Tim Wadhwa-Brown

Tim joined Cisco as part of their acquisition of Portcullis for whom he worked for almost 12 years, primarily focussed on UK CNI. 8 years on, Tim has contributed to a number of Cisco’s services programmes relating to risk and compliance, secure development and threat-informed defense. In the last year, Tim has been focussed on developing Cisco's strategic response to the NIS2 Directive, DORA and the Telecom Security Act.

Outside of the customer driven realm of information assurance, Tim is also a prolific offensive researcher with papers on UNIX, Windows and web application security to his name. Tim is credited with publishing almost 150 vulnerability advisories and is a regular contributor to MITRE ATT&CK, acting as an SME for Linux techniques. Tim particularly like to bug hunt enterprise UNIX solutions.


Session

12-14
16:35
45min
Building the ATT&CK pipeline for Linux
Tim Wadhwa-Brown

ATT&CK is a game changer and where it works, it can enable both blue and red teams to co-exist and work effectively together. However, what do attackers on Linux do when bitcoin miners aren't their motivation? This talk looks at how the linux-malware repo came to take shape and how I've used it to inform both MITRE and Cisco's view on adversarial behaviour over the last three years.

Main talk track
Clappy Monkey Track