I can’t believe another year has passed and it is time for the annual pilgrimage to Vegas for Black Hat/Defcon. Of the hundreds of cybersecurity conferences held each year, the one that most infosec professionals look forward to the most is Black Hat. I can’t say I am any different. I was joking with someone recently that I might break out my Defcon II shirt from 1994, which is the first time I actually went. Of course at this time there was no Blackhat, and Defcon was just a small gathering of free spirits lead by Jeff Moss. All of the key hackers that were there are now a little older, a little grayer, and have families. My how times have changed from those carefree days…
We, like many security companies, will be at Black Hat in full force. If you’re looking to catch-up with the our team, we’ll be at booth 727 during the exhibition days on August 5th and 6th. You can also schedule meetings in advance with members of executive and technical team by emailing BlackHat@crowdstrike.com. Stop in and see why we are leading the charge in next-gen endpoint and delivering the results that others can’t. We will be providing demos of our Falcon technology – showcasing real-world detection and prevention scenarios. If you want to see why some of the largest companies on the planet trust CrowdStrike, while also getting some ninja adversary t-shirts, then please stop by.
Let me give you a quick rundown on all of our Black Hat 2015 activities.
Black Hat Training:
Join Adam Meyers, CrowdStrike’s VP of Intelligence Services at Black Hat for a two day training session on intelligence driven security. The course, scheduled for August 1st and 2nd, takes the on-the-ground security methodology of the US Special Operations Forces, F3 EAD, and applies its underlying principles to finding, fixing, and finishing adversaries in the cyber realm.
Intelligence is key to enable cyber defense teams to focus on the cyber battlefield with a broad perspective to piece together all aspects of the cyber adversary’s operations. If you’re not using intelligence to drive your cyber defenses, then you’re not seeing the big picture. You can register for Adam’s session here: Intelligence Driven Security – August 1&2, 201
Black Hat Briefings:
GameOver Zeus: Bad Guys and Backends, presented by Tillmann Werner, Elliott Peterson, and Michael Sandee
August 5th, 2015; 13:50-14:40, Mandalay Bay GH
Gameover Zeus represents one of the most complex and successful law enforcement operations against cyber crime to date. Tillmann Werner, Manager – Technical Analysis Cell at CrowdStrike, along with Elliott Peterson, FBI, and Michael Sandee, FOX-IT will highlight the extensive industry and government partnerships that were crucial to this operation’s success. As well as detailing many of the individuals responsible for GameOver Zeus and Cryptolocker, the briefing will summarize the law enforcement investigation and highlight the legal processes used to wrest control of the botnet from its operators.
Battle of the SKM and IUM: How Windows 10 Rewrites OS Architecture, presented by Alex Ionescu
August 6th, 2015; 9:45am-10:35am, Jasmine Ballroom
In Windows 10, Microsoft is introducing a radical new concept to the underlying OS architecture, and it’s likely the biggest change to the NT design since the decision to move the GUI in kernal-mode. Alex Ionescu, Chief Architect at CrowdStrike, explores how “secure” this new model really is and what prevents a malicious application from running in such a secure mode to begin with. This one is not to be missed!
Bringing a Cannon to a Knife Fight, presented by Adam Kozy & Johannes Gilger
August 6th, 2015; 9:45am-10:35am, South Seas ABE
It seems that China has a destructive new cyber toy that has the potential to turn Chinese users and global visitors to Chinese sites into the world’s largest botnet. Adam and Johannes will review the Great Cannon’s early construction, examine how it intercepts traffic as a Man-in-the-Middle proxy, and show the ease with which it can weaponized users to carry out attacks on sites deemed a threat to Chinese national interests. While it’s been used so far with all the subtlety of a sledgehammer Kozy and Gilger explore its capacity for being used as a more devious and dangerous tool in the future.
Follow us on Twitter to keep up with CrowdStrike’s Black Hat happenings during the event – we look forward to seeing you in Las Vegas. And Remember, Blackhat is one of the most hostile networks on the planet. Be safe, stay secure, and be paranoid – very paranoid!
President/CEO & Co-Founder