- Tools & Templates
- Security Jobs
- Data Protection
- Identity & Access
- Business Continuity
- Physical Security
- Security Leadership
Black Hat next month: Here's a little preview
I'm pretty happy about going to Black Hat next month, as family and other security events prevented me from going these last couple of years. But I haven't taken a deep look at the agenda yet (I usually do that 2-3 weeks before showtime). But the new PR team behind the event sent me a preview worth sharing now. So here it is.
Just so there's no confusion, what follows is what I have brazenly lifted from the email pitch:
The 2012 Black Hat USA conference (July 21-26, Las Vegas) is just weeks away, and this year’s event promises to bring out some of most serious and sophisticated threats and vulnerabilities that have ever been documented at the show. From flaws in critical infrastructure systems to flaws in devices that we carry around with us every day, Black Hat USA will demonstrate how today’s computers, applications, and devices are currently vulnerable to provable – and, in some cases, frighteningly simple – hacks by savvy attackers.
If you haven’t registered yet for Black Hat USA, here’s just a sampling of what you might be missing:
- Critical Infrastructure Systems In The Crosshairs. Black Hat USA 2012 will feature talks that point out key security vulnerabilities in global and national infrastructure, including threats to air traffic control systems (Andrei Costin), smart meters and the power grid (Don Weber), and embedded systems used in a wide variety of devices (one talk will be given by Stephen Ridley and Stephen Lawler; another talk on power analysis of embedded systems will be given by Yann Allain and Julien Moinard).
- Putting Cybercriminals On The Defensive. One of this year’s keynote speakers is former FBI Executive Assistant Director Shawn Henry, now president of hot security startup CrowdStrike, who will discuss ways to turn the tables and take on cyber adversaries to improve enterprise defenses. In another talk, renowned security researcher Dan Kaminsky will offer a look at “black ops,” offering insight on attack techniques that previously may have been considered ‘wrong and evil.’ Robert Clark, operational attorney for the U.S. Army Cyber Command, will offer a look at the legal aspects of cyberspace operations, including both defense and attack.
- Putting The Bite On Apple. Long mistakenly thought to be a “safer” operating environment, Apple’s operating environments and applications – particularly IOS – are now becoming a favorite target of attackers and security researchers. At this year's show, several speakers will discuss flaws in the Apple AppStore (Justin Engler, Seth Law, Joshua Dubik, and David Vo); vulnerabilities in the operating system kernel that drives IOS and Mac OS X (Stefan Esser); and a workshop on the dark art of IOS application hacking (Jonathan Zdziarski).
- Popular Web Applications Under The Microscope. Black Hat USA 2012 will offer a large number of talks on threats and vulnerabilities to the most commonly-used Web applications and tools, demonstrating key vulnerabilities at the very core of today’s Internet. Among these are two talks on flaws in the emerging HTML5 application language (Sheeraj Shah offers a look at the Top 10 threats, while Sergey Shekyan and Vaagn Toukharian discuss hacking with HTML5’s WebSockets); a look at recent Java exploitation trends and malware (Jeong Wook Oh); and the revelation of several new vulnerabilities in popular Web application firewalls (Ivan Ristic).
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
- Prevent Mobile Devices from Loading Dangerous Code
- Expanding Your Security Perimeter: Common Sense for Navigating Today's Threat Landscape
- Continuous Monitoring and Mitigation -- the New InfoSec Frontier
- RSA Security Analytics Case Study
- VMware Cloud Credits Program
- Insights from the 2013 IBM Chief Information Security Officer Assessment
- Cloud-based Cyber Security: A Hybrid Approach to Threat Detection and DDoS Mitigation IDC Technology Spotlight
- How Identity and Access Intelligence Will Revolutionize IAM
- Leveraging Managed Security Services to Fight Growing Cybersecurity Threats
- Global IT Trends: IT Outsourcing Fuels Business Growth
- Defending Against Increasingly Sophisticated Cyber Attacks
- Rethinking Your Enterprise Security - Critical Priorities to Consider