IOActive's Dan Kaminsky to Present at ToorCon

Director of Penetration Testing to discuss authentication problems uncovered in X.509

Seattle, Wash—October 20, 2009. IOActive, a leading provider of software assurance, compliance, and smart grid security services, today announced that Dan Kaminsky, Director of Penetration Testing, will present Black Ops Of PKI: Abandon All Hope Ye Who Enter X.509 at Toorcon. Now in its 11th year, ToorCon is San Diego's premier hacker conference, bringing together top security experts to present new tricks of the trade and have fun in beautiful, sunny Southern California.

Kaminsky's presentation will focus on the authentication bugs discovered in X.509. Approximately 60 percent of attacks are caused by weak or default passwords; X.509 was designed to solve this authentication problem, and businesses have invested significant money in the technology. However, Kaminsky has discovered structural and technical flaws, decreasing the effectiveness of X.509.

WHAT  Black Ops of PKI: Abandon All Hope Ye Who Enter X.509

WHERE  Diego Convention Center, Rooms 24–26, Upper Level. 111 W. Harbor Drive, San Diego, CA 92101

WHEN  October 24, 2009. 11:30 am – 12:20 pm

HOW  For more information about ToorCon 2009, visit their website.

About Dan Kaminsky
Dan Kaminsky is the Director of Penetration Testing at IOActive where he specializes in design-level fault analysis, particularly against massive scale network applications. Previously of Cisco and Avaya, Kaminsky has operated professionally in the security space for over 10 years. He is well known for his "Black Ops" series of talks at the well-respected Black Hat Briefings. Kaminsky regularly collects detailed data on the health of the Internet, and used this data to detect the worldwide proliferation of a major rootkit. In 2008, he discovered a major flaw in the Internet's DNS infrastructure and worked with security engineers around the world, protecting countless organizations and individuals against this threat.

About IOActive
Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, router, aerospace, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts the likes of Dan Kaminsky, Ilja van Sprundel, Mike Davis, Tiller Beauchamp, Ward Spangenberg, and Wes Brown—talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, Shakacon, BlueHat, CanSec, and WhatTheHack. For more information, visit www.ioactive.com.

-###-