Monthly Archives: April 2013

BSides Detroit 13 Episode 16

Jeff Multz, Director of North America Midmarket Sales for Dell SecureWorks, joins the podcast to discuss his talk: The Ever-evolving Threat Landscape. SecureWorks provides Jeff with a unique vantage point for watching the threats evolve, given they monitor literally billions of events daily. Combining real life examples with the things he learned from watching Terminator movies, Jeff explains how criminal hacking is changing and how businesses can respond. As Jeff says, “It is not about technology. It is about humanity.”

Abstract: Hacking has gone from a sport to a high-income business where criminals in the underground net millions of dollars a year. The days of just needing anti-virus and firewalls are long gone as security threats can double in a year and have become so sophisticated and stealthy that hackers could be inside a network for years without notice. In this presentation, Jeff Multz will show you how the threat landscape has changed in the past decade, and what malware can do to your network today that was unheard of just a few years ago. You’ll see why the regulatory agencies continue to increase their security guidelines and why just having firewalls and IDS/IPS systems are not enough. Dell SecureWorks, which sells no products, will teach you about the latest threats and vectors for attacks to help you understand what you need to do to block them.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 15

This week’s episode is a special cross-post with our friends at BSides Chicago. We discuss both events, the success of our collaborations, the CTF, and Hackers on a Train. Check it out here, and also be sure to visit SecureChicago.

BSides Detroit 13 Episode 14

Raphael Mudge (@armitagehacker) brings us up to speed on Metasploit, Armitage, and Cobalt Strike. He then introduces his new workshop: Armitage and Cobalt Strike. “My idea of hacking is taking the tactics, techniques, and procedures that different threats are using today and using them against our organizations to understand how our controls stand up when exercised in concert by a sophisticated adversary.” Listen in and find out how Cobalt Strike makes this possible.

Abstract: The Metasploit Framework is a must-have tool for penetration testers. Armitage builds a workflow on top of the Metasploit Framework and exposes its most advanced capabilities. Cobalt Strike augments Armitage with tools to simulate advanced persistent threat-style targeted attacks. This lab oriented class will introduce you to the penetration testing process from the perspectives of Armitage and Cobalt Strike. You’ll learn how to craft an attack package, deliver it to a target, spy on a user, attack systems from a foothold, and abuse trust relationships to gain access.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 13

Mark Stanislav (@markstanislav) joins the podcast to discuss the evolution in his thinking about ethical hacking, responsible disclosure, and the value of combining both red team and blue team responsibilities. Mark then shares a few tips from his talk, So You Want to Hire a Penetration Tester: 10 Tips for Success.

Abstract: Whether due to compliance needs, best practices, or customer demand, penetration testing is an increasing requirement for many organizations. The process of hiring and working with an Ethical Hacking (EH) services company is much like every other IT contracting process at first glance, but has a number of important details to consider from company selection through post-penetration remediation. Come learn from a penetration tester the types of information that will allow your organization to have the best experience possible when going through the sometimes agonizing, always interesting, process of a penetration test. Most importantly, questions will be highly encouraged so that your concerns and thoughts can be addressed during this presentation.

For more information about BSides Detroit 13, please see: