OWASP Monthly Meeting - October 26 2016

Speaker: Ken Scott

Title: DDoS is more like a hurricane than war; prepare accordingly.

Ken Scott is the Principal DDoS Security Engineer for F5's Silverline DDoS service. Ken established F5's DDoS SOC Incident Response and Standard Operating Procedures. He trains all new DDoS SOC engineers and still mitigates DDoS attacks.Ken started his network security career in Prolexic's DDoS SOC. Ken also worked at a 3rd DDoS service, Verisign's ViDN in Northern Virginia. Over almost a decade in the DDoS defense, Ken has worked worked some of the largest and most complicated DDoS attacks. This also means he has worked with some of the world's largest corporations and networks to both prepare and work through emergency situations. Ken also worked in Apple Inc's Security Incident Response Team in Cupertino, working events such as botnet infections, account compromises and network vulnerabilities.

This talk will discuss current DDoS events including the recent attacks on Krebs and OVH, the techniques used in those attacks, and the IoT devices exploited to carry out the attacks. We will then discuss corporate network preparation and disaster recovery planning for DDoS and similar emergency situations. We will discuss the defensive mindset and how DDoS should be thought of as a hurricane instead of gearing up for war.