Tony Drake
Tony Drake has over 25 years of experience in information security and systems administration. He has worked in roles ranging from systems design and administration to incident response, tactical intelligence, and managing pen tests. He has worked for the last 20 years in various roles in financial firms including brokerage, banking, exchange and payments in roles ranging from jack-of-all-trades "security guy" to tactical intelligence and malware analysis. He has worked in all aspects of Pen Testing from scoping, and planning to managing results, to incident response. In his current role he serves as lead security researcher for the Intercontinental Exchange, solving tactical security problems with creative solutions.He holds a CISSP as well as SANS certifications in Incident Response, Web Application Pen Testing, Network Pen Testing and Threat Intelligence, and OSINT.
Sessions
This year, the calendar turned and I hit a milestone. I looked and realized that I had been doing this security stuff for over 20 years professionally, and it was time to take a look back and share some insight about how I earned this gray hair and these wrinkles and what I would do differently if I "could do it all over again". I think I have gained just a little bit of insight that many new to the field (or newer to the field) might just benefit from. So here goes, a nice little talk that is less tech, more human, and all of it real.
LLMs and AI have taken the world by storm. Everyone wants to use AI (or at least have people thinking they are). Everyone thinks it is going to change the world. Some say it is going to destroy humanity. Red Team talks show us how to manipulate responses for fun and profit. But what about the rest of us who just want to use it, not hack it? It is time to deflate the balloon of the hype machine and be realistic. Let's take a candid and somewhat humorous walk through what AI is, what it isn't and what the reality of this new technology is for all the rest of us..