From gamajun at seclab.cs.msu.su Fri Nov 18 12:03:32 2016 From: gamajun at seclab.cs.msu.su (Dennis Gamayunov) Date: Fri, 18 Nov 2016 15:03:32 +0300 Subject: [infosec-course] =?utf-8?b?0LLRi9GB0YLRg9C/0LvQtdC90LjQtSDRgdC/?= =?utf-8?b?0LXRhtC40LDQu9C40YHRgtC+0LIg0LjQtyBUcmVuZCBNaWNyb+KAmXMgWmVy?= =?utf-8?b?byBEYXkgSW5pdGlhdGl2ZSDQvdCwINCS0JzQmiDQnNCT0KM=?= Message-ID: <06e370ae-98c3-6f21-b1da-9200d5101d02@seclab.cs.msu.su> Добрый день! Приглашаем на доклад специалистов по исследованию защищенности программных систем и поиску уязвимостей, который состоится в понедельник на ВМК МГУ. Выступление на английском языке. Ниже аннотация: Our adversaries are becoming more sophisticated and the battleground is constantly changing. Trend Micro’s Zero Day Initiative is at the frontlines of this arms race by finding, disclosing, and remediating more vulnerabilities then any other research team in the world. In this talk, we will take a look back at the last three years and cover the most interesting trends and highlight some of the innovative research that has come from Trend Micro’s Zero Day Initiative and its community of security researchers. The talk will be around 40-50 min. and will involve 3 speakers, including myself. The speaker bio's: Brian Gorenc (USA): Brian Gorenc is the senior manager of Vulnerability Research with Trend Micro. In this role, Gorenc leads the Zero Day Initiative (ZDI) program, which represents the world’s largest vendor-agnostic bug bounty program. His focus includes analyzing and performing root-cause analysis on hundreds of zero-day vulnerabilities submitted by ZDI researchers from around the world. The ZDI works to expose and remediate weaknesses in the world’s most popular software. Brian is also responsible for organizing the ever-popular Pwn2Own hacking competitions. Abdul-Aziz Hariri (Canada): Abdul-Aziz Hariri is a security researcher with the Zero Day Initiative program. In this role, Hariri analyzes and performs root-cause analysis on hundreds of vulnerabilities submitted to the Zero Day Initiative (ZDI) program, which is the world's largest vendor-agnostic bug bounty program. His focus includes performing root-cause analysis, fuzzing and exploit development. Prior to joining ZDI, Hariri worked as an independent security researcher and threat analyst for Morgan Stanley emergency response team. During his time as an independent researcher, he was profiled by Wired magazine in their 2012 article, Portrait of a Full-Time Bug Hunter. In 2015, Abdul was part of the research team that submitted "Breaking Silent Mitigations - Gaining code execution on Isolated Heap and MemoryProtection hardened Internet Explorer" to the Microsoft bounty program. Their submission netted the highest payout to date from the Microsoft bounty program where the proceeds went to many STEM organizations. Jasiel Spelman (USA): Jasiel Spelman is a vulnerability analyst and exploit developer for the Zero Day Initiative (ZDI) program. His primary role involves performing root cause analysis on ZDI submissions to determine exploitability, followed by developing exploits for accepted cases. Prior to being part of ZDI, Jasiel was a member of the Digital Vaccine team where he wrote exploits for ZDI submissions, and helped develop the ReputationDV service from TippingPoint. Jasiel's focus started off in the networking world but then shifted to development until transitioning to security. He has a BA in Computer Science from the University of Texas at Austin. Дата 21 ноября(понедельник), Время 16:20, Аудитория П-14, Факультет ВМК МГУ, Адрес: Ленинские горы, д.1, стр.52, вход со стороны ГлавногоЗдания, https://cs.msu.ru/contacts С уважением, Денис Гамаюнов