GuidePoint Senior Security Consultant Selected for Black Hat Europe Arsenal Presentation

Brian Beaudry will speak about OWASP ZSC

Brian Beaudry, senior security consultant, will represent GuidePoint Security at Black Hat Europe Nov. 1-4, as a featured Arsenal presenter.

Brian has been a part of the GuidePoint team for the past two years in the application security practice. He will deliver a special presentation on the OWASP ZSC tool created by Ali Razmjoo. The presentation will be from 10-11:50 a.m. Thursday, Nov. 3, at Arsenal Station 4 in the Business Hall at the Business Design Centre in London.

OWASP ZSC is an open-source tool written in the Python programming language. It allows users to generate customized shellcode as well as obfuscate scripts. The shellcode can then be used to develop proof-of-concept exploits to demonstrate the impact of discovered vulnerabilities. ZSC’s script obfuscation functionality allows it to take code the developer does not want to be easily viewed and obfuscates it to make the reverse engineer’s job more difficult.

OWASP ZSC uses new encoding techniques and methods many antivirus suites will not detect. OWASP ZSC encoders generate shellcode with random encodings, which allows it to generate thousands of new dynamic shellcodes within the same job in just a second. The software runs on Windows/Linux/OSX under Python.

Brian recently served as a Google Summer of Code mentor for OWASP, providing subject matter expertise to the ZSC project on Windows-based shellcode. He was also involved in presenting the tool at Defcon 2016 Demo Labs.

During Black Hat’s interactive Arsenal, presenters like Brian share the latest in open-source tool and product development, including demonstrations and thought-provoking conversations. Each tool submitted to the Arsenal undergoes a review by the Black Hat Europe review board to find the best and most innovative tools under development in the security space.

“We are so excited that Brian has this chance to share his knowledge and enthusiasm about OWASP in a global market,” said Bryan Orme, principal of information assurance, at GuidePoint Security. “It’s a unique opportunity for talented GuidePoint professionals like Brian to connect with others from around the world to brainstorm and network about cutting-edge technologies, solutions, and tools that continue to advance the ever-evolving information security industry. We are all proud of Brian, and can’t wait to see his presentation.”

By participating in Black Hat Europe 2016 trainings and briefing sessions, attendees get hands-on learning opportunities with some of the world’s leading information security researchers and developers, while exploring industry trends in a vendor-neutral environment.

For more information about Black Hat Europe and to register for the event, visit https://www.blackhat.com/eu-16.

About GuidePoint Security

GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

blackhat-europe-2016-blog-graphic-header

Visit GuidePoint Security at InfoSec World, Orlando

Join GuidePoint Security as we highlight and showcase two of our technology partners, Bromium and Skybox.

When:  Monday, April 7-8, 2014
Where:  InfoSec World Conference & Expo, Booth #219, at Disney’s Contemporary Resort, Orlando, FL

GuidePoint Security partners with vendors that offer unique technologies that address the security needs of our clients.  With the complexity of security threats ever increasing, GuidePoint Security offers the right solutions and technologies for our clients’ specific needs. 

These two technology partners offer the following solutions to address today’s advanced security threats.

Bromium provides protection at the endpoint with vSentry, an innovative product that protects against all advanced malware. vSentry automatically creates hardware-isolated micro-VMs that secure every user task – such as visiting a web page, downloading a document, or opening an email attachment.

Skybox delivers cutting-edge risk analytics for enterprise security management.  Their solutions give complete network visibility, help to eliminate attack vectors, and optimize security management processes. Protecting the network and the business.

GuidePoint Security uses their expertise to lead security innovation by helping clients recognize threats, understand solutions, and mitigate risks throughout their IT environment by determining which solutions fit their clients’ needs.  GuidePoint Security offers the people, processes, technologies, and oversight that deliver results to your organization.

Be sure to visit GuidePoint Security at the InfoSec World conference in Orlando, booth #219.

For additional information about the InfoSec World Conference and Expo, visit http://gpsec.me/1hmTEAm.

About GuidePoint Security, LLC
GuidePoint Security provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps our clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Reston, Virginia, and with offices in Michigan, New Hampshire, Florida and North Carolina, GuidePoint Security is a small business and classification can be found with the System for Award Management (SAM). Learn more at www.guidepointsecurity.com.

Going to RSA? Start it Off Right.

Come meet GuidePoint Security, CloudPassage, Co3Systems and Kaspersky at the GuidePoint Security Social Hour.

When:  Monday, February 24, 2014 from 6:00 PM to 8:00 PM (PST)

Where: John Colins
138 Minna St
San Francisco, CA 94105

GuidePoint Security works with these partners to help organizations use the following solutions to address today’s most challenging information security risks.

CloudPassage addresses the number one inhibitor to cloud adoption – security. They provide server security products purpose-built for dynamic public and hybrid cloud hosting environments.

Kaspersky is one of the fastest growing IT security vendors in the world. Firmly positioned as one of the top four leading vendors of security solutions for endpoint users.

Co3 Systems is an Incident Response Management platform. From privacy breaches, to malware outbreaks, to system intrusions, to Distributed Denial-of-Service (DDoS) attacks – they automate incident response management.

GuidePoint Security uses their expertise to lead security innovation by helping clients recognize threats, understand solutions, and mitigate risks throughout their IT environment by determining which solutions fit their clients’ needs. GuidePoint Security offers the people, processes, technologies and oversight that deliver results to your organization.

Make sure to visit the GuidePoint Security Social Hour and talk to the experts and discuss the latest and greatest risks, trends and technologies in information security.

For additional information about the GuidePoint Security Social Hour, visit http://gpsec.me/1bRwdNH and for more information about the RSA Conference, visit http://gpsec.me/1gdWsQS.

About GuidePoint Security

GuidePoint Security provides customized, innovative and valuable information security solutions that enable commercial and federal organizations to more successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps our clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Learn more at www.guidepointsecurity.com.

GuidePoint Security Proudly Supports OWASP Tampa Day 2013 Again!

OWASPGuidePoint Security is proud to announce its sponsorship of OWASP Tampa Day 2013. The 3rd annual OWASP Tampa Day will take place on Monday, August 19th at the Firestick Grill within the Tampa Bay Times Forum. This FREE event will feature presentations aimed at providing developers and Information Security professionals with insights into Cloud, Mobile and Application Security. ALL are welcome to attend. Attendees will leave the event with a greater understanding of Cloud, Mobile and Application Security. Additionally, attendees will learn how and when to integrate security principles into their daily processes and procedures.

Visit OWASP Tampa Day 2013 to learn more about and register for this free event.

GuidePoint Security Presents on Web Application Hacking and Defenses

In the Tampa Bay area? Be sure to catch GuidePoint Security’s Principal, Bryan Orme, present How to Hack Web Applications for Profit (And How to Prevent Yours From Being Hacked) at the Tampa Bay ISSA Chapter Meeting this Friday, May 17th at 9 a.m.

Presentation Abstract: How to Hack Web Applications for Profit (And How to Prevent Yours From Being Hacked)

The constant barrage of breaches that we’ve seen over the past several years have made two things very clear—every organization is at risk and every web application is a target. As a security professional, it does not matter whether breaches are brought about by hacktivists such as LulzSec or Anonymous, the acts of criminally minded hackers or nation state sponsored attacks, the consequences of vulnerable web applications can wreak havoc on your company. Attackers are determined, inventive and patient, while your organization’s application portfolio is dynamic, vulnerable and always connected to the Internet. This presentation will discuss why web applications are vulnerable, why they’re under attack, and provide an overview of the most common vulnerabilities found in web applications. Attendees will leave with an understanding of how web applications are attacked, the most common vulnerabilities found in web applications, and how to prevent these vulnerabilities from being identified and exploited in your web applications.

For more details, click here.

GuidePoint Security Proudly Supports OWASP Tampa Day 2012

OWASPGuidePoint Security is proud to announce its sponsorship of OWASP Tampa Day 2012. The 2nd annual OWASP Tampa Day will take place on Thursday, June 7th at HealthPlan Services in Tampa. This free event will feature presentations aimed at providing developers and Information Security professionals with an introduction to application security. Attendees will leave the event with a greater understanding of how and when to integrate application security principles into their daily processes and procedures. Additionally, attendees will learn how common attacks are performed and how to mitigate them.

Visit OWASP Tampa Day 2012 to learn more about and register for this free event.

GuidePoint Security Presents on Mobile Security Abroad at AppSec DC

AppSecDC 2012Heading to AppSec DC next week? Be sure to catch GuidePoint Security’s Co-Founder and Principal, Justin Morehouse, present Behind Enemy Lines Practical Triage Approaches to Mobile Security Abroad 2012 Edition on Thursday, April 5 at 11 a.m.

If you are unable to make it to the conference, we will post Justin’s slides after the presentation. If you would like more information about the presentation, leave a comment below.

Abstract: Having traveled over 100K miles internationally during the past 9 months, the topic of mobile security while abroad was on my radar. I took some precautions myself and jotted down some ideas to discuss with my peers. Then one of my clients asked me to come up with a solution for their executives while traveling to locations that would benefit greatly from their intellectual property. This presentation covers the lessons learned while securing mobile devices for both the enterprise and consumer while outside the 50 states. Areas of particular interest will be common threats and attacks and the REALISTIC steps you can take to reduce your attack surface and return your IP home safely. We’ll also cover what to do when your primary safeguards fail or end up in a toilet somewhere…