Securing Your Attack Surface

Every hack starts with a point of entry: a weakness that enables a hacker to gain a foothold in your technology environment. Cybercriminals exploit software vulnerabilities in your Internet-facing systems, send phishing emails to staff, or target your cloud infrastructure. In this talk, we’ll show you how to identify your attack surface, and provide critical tips for reducing your risk. We’ll cover:

  • Attack surface enumeration
  • Open-source intelligence (OSINT) gathering
  • Mapping your Internet-facing perimeter, using tools like Shodan and more.
  • Hacker exploit kits and how they integrate new zero-day vulnerabilities
  • Identifying and managing vulnerabilities, using Tenable as an example
  • Planning your zero-day vulnerability response

Join us to learn how to secure your attack surface and keep hackers at bay!


Matt Durrin
Director of Training and Research
LMG Security

Matt Durrin is the Director of Training and Research at LMG Security and a Senior Consultant with the organization. He is an instructor at the international Black Hat USA conference, where he has taught classes on ransomware and data breaches. Matt has conducted cybersecurity seminars, tabletop exercises and classes for thousands of attendees in all sectors, including banking, retail, healthcare, government, and more. He is also the co-author of a new book, Ransomware and Cyber Extortion: Response and PreventionA seasoned cybersecurity and IT professional, Matt specializes in ransomware response and research, as well as deployment of proactive cybersecurity solutions. Matt holds a bachelor’s degree in computer science from the University of Montana, and his malware research has been featured on NBC Nightly News.

Tom Pohl
Penetration Testing Team Manager & Senior Cybersecurity Consultant
LMG Security

Tom is a seasoned hacker and the winner of many hacking competitions including Wild West Hackin’ Fest, Circle City Con, THOTCON, BSidesLV, and DEFCON. Tom is a seasoned presenter at major security conferences such as DEFCON, BSidesLV, CornCon, and SecDSM and he has led technical training classes for many organizations. In addition, Tom also discovered several vulnerabilities that have been covered in a number of major industry publications. Tom leverages his wealth of experience to support LMG Security’s customers as the Penetration Testing Team Manager and a Senior Cybersecurity Consultant. Prior to working for LMG, Tom was the head of software architecture at Businessolver for nearly 20 years..