Keynote: Investing in Our Nation's Security, Gilman Louie, President and Chief Executive Officer, In-Q-Tel

Application Security

Layer 0

Policy, Management, and the Law

Zero Day Attack

Deep Knowledge

Other Events

Roman Ballroom
Third Floor

Palace Salon II
Fourth Floor

Emperor's Ballroom
Fourth Floor

Palace Salon I
Fourth Floor

Palace Salon III
Fourth Floor

World Exclusive – Announcing the OWASP Guide To Securing Web Applications and Services 2.0

Andrew van der Stock

The Social Engineering Engagement Methodology

Joseph Klein

CISO Q&A with Jeff Moss

Scott Blake, Pamela Fusco, Andre Gold, Ken Pfeil, Justin Somaini

Cisco IOS Security Architecture

Michael Lynn

All new Ø Day

David Litchfield

Attacking Web Services: The Next Generation of Vulnerable Enterprise Apps

Alex Stamos & Scott Stender

Plug and Root, the USB Key to the Kingdom

Darrin Barrall & David Dewey

Legal Aspects of Computer Network Defense

Robert W. Clark

eEye BootRoot

Derek Soeder & Ryan Permeh

Black Ops 2005

Dan Kaminsky

Owning Anti-Virus: Weaknesses in a Critical Security Component

Alex Wheeler & Neel Mehta

The Non-Cryptographic Ways of Losing Information

Robert Morris

Hacking in a Foreign Language

Kenneth Geers

Trust Transience: Post Intrusion SSH Hijacking

Adam Boileau

Economics, Physics, Psychology and How They Relate to Technical Aspects of Counter Intelligence / Counter Espionage Within Information Security

Mudge

Florentine Ballroom
Third Floor

“Shadow Walker”: Raising The Bar For Rootkit Detection

Sherri Sparks & Jamie Butler

Can You Really Trust Hardware? Exploring Security Problems in Hardware Devices

Joe Grand

Top Ten Issues in Computer Security

Jennifer Stisa Granick

Remote Windows Kernel Exploitation - Step In To the Ring 0

Barnaby Jack

iSCSI Security (Insecure SCSI)

Himanshu Dwivedi

Executive Women’s Forum Panel and Reception - Sometimes, It Is All Who You Know!

Joyce Brocaglia, Pamela Fusco, Kelly Hansen, Rhonda E. MacLean

Phishing with Super Bait

Jeremiah Grossman

Long Range RFID and its Security Implications

Kevin Mahaffey, Mark McGovern, Paul Simmonds, Jon Callas

U.S National Security, Individual and Corporate Information Security, and Information Security Providers

Bryan Cunningham & C. Forrest Morgan

Beyond EIP

spoonm & skape

Automation - Deus ex Machina or Rube Goldberg Machine?

Sensepost

Executive Women’s Forum Panel con't

refreshments hosted by:

Hosted Gala Reception: Eat, Drink, Network and be Merry! Location: Palace Tower Promenade

Reception sponsored by

and

and

and

and

Booksigning with the authors of "Stealing the Network: How to Own an Identity" during the Gala Reception.

19:00

The First Annual Black Hat No Limit Hold'em Poker Tournament in Pompeian Ballroom. Participation in this event is by invite only, but Arbor Networks will be holding drawings in their booth for seats at the tournament. Visit the Arbor booth #16 for a chance to participate in the tournament and go head-to-head with the security elite and conference delegates at this special event. For more information, please contact Arbor Networks at events@arbornetworks.com.

Computer Forensics & Log Analysis

Privacy & Anonymity

Zero Day Defense

Turbo Talks

Roman Ballroom
Third Floor

Palace Salon II
Fourth Floor

Palace Salon III
Fourth Floor

Palace Salon I
Fourth Floor

Emperor's Ballroom
Fourth Floor

The Art of File Format Fuzzing

Michael Sutton & Adam Greene

GEN III Honeynets: The birth of roo

Allen Harper and Edward Balas

Building Robust Backdoors In Secret Symmetric Ciphers

Adam L. Young

Stopping Injection Attacks with Computational Theory

Robert J. Hansen & Meredith L. Patterson

BlackHat Standup: “Yea I’m a Hacker…”

James C. Foster

Shakespearean Shellcode

Darrin Barrall

09:30 - 09:50

CaPerl: Running Hostile Code Safely

Ben Laurie

The Defense Cyber Crime Center

Jim Christy

The Unveiling of My Next Big Project

Philip R. Zimmermann

Rogue Squadron: Evil Twins, 802.11intel, Radical RADIUS, and Wireless Weaponry for Windows

Beetle and Bruce Potter

Using Causal Analysis to Establish Meaningful Connections between Anomalous Behaviors in a Networking Environment

Ken Hines

10:00 - 10:20

Rapid Threat Modeling

Akshay Aggarwal

10:30 - 10:50

The Art of SIP fuzzing and Vulnerabilities Found in VoIP

Ejovi Nuwere & Mikko Varpiola

Performing Effective Incident Response

Kevin Mandia

Google Hacking for Penetration Testers

Johnny Long

Checking Array Bound Violation Using Segmentation Hardware

Tzi-cker Chiueh

Owning the C-suite: Corporate Warfare as a Social Engineering Problem

Shawn Moyer

11:15 - 11:35

A Dirty BlackMail DoS Story

Renaud Bidou

11:45 - 12:05

SPA: Single Packet Authorization

MadHat Unspecific & Simple Nomad

12:15 - 12:35

Lunch: Pavilion at Caesars

sponsored by

Book Signing with J0hnny Long and his newly released book "Google Hacking for Penetration Testers"

NX: How Well Does It Say NO to Attacker’s eXecution Attempts?

David Maynor 

Catch Me If You Can: Exploiting Encase, Microsoft, Computer Associates, and the rest of the bunch…

James C. Foster & Vincent T. Liu

The Future of Personal Information

Joseph Ansanelli, Richard Baich, Adam Shostack, Paul Proctor

A New Hybrid Approach For Infrastructure Discovery, Monitoring and Control

Ofir Arkin

Toolkits: All-in-One Approach to Security

Kevin Cardwell

13:45 - 14:05

Injection Flaws: Stop Validating Your Input

Mike Pomraning

14:15 - 14:35

Shatter-proofing Windows

Tyler Close

14:45 - 15:05

Advanced SQL Injection in Oracle Databases

Esteban Martínez Fayó

Beyond Ethereal: Crafting A Tivo for Security Datastreams

Greg Conti

The National ID Debate

David Mortman, Dennis Bailey, Jim Harper, Rhonda MacLean

Ozone HIPS: Unbreakable Windows

Eugene Tsyrklevich

Building Self-Defending Web Applications: Secrets of Session Hacking and Protecting Software Sessions

Arian J. Evans & Daniel Thompson

15:15 - 15:35

Demystifying MS SQL Server & Oracle Database Server Security

Cesar Cerrudo

15:45 - 16:05

Advance SQL Injection Detection by Join Force of Database Auditing and Anomaly Intrusion Detection

Yuan Fan

16:15 - 16:35

Book Signing with Dennis Bailey and his book "The Open Society Paradox: Why The 21st Century Calls For More Openness—Not Less"

Circumvent Oracle’s Database Encryption and Reverse Engineering of Oracle Key Management Algorithms

Alexander Kornbrust

The Art of Defiling: Defeating Forensic Analysis

Grugq

Routing in the Dark: Scalable Searches in Dark P2P Networks

Ian Clarke & Oskar Sandberg

Preventing Child Neglect in DNSSEC-bis using Lookaside Validation

Paul Vixie

The Jericho Challenge - Finalist Architecture Presentations and Awards

Paul Simmonds

16:45 - 17:05