Cybersecurity Asset Management, Incident response, Insider threat, Threat intelligence, Compliance, Zero trust, Cloud security, Application security, DevOps, Data security, Privacy, Email security, Identity and access, Physical security, Vulnerability management

BH2020 #2

View Show Index

Segments

1. IoT Security, Hacking, Testing & Testing Methods – Deral Heiland – BH20 #2

Focus on subject of IoT security and hacking, IoT testing and Testing methods and related research topics.

This segment is sponsored by Rapid7.

Visit https://securityweekly.com/rapid7 to learn more about them!

Segment Resources: https://www.rapid7.com/research/%0D%0Ahttps://blog.rapid7.com/author/deral-heiland/

To gain access to our latest research (i.e. 2020 Q1 Threat Report, NICER and Under the Hoodie 2020 visit: https://www.rapid7.com/research/

To register for our upcoming webcast with Rapid7 "The Internet Exposed: Findings from the National Internet Cloud Exposure Report", visit: https://register.gotowebinar.com/register/2929993287629586702?source=SW

Sponsored By

Rapid7

Guest

Deral Heiland
Deral Heiland
Principal Security Research IoT at Rapid7

Deral Heiland, CISSP, has over 20 years of experience in IT. Over the last 8+ years, he has focused on security research, security assessments, pen testing, and consulting.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance

2. Black Box to Glass Box Verdicts – Mario Vuksan – BH20 #2

Modern digital objects, made up of layers of structured code and data, are central to the exchange or storage of information and are becoming increasingly complex.

Moreover, because signature, AI and machine learning-based threat classifications from “black box” detection engines come with little to no context, security analysts are left in the dark as to why a verdict was determined, negatively impacting their ability to verify threats, take informed action and extend critical job skills.

They need an approach that leverages threat data from both internal and external sources to systematically analyze each layer of these complex objects, generating transparent “glass box” actionable intelligence and human interpretable data to detect, classify and respond to malware threats.

This segment is sponsored by Reversing Labs.

Visit https://www.reversinglabs.com/ to learn more about them!

Join ReversingLabs at this year's Black Hat 2020 Virtual Business Hall to learn how explainable threat intelligence drives SOCs and Threat Hunters to take action faster and reduce their time to remediate. https://register.reversinglabs.com/black-hat-2020

Sponsored By

Reversing Labs

Guest

Mario Vuksan
Mario Vuksan
CEO & Co-Founder at ReversingLabs

Mario founded ReversingLabs in 2009 and currently serves as CEO. In this role he drives all aspects of the company’s strategy, operations and implementation. Prior to ReversingLabs Mario has held senior technical positions at Bit9 (now Carbon-Black), Microsoft, Groove Networks, and PictureTel (now Polycom). He is the author of numerous research studies, speaking regularly at FS-ISAC, RSA, Black Hat and other leading security conferences.

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

3. Navigating a Post-Compromise Reality – Michael Sanders – BH20 #2

Every organization gets compromised - it’s how you fast you detect and respond that counts. Trends like the overnight move to remote work and the subsequent increase in phishing attacks, the acceleration of cloud adoption, and proliferation of enterprise IoT have expanded the attack surface and complicated the job of security professionals. We’ll explore those trends and the opportunity that lay ahead for security teams post-compromise to prevent an event that results in an outage or incident from becoming a full-scale data breach.

This segment is sponsored by ExtraHop Networks.

Visit https://securityweekly.com/extrahop to learn more about them!

For a free trial of Reveal(x)360 visit: www.extrahop.com/swbh

Sponsored By

ExtraHop Networks

Guest

Michael Sanders
Michael Sanders
Senior Engineer at Extrahop

Michael is responsible for architecting security implementations across hyper-converged networks and is part of ExtraHop’s team of cloud security engineers who work directly with customers and prospects. A passionate technologist and evangelist, he brings fresh thinking to security threat detection. Prior to ExtraHop, Michael was a consultant working with multiple technologies across the security landscape. He holds a Masters Degree from the University of Arizona and a BBA from the University of Georgia. Michael speaks at industry events, supports security research organizations, and has been quoted in industry coverage.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance

4. “Demystifying Modern Windows Rootkits” – Bill Demirkapi – BH20 #2

This talk will demystify the process of writing a rootkit, moving past theory and instead walking the audience through the process of going from a driver that says "Hello World" to a driver that abuses never-before-seen hooking methods to control the user-mode network stack. Analysis includes common patterns seen in malware and the drawbacks that come with malware in kernel-mode rather than user-mode. We'll walk through writing a rootkit from scratch, discussing how to load a rootkit, how to communicate with a rootkit, and how to hide a rootkit. With every method, we'll look into the drawbacks ranging from usability to detection vectors. The best part? We'll do this all under the radar, evading PatchGuard and anti-virus.

Guest

Bill Demirkapi
Bill Demirkapi
Security Researcher at Independent

Bill Demirkapi is a student at the Rochester Institute of Technology with an intense passion for Windows Internals. Bill’s interests include game hacking, reverse engineering malware, and exploit development. In his pursuit to make the world a better place, Bill constantly looks for the next big vulnerability following the motto “break anything and everything.”

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

5. Threat Hunting Platforms vs. SIEM, What’s the Difference? – Corey Thuen – BH20 #2

What use cases are addressed by Threat Hunting Platforms and SIEMs? Where is the overlap and where are the differences? This talk covers the high level and low-level tech that drives these differences.

This segment is sponsored by Gravwell.

Visit https://securityweekly.com/gravwell to learn more about them!

Gravwell is a threat hunting platform built for ingest and search of logs and binary data sources at scale. To learn more, visit: https://www.gravwell.io/summercamp2020

Sponsored By

Gravwell

Guest

Corey Thuen
Corey Thuen
Co-Founder at Gravwell

Corey Thuen is a founder of Gravwell and has spent over a decade doing cybersecurity at places like Department of Energy national labs, Digital Bond, and IOActive. That experience is now driving development of a full-stack analytics platform built to alleviate pain points he personally experienced from inflexible tools.

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

6. The Entire IT Security Industry – Richard Stiennon – BH20 #2

Stiennon presents the results of his research to quantify the entire industry. He observes there is no consolidation. Also, that growth rates far exceed what the big firms predict every year.

To see more of Richard's industry insights, visit: https://it-harvest.com/shop/

Guest

Richard Steinnon
Richard Steinnon
Author, Security Yearbook 2020 at IT-Harvest

Richard Stiennon is Chief Research Analyst for IT-Harvest, the firm he founded in 2005 to cover the 2,337 vendors that make up the IT security industry. He has presented on the topic of cybersecurity in 31 countries on six continents. He was a lecturer at Charles Sturt University in Australia. He is the author of Surviving Cyberwar (Government Institutes, 2010) and Washington Post Best Seller, There Will Be Cyberwar. He writes for Forbes and The Analyst Syndicate. He is a member of the advisory board at the Information Governance Initiative. Stiennon was Chief Strategy Officer for Blancco Technology Group, the Chief Marketing Officer for Fortinet, Inc. and VP Threat Research at Webroot Software. Prior to that he was VP Research at Gartner, Inc. He has a BS in Aerospace Engineering and his MA in War in the Modern World from King’s College, London. His latest book, Security Yearbook 2020, is available on Amazon.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance

7. Simplifying The Process Of Identifying, Assessing & Mitigating Risks – Liam Downward – BH20 #2

Burdensome technologies that generate bloat within any organization, high licensing costs along with the long deployment times. All of these affect the ROI on organizational resources Time, Money, and People.

This segment is sponsored by CYRISMA.

Visit https://securityweekly.com/cyrisma to learn more about them!

Get 10% off your monthly bill when you sign up! Visit: https://www.cyrisma.com

Sponsored By

CYRISMA

Guest

Liam Downward
Liam Downward
CEO at CYRISMA

Liam started his career in 1998 in Dublin, Ireland and each year brought new challenges and with this where my passion of Information Security grew. In 2018, he saw that Cyber Security was becoming more complex and organizations would rather ignore risks as their budgets could not afford solutions to protect their data and CYRISMA was born.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance

8. Being Thorough or Working Fast: Which Matters Most in Security? – Paul Battista – BH20 #2

Most analysts will tell you that they balance between being thorough and getting the job done quickly. I asked the security community to weigh in on this debate. I’ll share what they thought and explain why it’s no longer necessary to choose between the two.

This segment is sponsored by Polarity.

Visit https://www.polarity.io/sw to learn more about them!

Take the Polarity Challenge! Get your free community edition by visiting: www.polarity.io/sw

Sponsored By

Polarity

Guest

Paul Battista
Paul Battista
CEO & Founder at Polarity

Paul Battista is CEO and Co-Founder of Polarity.io. Prior to Polarity, Paul was an intelligence officer for the United States Government and participated in all elements of the intelligence cycle from planning operations through dissemination to senior policy makers in the White House. Before his government service, Paul was a senior engineer for Aetna Inc., a penetration tester, and incident responder for multiple fortune 100 customers.

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

9. Observing Privilege To Reduce Risk In Software As A Service – Chris Morales – BH20 #2

Risk remains the top concern for organizations adopting software-as-a-service (SaaS) models and this is an issue that is only getting worse. What is needed today is the ability to remove the dependency on human behavior and human error, bringing control back to the security team.

Risk in a SaaS environment is largely an identity problem. Specifically, it is a misuse of identity and the privilege access granted to that identity. Before implementing any SaaS platform, you must consider how much access is really being granted in the cloud. More importantly, how is that privilege access being used?

This segment is sponsored by Vectra.

Visit https://www.vectra.ai/o365 to learn more about them!

To see how Vectra can detect attacks in SaaS like Office 365, please visit: https://www.vectra.ai/o365

Sponsored By

Vectra

Guest

Chris Morales
Chris Morales
Principal Security Advisor at Vectra AI

Chris Morales is Principal Security Advisor at Vectra AI, where he advises and designs incident response and threat management programs for Fortune 500 enterprise clients. He has two decades of information security experience in an array of cybersecurity consulting, sales, and research roles. Christopher is a widely respected expert on cybersecurity issues and technologies and has researched, written and presented numerous information security architecture programs and processes.

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
prestitial ad