Paul Coggin

Senior Principal Cyber Security Analyst, Dynetics Inc (USA)

Paul Coggin is senior principal cybersecurity analyst with Dynetics. He is responsible for architecting and securing large complex tactical, critical infrastructure and service provider networks.

His expertise includes tactical, service provider, and ICS\SCADA network infrastructure hacker attacks, and defenses, as well as large complex network design and implementation. His experience includes leading network architecture reviews, vulnerability analysis, and penetration testing engagements for critical infrastructure and tactical networks.

Paul is a Cisco Systems certified Instructor #32230, certified EC-Council instructor, and certified SCADA security architect. He has a bachelor’s degree in mathematics, a master’s in computer information systems, and a master’s in information assurance and security. He is currently pursuing a master’s in system management. In addition he holds a wide array of certifications from Cisco, EC Council, ISC^2, and others.

Defending the Enterprise Against Network Infrastructure Threats

Learn about network attack vectors that an adversary can use to control, and influence network traffic flows and exfiltrate data by exploiting network devices and protocols in enterprise or service provider networks. Defensive methods and techniques for monitoring and protecting against the outlined attack vectors will be discussed.

This presentation explores advanced methods and techniques that the CISO, network and security architects and security auditors need to understand about network infrastructure and protocols. Understand how routing infrastructure can be compromised to enable sophisticated pivoting and exfiltration of data.

Know how to analyze often over looked network trust relationships, integration, dependencies and interdependencies in the enterprise and service provider network architecture. Review the architecture and operations for border gateway protocol (BGP) services with references to the recent BGP prefix hijacking attacks.

The discussion will cover how Multi-protocol Label Switch (MPLS) networks may be attacked without the Enterprise being aware of the event. Strategies for monitoring and securing enterprise networks including BGP and MPLS against the threats vectors presented will be discussed.

Presentation @DefCamp 2015