TROUBLE WITH
ASSUMPTION
The ISG Whitehat usergroup in SA
did me the honor of asking me to do a talk, and I did one title 'The
trouble with assumptions'. The basic premise is that our understanding
of risk is dependent on how probable we think any specific occurence
is. If we think it is remote, then the risk is lowered, if it is highly
possible then the risk is increased. I wanted to apply this principle
to how much trust we place in the source IP of network transactions.
I enjoyed the talk, there were
great questions, thanks guys!
- PDF of slidedeck: here
- External Demo: here
- Internal Demo 1: here
- Internal Demo 2: here
PS - Use recent versions of
VLC to play the demos.