Ross will demonstrate his recently created utility called WebStor that quickly enumerates all websites and web technologies across the networks of even the most large and disorganized organizations (like, perhaps, most universities). It can be useful for quickly identifying websites and technologies with zero-days.
TLDR: Those times when you need to quickly create or use some custom script to identify where you have web technology vulnerable to a new zero-day, or even when you need to use your vulnerability scanner across all your hosts with some fresh-out-of-the-oven plugin to identify the presence of a zero-day, the process will take hours if you have a lot of networks and hosts to cover. WebStor can reduce that to seconds.
Questions from attendees are encouraged.
Ross Geerlings, Product Manager for Penetration Testing, Vulnerability Management, Data Loss Prevention (University of Michigan)
Ross Geerlings (CISSP, OSCP, GXPN) is an experienced IT security professional with a history of tailoring solutions for organizations to enhance security capabilities and mitigate institutional risk. He serves as the product manager for data loss prevention, penetration testing, and vulnerability management at the University of Michigan, and is the President of Seeker, LLC, a software company that makes SeekerDLP sensitive data discovery software.
Information Sharing Guidance: TechBursts marked with "MG" are open to members and hosted trusted guests of members. Because access to MG TechBursts require authentication with a REN-ISAC user-ID and password, guests must view the webcast with the member present. One marked "Pb" are open to the public . Ones not marked with MG or Pb are available to members only.