Strongsville, OH, USA
Categories:Attack patterns are something that when it occurs is extrinsic (not natural) behavior in a infrastructure. Understanding what attack patterns look like and building an understanding of how to detect them with what you already have is possible. Most preventative technology tries in some extent to detect extrinsic behavior in an environment but falls short because of the continual changes in attack patterns and commoditized detection (sigs, etc). This talk dives into looking at what you already have in your infrastructure that you can use for intrinsic (natural) detection capabilities that doesn't rely on a specific signature, but more so on how attackers go after an organization. As an industry, we need to be detecting the extrinsic occurrences in our networks which exhibit abnormal behavior. During this presentation, we'll be covering a large percentage of techniques used by attackers, and how to detect them with what you currently have in place at your organization today.
After looking at a number of compromises dating the past several years, there are a number of commonalities between each of them and steps that could have been used to prevent. Information security isn't a practice that will always be successful in defending however, there are key indicators of compromise to look for when an attacker is attempting to compromise an organization. During this presentation, we’ll analyze a number of data breaches and look at how a number of the breaches have occurred and how an information security program can be structured in order to defend against a lot of the attacks. Most of the causes are directly related to the human element and directly phishing. This talk will dive into how phishing techniques work, and what you can do to prevent this from happening in the future.
There's so much to do. There's not enough people. We can only do what we can based on risk, people, politics, and budget. All common things we share across each organization. This presentation dives into how to focus on building defenses against attacks, staying ahead of the methods, and focusing on known good vs. the rest. You'll leave this talk with a way to think about defense and a way to tackle the issues we face in security today.
Attackers are continuously figuring out new methods to gain access to computer systems and enterprises. Everything from Ransomware to targeted and precise attacks aimed at intellectual property theft, monetary gain, or other motives. In today’s age of hacking, it’s never been more important to understand who the hackers are and the methods they use to attack organizations. In this talk, we go into the demographics of hackers, how they are hacking, and the best defenses both from a personal perspective as well as an enterprise. It’s possible to withstand the attacks we see today with proven practices, but it requires hard work, and an understanding of who your adversaries are.
There’s no question that companies continue to try and get better when it comes to detecting attacks in multiple phases. Instead of just patching and hoping for the best, organizations are spending a substantial amount of investment in trying to detect the “well what if they get through” situation. As companies focus on enhanced detection capabilities, the focus is often hard to grasp in what to actually look for – there is so much. This talk will dive into where we see most companies fail at detection and how red teams are helping push the bar forward in not just leveraging a checklist, but focusing on the identification of attack patterns in varying levels of sophistication. The over reliance on technology as a method for trying to jump start these programs often causes more harm than good, and we’ll dive into how effective off the shelf endpoint detection tools do when confronted with even basic attackers. As an industry, we have everything we need to get better – it’s a matter of prioritization, focus, and time.
Exploits, Research, Tools, and the Impact to Security | Dave Kennedy
Dave Kennedy, TrustedSec - Business Security Weekly #116 ...
GrrCon 2018 Augusta00 Keynote Dave Kennedy - YouTube
TrustedSec CEO David Kennedy on The Katie Couric Show - YouTube
DEF CON 23 - Social Engineering Village - Dave Kennedy ...
Users also viewed these speakers:This website is a resource for event professionals and strives to provide the most comprehensive catalog of thought leaders and industry experts to consider for speaking engagements. A listing or profile on this website does not imply an agency affiliation or endorsement by the talent.
All American Entertainment (AAE) exclusively represents the interests of talent buyers, and does not claim to be the agency or management for any speaker or artist on this site. AAE is a talent booking agency for paid events only. We do not handle requests for donation of time or media requests for interviews, and cannot provide celebrity contact information.
If you are the talent and wish to request a profile update or removal from our online directory, please submit a profile request form.
Attack patterns are something that when it occurs is extrinsic (not natural) behavior in a infrastructure. Understanding what attack patterns look like and building an understanding of how to detect them with what you already have is possible. Most preventative technology tries in some extent to detect extrinsic behavior in an environment but falls short because of the continual changes in attack patterns and commoditized detection (sigs, etc). This talk dives into looking at what you already have in your infrastructure that you can use for intrinsic (natural) detection capabilities that doesn't rely on a specific signature, but more so on how attackers go after an organization. As an industry, we need to be detecting the extrinsic occurrences in our networks which exhibit abnormal behavior. During this presentation, we'll be covering a large percentage of techniques used by attackers, and how to detect them with what you currently have in place at your organization today.
After looking at a number of compromises dating the past several years, there are a number of commonalities between each of them and steps that could have been used to prevent. Information security isn't a practice that will always be successful in defending however, there are key indicators of compromise to look for when an attacker is attempting to compromise an organization. During this presentation, we’ll analyze a number of data breaches and look at how a number of the breaches have occurred and how an information security program can be structured in order to defend against a lot of the attacks. Most of the causes are directly related to the human element and directly phishing. This talk will dive into how phishing techniques work, and what you can do to prevent this from happening in the future.
There's so much to do. There's not enough people. We can only do what we can based on risk, people, politics, and budget. All common things we share across each organization. This presentation dives into how to focus on building defenses against attacks, staying ahead of the methods, and focusing on known good vs. the rest. You'll leave this talk with a way to think about defense and a way to tackle the issues we face in security today.
Attackers are continuously figuring out new methods to gain access to computer systems and enterprises. Everything from Ransomware to targeted and precise attacks aimed at intellectual property theft, monetary gain, or other motives. In today’s age of hacking, it’s never been more important to understand who the hackers are and the methods they use to attack organizations. In this talk, we go into the demographics of hackers, how they are hacking, and the best defenses both from a personal perspective as well as an enterprise. It’s possible to withstand the attacks we see today with proven practices, but it requires hard work, and an understanding of who your adversaries are.
There’s no question that companies continue to try and get better when it comes to detecting attacks in multiple phases. Instead of just patching and hoping for the best, organizations are spending a substantial amount of investment in trying to detect the “well what if they get through” situation. As companies focus on enhanced detection capabilities, the focus is often hard to grasp in what to actually look for – there is so much. This talk will dive into where we see most companies fail at detection and how red teams are helping push the bar forward in not just leveraging a checklist, but focusing on the identification of attack patterns in varying levels of sophistication. The over reliance on technology as a method for trying to jump start these programs often causes more harm than good, and we’ll dive into how effective off the shelf endpoint detection tools do when confronted with even basic attackers. As an industry, we have everything we need to get better – it’s a matter of prioritization, focus, and time.
In our increasingly digital world, internet technology is constantly evolving to make our lives easier and more accessible. Unfortunately, our digitalized jobs, personal information, and government organizations are...
Dave Kennedy is a keynote speaker and industry expert who speaks on a wide range of topics such as Abnormal Behavior Detection in Large Environments, Compromise Analysis – Why we’re seeing so many breaches., Building Defense on Known Good, The Hacking Age and Moving Ahead and Beyond Common Tool Detections. The estimated speaking fee range to book Dave Kennedy for your event is $20,000 - $30,000. Dave Kennedy generally travels from Strongsville, OH, USA and can be booked for (private) corporate events, personal appearances, keynote speeches, or other performances. Similar motivational celebrity speakers are Dr. Eric Cole, Scott Augenbaum, Rachel Tobac, Rachel Wilson and Bryan Seely. Contact All American Speakers for ratings, reviews, videos and information on scheduling Dave Kennedy for an upcoming live or virtual event.
Attack patterns are something that when it occurs is extrinsic (not natural) behavior in a infrastructure. Understanding what attack patterns look like and building an understanding of how to detect them with what you already have is possible. Most preventative technology tries in some extent to detect extrinsic behavior in an environment but falls short because of the continual changes in attack patterns and commoditized detection (sigs, etc). This talk dives into looking at what you already have in your infrastructure that you can use for intrinsic (natural) detection capabilities that doesn't rely on a specific signature, but more so on how attackers go after an organization. As an industry, we need to be detecting the extrinsic occurrences in our networks which exhibit abnormal behavior. During this presentation, we'll be covering a large percentage of techniques used by attackers, and how to detect them with what you currently have in place at your organization today.
After looking at a number of compromises dating the past several years, there are a number of commonalities between each of them and steps that could have been used to prevent. Information security isn't a practice that will always be successful in defending however, there are key indicators of compromise to look for when an attacker is attempting to compromise an organization. During this presentation, we’ll analyze a number of data breaches and look at how a number of the breaches have occurred and how an information security program can be structured in order to defend against a lot of the attacks. Most of the causes are directly related to the human element and directly phishing. This talk will dive into how phishing techniques work, and what you can do to prevent this from happening in the future.
There's so much to do. There's not enough people. We can only do what we can based on risk, people, politics, and budget. All common things we share across each organization. This presentation dives into how to focus on building defenses against attacks, staying ahead of the methods, and focusing on known good vs. the rest. You'll leave this talk with a way to think about defense and a way to tackle the issues we face in security today.
Attackers are continuously figuring out new methods to gain access to computer systems and enterprises. Everything from Ransomware to targeted and precise attacks aimed at intellectual property theft, monetary gain, or other motives. In today’s age of hacking, it’s never been more important to understand who the hackers are and the methods they use to attack organizations. In this talk, we go into the demographics of hackers, how they are hacking, and the best defenses both from a personal perspective as well as an enterprise. It’s possible to withstand the attacks we see today with proven practices, but it requires hard work, and an understanding of who your adversaries are.
There’s no question that companies continue to try and get better when it comes to detecting attacks in multiple phases. Instead of just patching and hoping for the best, organizations are spending a substantial amount of investment in trying to detect the “well what if they get through” situation. As companies focus on enhanced detection capabilities, the focus is often hard to grasp in what to actually look for – there is so much. This talk will dive into where we see most companies fail at detection and how red teams are helping push the bar forward in not just leveraging a checklist, but focusing on the identification of attack patterns in varying levels of sophistication. The over reliance on technology as a method for trying to jump start these programs often causes more harm than good, and we’ll dive into how effective off the shelf endpoint detection tools do when confronted with even basic attackers. As an industry, we have everything we need to get better – it’s a matter of prioritization, focus, and time.
We are happy to help! Call us to speak with a booking agent about your event or specific speaker request.
Gauge interest and check availability for speaking engagements, appearances or corporate events
Provide you with the speaking fee to book Dave Kennedy or other celebrity appearance fees
Give you personal recommendations for the best keynote speakers or celebrities
Assist you with any questions you have throughout the talent booking process
This website is a resource for event professionals and strives to provide the most comprehensive catalog of thought leaders and industry experts to consider for speaking engagements. A listing or profile on this website does not imply an agency affiliation or endorsement by the talent.
All American Entertainment (AAE) exclusively represents the interests of talent buyers, and does not claim to be the agency or management for any speaker or artist on this site. AAE is a talent booking agency for paid events only. We do not handle requests for donation of time or media requests for interviews, and cannot provide celebrity contact information.
If you are the talent and wish to request a profile update or removal from our online directory, please submit a profile request form.
1.800.698.2536