Core Security Selected to Present at NDSS Symposium 2009


Security Expert Ivan Arce to Discuss “Penetration Testing for Grown Ups”

BOSTON, MA - January 12, 2009 - Core Security Technologies, provider of the CORE IMPACT family of  comprehensive enterprise security testing solutions, today announced that Ivan Arce, CTO of Core Security, has been selected to serve as keynote speaker at the upcoming NDSS (Network & Distributed System Security) Symposium 2009 from February 8-11. NDSS'09 will bring together innovative and forward-thinking members of the Internet community - including leading-edge security researchers and implementers, globally-recognized security technology experts, and experienced professionals from both the private and public sectors - who design, develop, exploit, and deploy the new and emerging technologies that define network and distributed system security. The three day program will feature refereed paper presentations, punctuated with selected invited talks on security as it is applied in the field.


Presentation Details

Who: Ivan Arce, CTO of Core Security Technologies

What: Penetration Testing for Grown Ups

Where: The Catamaran Resort Hotel and Spa, San Diego CA, USA

When: Monday, February 9, 2009, 9:00 am

Presentation Abstract

Penetration testing is over 30 years old and for most of its history has been deemed a costly, obscure and narrowly focused security practice that offers limited value and can be delivered only by very technically skilled security teams.  However, the appearance in the early 2000’s of commercial penetration testing software, open source exploit authoring tools and more formalized testing methodologies signaled a  trend towards industrialization and more widespread adoption of the practice.

This growing embracement of penetration testing software and standardized methodologies, and their underlying philosophies, represents a shift in the way of approaching security at the operational and tactical levels. To transcend the perception of being simply a “badness-o-meter” and evolve into the more respectable status of being considered a key component of one’s overall security strategy, numerous technical, scientific and epistemological dilemmas must be addressed and, hopefully, solved.

This talk will explore the advancement of penetration testing over the last decade, as well as the current challenges and opportunities – and the open and unexplored territory – that grown up, truly professional security practitioners will face in the next ten years.


Ivan Arce, CTO and co-founder of Core Security Technologies, is responsible for setting   the company’s technical direction and oversees the development, testing and deployment of CORE IMPACT comprehensive security testing software solutions. He also helps guide Core’s leading-edge security research efforts and drives advancement of its threat expertise across the company's CoreLabs, Security Consulting Services and Engineering groups. Arce also writes for numerous technical publications, speaks frequently at industry events and is regularly quoted in leading industry publications. He currently serves as Associate Editor of the IEEE Security & Privacy Magazine.

About CoreLabs

CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. It conducts its research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing and cryptography. Its results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at:

About Core Security Technologies

Core Security Technologies is the leader in comprehensive security testing software solutions that IT executives rely on to expose vulnerabilities, measure operational risk and assure security effectiveness. The company’s CORE IMPACT product family offers a comprehensive approach to assessing the security of network systems, endpoint systems, email users and web applications against complex threats. All CORE IMPACT security testing solutions are backed by trusted vulnerability research and leading-edge threat expertise from the company’s Security Consulting Services, CoreLabs and Engineering groups. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at:


Justin Drake or Megan Prock

Schwartz Communications


Mon, January 12