Monday, August 6, 2018

The Official Talos Guide to Security Summer Camp 2018

It is once again time for the week in the summer when many of us descend on Las Vegas for Black Hat, DEF CON, and B-Sides LasVegas. This is your official guide to what the Cisco Talos Threat Intelligence team is doing at these shows and what some of our colleagues around Cisco Security are doing, as well.

Whether you are looking to catch some great talks, hunting down the best parties, or just trying to avoid LineCon in all it's forms, here is a quick run-down of where and how you can catch Talos speakers, Cisco events, and other fun stuff you don't want to miss. Read on for the full details of what Cisco has in store for this year.


Black Hat Events At a Glance:

Event microsite: 

www.cisco.com/go/blackhat

Chat with us: 

@TalosSecurity,  @CiscoSecurity, @OpenDNS, @CiscoDevNet, @Snort, and @PortcullisLabs

Beers with Talos Live Podcast:
Wed. Aug. 8, 12 - 2 p.m.  -SOLD OUT- 

Cisco Party Black Hat party: 

We're headed to Topgolf Las Vegas! Get on the list now.

Booth: 

Stop by booth #504 for Snort pigs, Talos socks, and amazing booth talks by the Talos crew and other Cisco Security team members.
  • Theater sessions will take place every 20 minutes.
  • Play the DevNet Black Hat challenge on Thursday. Participants will receive a  limited availability hoodie.
  • The booth will also feature demos, Snort squishy pigs, awesome socks, and party check-in.

Career Zone booth CZ212: 

Security recruiters and researchers from Talos, Cisco Security, and Umbrella will be talking to recruits about all open positions. If you are looking for a new role or thinking it is time for a change, stop by the Career Zone booth. Resumes aren't required, but we will take it if you have it. Check out open positions across Cisco Security (including Talos!) here: cs.co/SecJobs.

Wednesday, Aug. 8

Talos Black Hat Flash Talks: 
10 a.m. - 7 p.m., Cisco Booth #504 - Full schedule below

Cisco Security/Talos Recruiting:
10 a.m. - 7 p.m., Black Hat Career Zone, Booth CZ212

Cisco Security Black Hat Session:
Cryptocurrency: More Than Just a Ransomware Payment Method 

11:30 a.m. - 12:20 p.m., Oceanside F (Giving away "Game of Threats" T-shirts)
Artsiom Holub and Austin McBride

Beers with Talos Live at Black Hat:
12 - 2 p.m., Rí Rá Irish Pub, Mandalay Bay  -SOLD OUT-

Talos Black Hat Session: 
Surprise Supplies!
Paul Rascagneres and Warren Mercer
3 - 3:50 p.m., Business Hall Theater B (Giving away Talos socks)

Cisco Black Hat Party:
8 - 11 p.m., Topgolf Las Vegas, MGM

Thursday, Aug. 9

Talos Black Hat Flash Talks: 
10 a.m. - 7 p.m., Cisco Booth #504 - Full schedule below

Cisco Security/Talos Recruiting: 10 a.m. - 7 p.m., Black Hat Career Zone, Booth CZ212

Cisco Security Black Hat Workshop: 
Tracking Down the Cyber Criminals: Revealing Malicious Infrastructures with Umbrella
Chris Riviere
11 - 11:50 a.m., Session 1, Mandalay Bay Ballroom B (Giving away "Game of Threats" T-shirts)
12:10 - 1 p.m., Session 2, Mandalay Bay Ballroom B (Giving away "Game of Threats" T-shirts)

Cisco Security (PortcullisLabs) Black Hat Session: 
Playback: A TLS 1.3 Story
Alejo Murillo Moya and Alfonso Garcia Alguacil
12:10 - 1 p.m., Jasmine Ballroom

Cisco Security Black Hat Session: 
A Cloud Security RESTful Hunt
Andrew Maxey
1:20 - 2:10 p.m., Business Hall Theater B (Giving away "Game of Threats" T-shirts)

Cisco Security Black Hat Session: 
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
Jonas Zaddach
3:50 - 4:40 p.m., South Pacific F

Friday, Aug. 10

Cisco Security (PortcullisLabs) DEF CON Session: 
Playback: A TLS 1.3 Story
Alejo Murillo Moya and Alfonso Garcia Alguacil
3 - 4 p.m., DEF CON Track 2 - Caesar’s Palace

Saturday, Aug. 11

Talos DEF CON Session: 
Analyzing VPN Filter’s Modbus Module 
Patrick DeSantis & Carlos Pacho
10:40 - 11:30 a.m., DEF CON ICS Village

Cisco Booth Lightning Talk Schedule:

Wed. Aug 8, 10 a.m. - 7 p.m.
Thurs. Aug 9, 10 a.m. - 5 p.m.
Cisco Booth #504

On the full schedule, we have 18 new talks from Talos, and many other talks from Umbrella, and Cisco’s Web Security and Services teams. You won’t want to miss these sessions. Have a seat and enjoy a 20-minute presentation in Cisco booth #504. Grab some great swag, check in for the Cisco Party, or play the Black Hat challenge game while you are there.

Here is the full schedule of booth talks at the Cisco/Talos booth area (highlights indicate talks from Cisco Talos team members):

Wed. Aug. 8SpeakerTitle
10:40 - 11 a.m.George TarnovskyReverse Engineering using X-Ray
11 - 11:20 a.m.Alec GleasonSecure AI Architecture
11:20 - 11:40 a.m.Samuel DytrychIn Libc We Trust?
11:40 - NoonPaul SingletonThe Secure Internet Gateway: Security Reimagined in the Cloud
Noon - 12:20 p.m.Jordan GackowskiStepping into the cloud with confidence
12:20 - 12:40 p.m.Chris RiverieOffice 365: Enhanced Security to Protect Your Email, Users, Data and Apps
12:40 - 1 p.m.Chris Parker JamesAnatomy of an Attack
1 - 1:20 p.m.Justice CasselBug Bounties and the OWASP Top 10: Messy Vulns and Real Lessons
1:20 - 1:40 p.m.Sam RastogiRedefine Data Center Security in a Multicloud World
1:40 - 2 p.m.Ben GreenbaumInvestigations at the Speed of Cisco Visibility
2 - 2:20 p.m.Nick BiasiniMalicious Crypto Mining
2:20 - 2:40 p.m.Jaime FilsonA Romp Down FTP Lane
2:40 - 3 p.m.Adam FlatleyManaging Response to Large Scale, Critical Cyber Events
3 - 3:20 p.m.David van SchravendijkCisco's Cloud Managed Meraki MX. Past, Present, & Future.
3:20 - 3:40 p.m.Salina WuttkeIBM:  Accelerate Detection of Advanced Threats with Cisco & IBM Security
3:40 - 4 p.m.George TarnovskyReverse Engineering using X-Ray
4 - 4:20 p.m.Vitor VenturaTelegrab
4:20 - 4:40 p.m.Yves YounanThe Past Year In Vulnerability Discovery at Cisco Talos
4:40 - 5 p.m.Cory DuplantisPattern Matching Vulnerabilities
5 - 5:20 p.m.Andrew BlunckHow Talos Writes Coverage & Why it Works
5:20 - 5:40 p.m.Caitlyn HammondA day in the life of an analyst
5:40 - 6 p.m.Adam KatzEmail Sender Analysis: SPF, DKIM, and DMARC
6 - 6:20 p.m.Sam RastogiRedefine Data Center Security in a Multicloud World
6:20 - 6:40 p.m.
6:40 - 7 p.m.Raffle Drawing


Thur. Aug. 9SpeakerTitle
10 - 10:20 a.m.David SchwartzbergAnatomy of an Attack
10:20 - 10:40 a.m.Edmund BrumaghinThanatos Ransomware
10:40 - 11 a.m.David MaynorHunting beyond packets
11 - 11:20 a.m.Danny AdamitisWhen and why APT actors use open-source frameworks
11:20 - 11:40 a.m.Regina WilsonVulnerability Reporting and Disclosure
11:40 - NoonCarlos PachoFinding Vulns in Embedded Systems
Noon - 12:20 p.m.David van SchravendijkCisco's Cloud Managed Meraki MX. Past, Present, & Future.
12:20 - 12:40 p.m.Alec GleasonSecure AI Architecture
12:40 - 1 p.m.Salina WuttkeIBM:  Accelerate Detection of Advanced Threats with Cisco & IBM Security
1 - 1:20 p.m.Jordan GackowskiStepping into the cloud with confidence
1:20 - 1:40 p.m.Justice CasselBug Bounties and the OWASP Top 10: Messy Vulns and Real Lessons
1:40 - 2 p.m.Ben GreenbaumInvestigations at the Speed of Cisco Visibility
2 - 2:20 p.m.Ryan PentneyChinese cryptomining actor trends with honeypots observations
2:20 - 2:40 p.m.Brandon StultzProtecting Networks with Snort 3
2:40 - 3 p.m.Benny KetelslegersCCleaner
3 - 3:20 p.m.Claudio BozzatoTrap IoT Devices And Get Free Bugs
3:20 - 3:40 p.m.Samuel DytrychIn Libc We Trust?
3:40 - 4 p.m.David SchwartzbergAnatomy of an Attack
4 - 4:20 p.m.Paul SingletonThe Secure Internet Gateway: Security Reimagined in the Cloud
4:20 - 4:40 p.m.Andrew MaxeyOffice 365: Enhanced Security to Protect Your Email, Users, Data and Apps
4:40 - 5 p.m.Raffle Drawing

Coming early for BSides or staying for DEFCON?

We have a few things going on there, too.
  • Make sure to stop by Hire Ground at BSides for resume review and tips with Cisco/Talos technical recruiter Merilyn Tinana. 
  • There are two DEF CON sessions that are not to be missed as well: Playback: A TLS 1.3 Story with Alejo Murillo Moya and Alfonso Garcia Alguacil at DEF CON Track 2 and Analyzing VPN Filter’s Modbus Module  Talos researchers Patrick DeSantis & Carlos Pacho in the DEF CON ICS Village (see schedule above).

Friendly Reminders:

There are a lot of things you should know before heading to Black Hat, DEF CON, and/or BSides LV. Here’s a quick list of things to absolutely remember:
  • Business cards
  • Spare battery/juice pack — nothing drains devices like a conference, although turning off Bluetooth and Wi-Fi radios helps and may not be a terrible idea (especially at these conferences in particular). If you aren’t charging, you are probably going to have a dead phone by the time the parties start in the evening.
  • Comfortable walking shoes — yes, many venues are connected, but they are connected via long walks. Many attendees rack up more than 10 miles per day on their pedometers.
  • Space in your suitcase — all that sweet, sweet conference swag isn't shipping itself home.
  • Water — because it's the desert. Pro-tip: arrange a delivery from Prime Now, Instacart, etc. on your arrival day to make sure you always have a full bottle of water.
We are looking forward to meeting and seeing everyone at Black Hat and DEF CON. Be sure to come by booth #504 and say hello …and, of course, pick up a new, limited edition Snorty pig for your collection.

No comments:

Post a Comment