Ken Pickering - Medfield, Massachusetts, United States | Professional Profile | LinkedIn (original) (raw)
Activity
Licenses & Certifications
Sun Microsystems
Volunteer Experience
Member, Program Advisory Committee
ITT Technical Institute
Nov 2012 - Dec 2016 4 years 2 months
Education
Involved in curriculum and student advisement.
Publications
Workshop on Problem Solving using Classical Planners (CP4PS) at AAAI 2012 Conference. July 22, 2012
Penetration Testing (in short pentesting) is a methodology for assessing network security, by generating and executing possible hacking attacks. As pentesting tools have evolved and have become more complex, covering new attack vectors, and shipping an increasing number of exploits, the problem of controlling the pentesting solution successfully became an important question. A computer-generated plan for an attack would isolate the user from the complexity of selecting suitable exploits for the…
Penetration Testing (in short pentesting) is a methodology for assessing network security, by generating and executing possible hacking attacks. As pentesting tools have evolved and have become more complex, covering new attack vectors, and shipping an increasing number of exploits, the problem of controlling the pentesting solution successfully became an important question. A computer-generated plan for an attack would isolate the user from the complexity of selecting suitable exploits for the hosts in the target network. Additionally, the possibility of incorporating an attack planning phase to the tool would allow for optimizations based on exploit running time, reliability, or impact on Intrusion Detection Systems.
In this talk, we will discuss the difficulties of solving this attack planning problem, and present the first industrial-scale solution that we obtained by integrating our pentesting tool with a classical planner. The basic idea was to model the actions available in the pentesting tool (namely exploits) and the information about the target network (machines, connectivity, operating systems, and running applications) in the PDDL language. This PDDL model allowed us to evaluate different planners until we decided to use Metric-FF (developed by Jörg Hoffman), based on its performance. As a result, we were able to obtain plans that minimize the average runtime of the attacks in real-world scenarios.
See publication
Core Security Blog April 12, 2012
The government ruling that “code theft” does not constitute as actual criminal theft might not seem at first to be a huge deal. But in reality – at least to software companies that produce their own intellectual property – it does pose a significant challenge.
See publication
Core Security Blog February 28, 2012
Google Inc recently posted a challenge offering up to $1M to successful hackers at CanSecWest who can hack the Chrome Web Browser. In contrast to Adobe’s recent decry of the ethical hacking movement, Google seems to have gone the opposite direction and embraced the independent security community.
See publication
Core Security Blog February 14, 2012
Valentine’s Day! The day we show the affection to those special to us in our lives… and a day many will click on emails that are e-cards, special offers or social networking invites.
It’s no secret that those that seek to infiltrate our networks will use social trends and *gasp* a holiday representing goodwill.
See publication
Core Security Blog January 19, 2012
Yesterday’s ‘technology blackout’ was a pretty profound moment for our industry. Not often do corporations align their political and policy views.
See publication
Core Security Blog January 17, 2012
I wanted to talk a little about why I (and the rest of my team) like working on our Insight product this week. There are very few times in someone’s career where they can work on something that’s technologically cutting edge AND addressing an industry need.
See publication
Core Security Blog December 20, 2011
Once again, the government has shown themselves to be uneducated when it comes to forming technology policy. SOPA has very deep impact on the Internet at large, and gives the US government the ability to regulate search and content providers who (under the mysterious clarification) are distributing or linking to copyrighted content (be it movies or even images a holder wishes to enforce).
See publication
Patents
Digital Debt Obligiation Transaction System to Facilitate Non-Cash Payments Without Using Personally Identifiable Information Data
Filed June 6, 2014 US 62/008,964
Projects
CoreSec
Nov 2012
Worked as a part of the control service team on adding a feature that enabled customized search for the user. Did mainly core Java programming. Work also involved interacting with the products database using SQL, unit testing, and having a working knowledge of Hibernate and Spring frameworks.
Other creators
Dec 2009 - Present
Preempt business risk with predictive security intelligence
CORE Insight™ Enterprise is the first security intelligence solution that enables you to continuously predict IT security threats and preempt business risk. By combining advanced threat simulation with real-world threat replication, Insight allows you to:
- Improve security, optimize budgets and increase efficiency
- Predict threats without disrupting operations
- Reveal the business implications of security…
Preempt business risk with predictive security intelligence
CORE Insight™ Enterprise is the first security intelligence solution that enables you to continuously predict IT security threats and preempt business risk. By combining advanced threat simulation with real-world threat replication, Insight allows you to:
- Improve security, optimize budgets and increase efficiency
- Predict threats without disrupting operations
- Reveal the business implications of security exposures
- Eliminate data overload and gain actionable information
- Connect real risks to specific operational and business goals
- Make the right decisions to ensure business continuity
Other creators
Languages
English
Native or bilingual proficiency
Recommendations received
More activity by Ken
Other similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Others named Ken Pickering in United States
30 others named Ken Pickering in United States are on LinkedIn
See others named Ken Pickering