Nick Dunn, IOActive Senior Security Consultant, will be speaking at this year’s SteelCon, taking place July 11 – 13 in Sheffield, UK. The abstract of Nick’s talk, ‘COBOL Security Review for Fun and Profit,’ can be found below!
ABSTRACT
Despite their dull reputation, mainframe systems offer fun-filled potential for security and sometimes have surprising levels of vulnerability considering the amounts of money being moved around. Also, using a terminal with green text on a black background will impress your friends.
This talk is being presented as despite their frequently predicted demise, mainframes are still here. This means that COBOL is also still here (despite similar predictions).
The talk covers the overlooked concept of COBOL code security reviews to compensate for a lack of publicly available information. For added amusement it also discusses how supposedly secure systems are sometimes more vulnerable than appreciated once a few basic things are understood.