RSS feed logo header graphic

Black Hat USA 2009 Weekend Training Session

July 25-26

Black Hat USA 2009 Weekday Training Session

July 27-28

Building a Better Mousetrap: Effective Techniques in Vulnerability Analysis and Intrusion Prevention

Rohit Dhamankar, TippingPoint
Rob King, TippingPoint


It's a fact that hackers are getting smarter faster than network security hardware is getting better. To effectively defend your organization from attacks, you have to know more than just how to configure your IPS or IDS - you need to understand the art behind the science.

This course provides an in-depth look at vulnerability analysis, detection, and prevention from a network-based IPS/IDS standpoint. It starts with how vulnerabilities become vulnerabilities, how hackers attack them, how they look on the wire, and ends with how to write effective signatures and filters for attacks. More esoteric topics covered in this course (and very rarely in others) include how to avoid the dreaded False Positive, how to estimate performance, how to prevent data leakage, and - perhaps most importantly - the techniques hackers use to evade detection by IPS/IDSes, and how you can evade the evasions.

A student coming away from this course will have firm theoretical and practical knowledge of how to analyze vulnerabilities, how to write signatures, and how to deploy an effective and powerful intrusion
prevention strategy on their network.

A quick but in-depth review of the important minutiae of network protocols, networking theory, and basic security theory will be provided, to ensure that all students get the most possible out of the course.


2 days


Basic knowledge of networking and security vulnerabilities


Rohit Dhamankar is the Senior Manager of Security Research at TippingPoint, where he leads the Digital Vaccine group. His group is responsible for developing protection filters to address vulnerabilities, viruses, worms, Trojans, P2P, spyware, and other applications to incorporate them into TippingPoint's intrusion prevention systems. He co-authors the weekly SANS Institutes's @RISK newsletter, which ranks the severity level of new vulnerabilities and is sent to over 200,000 subscribers. Rohit is also the Director for the SANS Top-20 Internet Security Attack Target project. Rohit is a frequent speaker at major industry conferences and has been quoted and featured in many top publications including the USA Today, BusinessWeek, Wired Magazine, the Washington Post, CNET etc.

Prior to TippingPoint, Rohit was employed at Cisco Systems, where he worked as a software developer for Cisco's Secure Intrusion Detection System and Cisco Secure Scanner. He is a frequent speaker at security conferences, and holds an M.S. in Electrical Engineering from UT, Austin and an M.Sc in Physics from the Indian Institute of Technology in Kanpur, India.

Rob King is a Senior Security Researcher with the Digital Vaccine group at TippingPoint. He is an expert in security and vulnerability analysis, numerous programming languages, and houses a panoply of computer science esoterica in his head. He co-authors the weekly SANS @RISK network security newsletter, read by over 200,000 regular subscribers. Rob has spoken at several network security conferences, including Black Hat and Shmoocon. He has provided network security consulting for a variety of high-profile clients, including Exodus Communications and Whole Foods Market in the United States, and the European Investment Bank and InterTransact A.G. in Luxembourg.

Super Early:
Ends Mar 15
Ends May 1

Ends Jul 1

Ends Jul 22







Black Hat Webcasts

Black Hat Social

About Black Hat | Privacy Policy | Sponsorship Inquiry | DEFCON | Black Hat Main RSS Feed