This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

SnowFROC Abstract Zusman

Revision as of 20:46, 12 February 2009 by Dc (talk | contribs) (The Speaker: Mike Zusman, Intrepidus Group)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The Presentation: Poor Man's Guide to Breaking PKI: Why You Don't Need 200 Playstations

The commercial PKI system is designed to provide web site validation services that stand up to the threat of DNS spoofing and other man-in-the-middle attacks against web sites. This presentation addresses weak points in commercial PKI and discusses ways for clients to defend against an attack on a commercial certificate authority resulting in trusted certificates falling into the hands of attackers.

The Speaker: Mike Zusman, Intrepidus Group

Michael Zusman is a Senior Consultant with the Intrepidus Group. Prior to joining Intrepidus Group, Mr. Zusman has held the positions of Escalation Engineer at Whale Communications (a Microsoft subsidiary), Security Program Manager at Automatic Data Processing, and lead architect & developer at a number of smaller firms.

In addition to his corporate experience, Mr. Zusman is an independent security researcher, and has responsibly disclosed a number of critical vulnerabilities to commercial software vendors including Apple and SonicWall. He has spoken at a number of top industry events including Black Hat and regional OWASP events. Mr. Zusman also speaks and teaches about information security at NYU/Polytechnic University.

Mr. Zusman brings 10 years of security, technology, and business experience to Intrepidus Group. He is a CISSP and an active member of the OWASP foundation.

back to Presentation Agenda