If attackers think in graphs, why can't we? presented at t2 2015

by Olleb ,

Summary : Microsofts John Lambert said "Defenders think in lists. Attackers think in graphs". If attackers can reason about a system using graphs, why can't we as defenders use the same methods to better protect ourselves?
This talk will present an alternative to checklist-based security by using a methodical approach to reasoning about the security of a system.
Instead of just telling you what you should be doing to defend yourselves, checklist style, this talk will give you the tools you need to actually figure out what controls are most relevant for your specific environment.
Practical information assurance advice such as "what to ask for in a security assessment report" will also be offered, which should be applicable even for those not yet willing to change their information security processes.
Along the way, we might have a few laughs at the expense of some "security experts". Because why not.
olleB better known by his childhood name Olof Baldwin is an internationally recognized security expert and second cousin of Alec Baldwin. His research focus revolves around client-side authorization and input validation.
In 2013 after releasing the critically acclaimed debut single threeOne Olof was approached by several American music executives, but could not leave Visby due to commitments to the royal family. A CISSP holder and discoverer of the first POST XSS vulnerability in Sweden make OlleB a socialite comparable to Taylor Swift's twitter account.
A loophole in the local historic legislation allows him to be one of the handful people in Sweden with an open carry permit for a cyber gevär.