Dave Aitel

Last updated
Dave Aitel at Infiltrate 2012 Dave Aitel Infiltrate 2012.jpg
Dave Aitel at Infiltrate 2012

Dave Aitel (born 1976) is a computer security professional. He joined the NSA as a research scientist aged 18 where he worked for six years before being employed as a consultant at @stake for three years. [1] [2] In 2002 he founded a security software company, Immunity, where he was the CTO [3] up until December 31, 2020. [4]

Aitel co-authored several books:


He is also well known for writing several security tools:

Dave Aitel is an infrequent guest on the Fox News Channel where he provides commentary on information security news. [5]


Related Research Articles

<span class="mw-page-title-main">Hacker</span> Person skilled in information technology

A hacker is a person skilled in information technology who achieves goals by non-standard means. Though the term hacker has become associated in popular culture with a security hacker – someone with knowledge of bugs or exploits to break into computer systems and access data which would otherwise be inaccessible to them – hacking can also be utilized by legitimate figures in legal situations. For example, law enforcement agencies sometimes use hacking techniques to collect evidence on criminals and other malicious actors. This could include using anonymity tools to mask their identities online and pose as criminals. Likewise, covert world agencies can employ hacking techniques in the legal conduct of their work. Hacking and cyber-attacks are used extra-legally and illegally by law enforcement and security agencies, and employed by state actors as a weapon of legal and illegal warfare.

<span class="mw-page-title-main">Kevin Mitnick</span> American hacker (1963–2023)

Kevin David Mitnick was an American computer security consultant, author, and convicted hacker. He is best known for his high-profile 1995 arrest and five years in prison for various computer and communications-related crimes. Mitnick's pursuit, arrest, trial, and sentence along with the associated journalism, books, and films were all controversial. After his release from prison, he ran his own security firm, Mitnick Security Consulting, LLC, and was also involved with other computer security businesses.

<span class="mw-page-title-main">L0pht</span> American hacker collective

L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. The L0pht was one of the first viable hackerspaces in the US, and a pioneer of responsible disclosure. The group famously testified in front of Congress in 1998 on the topic of ‘Weak Computer Security in Government’.

<span class="mw-page-title-main">Hacktivism</span> Computer-based activities as a means of protest

Internet activism, hacktivism, or hactivism, is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. With roots in hacker culture and hacker ethics, its ends are often related to free speech, human rights, or freedom of information movements.

<span class="mw-page-title-main">Fravia</span>

Francesco Vianello, better known by his nickname Fravia, was a software reverse engineer, who maintained a web archive of reverse engineering techniques and papers. He also worked on steganography. He taught on subjects such as data mining, anonymity and stalking.

<span class="mw-page-title-main">Phishing</span> Form of social engineering

Phishing is a form of social engineering and scam where attackers deceive people into revealing sensitive information or installing malware such as ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Center reporting more incidents of phishing than any other type of computer crime.

Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs: conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.

<span class="mw-page-title-main">Social engineering (security)</span> Psychological manipulation of people into performing actions or divulging confidential information

In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests."

<span class="mw-page-title-main">Mark Abene</span> American InfoSec expert and former hacker

Mark Abene is an American information security expert and entrepreneur, originally from New York City. Better known by his pseudonym Phiber Optik, he was once a member of the hacker groups Legion of Doom and Masters of Deception.

Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware. Vulnerabilities can be exploited by a threat actor, such as an attacker, to cross privilege boundaries within a computer system. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerabilities are also known as the attack surface. Constructs in programming languages that are difficult to use properly can also manifest large numbers of vulnerabilities.

A penetration test, colloquially known as a pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. The test is performed to identify weaknesses, including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed.

ATstake, Inc. was a computer security professional services company in Cambridge, Massachusetts, United States. It was founded in 1999 by Battery Ventures and Ted Julian. Its initial core team of technologists included Dan Geer and the east coast security team from Cambridge Technology Partners.

<span class="mw-page-title-main">Black Hat Briefings</span> Computer security conference

Black Hat Briefings is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world. Black Hat brings together a variety of people interested in information security ranging from non-technical individuals, executives, hackers, and security professionals. The conference takes place regularly in Las Vegas, Barcelona, London and Riyadh. The conference has also been hosted in Amsterdam, Tokyo, and Washington, D.C. in the past.

A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering, challenge, recreation, or evaluation of a system weaknesses to assist in formulating defenses against potential hackers.

Crack is a Unix password cracking program designed to allow system administrators to locate users who may have weak passwords vulnerable to a dictionary attack. Crack was the first standalone password cracker for Unix systems and the first to introduce programmable dictionary generation as well.

BorderManager is a multi purpose network security application developed by Novell, Inc. BorderManager is designed as a proxy server, firewall, and VPN access point. Novell has announced that migration to SuperLumin 4.0 Proxy Cache is "Novell's preferred firewall and proxy solution for NetWare customers upgrading to Novell Open Enterprise Server on Linux."

<span class="mw-page-title-main">Jeremy Hammond</span> American political activist and hacker

Jeremy Hammond is an American anarchist activist and former computer hacker from Chicago. He founded the computer security training website HackThisSite in 2003. He was first imprisoned over the Protest Warrior hack in 2005 and was later convicted of computer fraud in 2013 for hacking the private intelligence firm Stratfor and releasing data to WikiLeaks, and sentenced to 10 years in prison.

Dr. Herbert Hugh Thompson is a computer security expert, an Adjunct Professor in the Computer Science Department at Columbia University, and the Chief Technology Officer of Symantec. He is also the Program Chairman of RSA Conference the world's largest information security conference with over 25,000 attendees annually. Thompson is the co-author of a book on human achievement titled The Plateau Effect: Getting from Stuck to Success published by Penguin in 2013 and has co-authored three books on information security including, How to Break Software Security: Effective Techniques for Security Testing published by Addison-Wesley, and The Software Vulnerability Guide published by Charles River 2005. He is perhaps best known for his role in exposing electronic voting machine vulnerabilities as part of the HBO Documentary Hacking Democracy. He was named one of the "Top 5 Most Influential Thinkers in IT Security" by SC Magazine and has been referred to by the Financial Times as "One of the world’s foremost cryptology and internet security experts."

Trellix is a privately held cybersecurity company that was founded in 2022. It has been involved in the detection and prevention of major cybersecurity attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks.

References

  1. Canvassing all security cracks. Retrieved on April 16, 2008.
  2. Aitel, Dave. 0days: How hacking really works Archived 2016-10-20 at the Wayback Machine . Retrieved on July 8, 2007.
  3. Immunity company information Archived 2007-07-01 at the Wayback Machine . Retrieved on July 8, 2007.
  4. ""Is it done yet? Boom! Typey Typey!" - Dailydave - mm4.emwd.com". lists.aitelfoundation.org. Retrieved 2021-01-01.
  5. Aitel, Dave. "Cyber security: National security vs. personal freedom". Fox News. Retrieved 21 August 2012.