Hitting Above The Security Mendoza Line

Expo Theatre (Hall G) October 23, 2012 - Feedback     

Bookmark and Share

Ed Bellis

A few years ago Alex Hutton coined the term Security Mendoza Line. It was in reference to Mario Mendoza the baseball player often used as a baseline for how well a player must hit in order to stay in the major leagues and not be demoted. Keeping up with the attacks automated within Metasploit can often serve as that baseline within information security.

More recently, Josh Corman defined HD Moore’s Law as “Casual Attacker power grows at the rate of Metasploit”. In other words, that baseline is moving and we are not keeping up. In a hyped industry where much of the talk remains around Advanced Persistent Threats it’s the baseline that we continue to miss as proven out in reports like Verizon’s Data Breach Investigation Report. Looking at the most common breaches they are most likely to be targets of opportunity where the defenders have let the basics slip through the cracks.

In this talk, we will cover why paying attention to HD Moore’s Law is important and how to stay on top of this changing threat measurement. We’ll offer real world examples on how an organization can identify where they stand against the Security Mendoza Line and how they can alert and defend against falling below the baseline. Content will cover not only identified threats through Metasploit modules but through the myriad of exploit sources available across the internet.