Talks

Slides of our talk can be downloaded here.

Details on the session are available here: https://exploitcon.com/#/west

Slides for our talk at Secure360 2020 can be downloaded here.

Details on the session are posted here: https://secure360.org/session/charles-herring-metric-driven-secdevops/?conference=11809&date=20200505

From  IIA/ISACA IT Hacking Conference : Developing software that changes the world, exceeds customer expectations, provides turn-key functionality in diverse scenarios while meeting security and compliance requirements is the holy grail of Security Development Operations (SECDEVOPS). There are thousands of variables that need to be constantly addressed to find the balance that delivers sustainable and secure success. In this session, WitFoo’s chief engineers will outline an innovative approach to secure devops called Metric Driven Development. 

From DEFCON & GrrCON: Network Behavior Anomaly Detection (NBAD) and User and Entity Behavior Analytics (UEBA) are heralded as machine learning fueled messiahs for finding advanced attacks. The data collection and processing methodologies of these approaches create a series of new exploitable vectors that can allow attackers to navigate network and systems undetected. In this session, methods for poisoning data, transforming calculations and preventing alerts will be examined. Proof of concept code will be demonstrated and made available. Approaches to harden against these attacks will also be discussed as well as outlining needed changes in detection standards.

I am looking forward to speaking at the Georgia Annual ISSA Meeting on 11/15. The blog series that the talk is based on is below.

My deck and resources from my Process talk at GrrCON 2015 can be found here.

My Secure360 2015 deck and Visio template can be found here.

YouTube video recording of my "Looking for the Weird: Detecting Bad Traffic and Abnormal Network Behavior" webinar for Lancope. This was given on 9/24/2014.

My presentation deck from Converge Conference can be downloaded here.