Douglas McKee
Douglas McKee is the Executive Director of Threat Research at SonicWall where he and his team focus on identifying, analyzing, and mitigating critical vulnerabilities through daily product content. He is also the lead author and instructor for the SANS SEC568 class focused on combating supply chain attacks using product security testing. Doug is a regular speaker at industry conferences such as DEF CON, Blackhat, Hardware.IO, and RSA, and in his career has provided software exploitation training to many audiences, including law enforcement. His research is regularly featured in publications with a broad readership including Politico, Bleeping Computer, Security Boulevard, Venture Beat, CSO, Politico Morning eHealth, Tech Republic, and Axios.
Session
Our current administration lists "Defend Critical Infrastructure" as the #1 item in the 2023 National Cybersecurity Strategy. To take on this challenging endeavor and provide complete security to not only our critical infrastructure but all organizations, we must be willing to go deeper than simple vulnerability scans, basic red teaming or blindly accepting the risk due to a lack of understanding. The product security testing methodology of deep enumeration, which includes dissecting and understanding proprietary protocols, is vital to our success in meeting our nation's objective. This presentation will present a well-defined and repeatable methodology, then using an actual proprietary protocol, demonstrate how to dissect, understand, and how threat actors can use this proprietary protocol to their advantage. The presentation will then conclude by showing how defenders can use this deep understanding to reduce the risk proprietary protocols pose on their networks. These skills will become instrumental for our cyber security professionals' ability to defend our critical infrastructure and business, which leverage these protocols.