Wrapup from Day 1 of SOURCE Boston

12Mar09

I attended some good sessions yesterday and connected with people I haven’t seen in a while, which is always a nice benefit.  Here is a quick breakdown from some of the sessions:

My first talk of the morning was listening to how the Microsoft Security Response Center gets us patches.  They went into detail explaining the process of how vulnerabilities are reports, how they are processed, and what happens along the way until we receive the update.  Anyone can send a vuln into secure@microsoft.com and this is looked at by a human being.  I was surprised to hear that they receive around 200,000 legit messages per year.  Of this 200,000 only about 1000 become incidents with the MSRC Team.  Of that 1000, only about 70-80 become security bulletins.  They ran through examples of what the timeline looked like for two security bulletins and how the process flowed.  They have a strong focus on compatiability and thoroughly testing the patches as to not break systems upon installing.  I’m sure we all remember the days before “Patch Tuesday” when you would hold your breath everytime a patch came out because you never knew how your system may react, well they really try to avoid that.  Hats off to the guys at MSRC, they are on the ball.

Next I went to check out the Tenable Network Security Demo/Presentation.  I use Nessus and have for some time now, great product btw, but Tenable has more than just Nessus. Having recently implemented QRadar from Q1 Labs, I’m not in the market for more Tenable products but wanted to see what the have going on and how they do it.  Ron Gula did a great job running through the product offerings, mentioning use cases, and answering questions.  They have some good info on their blog so I recommend you check it out.

In the afternoon I took in Attacking Layer 8: Client Side Penetration Testing by Chris Gates and Vince Marvelli from Full Scope Security.  Nothing they said was a surprise but it was all legit.  We all face the same problems on the client side and they explained some of the ways they go about testing and exploiting.

The last talk I attended was the Wireless Sensor Networking as an Asset and a Liability by Travis Goodspeed.  We have a company that is in this wireless sensor space so I was interested to see where this would lead.  Holy Crap does Travis know his stuff!  This was a deep hardware hacking talk and did not disappoint.  Have to make a few phone calls to previously mentioned company about some of this into.

Next was the Security Start-up Showcase.  The idea was good, provide an opportunity for start-ups to showcase ideas to peers and investors, but it didn’t deliver what I was expecting.  It was a bit disorganized and could have been better but this was the first shot so there is potential for next year.  There were a few interesting ideas, some not so interesting, and one that was in stealth so the founder wouldn’t describe any details of what they do.  It was worth attending, but I look forward to this being much improved next year.

Advertisements


No Responses Yet to “Wrapup from Day 1 of SOURCE Boston”

  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: