Hacking Embedded Systems (No Axe Required)
- Tuesday, April 23 at 2:00 PM EDT
- John Strand & Paul Asadoorian
Embedded systems are everywhere. They are a cheap and reliable way to provide technology solutions. Everything from printers, cameras, video teleconferencing, routers/switches, firewalls, wireless access points run some type of embedded operating system. Unfortunately to achieve the cheap prices, and not complicate the systems to make them unreliable, security is often left out. Over the years several techniques have been developed to find vulnerabilities in this platform. This webcast will cover how to find vulnerabilities in embedded systems, first as part of a larger penetration test, and some more advanced techniques.
Paul Asadoorian GCIA, GCIH, Founder & Chief Executive Officer Paul Asadoorian has over 5 years experience working in the information security field. His work experience covers both major corporations and academic institutions. He currently holds two GIAC (Global Information Assurance Certification) certifications in intrusion detection (GCIA, GIAC Certified Intrusion Analyst) and incident response (GCIH, GIAC Certified Incident Handler). Paul also sits on the GCIA advisory board, has spent one year as a GCIA authorized grader, and continues to stay involved in the SANS (SysAdmin, Audit, Network, Security) Institute. His research has appeared in the book Network Intrusion Detection, 3rd edition, and also in the SANS Reading Room web site. Paul has presented for numerous organizations and conferences, including MIT Security Camp, and ISACA (Information Systems Audit and Control Association). Paul graduated from Bryant College with a bachelor of science in Computer Information Systems.
John Strand is a senior instructor with the SANS Institute. When not teaching for SANS, John co-hosts PaulDotCom Security Weekly, the world's largest computer security podcast. He also is also the owner of Black Hills Information Security, specializing in penetration testing and security architecture services. He has presented for the FBI, NASA, the NSA, and at DefCon. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.