Published on August 13th, 2019 📆 | 7398 Views ⚑0
Black Hat USA 2019 Featuring Cisco, Webroot, Microsoft
A record 19,000-plus cybersecurity professionals descended on Las Vegas last week for the massive Black Hat USA 2019 conference.
In its 23rd year, the conference drew representation from 112 countries. Jeff Moss, Black Hat founder and director, told attendees “Infosec really does span the globe.”
A recurring theme at Black Hat was organizations’ continuing reluctance to embrace multifactor authentication (MFA), and therefore leaving themselves more vulnerable to cyberattacks. During a briefing focused on attacking and defending Microsoft Cloud (Office 365 and Azure AD), Mark Morowczynski, Microsoft’s principal program manager, brought up a startling statistic: Ninety-two percent of Azure AD admins don’t use MFA.
Elsewhere at the conference, Microsoft issued a challenge for hackers, offering a $300,000 award for anyone that can successfully hack its public-cloud infrastructure service. And numerous companies shared their latest research regarding cyber threats.
Click through the gallery below for highlights and a recap of the event, owned by Channel Partners’ parent company, Informa.
Jeff Moss, Black Hat founder and director, welcomed attendees and stressed the importance of communication in cybersecurity. Good communication may mean a bigger budget for cybersecurity, while poor communication could get you fired, he said.
Black Hat keynoter Dino Dai Zovi, Square’s mobile security lead, stressed the importance of development teams and security teams working together and sharing the responsibility for security. He also said when it comes to fighting cybercriminals, culture is way more powerful than strategy, which is way more powerful than tactics.
Jamil Farshchi, Equifax’s chief information security officer, said organizational structure and decision processes will directly impact whether organizations fall victim to cybercriminals. He also said it’s important to bridge the divide between an organization’s technical and nontechnical aspects. He joined Equifax after it suffered a massive data breach, which resulted in unauthorized access to the personal information of nearly 44% of the U.S. population.
Adam Ruddermann, practice director at NCC Group, gave a tutorial on creating and launching bug bounty programs, or vulnerability disclosure programs. The programs don’t have to be “fancy,” just very simple, he said. There are both public and private programs. Public programs remain ongoing, while private programs can be temporary, coinciding with the release of a new product, he said.
Qualys, the cloud security provider, demonstrated its Global IT Asset Inventory product. It creates a continuous, real-time inventory of known and unknown assets across an organization’s global IT framework. The assets can be from on-premises, endpoints, multicloud, mobile, containers, OT and IoT.
Games and challenges were a big hit in the Black Hat Business Hall. Attendees gathered at the FireEye booth for the puzzle box challenge. FireEye also announced details regarding a prolific Chinese cyberthreat group, the Advanced Persistent Threat group, responsible for targeted operations against organizations in 15 jurisdictions, and across multiple industries including health care, gaming, high-tech and the media.
In the Business Hall, Cisco introduced Cisco Threat Response, a console that automates integrations across Cisco security products and threat intelligence sources.
At its booth in the Business Hall, Microsoft invited attendees to “try and compromise the system.” It’s adding a $300,000 award to its Azure bounty program for anyone that can successfully hack its public-cloud infrastructure service.
Webroot provided demonstrations of its Threat Investigator, a tool that offers a view of the internet surrounding a particular URL, including potential threat actors. Webroot BrightCloud Threat Intelligence Services are used by companies like Cisco, F5 Networks, Citrix, Aruba and Palo Alto Networks.
WatchGuard Technologies’ Capture the Flag badge challenge was a big draw in the Business Hall. The company recently announced a series of major updates to its ThreatSync threat correlation and response platform, including accelerated breach detection, network process correlation and AI-powered threat analysis.
Illusive Networks uses deception technology to reduce the attack surface to preempt attacks, detect unauthorized lateral movement early in the attack cycle, and provide real-time forensics for enhanced response. Michelle Marchand, Illusive’s director of channels, East, said for the most part deception technology is considered “more of a want than a need” right now.
Researchers and the open-source community showcased their latest open-source tools and products in the Black Hat Arsenal. The area included live demonstrations and presenters interacted with attendees to provide a hands-on experience.
The Women’s Society of Cyberjutsu (WSC) provided information about its efforts to help women succeed in cybersecurity. The WSC community includes information security professionals, IT professionals, programmers, computer scientists and engineers, as well as women wanting to explore and join the field.