lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 16 Mar 2007 10:16:26 +0530
From: "Hakuna Matata" <narender.hooda@...il.com>
To: "Gadi Evron" <ge@...uxbox.org>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Tel Aviv University Security Forum - 18th of
	March

is there any English version of this site available

--Hakuna

On 3/16/07, Gadi Evron <ge@...uxbox.org> wrote:
> TAUSEC - The Security Forum, hosted by Tel-Aviv University, next meeting
> will take place on: Sunday, March 18, at 18:30.
>
> Location: Tel-Aviv University, Lev Auditorium
> Map: http://www2.tau.ac.il/map/unimapl1.asp
>
> Attendance is free, light refreshments will be served
>
> Schedule:
> ---------
> 18:30 - A taxonomy & tool for automated vulnerability chaining and path
>         discovery Topic Synopsis
>         - Toby Kohlenberg
>
>         Level: Technical/High
>         Language: English
>
>         Abstract:
>
> -----------------
>
>         Vulnerabilities are occurring with increasing frequency and the
> resources required to manage mitigation are increasing in parallel.
>
>  Unfortunately, current best practices still evaluate the majority of
> vulnerabilities as unique unrelated events. This method of evaluation is
> an understandable choice but does not accurately reflect how the
> vulnerabilities may be used by attackers. In this project we attempted
> to find a way to evaluate combinations of vulnerabilities in an
> automated fashion.
>
>  We created a taxonomy that allows us to describe vulnerabilities and
> their connections to each other. We then used these descriptions to
> create a graph showing the interconnections between the vulnerabilities
> and used that to find pathways to complete system compromise.
>
>  The system we used to judge the effectiveness of this approach is a
> feature rich web application which allows a user to quickly and easily
> describe a vulnerability and its interactions and then explore its
> relationship to other vulnerabilities.
>
> -----------------
>
>
> Sicne the lecture begins late, we will have only one speaker.
>
> More details and past lectures can be seen at:
> http://www.cs.tau.ac.il/tausec/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ