Vladimir Daschenko

Head of Vulnerability Research Team, Kaspersky Lab

About speaker

Vladimir heads the vulnerability research team at Kaspersky Lab ICS CERT. His interests include finding vulnerabilities in industrial automation systems and smart devices. He is also a regular speaker at industry conferences on security.  
November 16
13:00 — 14:00
Main Track
It is conventional wisdom that the right approach to doing things is to «Trust but verify». However, corporate solutions often use only the former part of this principle. Third-party code, specifically a license manager (a small software or USB token), can create a huge security problem for otherwise exceptionally well protected corporate systems. Last year, the Kaspersky Lab ICS CERT team analyzed a hardware-based licensing solution — HASP tokens by Gemalto. This time, we will talk about our latest research into the popular Flexnet solution by Flexera. What we found included logical DoS, logical LPE, RCE, that sort of thing... We will show how these three-letter abbreviations can get the best of even the most secure corporate or financial systems, industrial automation systems, etc.