It's incredibly easy to put systems online. Between EC2, Digital Ocean, Rackspace, Oracle, IBM, GCP, Hetzner and various others, anybody can spin up a free virtual machine. There's stuff like lambda and heroku which is are disembodied python interpreters you can buy access to. IOT devices phone home and become accessible. The internet is getting packed with stuff and the old ways of "put a firewall in front of it" seem to have disappeared - lots of stuff is just .. public! Applying a bit of architecture know-how can massively reduce attack surfaces, and if you take it a bit further it can seriously aggrivate attackers. Let me show you how!
Presented at Security Fest 2023.Speaker: Dan Tentler
Dan Tentler is the Executive Founder and CTO of Phobos Group, a boutique information security services and products company. Having been on both red and blue teams, Dan brings a wealth of defensive and adversarial knowledge to security landscape 2022 produces for us all. Dan has spent time at Twitter, British Telecom, Websense, Anonymizer, Intuit and Sempra Energy, to name a few and has a strong background in systems, networking, architecture and wireless networks, translating to strengths in lateral movement, data exfiltration, hiding from the blue team, physical security and a variety of other redteam techniques. Outside of work, Dan cooking, FPV drones and making hot sauce.