See and Be Seen at Black Hat 2018!
Written by: Carolyn Crandall, CMO and Chief Deception Officer – Given the popularity of my last must see and do blog for RSA, I am continuing the tradition for Black Hat 2018. If you are planning to attend, here are some top things to see and do.
Before you hit the show floor or briefings, read Black Hat’s new research report, “Where Cybersecurity Stands”. The report is compiled from 300 top infosec professionals covering a range of trending topics including politics, international relations, commerce, critical infrastructure and human relations.
Overall for the event, I am expecting to see a lot of buzz on the floor on privacy, mobile, and device security around critical infrastructure, IOT, and payment systems. The attack surface is rapidly changing, and new innovations are being introduced to address this evolution.
Here are some key activities that caught my eye.
On the Stage
- Parisa Tabriz, Director of Engineering at Google is giving the Wednesday Keynote on: Optimistic Dissatisfaction with the Status Quo: Steps We Must Take to Improve Security in Complex Landscapes
- Deception technology is on the agenda, though I find the abstract curious.
Title: Real Eyes, Realize, Real Lies: Beating Deception Technologies
Recent advancements have reinvented deception technologies and their use as a security layer of defense, making them no longer passé but so effective and believable that they are fast-becoming widespread in mature organizations. Many security providers now successfully disrupt attacks by offering comprehensive deception capabilities, featuring a variety of traps, deceits, and lures distributed across the enterprise’s internal environment. While deception is a legitimate (and cool) threat detection and response strategy, like any other security trend, adversaries will inevitably adapt…
We have extremely aggressive pen testers that go up against Attivo deception technology all the time and have covered many large public events, and capture-the-flag venues. Attivo is exceptionally confident in our technology and welcome the opportunity to take a pen test challenge from potential customers. I am looking forward to hearing how they think they can bypass deception. Possibly, they are using partial deployments or forms of emulation…
On the Floor
- Make sure to check out the Attivo Networks (Booth #2004), which is displaying for a final time, the Deception Hall of Mirrors. (we have new tricks up our sleeve for RSA 2019) For those of you who saw the booth at RSA USA 2018, the interior of the booth maze has been updated so be sure to check it out. The path that once worked for you to navigate the maze won’t work this time! The IT World Awards 2018 also gave the booth an award for “Best Brand Experience Event” for its creativity to encompass the show attendees in a real life deceptive environment.
- Check out the quad motorcycle at the Anomoli (Booth #1302). Make sure to join the raffle as they will be giving it away at the end of the event.
- Don’t miss the FireDrill: Adversarial Simulation Platform – ARSENAL THEATER DEMO at AttackIQ and don’t forget to grab a t-shirt and enter to win a drone.
- Cisco (Booth #504) is back with a large presence at the show with theater sessions every 20 minutes. Be sure to register now for the limited number of security operations tours.
- Cylance (Booth #604) is debuting their Cylance Smart AnitivireTMand giving out their book Next-Generation Anti-Malware Testing For Dummies©, be sure to pick up a copy.
- Malwarebytes (Booth #658) has installed the double sided 16’ high LED video wall creating an impressive presentation theater. (I miss their large robot)
- Splunk (Booth #1214) will be displaying their wall of clever phrase t-shirts. Which one is your favorite?
- Thycotic (Booth #1408) is offering up great prizes with their giant “Price is Right” wheel, prizes include: Amazon gift cards, Starbucks gift cards, socks, flasks and more.
- Stop by WatchGuard (Booth #458) and recharge with an energy drink. Don’t forget to enter the daily raffle for some of today’s coolest Star Wars Lego sets.
In the Evening
Black Hat has some of the best parties and this year won’t disappoint. Where to go to find the “in crowd”.
- Attivo Networks and McAfee team up for a swinging pre-Black Hat event at Top Golf (invitation only- please ask your account executive if you would like to request an invite)
- 5:30PM Guidepoint Security takes over the Aureole, Mandalay
- 6:00PM Forescout Technologies is throwing its party at the Alibi Cocktail Lounge, at ARIA Resort & Casino
- 8:00PM Synack CISO escape with helicopters, explosives, and race trucks. What more could you ask for?
- 7:00PM Carbon Black throws some Tex Mex fun at the Border Grill, Mandalay Bay. Looking forward to hearing them talk more on silent hunting.
- 7:30PM Optiv throws their big bash at the LIGHT Nightclub, Mandalay Bay. This is super fun with lights, shows, and flowing cocktails.
- 1:00PM Executive Woman’s Forum Meet and Greet in the South Pacific I, North Hall
* The full list of parties can be found here>>
Outside of the Floor and Stage
Be sure to check out these philanthropies and events outside of the arsenal and speaking sessions.
- E.R.O. Child-Rescue Crops has partnered with the conference to donate all the proceeds from the purchase this year’s one of a kind Black Hat USA 2018 t-shirt.
- Community Workshops will take place on Wednesday and Thursday covering topics ranging from Digital Resilience, Computer Crime Law and Peer-to-Peer mentoring workshops.
- Kali Linux Dojo (South Seas IJ) is where attendees can build and customize their own version of Kali.
Have a great event and I look forward to seeing you there!
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise