workshop speakers

Sponsored Workshops

A Cyber Professionals Guide to Deception Technologies

This session will cover the current state of deception technology tools and the best practices to use them effectively. Instructors will review the open source and vendor landscape, functionality, techniques, and trade-offs. The detailed how-to session will include live configuration of offensive decoys and deployment of deception grids. You will learn how this technology is complementary to your existing cyber security defenses and understand how deception technology can fit into your current architecture. Discussion will include malware traps, intrusion detection techniques, and forensic analysis. Finally, this session will share some tips on building and supporting a business case for deception strategies.

sponsored by

presented by

Joe Carson  &  Jacob Goldberg  &  Moshe Ben-Simon

DNS Arms Race: Many Roles DNS Plays in Security Battles

The Domain Name System (DNS) is the ultimate distributed database serving as the directory for the Internet that is referenced by nearly everyone billions of times per day. DNS has become so ingrained, so invisible, and so taken for granted that many IT professionals forget it exists.

Many cyber criminals, however, are very familiar with DNS and know how critical DNS is to the infrastructure of the internet. Innovative hackers have developed techniques to exploit DNS vulnerabilities and even found ways to use DNS itself as a weapon in their arsenal. With over 3 billion people online today, security professionals must do everything possible to protect their users and networks by securing their DNS from attacks and preventing their systems from being hijacked.

But the DNS role in security isn't all about attacks it's also a weapon used for good. DNS Traffic Management is often a crucial part of ensuring site high availability, balancing Internet traffic and load distribution, and even optimizing performance for the best user experience. Adding digital signatures (DNSSEC) to DNS helps to create a highly secure distributed Internet database with unlimited potential. Recently, injecting policy enforcement into the DNS recursive resolver process has provided new tools for security professionals to protect their infrastructure and thwart attacks.

In this workshop attendees will learn:
- DNS Concepts and Tricks
- Various types of DNS attacks
- Use of DNS as a weapon
- Techniques to mitigate DNS vulnerabilities
- Impacts of DNSSEC
- Responsible DNS management
- DNS Enforcement Policy as a tool to protect and defend infrastructure

sponsored by

presented by

Nate Meyer

Endpoints Threat Feeds FPs and You

Threat feeds are the new, sparkly "must have" in the world of enterprise security. With the flood of emerging vendors and open source projects providing threat intelligence feeds, it has become a daunting task to discover feeds that are right for you. Once a collection of feeds has been chosen, you are still left without any direction on how it should be used.

In this workshop, we will show you techniques to enhance both your threat feed data and your enterprise network logs. These enhancement techniques will enable you to gather more context and attribution on your network sources, enrich your threat feed data for improved correlation, reduce false positives on network threat feed alerts, and reduce investigation time when performing incident response.

The workshop will focus on user endpoints and network threat feeds, but will also demonstrate techniques corresponding to the different categories of endpoint and threat feeds. Beginners should walk away with a solid understanding of network threat feeds and how they can use them effectively in their environment. Experienced veterans will leave this workshop with new tricks and techniques for using their preexisting feeds. The hands-on exercises presented in this workshop are optional and can be done with any CSV parser.

sponsored by

presented by

Ryan Holeman

Exploiting IT Analytics to Create a Human Layer Security Initiative

The final understanding and verification of a security incident ultimately requires human interpretation and decision. Over the past 15-20 years the industry has invested billions in pursuit of automated security layers (e.g. firewalls, endpoint protection, intrusion detection), but attempts at automating the human interaction part of the process have fallen short. Instead of providing definitive answers to offload our already overburdened teams, system-generated false positives add more work.
Increasing complexity - driven by cloud/mobile centric architectures and infrastructures that are dynamic by design (e.g. SDN, cloud) - will create a new class of challenges for both automated and human layers of IT security. We refer to this new class as 'Unknowns.'
In this interactive session, we will examine and demonstrate a new data discovery paradigm and class of data analytics, specifically for the human layer of IT security. The technology's inventor will share his perspective on the 'human layer' technical requirements and his vision for the future. The workshop will include a live demonstration and a chance to take a test drive.

sponsored by

presented by

Jeff Barker  &  Mike Morford

How poorly obfuscated mobileapp code leads to vulnerable IoT devices

Ken Munro and Chris Pickering are from Pen Test Partners, a penetration testing firm from the UK. They are known for several interesting hacks of IoT devices in recent months. Regularly called on by the media, including the BBC, NBC, Forbes and many others they spread the message of sensible security with no FUD, or vendor bias.

They are the guys responsible for the Samsung TV "listening to you" investigation, making the My Friend Cayla doll curse, discovering how flaws in Wi-Fi kettles can give up your wireless PSK, helping make GoPro cameras less likely to be used covertly as spying devices against their owners, to name but a few.

In this session they'll show you how many of their findings in IoT devices come from hackers having easy access to mobile app source code. If code was properly obfuscated, it would be much harder to decompile and reverse engineer it in the first place.

They will demonstrate reverse engineering and uncovering security flaws in mobile app code

This workshop is designed for software development leads, product managers, security architects and everybody who is in charge for product security and the protection of customers' privacy data.

sponsored by

presented by

Ken Munro  &  Chris Pickering

How to Find a Better Job In IT Security

The bad news is that enterprise data is at risk, and the attackers have the advantage. The good news is that this situation has created a boom market for IT security professionals. How can a skilled security pro take advantage of this lucrative marketplace? What's the best way to find new job opportunities and open positions? What skills and training are the best resume builders? Which positions offer the best salaries, and how can security pros find them? If you are doing the hiring, what positions are most in demand, and how can you identify potential candidates who have the special skills you need?

In this panel session, top IT security recruiters and employers offer insights on how to find open positions, how to benchmark your salary, and how to improve your experience and training to make yourself more attractive to potential employers. The experts will also offer advice to managers who are seeking out top security talent, providing insight on how to make staffing decisions and how to find the best people. The session will also offer the latest data on security salaries and employment attitudes culled from newly-published research by Dark Reading and InformationWeek.

sponsored by

presented by

Tim Wilson  &  Lee Kushner  &  Kevin Oswald

Kaizen Capture the Flag

Booz Allen Hamilton is here to keep the hacking going with once again, another iteration of their Kaizen CTF series. This interactive event is designed to build the skills of security enthusiasts through hands-on challenges in forensics, web exploitation, scripting, and binary reverse engineering. Whether you are a 1337 h4x0r or new to information security and want a healthy environment to try your first CTF, come check out Kaizen! Learn more at https://blackhat.kaizen-ctf.com

Kaizen consists of a variety of challenges, with all equipment provided. Top scores will receive 1st, 2nd, and 3rd place prizes as well as challenge and achievement based prizes for the truly advanced! Additionally, they will receive an invitation to our exclusive sponsored networking event held on Thursday evening.

Realistic - Participants are faced with real world challenges, conducting open source research, crafting new solutions and pure development/scripting on-the-fly.
Hands On - Truly 100% hands on, independent learning; no lecturing. Mentors available and provide one-on-one help when needed, but participants are encouraged to succeed through independent learning.
Accommodates all experience levels
o Experienced/senior technical participants are motivated to compete, test their skills, and gain points on the leader board.
o Junior participants can trade points for hints, work with mentors, research and learn how to solve problems in a safe but competition space.
Environment - A key element that makes this successful is the relaxed and fun environment. Stop on by, say hello, and network with individuals like you!

sponsored by


Overcoming Chaos and Disruption: A New World Order in Security

Every aspect of security has become challenging, with lots of talk about what "should" be done, but few actually making progress. Join Twitter for an interactive discussion on ways to tackle the complex, often overlooked issues plaguing security today.

sponsored by


Phish and Silicon Chips Linking targeted attacks to the wider threat

Using actual examples of companies who may have left themselves exposed to potential cyberattacks, we'll discuss a recent investigation into targeted phishing attacks. This presentation will look at the motivations for the attack, the steps organizations could have taken to identify and stop the attack and how by leveraging accurate threat intelligence the attack was linked to wider threat activity.
We will touch on the techniques used within a spear-phishing email to perpetrate the attack, solicit an open, disguise the link and then attack and navigate the network. We'll wrap the session by highlighting what companies should consider in order to better defend their organizations.

sponsored by

presented by

Darrell Switzer

The Information Security Landscape: What Security Pros REALLY Worry About

If you've watched television or read mainstream media publications lately, you know that businesses and executives have become very interested in "cyber threats" ranging from Target's data breach to China's surveillance of U.S. corporations. But what about the people who work in IT security for a living? What are they worried about and how do they prioritize and take action on those concerns?

In this comprehensive session, editors from Dark Reading and InformationWeek join to share the results of in-depth research on the state of the IT security department and the attitudes of information security professionals. The research, which includes InformationWeek's annual Strategic Security Survey as well as a new Dark Reading survey of Black Hat attendees, will outline some of the key concerns of IT security professionals, including breach incidence as well as current threats. The studies also offer new insight on enterprises' plans for technology spending and implementation, and their approach to new IT challenges such as mobile and cloud security.

The editors will be joined by Chris Wysopal, a reknowned security expert and CTO of Veracode, who will offer insights on how security professionals' attitudes and priorities are changing, and how these new priorities may affect security practices and technology choices in the future.

sponsored by

presented by

Kelly Jackson Higgins  &  Chris Wysopal

Turf War: Using Geo-Intelligence to Thwart Cyber Threats

In an infinitely connected and connectionless world, online infrastructures are subjected to an equally infinite number of threats from countless sources, each with their own distinct motives. The mission assigned to IT security professionals is simple, but not easy: cover everything from everywhere. Tall order, but geographical IT intelligence that can see through the smoke and mirrors of hackers can help. In this session, you will learn how the right tools and disciplines can help you:
Combat DDoS and other malicious attacks
Detect and reduce online fraud
Mitigate risks that threaten user experience
Join Neustar for this informative session to gain insights can help you keep cyber attackers from devastating your online business.

sponsored by

presented by

Rupert Young