Black Hat Briefings 2003 - Announcement
B.K. DeLong
[email protected]
BLACK HAT BRIEFINGS 2003 SESSIONS HIGHLIGHT NEXT GENERATION SECURITY
TECHOLOGY, BEST PRACTICES & CORE POLICY
Top Academic Researchers & Industry Gurus will Focus on Key
Vulnerabilities
and Offer Comprehensive Strategies to Todays Security Problems; PGP
Creator
Phil Zimmermann to Keynote.
http://www.blackhat.com/ -- Black Hat Inc. announced today preliminary
speaker sessions for this summer's Black Hat Briefings and Training 2003,
the annual conference and workshop designed to help computer
professionals
better understand the security risks to their computer and information
infrastructures by potential threats. This year's show will focus on 10
tracks of hot topics including Incident Response & Computer Forensics,
Firewalls, Access Control, Routing & Infrastructure, Application
Security,
Intrusion Detection, Log Analysis, Privacy & Anonymity, and Law &
Society.
The Briefings event is being held 30 through 31 July 2003 at the Caesars
Palace Hotel and Casino in the heart of Las Vegas, with two days of
training preceding it.
Top-notch speakers will deliver to the conference's core audience of IT
&
network security experts, consultants and administrators the newest
developments on the vital security issues facing organizations using
large
networks with a mix of operating systems.
"Our goal is to present a vendor-neutral environment where conference
attendees can receive key intelligence in a face-to-face environment
with
the people developing the tools used by and against hackers," says Jeff
Moss, founder of Black Hat Inc. "Our speakers discuss the strategies
involved in correcting existing problems and inform attendees on
upcoming
issues, preparing them for the future."
Phil Zimmermann, cryptographic technologist, will be one of the keynotes
headlining the event. Zimmermann is the creator of Pretty Good Privacy
and
currently a special advisor and consultant for the PGP Corporation. He
is
best known for being the target of a three-year criminal investigation,
because the US Government held that export restrictions for
cryptographic
software were violated when PGP was spread around the world following
its
1991 publication as freeware. Zimmermann currently consults for a number
of
companies and industry organizations on matters cryptographic, and is
also
a Fellow at the Stanford Law School's Center for Internet and Society.
Before founding PGP Inc, Zimmermann was a software engineer with more
than
20 years of experience specializing in cryptography and data security,
data
communications, and real-time embedded systems.
The lineup of Black Hat Briefings presenters for 2003 include:
-- Thomas Akin, Founding Director, Southeast Cybercrime
Institute. Akin is
a Certified Information Systems Security Professional (CISSP) who has
worked in Information Security for almost a decade. He is the founding
director of the Southeast Cybercrime Institute a division or Continuing
Education at Kennesaw State University. He serves as chairman for the
Institute's Board of Advisors and is an active member of the Georgia
Cybercrime Task Force.
-- Jay Beale, Senior Research Scientist, George Washington
University
Cyber Security Policy and Research Institute. Beale is a security
specialist focused on host lockdown and security audits. He is the Lead
Developer of the Bastille project, which creates a hardening script for
Linux, HP-UX, and Mac OS X, a member of the Honeynet Project, and a core
participant in the Center for Internet Security.
-- Chris Conacher, Black Hat Consulting. Conacher has over 6
years
experience in formal Information Security roles. This time has been
spent
with the Fortune 500 companies BAE Systems (formerly British Aerospace
and
Marconi Space Systems), BAE Systems Airbus and Intel Corporation. He has
also worked for the Information Risk Management consultancy practice of
'Big 5' firm KPMG LLP where he specialized in 'High-Tech' companies.
Chris'
time in Information Security has seen him working in England, France,
Germany, Greece, Russia and the USA. His specialties include the
development, deployment and review of corporate information security
programs; the secure integration of Mergers & Acquisitions; data
protection
in disaster recovery planning; and information security business impact
analysis.
-- Roger Dingledine, Founder & Owner, Moria Research Labs.
Dingledine is a
security and privacy researcher. While at MIT under professor Ron Rivest,
he developed Free Haven, one of the early peer-to-peer systems that
emphasized resource management while retaining anonymity for its
users.Currently he consults for the US Navy to design and develop
systems
for anonymity and traffic analysis resistance. Recent work includes
anonymous publishing and communication systems, traffic analysis
resistance, censorship resistance, attack resistance for decentralized
networks, and reputation.
-- Himanshu Dwivedi, Managing Security Architect, @stake. At @stake,
Himanshu leads the Storage Center of Excellence (CoE), which focuses
research and training around storage technology, including Network
Attached
Storage (NAS) and Storage Area Networks (SAN). Himanshu's focus in
security
is networking technology and storage architecture, specifically Fibre
Channel Security.
-- Jennifer Granick, Litigation Director, Center for Internet
and Society,
Stanford Law School. Ms. Granick's work focuses on the interaction of
free
speech, privacy, computer security, law and technology. She is on the
Board
of Directors for the Honeynet Project and has spoken at the NSA, to law
enforcement and to computer security professionals from the public and
private sectors in the United States and abroad. Before coming to
Stanford
Law School, Ms. Granick practiced criminal defense of unauthorized
access
and email interception cases nationally. She has published articles on
wiretap laws, workplace
privacy and trademark law.
-- The Honeynet Project is a non-profit, all volunteer security
research
organization dedicated to researching the blackhat community, and
sharing
the lessons learned. Made up of thirty security professional, the
Project
deploys Honeynet around the world to capture and analzye blackhat
activity.
These lessons are then shared with the security community. The Honeynet
Project began in 1999 and continues to grow with the founding of the
Honeynet Research Alliance.
-- Larry Leibrock, Associate Dean and Technology Officer,
University of
Texas McCombs Business School. Leibrock has held or currently holds
clinical teaching and research appointments at McCombs Business School,
Institute for Advanced Technology, The University of Texas Law School,
Emory University, Helsinki School of Economics and Monterrey
Technologica
in Mexico City and Monterrey. He is a member of IEEE, ACM, Internet
Society, FIRST and USENIX/SAGE and is also a member of the Department of
Defense Software Engineering Institute and a participant in the Air
Force
Software Technology Conference.
-- Neel Mehta, Application Vulnerability Researcher, ISS X-Force.
Mehta
works as an application vulnerability researcher at ISS X-Force, and
like
many other security researchers comes from a reverse-engineering
background. His reverse engineering experience was cultivated through
extensive consulting work in the copy protection field, and has more
recently been focused on application security. Neel has done extensive
research into binary and source-code auditing, and has applied this
knowledge to find many vulnerabilities in critical and widely deployed
network applications.
-- Richard Salgado, Senior Counsel, Computer Crime and
Intellectual
Property Section of the United States Department of Justice. Salgado
specializes in investigating and prosecuting computer network cases,
such
as computer hacking, denial of service attacks, illegal sniffing, logic
bombs, viruses and other technology-driven privacy crimes. Often such
crimes cross international jurisdictions; Mr. Salgado helps coordinate
and
manage the investigation and prosecution of those cases and participates
in
policy development relating to emerging technologies such as the growth
of
wireless networks, voice-over Internet Protocol, surveillance tools and
forensic techniques.
Black Hat Inc. will also conduct computer security training for several
different topics several days prior to the briefings - 26 through 29
July.
Subjects include:
-- Infrastructure Attacktecs & Defentecs: "Hacking Cisco
Networks"
-- Aspects of Offensive Root-kit Technology
-- Network Application Design & Secure Implementation
-- NSA InfoSec Assessment Methodology Course
-- OSSTMM Professional Security Analyst (OPSA)
-- Forensics Tools and Processes for Windows XP® Platforms
-- Discover the Hidden: Steganography Investigator Training
-- Enterprise Security From Day 1 to Completion: A Practical
Approach to
Developing an InfoSec Program
-- Microsoft Ninjitsu: Securely Deploying MS Technologies
-- Securing Solaris and Locking Down Linux
-- Ultimate Hacking: Expert Edition
The instructors for the training segment of this year's Black Hat are
some
of the top experts in their field and are fully-active in the computer
security community. You won't find most of these speakers anywhere else
and
these handpicked security gurus will train participants in understanding
the real threats to any network and how to keep them from being
exploited.
To register for BlackHat Briefings, visit the Web site at
http://www.blackhat.com. Direct any conference-related questions to
[email protected].
For press registration, contact B.K. DeLong via email at
[email protected].
About Black Hat Inc.
Black Hat Inc. was originally founded in 1997 by Jeff Moss to fill the
need
for computer security professionals to better understand the security
risks
and potential threats to their information infrastructures and computer
systems. Black Hat accomplishes this by assembling a group of
vendor-neutral security professionals and having them speak candidly
about
the problems businesses face and their solutions to those problems.
Black
Hat Inc. produces 5 briefing & training events a year on 3 different
continents. Speakers and attendees travel from all over the world to
meet
and share in the latest advances in computer security. In addition to
the
Briefings, Black Hat has grown to provide training and consulting
services.
For more information, visit their Web site at
http://www.blackhat.com