Cracked SSL? - STAR-108

Ben Wilson, SVP Industry Relations/Gen. Counsel, DigiCert

This panel will discuss how to mitigate or prevent active Man-In-The-Middle attacks. We examine attacks that use combinations of social engineering, malware, DNS, and certificate mis-issuance or issuance process compromises involving CAs to compromise SSL sessions on unpatched, misconfigured, or poorly designed systems, tricking users into disclosing sensitive information.

Benjamin Wilson, JD, CISSP, is General Counsel and SVP of Industry Relations at DigiCert. He has practiced law for over 20 years--a majority of that time in the area of PKI and digital signatures--working to resolve network security and technology issues. He is Vice-Chair of the E-Commerce and IT Division of the American Bar Association’s Section of Science and Technology Law and a former co-chair of its Information Security Committee. Among numerous publications, he was a contributing editor of "The PKI Assessment Guidelines," "Information Security: A Legal, Business, and Technical Handbook” and “Information Security and Privacy – A Practical Guide for Global Executives, Lawyers and Technologists.” He is also actively involved with the CA/Browser Forum and the Online Trust Alliance.

Speaker

Headshot

Benjamin Wilson Senior Vice President Industry Relations and General Counsel, DigiCert

← View more Podcasts

This document was retrieved from http://www.rsaconference.com/podcasts/81/cracked-ssl-star-108 on Fri, 19 Dec 2014 08:38:04 -0500.
© 2014 EMC Corporation. All rights reserved.