Security Nation, S3 E15

Beau Woods and Fotios Chantzis Discuss Their New Book, "Practical IoT Hacking"

March 31, 2021

 

In our latest episode of Security Nation, we speak with Beau Woods and Fotios Chantzis about their newly released book, "Practical IoT Hacking." Stick around for our Rapid Rundown, where Tod encourages listeners to patch their Apple iOS devices against the recently announced WebKit bug, and to not panic about PHP's compromised Git server.

Appears on This Episode

Beau Woods
Senior Advisor with CISA, Cyber Safety Innovation Fellow with the Atlantic Council, a leader with the I Am The Cavalry grassroots initiative, Founder/CEO of Stratigos Security
Beau Woods is a Senior Advisor with CISA, Cyber Safety Innovation Fellow with the Atlantic Council, a leader with the I Am The Cavalry grassroots initiative, Founder/CEO of Stratigos Security, and sits on the board of several non-profits. His work bridges the gap between the security research and public policy communities, to ensure connected technology that can impact life and safety is worthy of our trust. He formerly served as Entrepreneur in Residence with the US FDA, and Managing Principal Consultant at Dell SecureWorks. Over the past several years in this capacity, he has consulted with the energy, healthcare, automotive, aviation, rail, and IoT industries, as well as cybersecurity researchers, US and international policymakers, and the White House. Beau is a published author, frequent public speaker, often quoted in media, and is often engaged for public or private speaking venues.
Fotios Chantzis
Fotios (Fotis) Chantzis (@ithilgore) is laying the foundation for a safe and secure Artificial General Intelligence (AGI) at OpenAI. Previously, he worked as a principal information security engineer at Mayo Clinic, where he managed and conducted technical security assessments on medical devices, clinical support systems, and critical healthcare infrastructure. He has been a member of the core Nmap development team since 2009, when he wrote Ncrack under the mentorship of Gordon “Fyodor” Lyon, the original author of Nmap, during the Google Summer of Code. He later worked as a mentor for the Nmap project during the Google Summer of Code 2016 and 2017 and has authored a video course about Nmap. His research on network security includes exploiting the TCP Persist Timer (you can find his paper on the topic published in Phrack #66) and inventing a stealthy port scanning attack by abusing XMPP. Fotis has presented at notable security conferences, including DEF CON. Highlights of his work can be found at his site https://sock-raw.org/.
Jen Ellis
Vice President, Community and Public Affairs

Jen Ellis is the vice president of community and public affairs at Rapid7. Jen’s primary focus is on creating positive social change to advance security for all. She believes that it is critical to build productive collaboration between those in the security community and those operating outside it, and to this end, she works extensively with security researchers, technology providers, operators, and influencers, and various government entities to help them understand and address cybersecurity challenges. She believes effective collaboration is our only path forward to reducing cyber attacks and protecting consumers and businesses. She has testified before Congress and spoken at a number of security industry events including SXSW, RSA, Derbycon, Shmoocon, SOURCE, UNITED, and various BSides.

Tod Beardsley
Research Director, Rapid7

Tod Beardsley is the director of research at Rapid7. He has over 20 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT Ops and IT Security positions in large organizations such as 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Today, Tod directs the myriad security research programs and initiatives at Rapid7. He can be uniquely identified at https://keybase.io/todb.

About the Security Nation Podcast

Security Nation is a podcast dedicated to celebrating the champions in the cybersecurity community who are advancing security in their own ways. We also cover the biggest events in security that you should know about. In each episode, host Jen Ellis (@infosecjen) sits down with a guest so they can share their stories, what worked, what didn’t, and what you can learn from their initiative so maybe we can inspire you to do something new, while Tod Beardsley breaks down the biggest security headlines of the week. 


View all Security Nation episodes