Location: Room D203/204
The DR Threat Trends Program is designed to provide security professionals with a broader look at trends in online exploits and attacks. A complement to the Black Hat Europe Briefings, the Threat Trends Program offers three separate session that discuss the evolution of attacker thinking as well as new tools and methods for discovering vulnerabilities and creating online exploits.
Today’s malware is more sophisticated – and more automated -- than ever. It often works differently on different victim machines, and it evolves automatically in order to avoid signature-based defenses. There are many new tools and toolkits that enable developers to create and deploy new malware, and many other tools that help developers disguise and obfuscate their malware to make it more difficult to detect. In this session, experts on the latest malware exploits offer a look at the development process, the most current tools, and new, packaged toolkits that enable attackers to create and deploy new malware without a great deal of expertise.
When it comes to attack vectors, today’s attackers have a wide range of choices. From endpoint exploits to network attacks to social engineering and hardware hacks, there are many methods for approaching a target enterprise – but which will work best? In this panel session, leading experts in the various attack vectors will join to discuss the advantages and disadvantages of choosing a particular attack vector – and how attackers find the one that is most effective for a specific target. You’ll get a look at some of the latest thinking about social engineering, cloud attacks, and hardware hacking as well as current trends in network- and Web-based exploits, all provided in a way that helps you select the most effective methods for your penetration tests.
The Domain Name System is one of the most pervasive, yet least understood, elements of the Internet. In this session, a panel of experts will discuss how DNS works, the central role it plays in all Internet communications, and how attackers can exploit it to crack or reroute network traffic. You’ll get a look at some of the most effective methods for using DNS in penetration testing, and how the rapid evolution of DNS may make this attack vector even more attractive in the future.
Location: Business Hall
The security industry is currently facing a “security skills gap” that creates challenges for the IT security employer – and opportunities for the well-credentialed security professional. The Dark Reading Career Trends Program offers two sessions that provide insight into the current employment environment in IT security, the attitudes of security professionals and those who hire them, and the skills and qualifications required for the security career professional.
Today’s attackers and exploits are more prolific and more sophisticated than ever. How are enterprise security professionals holding up? In this session, the editors of Dark Reading offer a look at two new surveys that outline current attitudes and plans of security pros: The Black Hat Attendee Survey 2015 and the Dark Reading Strategic Security Survey. These surveys discuss the top challenges faced by the enterprise security department, its buying and budgeting plans, and enterprise experiences in handling breaches and incident response. These surveys take the pulse of the IT security industry and offer a look at the results.
As a security professional, you’ve chosen one of the fastest growing – and potentially lucrative – careers in any industry today. You’re living in a negative-unemployment market where many organizations may be competing for your services. How can you take advantage of those opportunities? In this session, a top expert will discuss ways to advance your career: how to build your resume, how to approach training and certification, and when to look for a new position. You’ll get insight on how companies hire security professionals, how to approach job opportunities and interviews, and how to increase your salary.