Kotler Takes the Stage to Present Ways to Detect and Mitigate Python Attacks
SUNNYVALE, CA - Apr 27, 2017. SafeBreach, the leading provider of continuous security validation, today announced that CTO and Co-Founder, Itzik Kotler will provide a live demonstration on how to detect and mitigate a Python program attack during Chicago's hacking conference THOTCON taking place on May 4-5, 2017 in Chicago, IL.
Established in 2009, THOTCON was formed as an idea by a group of Chicago-based hackers who wanted to start a local, inexpensive conference. It is a non-profit, non-commercial event that aims to provide the best hacking tips and tricks possible to an extensive audience-from CISO/CIO/CTO to security engineers to application developers to security consultants and recent graduates. In true hacking fashion, privacy and security measures are taken heavily into consideration. Therefore, the venue is only disclosed to THOTCON attendees and speakers a week prior to the event.
I'm In Your \$PYTHONPATH, Backdooring Your Python Programs: Kotler will give a live demonstration on how a small change in a shell variable can lead to a malicious Python code injected into a Python program and used to hijack Python module(s) and then steal passwords/sensitivity data, tamper with security tools, and turn any Python program that uses sockets into an interactive backdoor.
Kotler has more than a decade of experience researching and working in the computer security space. He is a recognized industry speaker, having spoken at DEFCON, Black Hat USA, Hack In The Box, RSA Conference, CCC and H2HC. He is a former member of the elite Israel 8200 Intelligence unit. Prior to SafeBreach, he served as CTO of Security Art and led SOC activities and research at Radware (RDWR). Most recently, Kotler spearheaded SafeBreach Labs's research in its initial contribution to the MITRE Corporation's knowledgebase, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Framework. The MITRE Corporation is a not-for-profit organization that operates research and development centers sponsored by the federal government.
SafeBreach is a pioneer in the emerging category of continuous security validation. The company's groundbreaking platform provides a "hacker's view" of an enterprise's security posture to proactively predict attacks, validate security controls and improve SOC analyst response. SafeBreach automatically executes breach methods with an extensive and growing Hacker's Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital, Hewlett Packard Pathfinder and investor Shlomo Kramer. SafeBreach is a 2016 SINET16 Innovator, and a finalist for the RSA 2016 Innovation Sandbox and BlackHat Most Innovative Startup competitions. For more information, visit www.safebreach.com or follow on Twitter @SafeBreach.