Security Researchers' Tops Picks at Black Hat USA 2017

Security Researchers' Tops Picks at Black Hat USA 2017

Black Hat USA 2017 is fast approaching, so we asked our security researchers, Chris Jess and Neil Rankin, which sessions they're excited to attend and why. Black Hat's focus on information security provides great resources to the research and development communities, but the sheer volume of trainings and briefings may be overwhelming. If you're struggling to figure out which talks to attend at Black Hat USA, check out Chris and Neil's selections.

Real World CyberSecurity Skills

Part of our Black Duck Security Research team, Senior Security Researcher Chris Jess is excited to attend Black Hat for the first time. Black Duck is heavily involved in the upcoming Advanced Security Cyber Academy based in Belfast, and Chris is sure that Black Hat USA will provide excellent insight into how courses in the Academy should be geared toward skills needed in the real world today. Here are Chris's picks and why he wants to attend these sessions.

Top 7 Talks:

Find out what's hidden in your code - try Security Checker today.

Vulnerability Analysis, Research and DevSecOps

Neil Rankin, Senior Security Researcher, is interested in hearing about anything related to vulnerability analysis and research as this is the core focus for his team. He's also interested in any DevSecOps talks, as this is important to us as a business. Finally, on a personal level Neil would like to attend any talks related to hardware hacking, as embedded electronics interest him.

Top 5 Talks:

  • Splunking Dark Tools - A Pentesters Guide to Pwnage Visualization
    Wednesday, July 26 | 11:15am-12:05pm | Mandalay Bay EF
    I use Splunk as the monitoring and visualization tool for one of my main projects in Black Duck. I’m always interested to see how others make use of it, and I think this could be quite an interesting talk. 

  • The Art of Securing 100 Products
    Wednesday, July 26 | 2:40pm-3:30pm | Mandalay Bay EF
    I feel reasonably confident at my abilities to deploy securely, but I’m always interested to see how others are doing it. 

  • Cracking the Lens: Targeting HTTP's Hidden Attack-Surface
    Wednesday, July 26 | 4:00pm-4:50pm |Mandalay Bay GH
    This talk is delivered by one of the creators of Burp Suite, one of the main tools used in Web Application security. They will have in-depth knowledge of the sort of investigative work that our own research team performs, as well as procedures, methodologies, tools and more.

Black Duck at Black Hat USA 2017

While you’re at Black Hat, please stop by booth #773. We’d love to hear more about how you use open source and discuss how Black Duck can help you maximize the benefits while minimizing open source security and compliance risks. To learn more about Black Duck at Black Hat or schedule a meeting with one our team members at the show click here.

Sorry we missed you! We close comments for older posts, but we still want to hear from you. Tweet @black_duck_sw to continue the discussion.


When Is an Intern Not an Intern?

| Sep 1, 2017

It’s hard to put to words the level of awesomeness it was working at Black Duck Software, so I’ll paint a picture instead (as you know a picture is worth a thousand words). The day of my interview, after a small debacle of trying to find 800 District Ave, I pulled the glass doors open and trekked

| MORE >

Heartbleed Bug: OpenSSL Vulnerability Lives On

| May 2, 2017

It’s hard to believe that it's already been three years since the Heartbleed Bug (CVE-2014-0160) was announced, and five years since it was accidently added to OpenSSL’s line of heartbeat code. While the Heartbleed exploit was an accidental product of the underfunded and understaffed OpenSSL team,

| MORE >