Final Week to Get a MacBook Air or Surface Pro 7 with 5 or 6 Day Training - Register Today!


To attend this webcast, login to your SANS Account or create your Account.

"Reading the Security Tea Leaves" - The Story from 50 million Vulnerabilities

  • Thursday, November 07, 2013 at 12:00 PM EST (2013-11-07 17:00:00 UTC)
  • Ed Bellis, Matt Johansen


  • WhiteHat Security

You can now attend the webcast using your mobile device!



The story is in the data. What can the IT security industry learn from taking a look at past trends in vulnerability stats, exploit trends, and information from a 'blackhat' who has decided to go legit? While many IT security professionals shy away from listening to anything from the dark side, much can be learned from knowing your adversary and what makes them tick. Learn insights into where your defense strategy might be at risk and what methods hackers are deploying to thwart current security measures.

By combining hacker attack data with an aggregation from the leading security tools on the market we can start to build a comprehensive defense strategy. We will examine the overlapping data generated from the aforementioned tools and how they relate to the public breach reports and databases we have access to. The audience will start to see trends in this data that includes 50,000,000 vulnerabilities analyzed over the past 12 months from some of the largest corporations in the world.

Attendees will learn:

  • What can we learn from listening to the dark side? Hacker Intel Exposed
  • Attack Trends from analyzing over 50,000,000 vulnerabilities culled from F500 companies
  • How to build a defense strategy based on the aggregated attack data
  • Lessons from running attack data thru 20 leading security products
  • Bridging the gap between security tool data and public breach information

Speaker Bios

Matt Johansen

Matt Johansen is a manager for WhiteHat Security's Threat Research Center (TRC). Matt began his career as a security consultant, where he was responsible for performing network and web application penetration tests for clients. He then took at role at WhiteHat as an application security specialist for the TRC and quickly rose through the ranks to managing more than 40 at the company's Houston location. In his spare time, Matt is a frequent web security instructor at San Jose State University and Adelphi University, where he received his Bachelor of Science in Computer Science. Matt is also a frequent speaker at a number of industry events including: BlackHat, Defcon, Hacker Halted, the FBI's International Conference on Cyber Security, RSA as well as several OWASP chapters and BSides events across North America. Matt is also a contributor to the Liquidmatrix Security Digest and has worked with the SANS Institute as an industry expert for certification review.

Ed Bellis

Ed is the CoFounder of Risk I/O a vulnerability intelligence Software as a Service that centralizes, correlates and automates the entire stack of security vulnerabilities and remediation workflow. Prior to Risk I/O, Ed served as the Chief Information Security Officer for Orbitz, the well known online travel agency where he built and led the information security program and personnel for over 6 years. Ed has over 20 years of experience in information security and technology at places such as Bank of America, CSC and Ford Motor Company. He is a frequent speaker at information security events across North America and Europe. Past talks have included venues such as IANS Security Forum, SaaScon, AppSec DC, BlackHat, CSO Perspectives, BayThreat, MIS Institute, and several others. Additionally, Ed is a contributing author to the book Beautiful Security by O'Reilly and a blogger on CSO Online.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.