Reusing breach data for attack and defence presented at bsideswellington 2017

by Edward Farrell,

Summary : Data breaches and their disclosure have become commonplace and yet reusing contents from a breach for security testing or enhancing an organisations defences been poorly explored. Whilst technical complexity and time of execution is not comparable to more elegant threats, The accessibility and ease of exploitation of password should be of concern to individuals and businesses. Having collected and analysed such information over the course of two years, it was only natural to start reusing it in penetration testing.
This talk will go through through some of the insights into the collection of data, its reuse in security testing, our development of an internal database for material from breaches, as well as how it can be used in a defensive function.

Edward Farrell: Edward works for a living. Does not feature as an expert on today tonight, does not have a blog, master’s degree, Armani suit, overpriced haircut, pink flashy lights, chrome plating or apple product.