ISE Discovery Day! NO REMOTE OPTION
Clear your calendar! You're invited to Baltimore to come learn about ISE and its opportunities. Take part in some fun hacking challenges and enjoy lunch with the ISE team. Lunch will be provided.
Free Parking and Close to Amtrak!
Previous Knowledge of
- How to set up a VM on both windows and Mac as well as run Linux.
What you will need:
- Pen & Paper to take notes during training (this will help for the competition portion of the day)
- Personal Computer (or company approved):
- Kali Linux or your preferred Linux distributionX
- Common *NIX System Utilities – Binutils (e.g., strings, readelf, objump, nm), grep, hexdump, file, tar, zip/unzip, dd, gdb gcc, strace, ltrace, cat, ps, netstat, nc, wget, curl, telnet client, ssh client/server, python.
- Web Tools – Burpsuite web proxy, web browser, browser developer tools and/or firebug.
- Battery Charger for your computer
- USB to ethernet connector (if you computer doesn’t have an ethernet connection-if you don’t have a connector, please let us know so we can arrange to have extras on hand)
Tentative details for the day:
- About ISE
- ISE Team Introductions
- About IoT Village
- Guest Student Introductions
We discuss the different vulnerabilities found in the device and demo the exploit. We also go into depth on testing methodologies for finding these vulnerabilities.
Web APP Challenge
Tired of the usual vulnerable web applications, take a stab at our custom in-house vulnerable web app. Our web application, using modern runtimes and frameworks, is jam-packed with both widely known vulnerabilities as well as the not so known ones. Can you find and document every issue?
Explore the depths of Dagobah and a password you should find. See how many native binary security issues you can find in a linux executable with known vulnerabilities!
About the ISE Team
Lisa Green is the Director of People Relations at Independent Security Evaluators (ISE), where she is responsible for discovering new and seasoned talent, developing existing employees, organizational design and planning, program/project management, and industry relations. Green has a MSc in Management. Green has spoken at RSAC and DEF CON. Green is also involved in local universities to help students develop their careers in the InfoSec industry. Green currently resides in Baltimore with her dog Penny, who is also into security (keeping the home secure is very important!).
Rick Ramgattie is a Security Analyst at Independent Security Evaluators (ISE), where he conducts high-end, custom security assessments of computer hardware and software products. Mr. Ramgattie is a novice in the art of reverse engineering, and has taken part in hands-on security assessments of complex systems, IoT devices, and many different native and mobile applications. He enjoys reverse engineering, occasional CTFs, and reading.
Alyssa Rittenburg is the Senior Service Delivery Manager at Independent Security Evaluators (ISE), where her team is responsible for project management and resource management. She pushes and encourages the team to complete projects on time and under budget. She does with variety of methods including: ribbons, public shaming, alcohol, and even cookies (for those non-drinkers). She has a Bachelor or Arts from Goucher College and is currently an MBA candidate at University of Maryland's Smith School of Business. She is also the ISE Kickball Team's biggest supporter!
Adrian Bednarek is a Senior Security Analyst and Researcher for Independent Security Evaluators. Adrian has been reverse engineering and exploiting complex software systems for over 20 years. He has reverse engineered communication protocols for over 22 well-known and popular online gaming platforms and in certain cases circumvented anti-tampering and software/hardware fingerprinting countermeasures. Adrian Bednarek is a security researcher and analyst specializing in custom exploit discovery and mitigation implementation in business areas ranging from blockchain based solutions to media and entertainment solutions. His areas of interest include OS internals, malware internals, gaming IAP business models, cryptocurrencies, blockchain implementations, Ethereum smart contracts and exploits.
Joshua Meyer is a Security Analyst at ISE. He performs security assessments, penetration tests, and reverse engineering for ISE's clients while developing his security knowledge. Josh attends University of Maryland, Baltimore County and is majoring in Computer Science. His interests include web application security and server configuration.
Karyl Gapulan is a Junior Security Analyst for Independent Security Evaluators. Karyl has been conducting security assessments ranging from cloud deployment to configuration assessments. She has performed vulnerability assessments and developed mitigation strategies in various business areas including mass communication platforms and entertainment solutions. Her areas of interest include network security and embedded system security.