Google and UMD Cybersecurity Seminar: A Multi-disciplinary Approach to Security Strategy
Thursday, October 24, 2013
5:00 p.m.-6:00 p.m. 1115 Computer Science Instructional Center (CSI)
For More Information:
301 405 0794 email@example.com
A Multi-disciplinary Approach to Security Strategy
Security work in the field is as much a liberal art as it is a science. Sociology, business, and other disciplines often play a crucial role in understanding the larger picture. This presentation will review previous Adobe 0-days through the lens of different disciplines in order to demonstrate how they can be used to build effective security strategies. We will start with the way that most 0-day analysis begins, by looking at opcodes and techniques. We will then use that information as a foundation for asking other important questions: What does the source code of the malware say about its authors? Rather than just fixing the bug, can you disrupt the hacker's overall objectives? What can you learn about the victims that may help you better protect them in the future? Are there business alliances that can be built to better prevent these issues? By taking a multi-disciplinary approach to analyzing 0-days, an organization can build a more holistic security response.
Peleus Uhley is a senior security researcher within the Secure Software Engineering team at Adobe. His primary focus is assisting with Adobe platform technologies, including Flash Player and AIR. Prior to joining Adobe, Peleus started in the security industry as a developer for Anonymizer, Inc., and went on to be a security consultant for companies such as @stake and Symantec.