7 Sessions Not to Miss at Black Hat USA 2024
This year's conference will be a treasure trove of insights for cybersecurity professionals.
COMMENTARY
As always, Black Hat USA 2024 promises to be a treasure trove of insights for cybersecurity professionals. The artificial intelligence craze notwithstanding, vulnerability remediation continues to be the core focus for all sizes of organizations seeking to make security more efficient. Understandably, this year's conference promises a variety of approaches, case studies, and informative discussions on this topic. Here are the seven most illuminating sessions we suggest you attend, for insights on discovering, prioritizing, and patching vulnerabilities:
Breaching AWS Accounts Through Shadow Resources
Speakers: Yakir Kadkoda, Michael Katchinskiy, Ofek Itach
Date: Wednesday, Aug. 7, 10:20 a.m.-11 a.m.
Tracks: Cloud security, enterprise security
Did you know that six critical vulnerabilities in Amazon Web Services (AWS) have the potential to lead to severe breaches, including remote code execution and information disclosure? This session dives into a methodology for discovering these vulnerabilities, and the speakers will introduce a new open source tool for researching service internal API calls. This session is essential for understanding and mitigating complex cloud vulnerabilities.
Predict, Prioritize, Patch: How Microsoft Harnesses LLMs for Security Response
Speaker: Bill Demirkapi
Date: Wednesday, Aug. 7, 1:30 p.m.-2:10 p.m.
Tracks: AI, ML & data science, application security: defense
Joining this session will help you understand more about how Microsoft leverages large language models (LLMs) to streamline security response workflows. Hear about practical applications of LLMs for deriving vulnerability information, predicting report severity, and generating root causes from crash dumps. This is a seminal session for organizations looking to enhance their vulnerability management with AI.
Self-Hosted GitHub CI/CD Runners: Continuous Integration, Continuous Destruction
Speakers: Adnan Khan, John Stawinski
Date: Wednesday, Aug. 7, 1:30 p.m.-2:10 p.m.
Tracks: Enterprise security, application security: offense
This technical deep dive addresses the security risks associated with self-hosted CI/CD runners, highlighting critical vulnerabilities discovered in GitHub and other platforms. Attendees will learn how to defend against pipeline poisoning and privilege escalation attacks, which are vital for securing the software development life cycle.
The GCP Jenga Tower: Hacking Millions of Google's Servers With a Single Package (and More)
Speaker: Liv Matan
Date: Wednesday, Aug. 7, 1:30 p.m.-2:10 p.m.
Tracks: Cloud security, application security: offense
Explore how a single faulty command in Google Cloud Platform (GCP) led to a critical RCE vulnerability, affecting millions of servers. This session will provide insights into the complexity of cloud services and present tools for uncovering hidden APIs used by cloud providers. Security leaders managing cloud security in their organizations and seeking to understand cloud service vulnerabilities will find this talk invaluable.
Will We Survive the Transitive Vulnerability Locusts?
Speakers: Eyal Paz, Liad Cohen
Date: Thursday, Aug. 8, 2:30 p.m.-3 p.m.
Tracks: Application security: defense, exploit development & vulnerability discovery
Learn about the risk of transitive dependencies in software projects, with speakers clearly demonstrating how these vulnerabilities can be exploited. Attendees will learn practical strategies for mitigating these risks and prioritizing vulnerabilities in their threat model, which is crucial for secure software development.
Break the Wall From Bottom: Automated Discovery of Protocol-Level Evasion Vulnerabilities in Web Application Firewalls
Speakers: Qi Wang, Jianjun Chen, Run Guo, Chao Zhang, Haixin Duan
Date: Thursday, Aug. 8, 2:30 p.m.-3 p.m.
Tracks: Application security: offense, cloud security
Discover how protocol-level evasion vulnerabilities in WAFs can be exploited to bypass security measures. This session introduces WAF Manis, a novel testing framework that uncovered 311 evasion cases and could be extremely useful for those looking to strengthen their Web application defenses against sophisticated attacks.
Are Your Backups Still Immutable, Even Though You Can't Access Them?
Speakers: Ryan Kane, Rushank Shetty
Date: Thursday, Aug. 8, 3:20 p.m.-4 p.m.
Tracks: Enterprise security, application security: offense
This session explores the security of immutable backups, highlighting how attackers can target the infrastructure hosting backup data. Learn the processes, failures, and successes in testing immutable backups, crucial for ensuring data resilience against ransomware attacks.
These sessions and many others on vulnerability remediation are a testament to the growing importance of building a culture of proactive security, by addressing the constantly evolving attack surfaces and staying vigilant. Ensuring that you have a robust vulnerability remediation process is a critical and vital security checkpoint in your organization's security posture.
Read more about:
Black Hat NewsAbout the Author
You May Also Like