Top Talks @ Black Hat Conference USA 2016: Your Complete Guide
Our editorial team has handpicked some great talks from Black Hat Conference - one of the largest IT Security Conference in the world.
Black Hat - built by and for the global InfoSec community - returns to Las Vegas for its 19th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (July 30 - August 2) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 3-4). (Source: Black Hat Conference USA 2016)
The Index below will help you navigate on this page. Each link will take you to the individual presentations. We have marked some particular slide number from each presentation which are particularly interesting. So, here's your shortcut to a full conference!
Index: Top Talks Handpicked by CISO Platform Editorial Team
(Click on the sections below to go directly to respective sections)
1) Top 4 'Application Security' talks from Black Hat Conference 2016 (USA)
Application Security tries to prevent an application's security flaws throughout it's design, development, testing and maintainance phases. Here are some great talks from BH which will help you understand the attack trends.
- HTTP cookie hijacking in the wild: security and privacy implications....Go To Presentation
- Timing attacks have never been so practical: Advance cross site search attacks....Go To Presentation
- Abusing bleeding edge web standards for appsec glory....Go To Presentation
- The year in Flash....Go To Presentation
2) Top 5 'Mobile Security' talks from Black Hat Conference 2016 (USA)
Here are some great talks from 'Mobile Security'. It covers the latest BYOD attacks, Samsung pay flaws, mobile OAuth, iOS Security & more .
- 1000 ways to die in mobile OAuth....Go To Presentation
- Behind the scenes with IOS security....Go To Presentation
- Bad for Enterprise: Attacking BYOD enterprise mobility security solutions....Go To Presentation
- Samsung pay: tokenized numbers flaws and issues....Go To Presentation
- The Art of defence: How vulnerabilites help shape security features and mitigations in android....Go To Presentation
3) Top 4 'Cloud & Virtualization Platforms' talks from Black Hat Conference 2016 (USA)
With all infrastructure, services everything going cloud and becoming more affordable, this is a major section for security. Viability of cloud solutions are gauged here. Our Cloud Partners association as well as our data on the cloud may have some special needs. Below selected slides will help you identify those.
- Account jumping post infection persistency and lateral movement in AWS....Go To Presentation
- Hardening AWS environment and automating incidence response for AWS compromises....Go To Presentation
- Breaking paravirtualized devices....Go To Presentation
- Memory forensics using VMI for cloud computing....Go To Presentation
4) Top 6 'Advanced Malware & Exploits' talks from Black Hat Conference 2016 (USA)
Advanced malware analysis & exploit kits are a thing now. The new hack and bypass mechanisms will help you prepare for the best.
- Applied Machine learning for data exfiltration and other fun topics....Go To Presentation
- Pirating AVS to bypass exploit mitigation....Go To Presentation
- The art of reverse engineering flash exploits....Go To Presentation
- Certificate bypass: Hiding and executing malware from a digitally signed executables....Go To Presentation
- AI approach to malware similarity analysis: Maping the malware genome with a deep neural network....Go To Presentation
- Weaponizing data science for social engineering: automate E2E spear phishing on twitter....Go To Presentation
5) Top 4 'Internet Of Things Security' talks from Black Hat Conference 2016 (USA)
Internet Of Things is ones of the very enthusiastic technology advances. It's connecting technology in various ways and making life beyond easy. Its extreme access and integration in our lives poses huge security threats if they were to be infiltrated. Here are a few IOT trends to keep you safe.
- A lightbulb worm....Go To Presentation
- Attacking bluetooth smart devices: introducing a new BLE proxy tool....Go To Presentation
- Building trust and Enabling innovation for voice enabled IOT....Go To Presentation
- CANSPY: A platform for auditing CAN devices....Go To Presentation
6) Top 4 'Network Security' talks from Black Hat Conference 2016 (USA)
Networking infrastructure often has packets of sensitive and credible information, thus becoming a possible attack point for unauthorized access, misuse, tampering etc. Some interesting new attack techniques have been included in these talks.
- Recover A RSA Private key from a TLS session with perfect forward secrecy....Go To Presentation
- TCP injection attacks in the wild: A large scale case study....Go To Presentation
- Attacking SDN infrastructure: Are we ready for the next gen networking....Go To Presentation
- HEIST: HTTP encrypted information can be stolen through TCP windows....Go To Presentation
7) Top 4 'Hardware Security & DevOps' talks from Black Hat Conference 2016 (USA)
Device associated attacks are not uncommon, very common incidents occur in the communication infrastructure, healthcare instruments, IOT devices etc. They can include but are not limited to reverse engineering, IP theft, network attacks, tampering, cloning, GPS jamming etc. The selected talks include memory protection techniques, hypervisor breakthroughs & many more.
- Intra process memory protection for applications on ARM and x86....Go To Presentation
- Demystifying Secure enclave processor....Go To Presentation
- Breaking hardware enforced security with hypervisors....Go To Presentation
- Breaking Kernal address space layout rendomization: KASLAR with Intel TSX....Go To Presentation
8)Get Your Free Guide To Building Enterprise Security Architecture Governance Program
Here's a free detailed guide on enterprise security architecture which focuses on:
- Developing a customized information security architecture governance framework.
- Applying the framework in organization context to create implementation roadmap.
- Developing a measurement program to continuously improve security architecture governance.
Comments