How to Strengthen the “Weakest Link” with Two-Factor Authentication: SANS Webinar
Did you miss our webinar with SANS and TrustedSec? Watch a video recording of How to Strengthen the "Weakest Link" with Two-Factor Authentication.
Featuring Duo Security’s Security Evangelist Mark Stanislav and TrustedSec’s Founder David Kennedy, this webinar focuses on user security. Often users of technology are considered to be the weakest link in an organization’s chain of security controls - no surprise there, we’re all human.
But by manipulating a user’s actions, an attacker can gain control over critical systems and data, all while fooling the user into believing their actions are safe and well-advised.
As the perimeter of security continues to change, user-targeted attacks are becoming more prevalent and successful. With the increase and adoption of cloud-based solutions, the threat landscape has evolved with an emphasis on user-targeted, credential-stealing attacks, such as phishing campaigns and other social engineering avenues.
In this webinar, Dave and Mark explain new threats facing end-users of organizations, as well as provide insight into how modern two-factor authentication can mitigate these risks.
This webinar also features a demonstration of TrustedSec’s Social-Engineer Toolkit (SET) as it showcases the capabilities of a criminal executing user-targeted attacks, as well as how Duo Security’s patented technology empowers users to protect their organizations from stolen credentials and a system breach.
If you’re interested in user authentication security, stay tuned to view our last webinar featuring Principal Analyst Eve Maler from Forrester Research, 5 Signs You’re Doing Authentication Wrong, which we'll be posting soon! Duo Security’s Brian Kelly and CedarCrestone’s Daniel Frye also teamed up to present on modern two-factor authentication with a use case by CedarCrestone.
Mark Stanislav, Security Evangelist, Duo Security
Mark Stanislav is the Security Evangelist for Duo Security, an Ann Arbor, Michigan-based startup focused on two-factor authentication and mobile security. With a career spanning over a decade, Mark has worked within small business, academia, startup, and corporate environments, primarily focused on Linux architecture, information security, and web application development. Mark has spoken nationally at over 70 events including RSA, ISSA, B-Sides, GrrCon, Infragard, and the Rochester Security Summit. Mark's security research has been featured on web sites including CSO Online, Security Ledger, and Slashdot. Additionally, Mark is an active participant of local and nationals security organizations including ISSA, Infragard, HTCIA, ArbSec, and MiSec. Mark earned his Bachelor of Science Degree in Networking & IT Administration and his Master of Science Degree in Technology Studies, focused on Information Assurance, both from Eastern Michigan University. During his time at EMU, Mark built the curriculum for two courses focused on Linux administration and taught as an Adjunct Lecturer for two years. Mark holds CISSP, Security+, Linux+, and CCSK certifications.
David Kennedy, Founder, TrustedSec
David started TrustedSec with the vision in building a world-class information security consulting company. Prior to TrustedSec, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company located in over 80 countries with over 16,000 employees. David developed a global security program that tackled all aspects of information security. David is considered a thought leader in the security field and has presented at over three hundred conferences worldwide. David has had numerous guest appearances on FoxNews, CNN, CNBC, Huffington Post, Bloomberg, BBC, and other high-profile media outlets. David is the founder of DerbyCon, a large-scale information security conference. David has testified in front of Congress on the threats we face in security and in the government space. David also authored Metasploit: The Penetration Testers Guide book, which was number one on Amazon in security for over a year. David was also one of the founding members of the "Penetration Testing Execution Standard (PTES)". PTES is the industry leading standard and guidelines around how penetration tests should be performed and methodologies. David has had the privilege to speak at some of the nation's largest conferences including Blackhat, Defcon, RSA, ShmooCon, DerbyCon, INFOSEC World, ISACA, ISSA, Infragard, United Security Summit, INFOSEC Summit, Hack3rCon, BSIDES, and a number of other security related conferences. David is the creator of several widely popular open-source tools including "The Social-Engineer Toolkit" (SET), Artillery, and Fast-Track. David has also released several zero-day exploits and focuses on security research. David has over 13 years of security experience, with over 8 specifically in security consulting. Prior to the private sector, David worked in the United States Marines for cyber warfare and forensics analysis activities. David was instrumental in Operation Iraqi Freedom (OIF) and developed a multi-million dollar classified system aimed at identifying potentially harmful insurgents and worked in a top-secret environment for several years.