fragmented Data Traffic Security

    Poor security of networked applications was a common issue in the wave of recent data breaches. A hodgepodge of VPNs, IPsec, VLANs, and SSL makes fully securing networked applications immensely complicated, forcing dangerous trade-offs between security and performance. But emerging best practices simplify data traffic security to reduce breach risks.

    Room: 105
    0
    Satyam Tyagi
  • 11:15am - 12:00pm17 Cybersecurity is NOT a Technology Problem

    We need to rethink our approach to cybersecurity that is commonly viewed as a technology problem relegated to specific IT teams and dedicated technologies. But we are missing the point! Cybersecurity is much more than a technology problem. It is a management, finance and human resource problem. Technology may help in finding solutions but it cannot solve the problem alone. This presentation will discuss the business side of cybersecurity.

    Room: Suite 3
    1
    Richard Chasdi PH.D.
  • 11:15am - 12:00pm17 Information Sharing in a Digital World; You Don’t Know What You Don’t Know

    Addressing cyber threats is no easy task, especially when the deck is stacked against you. In a highly connected world, one company or one government cannot win the war against cyber crime alone. Through the sharing of cross-sector threat information, we can collectively make each other more resilient and bridge the gap between what we know and what we don’t know. This session will discuss the NCFTA information sharing model and provide examples of sharing successes.

    Room: 101
    1
    Matt LaVigna
  • 11:15am - 12:00pm17 NICE and the Critical Infrastructure Framework – What They Are and How They Work Together

    This session will present the basics of two important NIST Frameworks for cybersecurity, The NICE Workforce Framework (NICE) and the Critical Cybersecurity Infrastructure Framework (CSF). These two are meant to work together. What they are and how they can be used to create a secure organization will be presented and discussed.

    Room: Theater
    1
    Dan Shoemaker
  • 12:00pm - 1:00pm17 Executive Roundtable: Blurring of Business / Personal Use of Technology - (VIP / INVITE ONLY)

    Executive Track-VIP/Invite ONLY
    Lunch Served at Noon

    Room: Executive Boardroom
    3
  • 12:00pm - 1:00pm17 ISSA Chapter Meeting "Holding Technology at Ransom" - Members Only

    ISSA Chapter meeting, open to members only.
    Lunch Served

    "Holding Technology at Ransom"
    Presentation by Andrea Hoy, ISSA International President

    Ransomware is a type of cyber blackmail when a cyber criminal installs a piece of malware on your computer or network then demands that you pay a ransom to receive a code that will unlock your computer so you can access your files, data, photos whatever you have on the attacked computer. It can also threaten iPhones or Android phones.

    This threat can happen to anyone who is on the Internet from home, work or wherever an electronic device is connected to the web. Today’s presentation is about what are the ramifications and consequences when the cyber criminal chooses to attack your network and hold it for ransom.

    After the presentation, Andrea will give an update on what is happening at ISSA International. She will also answer questions from members.

    Room: Lookout
    3
    Andrea Hoy
  • 12:15pm - 1:00pm17 LUNCH KEYNOTE: Effectively Managing Information Risk

    A core component of information security programs is an effective process to manage information risk. In this session, Doug Copley will articulate the interdependencies in managing information risk and outline some of the methods he’s found useful to manage information risk.

    Room: Keynote Theater
    0
    Doug Copley
  • 1:15pm - 2:15pm17 Industry Expert Panel: Cybersecurity - The Human Factor

    As the sophistication of bad actors increases and data expands exponentially we will see more and more at risk devices brought into the enterprise environment. Education and awareness have become increasingly important. Join this panel of experts as they discuss the use of technology and smart policies to effectively educate and inform the humans.

    Optiv

    Column Information Security - Taso Triantafillos

    TrendMicro - Ken Donze

    Frank Klimczak - Genisys Credit Union

    Moderator: Alex Akyuz

    Room: Suite 3
    0
  • 1:15pm - 2:15pm17 Industry Expert Panel: Incident Response

    The current threat landscape is continually changing and security professionals are being tasked with keeping the company’s data safe. Inevitably it happens – someone lost their tablet or their smartphone was stolen at the local coffee shop, or the network was compromised. Organizations must move from the mindset of hoping the incident doesn’t happen to them to a mindset of what will our plan of action be when it does happen? The goal of an Incident Response program is to handle the issue in a way that limits the damage, reduces the recovery time and costs, and helps to mitigate the risk to their clients.

    Online Tech - Nick Lumsden

    Splunk - Guy Weaver

    Owen Creger

    Moderator: Stephanie Scheuermann

    Room: Keynote Theater
    0
  • 2:15pm - 3:00pm17 Conference Dessert Break / Exhibitor Product Demonstrations

    Located on the SecureWorld Exhibit floor.

    Room: SecureWorld Exhibit Floor
    0
  • 2:30pm - 2:45pm17 Dash for Prizes & CyberHunt

    Be sure to leave your business card* with any participating exhibitor. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    Room: SecureWorld Exhibit Floor
    0
  • 3:00pm - 3:45pm17 IOT – Challenges Within Automotive

    A new world of connected vehicles is on its way and its increasing reliance on interacting systems and connectivity is opening up new attack surfaces and a completely new area of consumer risk. The automotive industry faces increased challenges regarding safety, liability and privacy.

    Room: Theater
    1
    Martin Bally
  • 3:00pm - 3:45pm17 Microsoft’s Free Security Tool EMET Overview

    EMET – Enhanced Mitigation Experience Toolkit, an overview of Microsoft’s free security tool for enhanced Windows platform security. EMET can be an addition layer of security you can add to your environment at zero cost.

    Room: Suite 3
    1
    Frank Klimczak
  • 3:00pm - 3:45pm17 The Art of Hacking a Human

    This presentation will focus on being successful interacting with others in your work space. People have their own firewalls and we setup the interaction rules. Do we want to allow or block this person in our comfort zone? I will go over security techniques on how to navigate different personalities using traditional hacking techniques.
    - Determine what "operating system" they are running
    - What patches are in place
    - What vulnerabilities can you exploit?
    - What configuration issues does this person have?
    Which then result in being able to work with different personalities based on what the hacking results tell you?

    Room: 103
    1
    Zee Abdelnabi

Session Information

Description: