BH2020

BH2020 #4

August 6, 2020

Segments

Security Trends In Modern Application Development – Chris Wysopal – BH20 #4

August 6, 2020

DevSecOps has moved security front and center in modern development. Yet security and development teams are driven by different metrics, making it challenging to align on objectives. The move to microservices-driven architecture and the use of containers and serverless has shifted the dynamics of ho...

Threat intelligence

Hiding Process Memory Via Anti-Forensic Techniques – Frank Block – BH20 #4

August 6, 2020

Malware authors constantly search for new ways of hiding their activity/content from the eyes of the analysts. In order to help the malware authors in their constant struggle ;-), we introduce three novel methods that prevent malicious user space memory from appearing in analysis tools and additiona...

Careers

How We Can Effectively Solve For Human Risk In Our Organizations – Masha Sedova – BH20 #4

August 6, 2020

What is Human risk? With WFH being present, has human risk increased? Can you solve human risk with technology? As part of your Blackhat talk, what trends have you unconvered that could help CISO's identify areas of greatest human risk? See how Elevate Security can solve for human risk in your or...

Cybersecurity Asset Management

deepwatch Lens Score – Corey Bodzin – BH20 #4

August 6, 2020

deepwatch Lens Score - The first SecOps maturity benchmarking and planning app. Answers CISO Questions: How mature is my Security Program? How do I compare to my peers? What one thing should I do next? This segment is sponsored by deepwatch. Visit https://www.deepwatch.com/lens-score/ to tr...

Incident response

Cyber Threat Intelligence – Brian Kime – BH20 #4

August 6, 2020

Cyber threat intelligence has had trouble demonstrating relevance and ROI for most organizations. Brian Kime from Forrester discusses his research on current cyber threat intelligence trends and helps us understand what to expect, from both services and tools, over the next two years.

Incident response

Threat Hunting Incident Response w/ Google Cloud & Tanium – Anton Chuvakin, Matt Hastings – BH20 #4

August 6, 2020

Matt and Anton will discuss the new integration between Tanium and Chronicle, designed for distributed IT in a remote-work world. The two will explore some of the unique challenges that security teams are facing in light of this change. They will also provide details on the new integrations, which c...

Cloud security

Summarizing the BlackHat Threat Intelligence Report – Matthew Gardiner – BH20 #4

August 6, 2020

Matthew Gardiner, Principal Security Strategist, from Mimecast will provide and overview of Mimecast and the results of their Threat Intelligence Report, BlackHat USA Edition, August 2020. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastbh to learn more about ...

Application security

Challenges Configuring Your Home Network for Remote Workers – BH20 #4

August 6, 2020

Paul Asadoorian and Matt Alderman discuss the challenges of remote work and how to setup your home network. This discussion will lead to a number of technical segments on future shows to help individuals setup a more secure network at home.

Application security

JavaScript Security – Taemin Park – BH20 #4

August 6, 2020

Security holes and attack vectors in JavaScript. Defense mechanisms against JavaScript exploitations.

BH2020 #3

August 5, 2020

Full episode and show notes

Segments

A Decade After Stuxnet’s Printer Vulnerability – Peleg Hadar, Tomer Bar – BH20 #3

August 5, 2020

We will describe the Print Spooler vulnerabilities that are found in Windows OS, and will explain how it’s related to Stuxnet. We will also release several tools. The name of Peleg and Tomer's talk is entitled "A Decade After Stuxnet's Printer Vuln: Printing is Still the Stairway to Heaven", and is ...

Application security

Planning Security Strategy Without The Black Hat Expo? – Ian McShane – BH20 #3

August 5, 2020

This year we’ve seen organizations accelerate their so-called digital transformation almost overnight. Now we’re getting to the point where security leaders and business owners need to stop and take stock of what happened, what’s a temporary band aid, and figure out how to build their strategy witho...

Application security

Defining the Dynamic Application Security Testing Market – Ferruh Mavituna – BH20 #3

August 5, 2020

Dynamic application security testing (DAST) for web applications has come a long way, establishing a niche market with a variety of offerings. In this segment Ferruh will discuss the big differences in DAST solutions available and help you understand which one is a pure DAST that you could rely on t...

Insider threat

Effectively Protecting Your Users Against Ransomware & Zero-Day Exploits – Danny Jenkins – BH20 #3

August 5, 2020

ThreatLocker CEO, Danny Jenkins explains why his new approach of blocking everything that is not trusted and only allowing those applications that are approved, is a cleaner and more comprehensive approach to ensuring malware does not end up on your networks. During this segment, Danny explains ...

Email security

What’s Next In Work From Home Security? – Stephen Boyer – BH20 #3

August 5, 2020

Security professionals need to be thinking of the next evolution of the approach from working from home, specifically focusing on the security of the home network for both employees and third party contractors. Stephen Boyer discusses how to rate the risk of these new attack vectors using data BitS...

Careers

The Paramedic’s Guide to Surviving Cybersecurity – Rich Mogull – BH20 #3

August 5, 2020

The security world is fraught with cases of mental health issues, burnout, substance abuse, and even suicide. We live in a world of threats and responses that trigger the deepest parts of our psyche; with the barriers between "online" and the physical world constantly crumbling. While some deal in t...

Application security

Developer Security Champions – Sandy Carielli – BH20 #3

August 5, 2020

Firms that want to secure applications are challenged by understaffed security teams and lack of security awareness on the part of developers. Developer security champions are developers who act as a security point of contact in their team, but programs to create and support them require investment ...

Cybersecurity Asset Management

Third-Party Risk Management (TPRM) – Alla Valente – BH20 #3

August 5, 2020

A firm’s network of third-party relationships can be a source of strength and an Achille’s heel, depending on the maturity of their risk management process. Companies have limited or no control over how third-parties secure their technology infrastructure, their applications, and their data, yet the...

Cybersecurity Asset Management

The Intersection of Security & Privacy Operations – Gabe Gumbs – BH20 #3

August 5, 2020

Are security operations teams prepared to respond to privacy threats? Although you can achieve security without privacy, namely keeping information safeguarded from those that should not have access, you can not keep data private without security. How can we address this challenge? This segment i...

BH2020 #2

August 4, 2020

Full episode and show notes

Segments

Cybersecurity Asset Management

IoT Security, Hacking, Testing & Testing Methods – Deral Heiland – BH20 #2

August 4, 2020

Focus on subject of IoT security and hacking, IoT testing and Testing methods and related research topics. This segment is sponsored by Rapid7. Visit https://securityweekly.com/rapid7 to learn more about them! Segment Resources: https://www.rapid7.com/research/%0D%0Ahttps://blog.rapid7.co...

Compliance

Black Box to Glass Box Verdicts – Mario Vuksan – BH20 #2

August 4, 2020

Modern digital objects, made up of layers of structured code and data, are central to the exchange or storage of information and are becoming increasingly complex. Moreover, because signature, AI and machine learning-based threat classifications from “black box” detection engines come with littl...

Cybersecurity Asset Management

Navigating a Post-Compromise Reality – Michael Sanders – BH20 #2

August 4, 2020

Every organization gets compromised - it’s how you fast you detect and respond that counts. Trends like the overnight move to remote work and the subsequent increase in phishing attacks, the acceleration of cloud adoption, and proliferation of enterprise IoT have expanded the attack surface and comp...

“Demystifying Modern Windows Rootkits” – Bill Demirkapi – BH20 #2

August 4, 2020

This talk will demystify the process of writing a rootkit, moving past theory and instead walking the audience through the process of going from a driver that says "Hello World" to a driver that abuses never-before-seen hooking methods to control the user-mode network stack. Analysis includes common...

Incident response

Threat Hunting Platforms vs. SIEM, What’s the Difference? – Corey Thuen – BH20 #2

August 4, 2020

What use cases are addressed by Threat Hunting Platforms and SIEMs? Where is the overlap and where are the differences? This talk covers the high level and low-level tech that drives these differences. This segment is sponsored by Gravwell. Visit https://securityweekly.com/gravwell to learn ...

Application security

The Entire IT Security Industry – Richard Stiennon – BH20 #2

August 4, 2020

Stiennon presents the results of his research to quantify the entire industry. He observes there is no consolidation. Also, that growth rates far exceed what the big firms predict every year. To see more of Richard's industry insights, visit: https://it-harvest.com/shop/

Cybersecurity Asset Management

Simplifying The Process Of Identifying, Assessing & Mitigating Risks – Liam Downward – BH20 #2

August 4, 2020

Burdensome technologies that generate bloat within any organization, high licensing costs along with the long deployment times. All of these affect the ROI on organizational resources Time, Money, and People. This segment is sponsored by CYRISMA. Visit https://securityweekly.com/cyrisma to le...

Cybersecurity Asset Management

Being Thorough or Working Fast: Which Matters Most in Security? – Paul Battista – BH20 #2

August 4, 2020

Most analysts will tell you that they balance between being thorough and getting the job done quickly. I asked the security community to weigh in on this debate. I’ll share what they thought and explain why it’s no longer necessary to choose between the two. This segment is sponsored by Polarity....

Application security

Observing Privilege To Reduce Risk In Software As A Service – Chris Morales – BH20 #2

August 4, 2020

Risk remains the top concern for organizations adopting software-as-a-service (SaaS) models and this is an issue that is only getting worse. What is needed today is the ability to remove the dependency on human behavior and human error, bringing control back to the security team. Risk in a SaaS ...

BH2020 #1

August 3, 2020

Full episode and show notes

Segments

Cybersecurity Asset Management

Pentesting Results Paint A Biased Picture – Roi Cohen – BH20 #1

August 3, 2020

Pentesting is littered with politics, bias reporting, and human error. So how do you clean up the trash? A former IDF engineer shares how his stint as a pentester changed the way he thinks about it - and ultimately led to the development of a new technology. This segment is sponsored by Vicarius...

Remote access

Why Secure Remote Access Is Like The Emperors New Clothes – Charl van der Walt, Wicus Ross – BH20 #1

August 3, 2020

Our research for Black Hat demonstrates that the Secure Remote Access or so-called 'VPN' technologies typically used by enterprises to facilitate access to their networks for remote employees are poorly understood, improperly configured and don't provide the full level of protection typically expect...

Application security

Purple Teaming With PlexTrac – Dan DeCloss – BH20 #1

August 3, 2020

The concept of purple teaming needs to be expanded to incorporate a culture of collaboration across all proactive and reactive activities within enterprise cybersecurity programs. Learn how PlexTrac can aid in all thing purple teaming and drive to the security posture forward for all. Key qu...

Application security

Protecting Data That Egresses From Cloud Services & SaaS Applications – Jeff Capone – BH20 #1

August 3, 2020

For a true Zero-Trust environment, it isn’t enough to think about data in cloud services and SaaS applications, we also must protect, control and audit data that egresses form these services onto endpoints. - How do you protect data that egresses from your cloud services (i.e., Github, Workday, ...

Application security

Are You Effectively Addressing API Security? – Michael Borohovski – BH20 #1

August 3, 2020

All applications use APIs—they’re nothing new to the development world. But are organizations factoring API security into their broader security strategy effectively? We’ve seen high-profile breaches at well-known companies stemming from their exposure or use of insecure API endpoints. This rais...

Careers

Protecting Ethical Hackers – Gary De Mercurio, Justin Wynn – BH20 #1

August 3, 2020

Arrests in Iowa and a Good Samaritan law for Cyber security. The mistake Iowa has made allowing politicians to pass sweeping reforms on a subject they knew nothing about based on politics and who owned what, versus what was best for the citizens of Iowa.

Remote access

Satellite Broadband Security – James Pavur – BH20 #1

August 3, 2020

In my upcoming Blackhat and DEFCON briefings, I will be presenting the result of several experiments looking at real-world security and privacy in satellite broadband communications. We find that it is possible for attackers using cheap home-television equipment to eavesdrop on the internet traffic ...

Application security

What’s Going On With TikTok? – BH20 #1

August 3, 2020

What's the latest with TikTok? Will the application be banned? Can you actually ban it? Doug White and Matt Alderman discuss the latest news on TikTok.

Application security

How Did The Twitter Hackers Get Caught? – BH20 #1

August 3, 2020

The FBI tracked down the Twitter hackers, but how? What mistake did they make? Doug White and Matt Alderman discuss the latest news on the Twitter hack.