How would a highly skilled and highly motivated hacker attack an application and system they had never seen before? Perhaps a critical infrastructure control system that some entity is willing to pay to have taken down or have access to or even control remotely.

This was the talk we wanted for our S4 2008 Day Two Keynote. So who fits that highly skilled profile and is respected by hackers of all hat colors? The answer – Dave Aitel of Immunity Inc.

Dave Aitel has worked at the US National Security Agency, the consulting firm @stake (now Symantec), and is the founder and CTO of Immunity, Inc. He is known for groundbreaking vulnerability research as the:

• author of the first block-based protocol tester, SPIKE

• co-author on The Shellcoder’s Handbook which is the go-to book for learning how to write exploits and buffer overflows.

• As CTO of Immunity, Mr. Aitel has helped launch the first Vulnerability Sharing Club, an exploit-focused debugger, a visual language for writing buffer overflows, SILICA, a hacking tool that fits in your pocket, and Immunity’s flagship product, a penetration testing toolkit, CANVAS.

I’ve been a long time lurker on his DailyDave where top hacking talent comment on a variety of vulnerability and exploit issues. Dave and Immunity Inc. also teach courses on developing exploits including a relatively new course on exploiting heap overflows. Remember from S4 2007 that some of the ICCP server vulnerabilities were heap overflows.

This keynote will amaze and be eye-opening for many S4 attendees with a lot of technical meat. I’m sure even the top control system security talent will learn a thing or two from this keynote.

See the Full S4 2008 Agenda

Register for S4 2008