Keynote: Learning the wrong lessons from Offense presented at t2 2016

by Haroon Meer,

Summary : Since the early 90's when Dan Farmer and Wietse Venema wrote "Improving the Security of Your Site by Breaking Into it", people have been talking about learning to "think like attackers". Countless tutorials, books and blog posts have been dedicated to getting defenders to learn from offense. This hasn't been particularly successful.
In this talk we posit that part of the reason for this failure is that we have been trying to teach the wrong things, and have probably been missing the most important (and useful) lessons of all.
This talk aims to uncover the secret reasons that offense has been kicking defense all over the board, and hopes to help start reversing this trend.