DAN KAMINSKY AND WARD SPANGENBERG TO SPEAK AT SECURE WORLD SEATTLE

Kaminsky's keynote will discuss the industry's coordinated patching effort around the Internet's DNS flaw and Spangenberg will show companies the realities of becoming PCI compliant.

Seattle, Wash—October 28, 2008. Dan Kaminsky, Director of Penetration Testing at IOActive, will discuss flaws in the design of the Internet's infrastructure that could produce new vulnerabilities. Earlier this year, Kaminsky discovered a flaw in the Internet's Domain Name System—one of the most significant in Internet history. Together with security engineers around the world, he coordinated the largest synchronized patch release to date, protecting countless organizations and individuals against this threat. In this presentation, he will share his story and discuss lessons learned from this effort.

WHAT   Internet Infrastructure: Designed for Instability?

WHERE   Secure World Seattle. Meydenbauer Convention Center, Bellevue, WA

WHEN   October 29, 2008. 12:15–1:00 pm

Ward Spangenberg, Director of PCI Services at IOActive, will discuss a variety of issues he has faced as a trusted advisor while guiding several Global 1000 accounts to PCI compliance, as well as solutions he utilizes to help organizations become PCI compliant. Spangenberg's presentation focuses on the second installment of the Payment Card Industry Data Security Standard (PCI DSS) and how the new version will impact companies.

WHAT   The Challenges of Meeting and Maintaining PCI Compliance in an Enterprise Environment

WHERE   Secure World Seattle. Meydenbauer Convention Center, Bellevue, WA

WHEN   October 29, 2008. 8:30–9:15 am

About Dan Kaminsky

Previously of Cisco and Avaya, Dan has been operating professionally in the security space since 1999. He is well-known for his "Black Ops" series of talks at the well-respected Black Hat Briefings. He is also the only speaker who has attended and spoken at every single Blue Hat Microsoft internal training event. Dan focuses on design-level fault analysis, particularly against massive-scale network applications. Dan regularly collects detailed data on the health of the global Internet, and recently used this data to detect the worldwide proliferation of a major rootkit.

About Ward Spangenberg

As Director of PCI Services at IOActive, Ward Spangenberg's familiarity with NIST 800 guidelines, COBIT, ISO 17799, GLBA, Sarbanes-Oxley, and HIPAA requirements makes him an asset to organizations seeking compliance with industry and government regulations. Spangenberg concentrates on using his knowledge of system and network penetration, web application analysis, and security auditing to provide clients with the necessary tools to meet Federal and Industry compliancy requirements. His vast experience includes work in the government, telecommunications, software, retail, healthcare, and financial services industries.

About IOActive

IOActive is an industry leader that offers comprehensive security services including software assurance, smart grid security, infrastructure audits, training, incident response, PCI compliance, and risk management. IOActive has attracted many well-known security experts including Dan Kaminsky, Jason Larsen, Steve Wozniak, Mike Davis, and Ilja van Sprundel. More information is available at www.ioactive.com.

-###-