Sponsors

Diamond SponsorsBack to Top

•  

  Qualys, Inc. is the pioneer and leading provider of information security and compliance cloud solutions with 5,500+ customers in 85 countries, including 51 of the Forbes Global 100. The QualysGuard Cloud Platform and integrated suite of applications helps businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).

  For more information, please visit www.qualys.com

  
  
•  

  Microsoft is proud to be a continuing sponsor of the Black Hat Security conference. We appreciate Black Hat providing a unique forum in which security researchers from all over the world, IT Pros and industry luminaries can gather to share insights, knowledge and information to advance security research.

  Microsoft remains dedicated to software security and privacy and continues to collaborate with the community of people and technology organizations helping to protect customers and the broader ecosystem, Microsoft is also dedicated to software security and privacy.

  Since the onset of Trustworthy Computing we have fostered a culture of security within Microsoft that includes developing secure code, building strong relationships with industry researchers and partners, and providing guidance to help protect customers. We would like to thank all of the customers, partners and security researchers who have worked with us to advance the state of the art in security science. Only by working together with partners, researchers and the community can we all ensure the advancement and success of the technology industry.

  www.microsoft.com/security

  
  
•  

  Lookingglass Cyber Solutions is the world leader in over-the-horizon (OTH) cyber threat suppression, whose revolutionary solutions deliver deep visibility into the Internet threat landscape. With its ScoutVisionTM and CloudScoutTM solutions, Lookingglass offers alert and warning capabilities that empower customers to continuously monitor for over the horizon threats, such as the presence of botnets, hosts associated with cyber criminal networks, unexpected route changes and the loss of network resiliency. Lookingglass' outside-in approach accounts for a client's entire enterprise cyber ecosystem including the extended enterprise, and other networks beyond their control. This oversight ensures business partners or service providers are not the proximate cause of security breaches or data loss. For more information, visit www.LGScout.com

  
  

Platinum SponsorsBack to Top

•  

  Accuvant LABS is the world's best and most respected attack and penetration team. Since 2002, Accuvant LABS has provided penetration testing, application and enterprise security assessments, vulnerability research and training to more than 2,000 clients across industry verticals. Experts from the team have won numerous awards and been featured in articles published by the Ars Technica, Associated Press, SC Magazine, CSO Magazine, and New York Times, among others, and regularly speak at national information security conferences.

  
  
•  

  Blue Coat Systems is a leading provider of Web security and WAN optimization solutions. Blue Coat offers solutions that provide the visibility, acceleration and security required to optimize and secure the flow of information to any user, on any network, anywhere. This application intelligence enables enterprises to tightly align network investments with business requirements, speed decision making and secure business applications for long-term competitive advantage. Blue Coat also offers service provider solutions for managed security and WAN optimization, as well as carrier-grade caching solution s to save on bandwidth and enhance the end-user Web experience. For additional information, please visit: www.bluecoat.com

  
  
•  
  The Power of Thinking Ahead

  As the leading provider of predictive security intelligence solutions, CORE Security answers the call of organizations demanding a proactive approach to eliminating business risk. Our solutions empower customers to think ahead, take control of their security infrastructure, and predict and prevent IT security threats.

  Organizations have to predict security threats – not just react to them

  Today, the majority of security spending is focused on solutions that take defensive or reactive approaches to threats. As a result, security teams are saddled with overwhelming amounts of disparate security data, tools that don't communicate, and alerts that sound only after the damage has been done. Organizations that seek to survive and thrive must go on the offensive and predict and preempt threats before it's too late.

  We empower organizations to preempt business risk

  At CORE Security, we believe the greatest risk organizations can take is to remain reactive to IT security threats. We therefore enable our customers to proactively identify critical threats and reveal risk in the context of specific business objectives, operational processes, and regulatory mandates. As a result, security teams not only predict threats but also more effectively communicate their implications to peers in the line of business.

  CORE Security Solutions CORE Insight Enterprise:
  Enterprise-class predictive security intelligence platform

  • Business risk identification, validation and prioritization
  • Continuous threat simulation
  • Proactive threat replication

  CORE IMPACT Professional:
  Comprehensive vulnerability assessment and testing software

  • Real-world, exploit-based security testing
  • Network, web, client-side, wireless & mobile coverage

  CORE WebVerify:
  Web application testing software

  • Automated testing of custom web sites and applications
  • Proactive identification of OWASP Top 10 threats

  CORE CloudInspect:
  Security testing SaaS for Amazon AWS cloud deployments

  • Affordable, on-demand cloud security assessment
  • No prior Amazon authorization required

  CORE Services

  • Security consulting services
  • Product implementation services
  • Onsite and online training
  • Customer support (24/7 available)

  CORE Security Benefits
  Align with corporate goals

  • Protect brand, reputation and valuation
  • Retain customers and avoid fines / penalties

  Align with performance objectives

  • Prevent system downtime
  • Mitigate risks to intellectual property and customer data

  Comply with policies and regulations

  • Address PCI, FISMA/NIST, HIPAA, SOX, GLBA, etc.

  Increase efficiency and effectiveness

  • Increase security assessment scope and frequency
  • Optimize headcount and consulting resources

  Practice process excellence

  • Conduct documented, repeatable security assessments
  • Validate security using established best practices

  CORE Security helps more than 1,400 customers worldwide preempt critical security threats throughout their IT environments, and communicate related risk to the business. Our patented, proven, award-winning enterprise solutions are backed by more than 15 years of applied expertise from CoreLabs, the company's innovative security research center. For more information, visit http://www.coresecurity.com

  
  
•  

  Today's organizations are facing unprecedented security challenges. The consumerization of IT, including BYOD, and the broad adoption of virtualization and the cloud bring new capabilities to organizations. But as network guests, contractors, employees, and partners all need differing levels of access, across a variety of devices, to resources that might be located virtually anywhere, IT teams also realize that traditional security models are ill-equipped to address the new security demands and threats that this network revolution is bringing. The Cisco SecureX security strategy is designed to address the new network and security landscape. SecureX is based on four key concepts: First, any effective security strategy needs to leverage the intelligence and footprint of the network as its foundation, because every user, device, and resource is attached to the network. Second, security needs to exist within the framework of dynamic context - understanding the who, what, when, where, and how of every user, device, and traffic flow. Third, security is only as good as its awareness of the threats. Cisco's Security Intelligence Operations, the largest threat telemetry database in the world, analyzes real time data from over 700,000 appliances, 30 billion web requests, 1/3 of the world's email messages, and over 150 million endpoint devices every single day, resulting in over 8 million daily security updates fed continuously to Cisco's family of security products. And fourth, the ability to define and distribute security policies that allow organizations to see every device, control access to resources, and leverage the network itself must be part of a unified policy enforcement strategy. Combined, these elements of Cisco SecureX enable the flexible, any-device connectivity that organizations want with the accurate, effective enforcement that they need, across the entire distributed network environment.Cisco provides the industry's largest portfolio of security products and solutions in every form factor, including appliances, cloud, virtualized, and integrated network security offerings. These include the next-generation, context-based ASA security appliance, email and web content security, IPS sensors, the AnyConnect mobile security client, and TrustSec's identity-based access control enabled by the new Identity Services Engine.Cisco is proud to be a BlackHat sponsor. For more information on Cisco Security, please visit cisco.com/go/security or cisco.com/go/SecureX.

  
  
•  

  IBM's security portfolio provides the security intelligence to help organizations holistically protect its people, infrastructure, data and applications. IBM offers solutions for identity and access management, database security, application development, risk management, endpoint management, network security and more. IBM operates the world's broadest security research and development organization and delivery organization. This comprises nine security operations centers, nine IBM Research centers, 11 software security development labs and an Institute for Advanced Security with chapters in the United States, Europe and Asia Pacific. IBM monitors 13 billion security events per day in more than 130 countries and holds more than 3,000 security patents. For more information please visit us at ibm.com/security.

  
  
•  

  Lieberman Software Corporation is a USA based cross-platform security software developer. We provide tools for the mass security/configuration reporting and remediation of Microsoft Windows workstations and servers with real time reporting and repair capabilities. We also provide cross-platform solutions to proactively manage privileged identities such as root, administrator, sa and other accounts (located in routers, switches, embedded systems, host hardware, virtualization hypervisors, host OS, databases, middleware, applications, etc) at both the user and application level. Using automation, we provide auto-discovery, correlation and propagation to make it possible to discover what credentials you have, where they are being used, and give you the ability to regularly change credentials as needed or required. Our goal is to provide sharp tools for your IT administrators and solutions that give you the ability to understand where and how credentials are used as well as the power to change them as needed. To learn more about our tools and solutions stop by our booth for a hands-on demo or visit our website at www.liebsoft.com.

  
  
•  

  LogRhythm is the leader in cyber threat defense, detection and response. The company's SIEM 2.0 security intelligence platform delivers the visibility, insight and remediation required to detect the previously undetectable and address the mutating cyber threat landscape. LogRhythm also provides unparalleled compliance automation and assurance as well as operational intelligence to Global 2000 organizations, government agencies and mid-sized businesses worldwide.

  The company earned a perfect, 5-star rating and this year's exclusive "BEST BUY" in the SC Magazine SIEM Group Test, Computing Security's Bench Tested Solution of the Year, SC Labs' "Recommended" 5-star designation twice, SC Magazine's Innovator of the Year Award, Readers Trust Award for "Best SIEM" solution and "BEST BUY" designation for Digital Forensics. LogRhythm is headquartered in Boulder, Colorado with operations in Canada, Europe and the Asia Pacific region. For more information, visit www.logrhythm.com

  
  
•  

  Mykonos Software, a Juniper Networks company, is the smartest way to secure websites and web applications against hackers, fraud and theft. Its Web Intrusion Deception System uses deception to detect, track, profile and prevent hackers in real-time. Unlike signature-based approaches, Mykonos Software is the first technology that inserts detection points to proactively identify attackers before they do damage – with virtually no false positives. Mykonos goes beyond the IP address to track the individual attacker, profile their behavior and deploy counter measures. With the Mykonos Web Security, administrators are liberated from writing rules, analyzing massive log files or monitoring another console.

  For more information, please go to www.mykonossoftware.com

  
  
•  

  RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

  Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

  
  
•  

  Symantec is a global leader in providing security, storage and systems management solutions to help our customers Ð from consumers and small businesses to the largest global organizations Ð secure and manage their information, identities, technology infrastructures and related processes against more risks at more points, more completely and efficiently than any other company. Our unique focus is to eliminate information, technology and process risks independent of device, platform, interaction or location. Our software and services protect completely, in ways that can be managed easily and with controls that can be enforced automatically Ð enabling confidence wherever information is used or stored.

  As the world becomes increasingly technology-centric and information-driven, Symantec is providing the leading products to ensure the availability of data, to backup and recover information, and prevent its loss. This includes helping consumers organize, backup and easily access their digital music, photos, files and more. Small businesses and large organizations can access and ensure the availability of information, whenever it is needed, with company-wide data protection, archiving and high availability clustering solutions. Since information now resides and is used in more places than ever Ð on phones, notebooks, USB devices, online portals and over global networks, protecting information is increasingly critical. Symantec has leading solutions that can identify and automatically prevent loss of valuable and confidential information Ð on the endpoint, in storage and over the network.

  Symantec provides comprehensive security that more people and organizations count on, with the best-of-breed and market-leading products in each of the company's business categories. From zero-day detection of new security threats to anti-fraud countermeasures, Symantec products continue to receive recognition from analysts and industry publications for providing superior threat detection and more in-depth and comprehensive security and data protection. This protection now extends to more information points, from mobile devices to servers, storage, networks and external and unmanaged systems. Symantec software reaches and protects more information points against more risks than any other company.

  Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantecª Global Intelligence Network. This network captures worldwide security intelligence data that gives Symantec analysts unparalleled sources of data to identify and analyze, to deliver protection and provide informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam.

  More than 240,000 sensors in more than 200 countries and territories monitor attack activity through a combination of Symantec products and services such as Symantec DeepSightª Threat Management System, Symantec ª Managed Security Services and Nortonª consumer products, as well as additional third-party data sources.

  Symantec gathers malicious code intelligence from more than 133 million client, server, and gateway systems that have deployed its antivirus products. In addition, Symantec maintains one of the world's most comprehensive vulnerability databases, currently consisting of more than 40,000-recorded vulnerabilities (spanning more than two decades) affecting more than 105,000 technologies from more than 14,000 vendors. Symantec also facilitates the BugTraqª mailing list, one of the most popular forums for the disclosure and discussion of vulnerabilities on the Internet, which has approximately 24,000 subscribers who contribute, receive, and discuss vulnerability research on a daily basis.

  More than half of the world's data is protected by Symantec Ð in the home, small business and enterprise, including security of a third of the world's email. At Symantec, we envision a world where security follows information everywhere. Through an information- and identity-centric approach that is device and platform independent, our Security 2.0 vision is fast becoming a reality. Information, personal identities, interactions and communications can be protected against online fraud, spam, viruses, malware, inadvertent loss, theft and more, regardless of the system or technology. It's part of a comprehensive strategy to help customers protect their information more completely than any other software company.

  www.symantec.com

  
  
•  

  Trustwave is a leading provider of compliance, Web, application, network and data security solutions delivered through the cloud, managed security services, software and appliances. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its TrustKeeper® portal and other proprietary security solutions. Trustwave has helped hundreds of thousands of organizations--ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers--manage compliance and secure their network infrastructures, data communications and critical information assets.

  SpiderLabs is the elite security team at Trustwave, offering clients the most advanced information security expertise available today. The SpiderLabs team has performed more than 1,500 computer incident response and forensic investigations globally and has run over 12,000 penetration and application security tests for clients. Companies and organizations in more than 50 countries rely on the SpiderLabs team's technical expertise to identify and anticipate cyber security attacks before they happen. In a rapidly evolving threat environment, SpiderLabs has the extensive field experience to asses threat levels, anticipate weaknesses, investigate breaches, and fortify environments against attacks.

  Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia.

  For more information, visit www.trustwave.com

  
  
•  

  Verizon helps organizations protect their core asset: data. The company does this through a robust suite of security services -- including governance, risk and compliance solutions; identity and access management solutions; investigative response; data protection services; threat management services; and vulnerability management services -- delivered in the cloud or on premises. For more information, visit us at www.verizon.com/enterprise. For ongoing security insight and analysis from some of the world's most distinguished security researchers, read the Verizon Security Blog at www.verizon.com/enterprise/securityblog.

  
  

Gold SponsorsBack to Top

•  

  BeyondTrust is the only security solution vendor providing Context-Aware Security Intelligence, giving our customers the visibility and controls necessary to reduce their IT security risks, while at the same time simplifying their compliance reporting. BeyondTrust offers consistent policy-driven vulnerability and privilege management, role-based access control, monitoring, logging, and reporting to protect internal assets from the inside out. The company's products empower IT governance to strengthen security, improve productivity, drive compliance, and reduce expense across physical, virtual, mobile and cloud environments.

  With more than 25 years of global success, BeyondTrust is the pioneer of both Threat Management and Privileged Identity Management (PIM) solutions for heterogeneous IT environments. More than half of the companies listed on the Dow Jones Industrial Average rely on BeyondTrust to secure their enterprises. Customers include eight of the world's 10 largest banks, eight of the world's 10 largest aerospace and defense firms, and 7 of the 10 largest U.S. pharmaceutical companies, as well as renowned universities across the globe.

  
  
•  

  Booz Allen Hamilton has been at the forefront of strategy and technology consulting for nearly a century. Today, Booz Allen is a leading provider of management and technology consulting services to the US government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profit organizations. In the commercial sector, the firm focuses on leveraging its existing expertise for clients in the financial services, healthcare, and energy markets, and to international clients in the Middle East. Booz Allen offers clients deep functional knowledge spanning strategy and organization, engineering and operations, technology, and analytics—which it combines with specialized expertise in clients' mission and domain areas to help solve their toughest problems.

  The firm's management consulting heritage is the basis for its unique collaborative culture and operating model, enabling Booz Allen to anticipate needs and opportunities, rapidly deploy talent and resources, and deliver enduring results. By combining a consultant's problem-solving orientation with deep technical knowledge and strong execution, Booz Allen helps clients achieve success in their most critical missions—as evidenced by the firm's many client relationships that span decades. Booz Allen helps shape thinking and prepare for future developments in areas of national importance, including cybersecurity, homeland security, healthcare, and information technology.

  Booz Allen is headquartered in McLean, Virginia, employs more than 25,000 people, and had revenue of $5.59 billion for the 12 months ended March 31, 2011. Fortune has named Booz Allen one of its "100 Best Companies to Work For" for eight consecutive years. Working Mother has ranked the firm among its "100 Best Companies for Working Mothers" annually since 1999. More information is available at www.boozallen.com. (NYSE: BAH)

  
  
•  

  FireMon provides enterprises with security management software that gives them deeper visibility and tighter control over their network security infrastructure. Its integrated solution set--including Security Manager, Policy Planner, Risk Analyzer and BackBox--enables customers to identify network risk, proactively eliminate those vulnerabilities and strengthen security throughout the organization, and reduce the cost of security operations. www.firemon.com.

  
  
•  

  ForeScout is the leading provider of automated security control solutions for Fortune 1000 enterprises and government organizations. ForeScout's automated solutions for network access control, mobile security, threat prevention and endpoint compliance empower organizations to gain access agility while preempting risks and eliminating remediation costs. Because ForeScout's CounterACT portfolio is easy to deploy, unobtrusive, intelligent and scalable, they have been chosen by over 1000 of the world's most secure enterprises and military installations for global deployments spanning 37 countries. Within hours, ForeScout customers can see and control everything on their network—all devices, all operating systems, all applications, all users.

  
  
•  

  HP is a leading provider of security and compliance solutions for modern enterprises that want to mitigate risk in their hybrid environments and defend against advanced threats. Based on market leading products from ArcSight, Fortify, and TippingPoint, the HP Security Intelligence and Risk Management (SIRM) Platform uniquely delivers the advanced correlation, application protection, and network defense technology to protect today's applications and IT infrastructures from sophisticated cyber threats. Visit HP Enterprise Security at: www.hpenterprisesecurity.com.

  
  
•  

  McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. Backed by global threat intelligence, our solutions empower home users and organizations by enabling them to safely connect to and use the Internet, prove compliance, protect data, prevent disruptions, identify vulnerabilities, and monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe.

  
  
•  

  nCircle is the leading provider of Information Risk & Security Performance Management solutions to automate compliance and reduce risk. Solutions from nCircle enable enterprises of all sizes to achieve higher levels of security and operational efficiency. Over 6,500 businesses and government agencies use nCircle's compliance, risk and security performance management solutions to proactively protect high value assets and corporate data. Customers can choose to deploy nCircle's solutions at their location, in the cloud or in a hybrid environment. To learn how you can more effectively protect your company visit us at www.ncircle.com

  
  
•  

  Through its technology platform, Norman delivers core antimalware protection for clients, servers and network security. These products and services are designed to protect business communications and resources, including corporate networks and applications, remote employees, branch offices, and extranets. The company also offers market-leading advanced malware analyzers which enable organizations to automate the process of analyzing suspicious files, identifying types of malware, and assessing threats. Norman's award-winning security solutions protect millions of consumer PCs from hackers, spyware and identity theft. For more information, please visit www.norman.com

  
  
•  

  Rapid7 is the leading provider of security risk intelligence solutions. Rapid7's integrated vulnerability management and penetration testing products, Nexpose and Metasploit, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are being used by more than 2,000 enterprises and government agencies in more than 65 countries worldwide, while the Company's free products are downloaded more than one million times per year and enhanced further by over 125,000 security community users and contributors. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a "Top Place to Work" by the Boston Globe. The Company is backed by Bain Capital Ventures and Technology Crossover Ventures. For more information about Rapid7, please visit www.rapid7.com

  
  
•  

  Solera Networks is the industry's leading advanced Security Intelligence and Analytics provider. Its award-winning DeepSee® platform is powered by next-generation deep-packet inspection and indexing technologies, network security analytics and intelligence capabilities. Global 2000 enterprises, cloud service providers and government agencies rely on Solera to see everything and know everything on their network—allowing them to gain total visibility and situational awareness, respond quickly and intelligently to advanced threats and malware, protect critical informationassets, minimize exposure and loss and reduce business risk. For more information, please visit www.soleranetworks.com

  
  
•  

  Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Visit www.veracode.com

  
  
•  

  VMware(NYSE: VMW), the global leader in virtualization and cloud infrastructure, delivers customer-proven solutions that accelerate IT by reducing complexity and enabling more flexible, agile service delivery. VMware enables enterprises to adopt a cloud model that addresses their unique business challenges. VMware's approach accelerates the transition to cloud computing while preserving existing investments and improving security and control. With more than 250,000 customers and 25,000 partners, VMware solutions help organizations of all sizes lower costs, increase business agility and ensure freedom of choice.

  Visit www.vmware.com for more information.

  
  
•  

  Headquartered in Santa Clara, California, WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. It delivers the flexibility, simplicity and manageability that organizations need to take control of website security and prevent Web attacks. Furthermore, WhiteHat Sentinel enables automated mitigation of website vulnerabilities via integration with Web application firewalls and Snort-based intrusion prevention systems.

  
  

Silver SponsorsBack to Top

•  

  AccessData Group has pioneered computer forensics and litigation support for more than twenty years and is the maker of FTK and Summation. Over that time, the company has grown to provide a family of stand-alone and enterprise-class solutions that enable digital investigations of any kind, including computer forensics, incident response, e-discovery, legal review, IP theft, compliance auditing and information assurance. More than 100,000 users in law enforcement, government agencies, corporations and law firms around the world rely on AccessData software solutions and its premier digital investigations and hosted review services. AccessData Group is also a leading provider of digital forensics and litigation support training and certification.

  
  
•  

  AlienVault™ is the creator of OSSIM, the de facto standard open source Security Information and Event Management (SIEM) solution. The OSSIM powered AlienVault Unified Security Management™ (USM) platform reduces cost of visibility and accelerates time to PCI/SOX compliance. The USM Framework comes with five essential security capabilities built-in: asset discovery, vulnerability assessment, threat detection, behavioral monitoring and security intelligence. It also leverages dozens of the best open source tools like Snort, OSSEC, OpenVAS, ntop, Nagios, and more, and integrates easily with existing security components. Additionally, OSSIM users and AlienVault customers benefit from the AlienVault Open Threat Exchange™, the most diverse and comprehensive sharing system for threat intelligence that automaticallycleanses, aggregates, validates and publishes threat data streaming from the broadest range of security devices. OSSIM has over 160,000 downloads and users in 80 countries. AlienVault is privately held and headquartered in Silicon Valley. www.alienvault.com

  
  
•  

  Amazon.com, a Fortune 500 company based in Seattle, opened on the World Wide Web in July 1995 and offers Earth's Biggest Selection, where customers can find and discover anything they might want to buy online. The brightest minds come to Amazon to develop technology that improves the lives of shoppers and sellers around the world. Pioneering technical challenges of unprecedented scale and complexity, Amazon also provides developers access to Amazon's own back-end platform and in-the-cloud infrastructure. Examples include Amazon Elastic Compute Cloud, Amazon Simple Storage Service, Amazon SimpleDB, Amazon Simple Queue Service, Amazon Flexible Payments Service, and Amazon Mechanical Turk. For more info, visit: www.amazon.com

  
  
•  

  Barracuda Networks is the leading provider of award-winning IT solutions designed to simplify and secure your network. With fanatical support and a portfolio spanning security, networking and data protection, Barracuda Networks solutions ensure total business continuity. Our market leading Web Application firewall improves application delivery and security when it matters most — 24 hours a day. The award-winning Barracuda NG Firewall protects your business and improves connectivity whether you have one office or offices all over the world allowing granular management from a central location. Our ADC, security and content filtering solutions allow you to report, monitor and control social media and Web applications that cause security, bandwidth and productivity issues for organizations of all sizes.

  
  
•  

  Bit9, the global leader in Advanced Threat Protection, protects the world's intellectual property (IP) by providing innovative, trust-based security solutions to detect and prevent sophisticated cyber threats. The world's leading brands rely on Bit9's award-winning Advanced Threat Protection Platform for endpoint protection and server security.

  Bit9 stops advanced persistent threats by combining real-time sensors, cloud-based software reputation services, continuous monitoring and trust-based application control and whitelisting—eliminating the risk caused by malicious, illegal and unauthorized software. The company's global customers come from a wide variety of industries, including e-commerce, financial services, government, healthcare, retail, technology and utilities. Bit9 was founded on a prestigious United States federal research grant from the National Institute of Standards and Technology – Advanced Technology Program (NIST ATP) to conduct the research that is now at the core of the company's solutions. For more information about Bit9 go to www.Bit9.com

  
  
•  

  Click Security is all about Real-time Security Analytics. We find the unknown attack activity hidden in the "event haystack" that today goes unnoticed until it is too late.

  Signature-based products are easily evaded. Security event logging / management systems and forensics tools are designed only for postmortem analysis of highly structured events. Click Security finds the linkages between seemingly independent network activity events and automatically builds live, "actor-based" information through interactive visualizations – empowering the analyst to see, prioritize, and halt anomalous activity with revolutionary speed and accuracy.

  It's all made possible through a breakthrough real-time processing data flow engine; a revolutionary ability to encode any security analytic through open-design, shareable Click Modules; and a world-class module development agency – Click Labs.

  Click Security has the only solution designed to move far beyond the traditional "point product" model into the realm of an open security analytics platform enabling crowd-sourced security intelligence sharing.

  Click Security is based in Austin, Texas and backed by Sequoia Capital.

  
  
•  

  Codenomicon develops proactive security testing software and situation awareness tools that help you discover the problems at the earliest possible moment.

  Defensics is the world leading fuzzing solution. It provides fully automated security testing suites for over 200 communication interfaces.

  Defensics uses model-based, systematic fuzz testing to provide you with the best testing coverage.

  Situation awareness solutions create interactive visualizations from real-time network traffic and abuse information. Status of the networks and critical resources can be seen in one glance, allowing better informed and faster decision making.

  Codenomicon's solutions are used by top governments and leading software companies, operators, service providers and manufacturers.

  
  
•  

  Security breaches damage revenue, brand equity and customer satisfaction. Coverity enables organizations developing C/C++ and Java web applications to effectively and efficiently build security into the development process by eliminating critical defects that could lead to security vulnerabilities earlier in the development lifecycle, without jeopardizing speed or cost. Developers can manage quality and security defects together, in their existing workflow, without requiring them to become security experts or impacting their productivity. Over 1,100 of the world's largest brands, including Honeywell, NEC, BAE Systems, Juniper Networks, BMC Software, Samsung, France Telecom, Sega, and Schneider Electric rely on Coverity to help ensure the quality, safety and security of their products and services.

  
  
•  

  Cybertap LLC delivers powerful and human-oriented tools to investigators of net-based activity. As more and more organizations capture and retain their raw network traffic to deal with network-oriented reduction of employee productivity, loss/theft of valuable assets, conduct of crimes, and planning of terrorist actions, investigators need tools that allow them to work with and understand that data contextually in its original form as web pages, e-mail, Facebook, and documents. Cybertap Recon reassembles raw network traffic back into its original human-facing form, indexes it for comprehensive and rapid search, and provides investigators with sophisticated analysis tools with which to visualize the content, establish connections, and thus make cases. Recon supports 'Insider Threat' investigations, eDiscovery, eFOIA, lawful intercept, intelligence uses, cyber security, and net-based activity impact assessments.

  For additional information, please visit: www.cybertapllc.com

  
  
•  

  Damballa is the leader in advanced threat protection and active threat monitoring, pinpointing breaches in networks from advanced malware, targeted APTs, and zero-day threats that have by-passed traditional and virtual defense layers. By monitoring the network, Damballa spots threats entering a network or identifies threats trying to communicate back out of a network, and correlates the activity and behavior to confirm the infection and risk to the enterprise. Signatureless and platform agnostic, Damballa rapidly and automatically detects today's stealthy cyber attacks and protects networks with any type of device or OS.

  For additional information, please visit: www.damballa.com

  
  
•  

  The Dell SecureWorks Counter Threat UnitSM (CTUSM) research team is an expert group of security researchers who identify and analyze emerging threats and develop countermeasures, correlation rules and SOC processes to protect customers' critical information assets.

  CTU researchers frequently serve as expert resources for the media, publish technical analyses for the security community and speak about emerging threats at security conferences. Leveraging our advanced security technologies and a network of industry contacts, the CTU research team tracks leading hackers and analyzes anomalous activity, uncovering new attack techniques and threats. This process enables CTU researchers to identify threats as they emerge and develop countermeasures that protect our customers before damage occurs.

  
  
•  

  Dell® SonicWALL® provides intelligent network security and data protection solutions that enable customers and partners to dynamically secure, control, and scale their global networks. Using input from millions of shared touch points in the SonicWALL Global Response Intelligent Defense (GRID) Network, the SonicWALL Threat Center provides continuous communication, feedback, and analysis on the nature and changing behavior of threats. SonicWALL Research Labs continuously processes this information, proactively delivering countermeasures and dynamic updates that defeat the latest threats. Patented* Reassembly-Free Deep Packet Inspection® technology, combined with multi-core parallel architecture, enables simultaneous multi-threat scanning and analysis at wire speed and provides the technical framework that allows the entire solution to scale for deployment in high bandwidth networks. Dell SonicWALL network security and data protection solutions, available for the Enterprise, are deployed in large campus environments, distributed enterprise settings, government, retail point-of-sale and healthcare segments, as well as through service providers. Visit www.sonicwall.com

  
  
•  

  Denim Group is a leading secure software development firm. The company builds custom large-scale software development projects across multiple platforms, languages and applications. The company offers a blend of secure software development, testing and training capabilities that protect a company's biggest asset, its data.

  
  
•  

  Emulex (NYSE: ELX), the leader in converged networking solutions, provides enterprise-class connectivity for servers, networks and storage devices within the data center. Emulex's Fibre Channel HBAs, NICs, CNAs, controllers, embedded bridges and switches, and connectivity management software are trusted by the world's largest IT environments. Visit http://www.Emulex.com.

  
  
•  

  ESET is a global leader in antivirus and Internet security software. Powered by ESET NOD32® Antivirus, which has won an unmatched 71 VB100 awards for malware detection, ESET business solutions offer proactive, fast, and effective server-to-endpoint protection for Windows, Mac and Linux environments. Install ESET. Install confidence.

  
  
•  

  F5 Networks is the global leader in Application Delivery Networking (ADN), focused on ensuring the secure, reliable, and fast delivery of applications. F5's flexible architectural framework enables community-driven innovation that helps organizations enhance IT agility and dynamically deliver services that generate true business value. F5's vision of unified application and data delivery offers customers an unprecedented level of choice in how they deploy ADN solutions. It redefines the management of application, server, storage, and network resources, streamlining application delivery and reducing costs. Global enterprise organizations, service and cloud providers, and Web 2.0 content providers trust F5 to keep their business moving forward. For more information, go to www.f5.com

  
  
•  

  Since 2002, Fidelis Security Systems has been providing organizations with the network visibility, analysis and control necessary to manage advanced threats and prevent data breaches. Built on a patented Deep Session Inspection®, platform, the Fidelis Extrusion Prevention System® is the industry's only network security solution capable of seeing, studying, and stopping advanced threats in real-time by uniquely working at the session-level where today's threats occur. Fidelis enables their government, military, and commercial enterprise customers around the globe to achieve proactive situational awareness, content protection, threat mitigation, and application activity control.

  www.fidelissecurity.com

  
  
•  

  FireEye is the leader in stopping advanced targeted attacks that use advanced malware, zero-day exploits, and APT tactics. FireEye's solutions supplement traditional and next-generation firewalls, IPS, antivirus and gateways, which cannot stop advanced threats, leaving security holes in networks. FireEye offers the industry's only solution that detects and blocks attacks across both Web and email threat vectors as well as latent malware resident on file shares. It addresses all stages of an attack lifecycle with a signature-less engine utilizing stateful attack analysis to detect zero-day threats. Based in Milpitas, California, FireEye is backed by premier financial partners including Sequoia Capital, Norwest Venture Partners and Juniper Networks.

  
  
•  

  FireHost is a secure cloud hosting company that delivers secure solutions to eCommerce, SaaS, healthcare IT, and security companies around the world. Specializing in protecting sites and data with compliance and high traffic needs, FireHost makes hacker awareness, management and prevention a standard part of every hosting plan. Advanced security combined with a comprehensive portfolio of hosting solutions helps FireHost protect companies of all sizes from threats to their websites, applications, and other valuable data.

  
  
•  

  Fluke Networks is the leader in security, performance and compliance solutions for wireless LANs (WLANs). The company's AirMagnet product line provides unrivaled visibility into all aspects of the wireless airspace with the intelligence to automatically diagnose, explain and respond to any wireless challenge. Innovative products include AirMagnet Enterprise, the industry's premier wireless intrusion prevention system (WIPS) for managing and securing corporate WLAN deployments. AirMagnet Enterprise provides a simple, scalable WLAN security monitoring solution that enables any organization to proactively mitigate all types of wireless security threats, enforce enterprise policies, prevent wireless performance problems and audit the regulatory compliance of all their Wi-Fi assets and users worldwide. In addition, it offers the only comprehensive, real-time approach to threat analysis and updating, taking WLAN threat protection to a new level with the introduction of dynamic threat protection. Other products, including AirMagnet WiFi Analyzer - known as the "de facto tool for wireless LAN troubleshooting and analysis" - provide WLAN site survey and design, RF interference detection, remote diagnostics, and the world's first voice over WiFi analysis solution. AirMagnet products have been sold to over 9,500 customers worldwide, including 75 of the Fortune 100.

  
  
•  

  Taking a strategic approach to security, Foreground Security helps organizations align information security with key business objectives. The company was founded by security professionals with over 20 years of experience to provide organizations with cutting-edge information and network security services, designed to significantly refine and improve their protection efforts. Foreground Security enables customers to optimize their network security investments while taking a proactive approach to protecting their most important information assets from potential threats.

  Foreground Security offers comprehensive security services that enable Government agencies and commercial organizations to secure critical data, protect identities and demonstrate compliance. The company leverages its experts' unparalleled insights to provide customers with the strategy and know-how required to develop, implement and maintain on-going secure and compliant policies, infrastructure and training.

  Foreground Security performs in-depth technical testing of networks, applications, and various security related infrastructure components such as firewalls, virtual and wireless networks. The company employs experienced professionals who hold CISSP, CCSP, CISM, CEH, CHFI and MCSE certifications and who have conducted Penetration Tests, C&A Projects, and Policy development for well over 100 Government agencies and corporations, making Foreground Security the ideal information security partner.

  
  
•  

  Fortinet delivers unified threat management and specialized security solutions that block today's sophisticated threats. Our consolidated architecture enables our customers to deploy fully integrated security technologies in a single device, delivering increased performance, improved protection, and reduced costs. Purpose-built hardware and software provide the high performance and complete content protection our customers need to stay abreast of a constantly evolving threat landscape. Our customers rely on Fortinet to protect their constantly evolving networks in every industry and region in the world. They deploy a robust defense-in-depth strategy that improves their security posture, simplifies their security infrastructure, and reduces their overall cost of ownership.

  
  
•  

  Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase® platform provides proven solutions for government, corporate and law enforcement organizations to respond to computer security incidents, eDiscovery requests or regulatory inquiries; conduct internal investigations; perform data and compliance auditing; and secure sensitive data. There are more than 30,000 licensed users of the EnCase technology worldwide, and thousands attend Guidance Software's renowned training programs annually. For more information, visit: www.guidancesoftware.com.

  
  
•  

  GuruCul is the leading provider of security and business intelligence solutions. GuruCul products will improve risk, threat, and compliance postures by applying a unique identity centric approach of correlating identity, activity, and access information to provide actionable data and prioritized alerts. GuruCul has developed industry's most advanced patent pending algorithms for risk profiling and analyzing trends, to detect threats and anomalous behavior. GuruCul's intelligent risk platform will help your organization efficiently protect intellectual property and effectively manage risk.

  GuruCul Risk Analytics Capabilities:

  • 360 view of user Identity, Access, and Activity Profile Information
  • Advanced Identity, Access, and Activity Analytics
  • Insider and Advanced Persistent Threat Detection
  • Risk Based Access Controls
  • Privileged & Shared Account Monitoring
  • Identity and Access Intelligence
  • Risk Based Compliance
  • Activity Self Audit Statements
  • Forensic / Investigation Assistance
  • Intelligent Roles Based Access
  
  
•  

  The Hacker Academy (THA) is an online learning platform for ethical hacking and penetration testing that provides real world tools, concepts, and 24/7 hands on training in a cloud based environment. The Hacker Academy provides a true understanding of how hacking actually works and what it feels like from a "bad guys" perspective, which arms you with the knowledge to protect your own systems.

  THA is a division of MAD Security, an information security training firm focused on the human side of information security. While technology helps to stop hackers, viruses and malware, humans remain the single biggest threat. MAD Security's deep understanding of human nature has led to the development of a unique approach that enables our clients to effectively reduce the threat against their organizations. For more information, visit: www.hackeracademy.com.

  
  
•  

  HBGary Inc. was founded in 2003 to develop products to counter APT and other unknown cyberthreats. HBGary has in-depth expertise in advanced malware, rootkits, zero-day exploits, and targeted threats. Customers include Fortune 500 corporations, DOD and other U.S. government agencies. HBGary Inc. is headquartered in Sacramento, CA with offices in the Washington D.C. area.

  
  
•  

  How do you keep mobile workers productive and sensitive data protected? With Imation secure mobile storage and device management solutions.

  Imation's data, identity and workspace solutions marshal some of the most advanced authentication and encryption technologies available today. But they're still flexible and familiar enough to get mobile employees and contractors working right away.

  Rely on the industry's first FIPS 140-2 Level 3 validated flash drives, the first management solution for USB devices and portable identity, the first flash drives to earn the highest security validations, the first to integrate CAC/PIV smart cards for U.S. government use – to keep your security policies intact and enforced.

  Imation Mobile Security provides solutions that address the demands of the mobile workforce, for enterprise and government organizations, that are easy to use, easy to deploy and easy to manage, while also providing a broad set of security options able to meet varying customer requirements.

  Secure, deploy, and manage. With Imation, you can do it all.

  
  
•  

  Immunity is an industry leader in discovering, developing and delivering offensive information security technologies and services. This includes exploitation and vulnerability analysis software, wireless penetration testing hardware, security analysis services and attack training.

  Immunity products include exploitation development tools, vulnerability assessment tools, and remote control technologies. Immunity delivers consulting services including penetration testing, vulnerability management, and Immunity's experts provide regular training classes.
  
  www.immunityinc.com

  
  
•  

  Lancope is a leading provider of flow-based monitoring to ensure high-performing and secure networks for global enterprises. Unifying critical network performance and security information for borderless network visibility, Lancope provides actionable insight that reduces the time between problem onset and resolution. Enterprises worldwide rely on Lancope to make better network decisions and avoid costly outages and downtime.
  
  www.lancope.com

  
  
•  

  LogLogic® is the leader in log and security management solutions. Supported by more than 200 partners and trusted by more than 1,000 customers worldwide, LogLogic solutions provide visibility and control to any IT infrastructure so that organizations can significantly improve security, compliance and network performance. LogLogic's open log management platform enables customers to collect, search, and store massive amounts of IT log data for a comprehensive fingerprint of activity. LogLogic's business applications correlate user activities and event data in real-time for an integrated approach to security event management, database security management, security change management and compliance management, resulting in improved accountability and lower costs for any organization.

  For more information, visit: www.LogLogic.com

  
  
•  

  Mandiant is the information security industry's leading provider of advanced threat detection and incident response solutions and services. Mandiant provides products, professional services and education to Fortune 500 companies, financial institutions, government agencies, domestic and foreign police departments and leading U.S. law firms. www.mandiant.com/

  
  
•  

  Mocana products help secure the "Internet of Things" - the 20 billion datacom, smartgrid, federal, consumer, industrial and medical devices that connect across every sector of our economy. Mocana is developing the industry's only device-independent security platform that protects devices and the information, apps and services that run on them. Every day, millions of people use products sold by over 150 companies that leverage Mocana's solutions, including Cisco, Honeywell, Dell, General Electric, General Dynamics, Avaya and Harris, among others. Mocana recently won Frost & Sullivan's Technology Innovation of the Year award for Device Security, and was named to the Red Herring Global 100 as one of the "top 100 privately-held technology companies in the world".

  
  
•  

  Since its inception in 1986, NCP Engineering has delivered innovative software that allows enterprises to implement a new way to secure remote access and overcome the complexities of creating, managing and maintaining network access. NCP's award winning product line spans the spectrum of remote access, from hybrid IPSec / SSL VPN to end-point firewalls and network access control (NAC) functions. The company's products support organizations with complex remote user needs, who want to leverage the latest end-devices to increase staff productivity, reduce network administration and adapt policy changes on-the-fly. Each solution is interoperable with existing third-party software or hardware. Headquartered in the San Francisco Bay Area, the company serves 30,000+customers worldwide throughout the healthcare, financial, education and government markets, as well as many Fortune 500 companies. NCP has established a network of national and regional technology, channel, and OEM partners to serve their customers.

  
  
•  

  Neohapsis is a trusted provider of consulting services and products that address the information security needs of global enterprises and government agencies. Combining security expertise and leveraging advanced research and risk management tools from the Neohapsis Labs, Neohapsis solves the complex security problems that are inherent in emerging technologies.

  
  
•  

  NSS Labs, Inc. is the recognized leader in independent security research and testing. The company provides security intelligence to enterprises worldwide, enabling information technology professionals to select and maintain complex security products for their organizations. NSS Labs evaluates both network and endpoint security products, producing both individual Product Analysis Reports and group Comparative Analysis Reports. Group tests culminate in the exclusive Security Value Map™. Founded in 1991, the company is located in Austin, Texas. For more information, visit www.nsslabs.com.

  
  
•  

  Onapsis is the leading provider of cybersecurity, compliance and continuous monitoring solutions for ERP systems and business-critical infrastructure. Through its innovative solutions, Onapsis helps its customers to protect their core business platforms from espionage, sabotage and fraud attacks.

  Large organizations rely on SAP, Oracle E-Business Suite, PeopleSoft and Siebel platforms to store and process their most sensitive business information. Onapsis enables them to increase the security level of these systems while enforcing compliance requirements, decreasing financial fraud risks and reducing audit costs drastically. Onapsis solutions are trusted by several Fortune Global 100 companies, large governmental entities and military agencies.

  Onapsis X1, the company's flagship product, is the industry's first comprehensive solution for the Automated Security Assessment of SAP platforms. Being the first and only SAP-certified solution of its kind, Onapsis X1 Enterprise allows customers to perform Automated Vulnerability Assessments and Security & Compliance Audits over their entire SAP platform. For organizations that need to go deeper, Onapsis X1 Consulting Pro also safely exploits existing weaknesses to illustrate the associated business impacts.

  Onapsis is built upon a world-renowned team of experienced security researchers leading the SAP & ERP security fields. These experts were also the first to perform specialized SAP Penetration Tests, Vulnerability Assessments and Security Audits. Because of its cutting-edge research, Onapsis is continuously invited to lecture at the most important security conferences in the world, private companies and defense agencies.

  If you are wondering whether your ERP systems and business-critical infrastructure are exposed, find more information at www.onapsis.com.

  
  
•  

  OPSWAT is the industry leader in software management SDKs, interoperability certification, secure browsing technology and multiple-engine malware scanning solutions. OPSWAT's Metascan technology enables easy API integration of multiple anti-malware engines into proprietary solutions. Combining up to 30 antivirus engines in a single box, Metascan optimizes engines to scan simultaneously and efficiently. Metascan technology is licensed by many large corporations, governments, and defense agencies for malware research and advanced threat detection. Metascan is also synergetic with third-party sandboxing tools for effectively analyzing malicious code. Try the online demo at http://www.metascan-online.com. OPSWAT also offers: Secure Virtual Desktop for shielding sensitive data while browsing anonymously from any computer (perfect for securing access to cloud-based solutions); GEARS for managing networks from the cloud and identifying potential security risks on endpoints; AppRemover for thoroughly uninstalling security applications; and MD4SA for quickly scanning endpoints for active malware without the need for installation.

  
  
•  

  With more than 380,000 customers—including 100 of the Fortune 100—and with deployments across a wide variety of industries in more than 145 countries around the globe, Oracle offers an optimized and fully integrated stack of business hardware and software systems that helps organizations overcome complexity and unleash innovation.

  Security is a key priority at Oracle. Encompassing every phase of the product development lifecycle, Oracle Software Security Assurance is Oracle's methodology for building security into the design, build, testing, and maintenance of its products. Oracle's goal is to ensure that Oracle's products, as well as the customer systems that leverage those products, remain as secure as possible. For more information, see: http://www.oracle.com/us/support/assurance/index.html

  
  
•  

  Palo Alto Networksª is the network security company. Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content Ð by user, not just IP address Ð at up to 20Gbps with no performance degradation. Based on patent-pending App-IDª technology, Palo Alto Networks firewalls accurately identify and control applications Ð regardless of port, protocol, evasive tactic or SSL encryption Ð and scan content to stop threats and prevent data leakage. Most recently, Palo Alto Networks has enabled enterprises to extend this same network security to remote users with the release of GlobalProtectª and to combat targeted malware with its WildFireTM service.

  www.paloaltonetworks.com

  
  
•  

  Parsons company delivers mission critical, uniquely engineered and integrated intelligence and cyber solutions. Parsons is called upon to take on the toughest challenges - finding out-of-the-box solutions - executing the near-impossible tasks. Parsons specializes in communication monitoring, analysis, and enablement; reverse engineering of malicious signatures and undocumented protocols; and "putting the bits back together for analysis." Parsons utilizes its unique skills, including RF engineering, software development, and hardware systems fabrication to provide a comprehensive range of network hardware and software products and services. Parsons employees are experts in delivering solutions in a timely and cost effective manner, meeting operational needs, and exceeding expectations. Parsons employs its advanced engineering and proven quick reaction capabilities to design, integrate, and field one-of-a-kind cyber applications to highly integrated Cyber Security Operations Centers, making Parsons an industry leader in cyber analytics, network security, cyber operations, and information assurance.

  
  
•  

  PhishMe.com provides organizations the ability to train their employees and customers about the risks of spear phishing with just a few simple clicks. With over 3.1 million individuals trained since its launch in 2008, PhishMe provides a cost effective way to mitigate this challenge. The company has proven that its trainings can reduce the threat of employees and customers falling victim to phishing attacks by up to 80 percent. PhishMe.com facilitates and automates the execution of mock phishing exercises against employees and customers, provides clear and accurate reporting on user behavior, and most importantly provides instant, targeted training. PhishMe.com works with Federal Agencies and Fortune 1000 companies across multiple vertical market sectors including financial services, healthcare, higher education and defense. For additional information, please visit: www.phishme.com

  
  
•  

  Pico Computing offers scalable, FPGA-based platforms for embedded and high performance computing. Customer applications include cryptography, signal and video processing, DSP, bioinformatics and financial computing.

  We specialize in highly integrated computing platforms based on Field Programmable Gate Array (FPGA) technologies. We offer standard and custom products, and we provide consulting and engineering services. We are the experts in FPGA-accelerated algorithms for data security.

  Pico Computing E-Series cards are designed to be easy to use, fast to deploy, and scalable. Use a single E-Series card for rapid algorithm prototyping. Deploy your application as an embedded system, or scale to multiple FPGAs using an SC-Series FPGA cluster.

  Pico EX-Series boards offer high performance for the most demanding data security applications. Deploy multiple EX-Series boards in a rack-mounted cluster for truly amazing levels of password cracking performance. Our latest FPGA computing board, the Pico EX-500, can be equipped with up to 12 Xilinx FPGAs on a single, 16-lane PCI Express card. Up to 11 EX-500 cards can be installed in a standard 4U rack mounted chassis.

  Pico Computing is headquartered in Seattle, Washington and has customers worldwide. For more information or to request a free Data Security White Paper, visit www.picocomputing.com.

  
  
•  

  Radware (NASDAQ:RDWR), a global leader in integrated application delivery and network security solutions, assures the full availability, maximum performance, and complete security of business-critical applications for nearly 10,000 enterprises and carriers worldwide. Radware's family of cutting-edge security solutions provide integrated application and network security technologies to enhance best of breed, multi-layered security architectures.

  The full suite of award-winning attack mitigation technologies include: intrusion prevention, web application firewall, DoS protection, network behavioral analysis, and reputation preservation capabilities. These are integrated into one solution Ð DefensePro® Ð for ease of deployment and cost-effectiveness. These technologies are complemented by an advanced SEIM management and forensics system (APSolute Visionª) and professional security services. Radware's Emergency Response Team (ERT) provides 24*7, on-site support for customers facing immediate attack. In addition, Radware' security operations center (SOC) provides necessary ongoing updates for emergency signature creation; emerging threat mitigation, detection and updates; and custom signature development. Both the ERT and SOC have been industry recognized for providing first and necessary safeguards against: WikiLeaks Operation Payback; South Korean DDoS attacks; and iPhone, Oracle, Italian Job and Windows vulnerabilities.

  Radware also provides a custom Managed Security Service Provider (MSSP) solution for target customers in need. With this complete suite of products, services, and tailored offerings, Radware is optimally suited to meet your current and emerging security needs.

  For more information on how Radware can take your security operations to the next level, please visit www.radware.com or contact us at info@radware.com.

  
  
•  

  RedSeal Networks is the leading provider of proactive enterprise security management solutions that enable organizations to continually assess and fortify their cyber-defenses while automating compliance. Unlike systems that detect cyber-attacks once they occur, RedSeal helps enterprises identify, understand and act to reduce holes in their security infrastructure before an attack occurs. The RedSeal platform enables businesses and government agencies to visualize, model and analyze complex network and security control interactions across their entire network of firewalls, routers, load balancers and hosts. RedSeal delivers an in-depth understanding of security performance along with continuous monitoring of the critical controls that mitigate operational risk in today's dynamic network infrastructures. RedSeal offers security intelligence and situational awareness, insights into enterprise vulnerabilities and threats, and actionable best practices that help network, security, compliance and audit teams accelerate regulatory compliance and proactively eliminate risks associated with cybertheft and cyberespionage. For more information, visit RedSeal at www.redsealnetworks.com

  
  
•  

  ReversingLabs delivers industry leading file analysis tools that drastically accelerate and broaden security analysts' ability to detect new threats, respond to incidents, find hidden information and verify software integrity.

  TitaniumCore™ is the world's fastest and most comprehensive tool for automated static decomposition of files. The engine automatically extracts all contained objects and their internal information from a sample and stores them in a database for further analysis. A single server can process 100,000 samples daily.

  TitaniumCloud™ service provides internal information and virus scanning results for over 1B goodware and malware files and reputation information on over 4 billion network locations.

  ReversingLabs products reduce analysis tasks from days to seconds, enabling analysts to respond quicker and cover more potential threats. Our customers include antivirus vendors, security vendors, government agencies, and commercial enterprises across the globe. Visit us at: www.reversinglabs.com

  
  
•  

  BlackBerry Security, Research in Motion (RIM), is a world class organization providing end to end security focus including: driving the BlackBerry security message globally, security accreditations, development of security products, advanced threat research, building mitigations into BlackBerry products, and by rapidly responding to security incidents. More information: www.blackberry.com/security

  
  
•  

  Singapore-based Rune Information Security Corporation Pte Ltd creates solutions that maintain e-mail and Internet privacy and security in a world of electronic eavesdropping and cyber corporate espionage. Rune delivers "toolkits" that security professionals and individuals can integrate into their information systems and PCs that guarantee that e-mail, proprietary documents and other data remains private and secure. By using standards based encryption as well as unbreakable Vernam encryption "one-time pad", Rune has developed an easy-to-use, easy-to-manage system that creates a standards based and compliance driven, unbeatable security wall that will ensure proprietary private information and corporate data remains readable only to those who have the pad and key. Rune was founded by a group of like-minded professionals who believe in empowering and maintaining digital privacy and security through tried and tested technology and methods. Please visit www.rune.sg for more information about Rune's full suite of security solutions and products.

  
  
•  

  SAIC is a FORTUNE 500® scientific, engineering, and technology applications company that uses its deep domain knowledge to solve problems of vital importance to the nation and the world, in national security, energy and the environment, critical infrastructure, and health. The Company's approximately 41,000 employees serve customers in the U.S. Department of Defense, the intelligence community, the U.S. Department of Homeland Security, other U.S. Government civil agencies and selected commercial markets. Headquartered in McLean, Va., SAIC had annual revenues of approximately $10.6 billion for its fiscal year ended January 31, 2012. For more information, visit http://www.saic.com/. SAIC: From Science to Solutions®

  
  
•  

  SAINT Corporation, a global leader in network security, offers the first integrated vulnerability assessment and penetration testing. Examine your network with the SAINT vulnerability scanner, and expose where an attacker could breach your network. Go to a higher level of visibility with the SAINTexploit penetration testing tool and exploit the vulnerability to prove its existence without a doubt. The SAINT scanner and penetration testing tools are fully integrated within the same interface, making it easy to determine where to begin remediation--with the exploitable vulnerabilities found by the scanner. WebSAINT, the online SaaS (Software as a Service) vulnerability scanner, is ideal for organizations that need to perform vulnerability scans or meet PCI ASV third party quarterly scanning requirements. SAINT is a PCI Approved Scanning Vendor (ASV). WebSAINT Pro is the online SaaS solution that includes vulnerability scanning, penetration testing, and Web application scanning along with the full functionality of the award winning SAINT scanner and exploit technology. In 2011, SAINTscanner became the first product to receive validation by NIST for the U.S. Government Configuration Baseline (USGCB) as well as FDCC and other scanner specifications. SAINT SCAP supports includes OVAL, CPE and CVE enumeration, and CVSS scoring.

  SAINT can help to

  • Manage and reduce security risks to your network
  • Document compliance with government and industry regulations like PCI, HIPAA, SOX, FISMA, and with internal policies
  • Emulate potential attackers with the suite of exploit tools.

  For more information, visit www.saintcorporation.com, call 1(800) 596-2006 or send a message to sales@saintcorporation.com

  
  
•  

  Secure Ninja- Expert InfoSec Training and Certification & Security Services. CISSP, CEH v7.1, CHFI v8, Security+, CISM, ECSA, FITSP, VMware, Cloud Security, PMP and more. Secure Ninja has trained and/or certified thousands of individuals. With an overall course pass rate approaching 98%, Secure Ninja is well above the industry average for technical training success. Our classes come in flexible formats (Boot Camp, Live Online, Evenings, Weekends and On-site) to meet your busy schedule or organizational need. Secure Ninja services/consulting specialize in governance, risk and compliance programs for government agencies including information assurance, IV&V security assessments, and cyber-security solutions. Secure Ninja has the knowledge and experience to keep your sensitive information safe. All Black Hat USA 2012 attendees receive 20% off our regular pricing. For More information call 703-535-8600 or visit www.secureninja.com

  
  
•  

  Securonix is the Security Intelligence Platform that identifies IT threats using advanced identity, access, and behavior analytics and scores the results in actionable business risk terms. Security, risk, and fraud management groups use Securonix to focus their SOC, IT risk, SIEM, IAM, DLP and fraud programs on the real and emerging threats.

  
  
•  

  Since 1999, Silicium Security has been delivering innovative enterprise security solutions to a global customer base that includes government, corporations and public institutions. We're recognized for our unique approach in protecting strategic corporate information residing on Windows-based computer installations. Silicium's flagship product, ECAT, provides signature-less enterprise malware detection that other approaches miss. ECAT uses live memory analysis, network traffic statistical analysis and other techniques to provide ironclad compromise assessment and threat detection.

  
  
•  

  Skybox Security, Inc. is the leader in proactive security management solutions, providing automated tools that find and prioritize cyber risks such as vulnerabilities, firewall configuration errors, and access compliance issues. Our solutions help IT security personnel continuously monitor and prevent security risks that could lead to a data breach or cyber-attack. Organizations in Financial Services, Government, Energy, Defense, Retail, and Telecommunications rely on Skybox Security solutions to reduce risk exposure and achieve compliance. For more information visit www.skyboxsecurity.com

  
  
•  

  We help organizations keep data safe and block the growing number of complex threats. We protect everywhere and offer complete security with our full range of endpoint, encryption, email, web, network security and UTM products.
  We help customers protect their businesses and meet compliance needs. And all our customers benefit from the expertise of our threat analysts located around the world. Their research is at the heart of everything we do. They quickly find the latest threats and update protection for our customers automatically. Plus, our support engineers are experts on all our products, and they're available whenever you need them.
  We make our products easy to install and use so you spend less time managing security. With Sophos you can focus on the needs of your business because we're securing your entire organization. www.sophos.com

  
  
•  

  Splunk® Inc. provides the engine for machine data™. Splunk software collects, indexes and harnesses the massive machine data continuously generated by the websites, applications, servers, networks and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. More than 3,700 enterprises, universities, government agencies and service providers in more than 75 countries use Splunk Enterprise to gain operational intelligence that deepens business understanding, improves service and uptime, reduces cost and mitigates cyber-security risk. To learn more please visit www.splunk.com/company.

  
  
•  

  Founded in 1995, SSH Communications Security is the company that invented the SSH protocol - the gold standard protocol for data-in-transit security solutions. Today, over 3,000 customers across the globe, including 7 of the Fortune 10, trust our Information Integrity Platform to secure the path to their information assets. Our platform enables businesses of all types and sizes to protect their information assets by

  • Developing gold standard data-in-transit security solutions that prevents data loss in both internal and external environments
  • Delivering hardened perimeter security through our multi-channel two-factor authentication
  • Providing internal security control management solutions that enables organizations to more easily manage user keys and monitor administrator traffic across your network
  
  
•  

  StillSecure Safe Access is the leading provider of Network Access Control (NAC) for the US DoD. Safe Access leverages over a decade of experience to offer network access control for your IT security needs. If you are concerned about BYOD, guest access, controlling rogue devices, virtualization and ease of use, Safe Access is the solution you need. Safe Access was built from the beginning specifically for testing and controlling endpoints as they enter the network, thus Safe Access is the fastest, most reliable NAC available.

  
  
•  

  Stonesoft delivers the industry's most innovative and adaptable network security solutions to protect against advanced threats and reduce network complexity. Through our scalable NGFW, NGIPS, SSL-VPN and multi-factor authentication technologies, we bring military-grade security to any organization, while also delivering true next generation functionality. Built on a dynamic, integrated, software-based platform, Stonesoft solutions are highly adaptable, contextually aware, and easily managed and configured. Using Stonesoft's unique network security engine, users can pick and choose what kind of protection they need in a single solution, eliminate the need for upgrades and scale protection as their security requirements change. In effect, Stonesoft is the only provider in the industry to deliver future-proof security. For more information, visit www.stonesoft.com/us

  
  
•  

  StrongAuth, Inc. is a Silicon Valley-based company that has been focused on enterprise key-management infrastructure since 2001. It is the creator of many free and open-source cryptographic tools, as well as a web-application architecture for secure cloud computing.

  Regulatory Compliant Cloud Computing (RC3). Some of StrongAuth's open-source solutions include:

  • StrongKey - the industry's first open-source Symmetric Key Management System (SKMS)
  • StrongAuth KeyAppliance - the industry's first encryption, tokenization and key-management appliance
  • StrongKey CryptoEngine - an open-source library for encrypting files/objects for the Cloud
  • StrongKey CryptoCabinet - an open-source web-application built using the RC3 architecture

  Building PKIs and SKMS for some of the smallest and largest companies in the world, its value-packed solutions are used in mission-critical environments to keep information secure.

  
  
•  

  Stroz Friedberg is a leading global digital risk management and investigations firm. The company specializes in digital forensics, data breach and cybercrime response, electronic discovery, security risk consulting and business intelligence and investigations. Working at the crossroads of technology, law and behavioral science, the company provides technical assistance and strategic advice to help manage the inherent risks and responsibilities of doing business in a digital era. Learn more about the firm?s capabilities and experience at www.strozfriedberg.com

  
  
•  

  TeleCommunication Systems, Inc. (TCS) (NASDAQ: TSYS) is a world leader in highly reliable and secure mobile communication technology. TCS infrastructure forms the foundation for market leading solutions in E9-1-1, text messaging, commercial location and deployable wireless communications. TCS is at the forefront of new mobile cloud computing services providing wireless applications for navigation, hyper-local search, asset tracking, social applications and telematics. Millions of consumers around the world use TCS wireless apps as a fundamental part of their daily lives. Government agencies utilize TCS' cyber security expertise and professional services for mission-critical communications. Headquartered in Annapolis, MD, TCS maintains technical, service and sales offices around the world. To learn more about emerging and innovative wireless technologies, visit www.telecomsys.com.

  
  
•  

  Tenable Network Security is a privately held company founded in 2002 by security product innovators Ron Gula, Renaud Deraison and Jack Huffard. Together with Tenable CSO Marcus Ranum, they have developed a Unified Security Monitoringª approach based on the award-winning Nessus® scanner engine for securing enterprise networks world-wide.

  Tenable's technical leaders have all created market leading and award winning products individually (Nessus, Dragon IDS, Gauntlet Firewall, TIS firewall tool kit) prior to joining forces at Tenable. Tenable Network Security's Unified Security Monitoring solution consists of four fully-integrated software applications: SecurityCenter, Nessus, the Passive Vulnerability Scanner and the Log Correlation Engine.

  
  
•  

  TerraWi is the first device and platform independent mobile security solution of its kind. With the ability to use biometrics, username/password protection, and Geo-fencing abilities linked into a secure cloud, you will feel at ease knowing your information won't be jeopardized. TerraWi supplies you with a unique, 256-bit encrypted cloud providing functionality across multiple operating systems. This allows access to your data on almost any device while never leaving any data footprint on the actual device. Therefore if your device is ever lost or stolen, you have the ability to use another without loosing any of your precious data. Once logged into your Mobile-Loc account all the information stored within the TerraWi cloud is readily available on your mobile device. Upon un-authentication, the information is immediately NSA Type-1 erased and is no longer accessible via that device without re-authentication into your account. With flexibility and extensive security measures, TerraWi is sure to provide users with peace of mind.

  
  
•  

  Trend Micro Incorporated, a global cloud security leader, creates a world safe for exchanging digital information with Internet content, security and threat management solutions. We deliver top-ranked client, server, and cloud-based security to fit customer and partner needs, stop threats faster, and protect data in physical, virtualized and cloud environments. Powered by the Trend Micro™ Smart Protection Network™ infrastructure, our technology, products, and services stop threats where they emerge. For more information, visit www.trendmicro.com.

  
  
•  

  University of Maryland University College (UMUC) is a member institution of the University System of Maryland and a leader in high-quality online education. As a natural evolution of its programs in information assurance, the university has launched undergraduate and graduate degrees and certificates in cybersecurity, cybersecurity policy, and digital forensics and cyber investigation. UMUC has a long history of serving the active duty member. It has provided academic programs under contract with the Department of Defense to service members across the United States and overseas for eight decades, including Europe and Asia and more recently the Middle East, Afghanistan and Africa. Located near the nation's capital, UMUC is one of the largest public universities in the United States, serving 92,000 students and offering more than 120 undergraduate and graduate programs. It is an NSA/DHS Center of Academic Excellence for Information Assurance Education. To learn more, visit www.umuc.edu/spotlight/cybersecurity.cfm.

  
  
•  

  VASCO Data Security is a leading provider of strong authentication and e-signature solutions, specializing in protecting online accounts, identities, and transactions. VASCO helps 10,000+ organizations in over 100 countries to ensure secure access to networks, web applications, LANs, and online portals for their customers, partners, and employees with a wide range of solutions from OTPs to mobile authentication to PKI. For more information, visit www.vasco.com

  
  
•  

  Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys from the desktop to the datacenter built specifically for encryption management interoperability across heterogeneous environments. Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi also publishes best practices for effective key and certificate management at www.venafi.com/best-practices. Venafi customers include the world's most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit www.venafi.com

  
  
•  

  WatchGuard Technologies Since 1996, WatchGuard Technologies has provided reliable, easy-to-manage security appliances to hundreds of thousands of businesses worldwide. WatchGuard's award-winning extensible threat management (XTM) network security solutions combine firewall, VPN, and a suite of security services to boost protection in critical attack areas. The extensible content security (XCS) line of products offers content security across email and web, as well as data loss prevention. Both product lines help you meet regulatory compliance requirements including PCI DSS, HIPAA, SOX and GLBA. Represented by more than 15,000 partners in 120 countries, WatchGuard is headquartered in Seattle, Washington, with offices in North America, Latin America, Europe, and Asia Pacific. For more information, visit http://www.watchguard.com.

  
  

Association PartnersBack to Top

•  

  Alta Associates is the leading executive recruiting firm specializing in Information Security. Alta founded the Executive Women's Forum on Information Security, Privacy, and Risk enabling women thought leaders.

  
  
•  

  The CIAS delivers quality competition, research, training, and exercise programs to advance community and organizational cyber security capabilities and collaboration. The CIAS is a national leader in cyber competitions and currently manages the National Collegiate Cyber Defense Competition, the largest collegiate cyber defense competition program in the nation, and Panoply, a network assessment/ network defense competition. Through our exercise and training programs, the CIAS works to improve the overall security of state and community infrastructures by enforcing the concepts of protecting essential cyber and physical assets while improving information gathering and sharing initiatives.

  
  
•  

  The Cloud Security Alliance is a not-for-profit organization with a mission to build a trusted cloud ecosystem of research, training, innovation and industry best practices.

  
  
•  

  The Electronic Frontier Foundation (EFF) is the leading organization defending civil liberties in the digital world. We guard free speech online, fight illegal surveillance, support emerging technologies, defend digital innovators, and work to ensure that our rights and freedoms are enhanced, rather than eroded, as our use of technology grows.

  
  
•  
  
  
•  

  ISSA is the largest international professional association for information security specialists, with 10,000 members in over 70 countries supported by a network of over 150 chapters. Members are consistently recognized as experts on critical issues in the field and are seen as important resources for small businesses, global enterprises, and government organizations.

  
  
•  

  The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

  
  

Media PartnerBack to Top

•  

  Beyond Security's automated security testing solutions accurately discover and report security weaknesses in networks, web applications, industrial systems and custom software.

  
  
•  

  The Ethical Hacker Network (EH-Net) is a free, online magazine for security professionals with Regular Columnists, Articles, Tutorials, Videos, Global Calendar of Events, Active Community Forums, Certification Information, Contests and much more. Our community is large, membership is free and pays! Monthly Giveaways reward top contributors with $1000s in prizes each and every month including software, training, books, con passes and more. From network penetration testing to forensics, incident response to reverse engineering, project management to social engineering… If you want to hack for a living, we'll help you get there. www.ethicalhacker.net.

  
  
•  

  SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.

  
  
•  

  VXRL (Valkyrie-X Security Research Group) is a hacking and security research group in Hong Kong, focusing on reverse engineering, exploitation, forensics, network security and Web hacking.

  
  

Offical Wireless ProviderBack to Top

VIP SponsorBack to Top

•  

  Stroz Friedberg is a leading global digital risk management and investigations firm. The company specializes in digital forensics, data breach and cybercrime response, electronic discovery, security risk consulting and business intelligence and investigations. Working at the crossroads of technology, law and behavioral science, the company provides technical assistance and strategic advice to help manage the inherent risks and responsibilities of doing business in a digital era. Learn more about the firm?s capabilities and experience at www.strozfriedberg.com

  
  

Black Hat No Limit Hold 'Em Poker Tournament SponsorBack to Top