DEFCON 17 – A Pen Testing Innovation Buffet

August 17, 2009

The bingo halls were full around the country, for all the dungeon dwelling geeks, from the well-seasoned hackers, to the security n00bs, were in full bloom in Vegas at DefCon 17.

andrus_defcon17_pAn l337 group gathered together, each one leaving identity and iPhone at home, all sharing a common ground based in a bunch of zeros and ones, and the occasional dash or two. DefCon holds true to its name by attracting the self-proclaimed “outlaws” in the security industry, who can not only exploit your boxes, but the very fundamentals that surround technology itself. It is truly an experience to have even been there… for everyone at the show seemingly takes pride in what they contribute to the community via their work.

Core Security Technologies held a technical user panel for a pack of security groupies left over from Black Hat. Each of them, over the past year, have been pushing development of our CORE IMPACT products in many different ways, from scripting custom modules, integrating their own custom exploits, or even creating unique evasion techniques to get past their own “security standards.”

This panel was put together with the intention of drawing out the most technical feedback from their experience with CORE IMPACT. We wanted to give everyone there a chance to talk amongst other customers….to truly collaborate.

These conversations were carried out among a group of about 20 people, including Core’s Vice President of Product Management, Fred Pinkett, and Global Services and Training Manager Don Kelloway, and all the aforementioned IMPACT groupies. Also in attendance were Selena Stern-Proctor, our trade show superstar and Marketing Programs Manager, as well as two CoreLabs developers who focus on the client-side and web-application aspects of IMPACT, and, of course, myself.

RivieraErrorThe erudite contributions offered by our users were spot on when it came not only to network security but also to Web application security, and there was clearly a general interest and love for the industry in the room as well. The thoughts offered up were both honest and extremely welcome, and I was very proud that the panel that lasted over 2 hours. And interestingly, as it turns out, a lot of the folks we invited even knew each other beforehand. Small world; Go figure.

To those of us who made it home from DefCon, we all returned with colorful new stories to share, and quite possibly a case of the ever-famous con-fluenza. The innovative ideas and suggestions that were given to us regarding CORE IMPACT Pro now can take their rightful place in the hands of our product developers, who can set the wheels of innovation in motion.

I end this post by saying, with the year behind us that prompted the ideas expressed in the panel, well, let’s just say this lady can’t wait to see what DEFCON 18 will bring.

Stay safe…stay secure…..PEN TEST!

-Caitlin Johanson, Technical Support Engineer


  • News & Events

Ready for a Demo?

Eliminate identity-related breaches with SecureAuth!