HOME

TheInfoList



Click Here for Items Related To - Iftach Ian Amit
OR:
Iftach Ian Amit on:   [Wikipedia]   [Google]   [Amazon]

Iftach Ian Amit (Hebrew: יפתח איאן עמית) is an
Israeli Israeli may refer to: * Something of, from, or related to the State of Israel * Israelis, citizens or permanent residents of the State of Israel * Modern Hebrew, a language * ''Israeli'' (newspaper), published from 2006 to 2008 * Guni Israeli ( ...
Hacker A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
/
computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
researcher and practitioner. He is one of the co-founders of the Tel Aviv
DEF CON DEF CON (also written as DEFCON, Defcon or DC) is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyer ...
Group DC9723, the Penetration Testing Execution Standard, and presented at
hacker A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
conventions such as DEF CON,
Black Hat Black hat, blackhats, or black-hat refers to: Arts, entertainment, and media * Black hat (computer security), a hacker who violates computer security for little reason beyond maliciousness or for personal gain * Black hat, part of black and whi ...
,
BlueHat BlueHat (or Blue Hat or Blue-Hat) is a term used to refer to outside computer security consulting firms that are employed to bug test a system prior to its launch, looking for exploits so they can be closed. In particular, Microsoft uses the term ...
,
RSA Conference The RSA Conference is a series of IT security conferences. Approximately 45,000 people attend one of the conferences each year. It was founded in 1991 as a small cryptography conference. RSA conferences take place in the United States, Europe, Asia ...
. He has been named SC Magazine's top experts and featured at Narratively's cover piece on Attack of the Superhackers and is frequently quoted and interviewed


Career

Amit started his professional career in 1998 at the Israeli information security consultancy Comsec as a Unix and Internet Application consultant. In 2001 he moved to the US to work as a software architect at Praxell (later to be acquired by Datavantage, and then Micros). On 2004 Amit left the US to co-found Israeli startup BeeFence and served as its Chief Technology Officer. Then in 2006 he took position as the director of security research at the security vendor
Finjan Finjan Holdings (Finjan) is a company that focuses on the licensing of intellectual property. Finjan claims to own patented technology used in enterprise web security tools. Formerly a publicly traded company on NASDAQ (FNJN), it was acquired by t ...
, and a similar position in 2008 with
Aladdin Knowledge Systems Aladdin Knowledge Systems (formerly and ) was a company that produced software for digital rights management and Internet security. The company was acquired by Safenet Inc, in 2009. Its corporate headquarters are located in Belcamp, MD. Histor ...
. He then set out to serve as the vice president of consulting with Security-Art, and in 2012 took a position as director of services with the security consulting firm
IOActive IOActive is an independent research fueled security services firm active in several areas. They are known for reporting high severity security vulnerabilities in a variety of products. IOActive has offices in Seattle, London, Dubai and Madrid. IO ...
. Starting in 2014 he served as vice president of the social media cyber security startup ZeroFOX, after which in 2016 he became a manager with
Amazon.com Amazon.com, Inc. ( ) is an American multinational technology company focusing on e-commerce, cloud computing, online advertising, digital streaming, and artificial intelligence. It has been referred to as "one of the most influential econom ...
information security. Since 2018 he is serving as the Chief Security Officer of
Cimpress Cimpress plc is an American Irish-domiciled company that invests in and operates a wide variety of businesses that use mass customization to configure and produce small quantities of individually customized goods. Those products are sold to small ...
. He serves as a general director of the board of BSides Las Vegas, a Senior Advisory Board member of Axon Cyber, and an Advisory Board member of ZeroFOX.


Research

During his career, Amit focused his research on varying topics ranging from uncovering the business elements of cybercrime, through connecting state sponsored activities with criminal ones. He has contributed to one of the first research papers conducted on the
Stuxnet Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition ( SCADA) systems and is believed to be responsible for causing subs ...
worm, and was featured on the cover of the inaugural Pentest Magazine about the Penetration Testing Execution Standard (PTES). He also co-authored research with Aviv Raff on Windows Vista's inherently insecure Widgets, which were later removed from the operating system. In 2011, Amit and Itzik Kotler presented at DEF CON, demonstrating how a bot master could communicate with
botnets A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...
and with "zombie machines" using
VoIP Voice over Internet Protocol (VoIP), also called IP telephony, is a method and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. The terms Interne ...
conference calls. Their open-source software, Moshi Moshi, illustrated how they could send instructions to and receive data from botnets and infiltrated networks using any phone line (including payphones). This research was also based on his original research into advanced data exfiltration, in which he uncovered a method for side-channel data exfiltration through various channels - including phone lines and fax machines, and released an open source tool for it


Presentations


Keynote
BSidesTLV 2017
Keynote
BSidesCleveland 2016
Keynote
HackMiami HackMiami is a formal organization of information security professionals who host the annual international hacker conference that takes place in Miami Beach, FL known as the 'HackMiami Conference.' The organization has been involved in research ...
2016
Actionable Threat Intelligence
InfoSecWorld Orlando 2016
The Newest Elements of Risk Metrics
RSA Conference 2016
Actionable Threat Intelligence
BSidesLasVegas 2015

BlackHatUSA 2012


Publications and articles

* Contributed to NATO'
Assured Access to the Global Commons - Cyberspace Workshop
at the Cooperative Cyber Defence Centre of Excellence (CCD COE), October 2010.
Social Media Risk Metrics


Patents


Automated application security maturity modeling.


References

{{DEFAULTSORT:Amit, Iftach Ian Living people People in information technology Writers about computer security Year of birth missing (living people)