The Black Hat two-day main conference will feature more than 100 selected briefings, dozens of open-source tool demos in Arsenal, a robust Business Hall, networking, and social events. Our goal is to showcase IBM X-Force & Randori expertise & capabilities, create demand & progression within our top EP accounts and strengthen relationships with our key clients.
Breaking the Cycle: Breaking the Cycle: Getting in Front of the Next Massive Exploitation
Speakers: John Dwyer Wednesday, August 9th at 3:00PM in Business Hall Theater B.
SPEAKER
John Dwyer (@TactiKoolSec) is the Head of Research for IBM Security X-Force where he leads a team of security researchers working focused on the areas of adversary trend analysis, threat hunting, detection engineering, incident response technology, and integrating partner technologies into X-Force's ecosystem. As a researcher within X-Force, John focused his efforts on tracking and modeling adversary operations to develop immersive simulation exercises to help drive improvements in the areas of incident response, threat hunting, and detection engineering. Prior to joining X-Force John was a defensive cyber operations researcher working with the U.S. Army and U.S. Air Force to develop and incident response capabilities. John has spoken at multiple events including Black Hat, SANS Threat Hunting Summits, ISC2 Security Congress, and Fulbright Commission Cybersecurity Exchange.
Close Encounters of the Advanced Persistent Kind: Leveraging Rootkits for Post-Exploitation
Speakers: Valentina Palmiotti, Ruben Boonen. Wednesday, August 9th at 3:20PM in Mandalay Bay H, Level 2
SPEAKERS
Valentina Palmiotti (@chompie1337) is a Vulnerability and Exploit Researcher at IBM's Adversary Services Team. She is focused on low-level vulnerabilities, exploit development, and post-exploitation offensive security. She has published security research exploiting various targets, such as Windows, Android, and the Linux Kernel.
Ruben Boonen (@FuzzySec) is part of IBM's Adversary Services Team, providing public & private sector clients' assurance around the security posture of their products and infrastructure. Before joining IBM he worked in both defense, on FireEye's Technical Operations & Reverse Engineering (TORE) team and offense as a senior security consultant. While he has led a wide variety of engagements, he has developed a special interest in all things Windows. His areas of research include Windows internals, privilege escalation, C# trade-craft and memory manipulation
Lessons & Lulz: The 9th Annual Black Hat USA NOC Report
Speaker: Neil Wyler (Grifter). Thursday, August 10th from 4:20PM in Oceanside A, Level 2
SPEAKER
Neil R. Wyler (a.k.a. Grifter) is an Information Security Engineer and Researcher located in Salt Lake City, Utah. Neil is currently with IBM-X Force as Global Lead of Active Threat Assessments. He has spent over 15 years as a security professional, focusing on vulnerability assessment, penetration testing, physical security, and incident response. He has been a staff member of the Black Hat Security Briefings for over 15 years and is a member of the Senior Staff at DEF CON. Neil has spoken at numerous security conferences worldwide, including Black Hat, DEF CON, and the RSA Conference. He has been the subject of various online, print, film, and television interviews, and has authored several books on information security. Neil is a member of the DEF CON CFP Review Board and Black Hat Training Review Board.
Abusing Microsoft SQL Server with SQLRecon
Speaker: Sanjiv Rawa. Thursday, August 10th at 1:00PM in Business Hall - Arsenal Station 8
SPEAKER
Sanjiv Kawa (@sanjivkawa) is a Senior Managing Security Consultant on the IBM X-Force Red Adversarial Simulation team with over ten years of experience performing offensive security assessments. As part of the IBM X-Force Red Adversarial Simulation team, Sanjiv spends his days breaking into the largest organizations in the world by emulating adversary tactics, techniques and procedures to reach target objectives. He then advises these organizations on ways they can improve their security posture by implementing or tuning controls. Sanjiv is an active member in the security community. He has developed a variety of tooling and presented at large conferences, such as BSides and Wild West Hackin' Fest and frequently contributes to projects on GitHub. In his spare time, Sanjiv enjoys running, cycling and playing/watching soccer. Sanjiv is happily married and lives in New York City with his wife and their dog Gus.