Gordon MacKay, CISSP
Gordon MacKay, CISSP, serves as Executive Vice President and Chief Technology Officer (CTO) for Digital Defense, Inc. (DDI). He leads the technology roadmap, as well as the Cloud Platform Development and Vulnerability Research teams.
As CTO, MacKay applies mathematical modeling and engineering principles in investigating novel solutions to many of the technological challenges within the automated vulnerability management space. In 2013, MacKay’s solution to matching network discovered hosts within independent vulnerability assessments across time resulted in achieving patent-pending status for the company’s scanning technology host reconciliation process.
Prior to joining DDI, MacKay held several research and development leadership positions at Alcatel USA and led the Call Server Database Team with the inception and design of a real time in-memory database used in the Alcatel Softswitch.
MacKay has presented at numerous security related conferences, including RSA, and his expertise has been featured by top national and international media outlets such as FOX Business, Softpedia, IT World Canada and others. He enjoys using creative real world analogies, as well as using Star Trek references in the content of his presentations and communications.
He holds a Bachelor's degree in Electrical Engineering, Computer Engineering from McGill University, Montreal Canada. MacKay serves as a Distinguished Fellow for the Ponemon Institute.
08/03/2015 » CVE-2015-5600
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list. [READ ME]