- Schedule
- Venue
- Speakers
- Training
- CFP
- Volunteer
- Recreation
- Blackshield Awards
- CTF
- Sponsors
- Exhibition
- Job Fair
- CXO Track
- Goa'17
- About Speakers
- Edwin van Andel
Talk Title
Hackers! Do we shoot or do we hug?
Abstract
In the ever changing security landscape we are slowly seeing a shift from labelling hackers per default as 'bad and malicious individuals', to accepting them more often as 'useful and potentially friendly'. We see more and more companies starting a bug bounty program and/or a Responsible Disclosure (Coordinated vulnerability disclosure) program.
We in the Netherlands are (at least in Europe) leading the pack on this last subject, backed heavily by the Dutch NCSC, the Dutch government and the Dutch prosecution services, with their Responsible Disclosure guideline.
In this interactive and mostly humorous talk I'll start with defining security (in a grotesque way), followed by the 'real' definition of hackers, the way hackers think and work, and how they can be used instead of feared by companies. I'll show how bug bounties and the Responsible Disclosure processes can work, but also how they sometimes do not. I will take the audience with me along the path to these fails, and discuss the way we can or could have improve(d) these processes. My final 'calculation' will even try to open the door to a safer online world! (from a hacker's point of view that is.)
During the talk I interact a lot with the audience, do humorous quiz questions about the subject, and reward good answers with a bottle!
Speaker Bio
Edwin van Andel, better known as @Yafsec, was born on a late November day in the excellent wine year 1970 and immediately started pushing buttons from his crib. During his early years no device was safe for him, and his adolescence was described by his neighbours as a "very disastrous period", mainly because of his discovery of computers, modems and the hack-tic.
After working with different companies around the globe, he in 2003 started his own company called Yafsec, with the sole purpose of guiding companies and IT dealers through the dark woods of the ever evolving security forest. As of 2016 he joined Zerocopter, where he's mostly working on publicly expanding their continuous security platform.
Elected winner of the Lightning talks at BruCON 2013, and organizer of the alternative NCSC conference "because no hackers were invited" #ALT-S, he is now a renowned speaker that will introduce you -in a humorous way- to the dangers, virtues and current state of affairs in the security landscape.
From a hacker's perspective, that is......