Password crackers are an indispensable tool of security penetration test teams, but they don’t actually “crack” passwords. They guess, and they guess really fast. However, fast is not good enough to crack most passwords. It can take a long time to get the data the customer needs to really understand why fixing a weak password policy is worth the trouble. Enter ByePass; an automation software with enough smarts to learn how users are forming their passwords in order to make password audits fast and effective…and help make security penetration tests effective at showing decision-makers the benefits of better security.

Presented by:

Jeremy Druin
Principal Security Architect, Owner of Ellipsis Information Security
OSCP, GISF, GSEC, GCIH-GOLD, GWAPT-GOLD, GPEN-GOLD, GMOB, GXPN-GOLD, Sec+

Jeremy works as the Principal Security Architect for UPS where he created the application security, bug bounty and penetration testing programs. Jeremy is also the owner of Ellipsis Information Security where he provides security testing services and teaches secure application development and penetration testing courses.

As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on various information security topics along with operating the “webpwnized” YouTube video channel. Additionally, Jeremy develops the open-source OWASP Mutillidae II training environment.

Jeremy has a Bachelors in Computer Science from Indiana University, a Graduate Certificate in Cybersecurity and Masters in Computer Science from the University of Louisville and is a GIAC-certified Web Application, Mobile and Network Security Penetration Tester.