Speaker Bios

Doug Landoll, Accuvant

Douglas Landoll is an expert in security risk assessment, security risk management, security criteria/compliance, and building corporate security programs. He has led security risk assessments establishing security programs within top corporations and government agencies. This includes work at many corporations and government agencies including NSA, CIA, NATO, and the FBI. He has been a leader in the information security industry for over 20 years. He authored the recent “Security Risk Assessment Handbook”, co-authored the SSE-CMM (ISO 21827), and written dozens of articles for national information security magazines.

Doug served as the founder and president of Veridyn Inc. prior to their acquisition by En Pointe Technologies and the founder of Lantego Security. He is also a CISSP and CISA, holds a CS degree from James Madison University, and an MBA from the University of Texas, Austin.


The Federal Information Security Management Act specifies minimum security standards and required controls for all Federal systems and any other system creating, processing, transmitting, or storing sensitive federal information. This regulation has brought the alphabet soup of Federal Government requirements and assessment processes to state agencies, research centers, and school systems. Mr. Landoll will guide participants in this seminar through the complexities of the FISMA program and associated documents and processes. Attendees will gain an understanding for the way in which minimum security controls are selected, tailored and applied to their environment, as well as a proven approach for effectively preparing for a FISMA audit.

Frank "Jamie" Licitra, IBM Security Solutions

Jamie Licitra is the IBM X-Force Product Manager at IBM Security Solutions. In this role, Jamie helps prioritize the release of X-Force security content; speaks at public events on behalf of X-Force; and actively engages with customers to gather requirements, provide feedback, and align the X-Force roadmap with customer expectations. Jamie has worked in the security industry for more than 12 years and holds a B.S. in Computer Science and an M.S. in Software Engineering.


The IBM X-Force 2010 Mid-Year Trend and Risk Report reveals several key trends that demonstrate how, in the first half of 2010, attackers seeking to steal money or personal data increasingly targeted their victims via the Internet.

Attackers are increasingly using covert techniques like Javascript obfuscation and other covert techniques which continue to frustrate IT security professionals. Obfuscation is a technique used by software developers and attackers alike to hide or mask the code used to develop their applications. Reported vulnerabilities are at an all time high, up 36%. 2010 has seen a significant increase in volume of security vulnerability disclosures, due both to significant increases in public exploit releases and to positive efforts by several large software companies to identify and mitigate security vulnerabilities.
PDF attacks continue to increase as attackers trick users in new ways. To understand why PDFs are targeted, consider that endpoints are typically the weakest link in an enterprise organization. Attackers understand this fact well. For example, although sensitive data may not be present on a particular endpoint, that endpoint may have access to others that do. Or, that endpoint can be used as a practical bounce point to launch attacks on other computers. The Zeus botnet toolkit continues to wreak havoc on organizations. Early 2010 saw the release of an updated version of the Zeus botnet kit, dubbed Zeus 2.0. Major new features included in this version provide updated functionality to attackers.

Christopher Morales, Accuvant

Christopher Morales is a solutions architect with Accuvant, where he identifies opportunities and risks for delivering Accuvant's solutions and services including identification of emerging markets, opportunities for innovation, and thought leadership. Morales has twelve years of experience in the security industry in roles including research, development, QA, support, training, delivery, and sales. Before joining Accuvant, Morales was a senior security engineer with McAfee, where he developed integration strategies for security solutions in key McAfee accounts. Prior to that, Morales served as a security solutions architect with IBM Internet Security Systems, and also held the role of senior systems administrator with Delta Technology, where he assisted in the upgrade of their network to Ethernet and implemented a server management strategy. Earlier in his career, Morales co-founded a company that developed business finance software and small business networks. Morales is a Certified Information Systems Security Professional.


Digital crime is a highly profitable trade driven by well structured and motivated criminal organizations that will use whatever means necessary to achieve their goals. Consideration should be made for the assumption that a certain percentage of systems will be infected and a methodology needed to indicate of infections within a reasonable time frame to mitigate the loss of information associated with a breach. The focus of this presentation is to discuss methods used for infection and techniques that can be used to assist in the detection of systems not protected by current controls and already infected.

Charles Riordan, Check Point Security Services

Charles Riordan is currently a Manager for Check Point Security Services whose background includes (over the past several years as) Senior Manager for Network Security and Compliance for a Global IT Services and Manufacturing Company and as Director of Network Security and Audits for the largest credit card / debit card processor in the world.

Charles is an IT Services professional with over 18 years' experience in:
  • IT Service Management
  • IT Governance - Risk Compliance
  • IT Control Processes
  • Information Systems Auditing - Managing the Auditors

Charles brings years of experience with PCI-DSS compliance assessments and remediation activities, as well as audits including SAS70, SOX for IT, and FFIEC.


  • Are the risks to your IT environment understood?
  • Is there an active IT Governance program in place?
  • What IT controls are in place to generate the Audit artifacts needed to support the above?
  • Are you compliant with the standards, laws, and/or regulations that pertain to your line of business?
  • Is your IT infrastructure secure?
  • Are the costs understood / constraints defined?

Billy Rios, Google

Billy Rios is currently a security researcher for Google where he studies emerging security threats and technologies. Before Google, Billy was a Security Program Manager at Microsoft where he helped
secure several high profile software projects including Internet Explorer. Prior to his roles at Google and Microsoft, Billy was a penetration tester, making his living by outsmarting security teams, bypassing
security measures, and demonstrating the business risk of security exposures to executives and organizational decision makers.

Before his life as a penetration tester, Billy worked as an Information Assurance Analyst for the Defense Information Systems Agency (DISA). While at DISA, Billy helped protect Department of Defense (DoD) information systems by performing network intrusion detection, vulnerability analysis, incident handling, and formal incident reporting on security related events involving DoD information systems. Before attacking and defending information systems, Billy was an active duty Officer in the United States Marine Corps.


So You Wanna Be a Bot Master?

Follow me as we explore the command and control software used by Bot Masters, analyze the tools used by the shadiest characters in the underground, and uncover data being stolen by bots from their unsuspecting victims. We'll dive into the source code and dissect the individual components of a real botnet command and control server. We'll also take a detailed look at what types of data the bots are after and how the bot gets the stolen data back to its master. All the software is real and all the data is genuine. You'll get to see the actual control consoles used by Bot Masters as they control an army of bots and learn to find these servers on the Internet.


Nov. 10, 2010
8:30 AM - 6PM (PT)


UC San Diego
Porter's Pub
9500 Gilman Drive
La Jolla, CA 92093

Security Day San Diego