Threat Modeling Potentially Vulnerable Devices
On Wednesday,12 November 2014, Brian Knopf will discuss
Threat Modeling My Wife: How a security researcher deals with potentially vulnerable devices that provide high quality of life improvements.
Abstract
This talk discusses what I went through when my wife needed to have a pain management device implanted in her back to make her mobile again. From building a threat model to weighing the benefits versus the potential risk and how I overcame security paranoia to better her life. I will talk about the differences between these devices and other devices that have known wireless exploits. While cameras and other IoT devices can be compromised, there is not the same safety concern as when a device is necessary to provide quality of life. Unlike an insulin pump, there is no manual alternative available to make those with chronic pain mobile again.
About the Speaker
20 years of experience in IT, development, QA/QE, and security. Brian has built and managed QA, automation, security, and development teams for companies including Rapid7, MySpace, Youbet.com, eUniverse, and VeriTest. Currently the Director of Application Security at Belkin International responsible for SDL, PSIRT, security research, and pen testing of Belkin and Linksys Networking, WeMo (home automation), and SMB products. This includes security of hardware, firmware, mobile applications, and cloud environments. Prior to Belkin, Brian spent 3 years building Nexpose, the leading Vulnerability Management product at Rapid7.
Meeting Info
Meetings are free and open to the public.
Pizza and networking: 6:30 PM
Presentation, Q&A: 7:00 PM
Location:
Richter Auditorium, Ahmanson Science Center
California Lutheran University
Thousand Oaks, CA 91360
Parking: Do not park in the faculty/staff lots. Free parking is available in the visitor lot at the corner of Olsen Road and Mountclef Boulevard. Alternatively, CLU Public Safety has provided us with parking passes for on street parking.
Additional maps: http://www.ieee-bv-cs.org/meetings/