TalTech November Luncheon - Web Security

TalTech Corporate Member Embarq/CenturyLink brings to Tallahassee a expert resource in the IT security industry, Brent Huston of Microsolved, Inc.

As CEO and Security Evangelist of his own information security company, MicroSolved, Inc., Brent Huston and his staff have performed system and network security-consulting services for Fortune 500 companies, international telecomm firms and major financial institutions. His professional experience exceeds fifteen years in the information security field. To date, he has performed hundreds of vulnerability assessments and penetration tests against target organizations such as banks, credit unions, financial companies, e-commerce sites, critical infrastructure, federal/state/local governments and military/national security installations. He is well versed in the use and implementation of all major security tools, standards and systems and has developed the primary assessment methodologies in use at MicroSolved and the US Department of Energy.

He is an accomplished computer and information security speaker and has published numerous white papers on security-related topics. He is the Co-Author and Technical Editor of the book “Hack Proofing Your E-Commerce Site” from Syngress Publishing and has been a weekly columnist with ITWorld.com for more than five years. He also acts as a senior editor and technical advisor for MicroSolved’s MSI::Labs offering leveraged by Information Security Magazine for product reviews and assessments.

Mr. Huston was previously engaged with the Office of Independent Oversight and Performance Assurance in Columbus, Ohio. He was responsible for designing and implementing a state-of-the-art cyber security testing and research lab for this office and several Department Of Energy national laboratories have utilized his expertise to perform network penetration and detection services.

Brent Huston earned his Associate of Applied Science degree in Electronics at DeVry University (Columbus, Ohio) in 1994. He demonstrates a highly involved knowledge of cyber security testing, network monitoring, scanning protocols, firewalls, malware and malware prevention formats, incident response, forensic computing and attacker techniques. His extraordinary insight into attacker tactics and strategies has lead to widespread recognition and the critically acclaimed “State of the Threat” presentations that he performs on a quarterly basis to audiences around the globe.

In the past, he developed “Passys” a passive intrusion detection system for Unix and has also identified previously unknown security vulnerabilities in various applications, network devices and multiple operating systems. He was involved in the laboratory testing of major firewall appliances at his company’s central Ohio facilities. This testing was to prove the worthiness of each appliance, as well as possible vulnerabilities that had not as yet been established by their parent companies. He reported his results both to the individual product companies and at the BlackHat conference. He has twice been a speaker at Defcon and has presented at several other national, regional and industry specific conferences around the world.

He is also the author of the HoneyPoint line of security products and he leads a team of honeypot engineers and security researchers who provide threat and vulnerability intelligence to banks, governments and other working groups. He is currently developing new technologies and methodologies for understanding and communicating security vulnerabilities and threat models.

His professional titles include:
- Certified in Homeland Security – Level III
- Internet Security Systems Certified Engineer
- Sidewinder Firewall Certified Administrator
- IBM Secure Network Gateway Certified Administrator
- Principal Engineer for the V-One Corp. (SmartGate/SmartPass and Smart Wall products)
- Phoenix Firewall Certified Engineer
- President/CEO of MicroSolved, Inc. (Columbus, Ohio) since 1992
- DOE Senior Cyber Security Penetration Testing Expert
- Witness, United States Congress, Energy and Commerce Committee (twice)
- Secretary’s Excellence Award Recipient, United States DOE

His past projects include:
- Development of an automated penetration platform
- Further integration of new standards and tools into the MicroSolved proprietary Rapid Assessment Methodology (RAM) and Deploy And Assess Methodology (DAAM)
- Creation of a methodology for comparing common “best practice” baselines against one another and against deployed policies within an organization
- Development of an automated Threat Intelligence monitoring and communication system called “WatchDog” in use globally today by more than 50,000 users
- Authored Personal Security Assistant (PSA) – the industry leading security awareness client

His current projects include:
• New HoneyPoint implementations for studying attacker behavior and identifying new techniques
• Vulnerability research in critical infrastructure systems and applications
• Communication of threat models and vulnerabilities through abstraction methodologies
• Development of a working model for threat and vulnerability prediction