Black Hat USA Registration Black Hat USA Registration Black Hat USA Briefings Black Hat USA Briefings Black Hat USA Training Black Hat USA Training Black Hat USA Schedule Black Hat USA Schedule Black Hat USA Sponsors Black Hat USA Sponsors Black Hat  USA Special Events Black Hat  USA Special Events Black Hat USA Venue Black Hat USA Venue

On This Page


Diamond Sponsors

Platinum Plus Sponsors

Platinum Sponsors

Gold Sponsors

Silver Plus Sponsors

Silver Sponsors

Wifi Networking Lounge

Sponsored Workshops

Tabletop Sponsors

Association Supporter

Media Sponsors

Arsenal Sponsor

Wireless Provider

Conference-At-A-Glance Sponsor

Diamond Sponsors

Microsoft is proud to be a continuing sponsor of the Black Hat Security conference. We appreciate Black Hat providing a unique forum in which security researchers from all over the world, IT Pros and industry luminaries can gather to share insights, knowledge and information to advance security research.

Microsoft remains dedicated to software security and privacy and continues to collaborate with the community of people and technology organizations helping to protect customers and the broader ecosystem, Microsoft is also dedicated to software security and privacy.

Since the onset of Trustworthy Computing we have fostered a culture of security within Microsoft that includes developing secure code, building strong relationships with industry researchers and partners, and providing guidance to help protect customers. We would like to thank all of the customers, partners and security researchers who have worked with us to advance the state of the art in security science. Only by working together with partners, researchers and the community can we all ensure the advancement and success of the technology industry.

Qualys, Inc. (NASDAQ: QLYS), is a pioneer and leading provider of cloud security and compliance solutions with over 6,000 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The QualysGuard Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations, including Accuvant, BT, Dell SecureWorks, Fujitsu, NTT, Symantec, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).

For more information, please visit

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world’s leading organizations solve their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention, Continuous Network Monitoring, and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit and

Platinum Plus Sponsors

Accuvant is the Authoritative Source for information security. Since 2002, the company has served more than 5,200 clients, including half of the Fortune 100 and more than 900 educational institutions and government entities. Headquartered in Denver, Accuvant has offices across the United States and Canada and boasts the largest and most elite army of technical security professionals in the world – Accuvant LABS. For more information, please visit

AlienVault™ is the creator of OSSIM, the de facto standard open source Security Information and Event Management (SIEM) solution. The OSSIM powered AlienVault Unified Security Management™ (USM) platform reduces cost of visibility and accelerates time to PCI/SOX compliance. The USM Framework comes with five essential security capabilities built-in: asset discovery, vulnerability assessment, threat detection, behavioral monitoring and security intelligence. It also leverages dozens of the best open source tools like Snort, OSSEC, OpenVAS, ntop, Nagios, and more, and integrates easily with existing security components. Additionally, OSSIM users and AlienVault customers benefit from the AlienVault Open Threat Exchange™, the most diverse and comprehensive sharing system for threat intelligence that automaticallycleanses, aggregates, validates and publishes threat data streaming from the broadest range of security devices. OSSIM has over 160,000 downloads and users in 80 countries. AlienVault is privately held and headquartered in Silicon Valley.

Cloud, Mobility, and the Internet of Everything have forever expanded the attack surface, exposing your organization and sensitive assets to advanced targeted threats on an unprecedented scale, through more devices and networks than ever before. Cisco offers one of the industry’s most comprehensive portfolio of advanced security solutions to discover, defend, and remediate these next-generation attacks. With visibility into more than 100 terabytes of daily security telemetry across web, email, firewall, and intrusion prevention systems (IPSs), our integrated products offer the breadth and depth required to grow your business without compromising security.

As a proud sponsor of Black Hat, Cisco is committed not just to advancing our products, but also to contributing to the security community as a whole. Join us in the booth to experience a new class of Cisco® Security. Our threat experts will be showcasing next-generation security telemetry and threat research, and helping to illuminate the dark corners of the Internet—where malicious actors hide and a company’s future can be decided with a keystroke. See how Cisco can be your partner against advanced threats.

For more information, please visit

The Power of Thinking Ahead

As the leading provider of predictive security intelligence solutions, CORE Security answers the call of organizations demanding a proactive approach to eliminating business risk. Our solutions empower customers to think ahead, take control of their security infrastructure, and predict and prevent IT security threats.

Organizations have to predict security threats – not just react to them

Today, the majority of security spending is focused on solutions that take defensive or reactive approaches to threats. As a result, security teams are saddled with overwhelming amounts of disparate security data, tools that don't communicate, and alerts that sound only after the damage has been done. Organizations that seek to survive and thrive must go on the offensive and predict and preempt threats before it's too late.

We empower organizations to preempt business risk

At CORE Security, we believe the greatest risk organizations can take is to remain reactive to IT security threats. We therefore enable our customers to proactively identify critical threats and reveal risk in the context of specific business objectives, operational processes, and regulatory mandates. As a result, security teams not only predict threats but also more effectively communicate their implications to peers in the line of business.

LogRhythm is the leader in cyber threat defense, detection and response. The company's SIEM 2.0 security intelligence platform delivers the visibility, insight and remediation required to detect the previously undetectable and address the mutating cyber threat landscape. LogRhythm also provides unparalleled compliance automation and assurance as well as operational intelligence to Global 2000 organizations, government agencies and mid-sized businesses worldwide.

The company earned a perfect, 5-star rating and this year's exclusive "BEST BUY" in the SC Magazine SIEM Group Test, Computing Security's Bench Tested Solution of the Year, SC Labs' "Recommended" 5-star designation twice, SC Magazine's Innovator of the Year Award, Readers Trust Award for "Best SIEM" solution and "BEST BUY" designation for Digital Forensics. LogRhythm is headquartered in Boulder, Colorado with operations in Canada, Europe and the Asia Pacific region. For more information, visit

Lookingglass is a pioneer delivering over-the-horizon visibility through a revolutionary Cyber Threat Intelligence Management (CTIM) platform. The Lookingglass product suite provides revolutionary solutions that deliver deep visibility into the Internet threat landscape. With its ScoutVisionTM and CloudScoutTM solutions, Lookingglass offers alert and warning capabilities that empower customers to continuously monitor for over-the-horizon threats from outside a client’s network and control, such as the presence of botnets, hosts associated with cyber criminal networks, unexpected route changes and the loss of network resiliency. Lookingglass’ outside-in approach accounts for a client’s entire enterprise cyber ecosystem including the extended enterprise, and other networks beyond their control. This oversight ensures business partners or service providers are not the proximate cause of security breaches or data loss. For more information, visit

Platinum Sponsors

Blue Coat empowers enterprises to safely and securely choose the best applications, services, devices, data sources, and content the world has to offer, so they can create, communicate, collaborate, innovate, execute, compete and win in their markets. Blue Coat has a long history of protecting organizations, their data and their employees and is the trusted brand to 15,000 customers worldwide, including 86 percent of the FORTUNE Global 500. With a robust portfolio of intellectual property anchored by more than 200 patents and patents pending, the company continues to drive innovations that assure business continuity, agility and governance. For more information, visit us at

IBM's security portfolio provides the security intelligence to help organizations holistically protect its people, infrastructure, data and applications. IBM offers solutions for identity and access management, database security, application development, risk management, endpoint management, network security and more. IBM operates one of the world's broadest security research and development and delivery organizations comprising of ten security operations centers, ten IBM Security Research Centers, 17 software security development labs and an Institute for Advanced Security with chapters in the United States, Europe and Asia Pacific. IBM monitors billions of security events per day in more than 130 countries and holds more than 3,000 security patents. For more information please visit us at

Lieberman Software Corporation is a USA based cross-platform security software developer. We provide tools for the mass security/configuration reporting and remediation of Microsoft Windows workstations and servers with real time reporting and repair capabilities. We also provide cross-platform solutions to proactively manage privileged identities such as root, administrator, sa and other accounts (located in routers, switches, embedded systems, host hardware, virtualization hypervisors, host OS, databases, middleware, applications, etc) at both the user and application level. Using automation, we provide auto-discovery, correlation and propagation to make it possible to discover what credentials you have, where they are being used, and give you the ability to regularly change credentials as needed or required. Our goal is to provide sharp tools for your IT administrators and solutions that give you the ability to understand where and how credentials are used as well as the power to change them as needed. To learn more about our tools and solutions stop by our booth for a hands-on demo or visit our website at

Solera Networks, a Blue Coat company, delivers the most comprehensive Big Data Security Analytics and Advanced Threat Protection Platform in the industry. Now, from a single source, organizations have access to the tools needed to gain real-time visibility into security events and threats, as well as the critical context and content needed to swiftly identify, respond to and recover from a security breach or advanced targeted attack.

Already deployed in a number of high-profile organizations, Solera also integrates with Blue Coat’s new SSL Visibility appliance, which leverages SSL technology acquired from Netronome. The Solera Big Data Security Analytics Platform along with the new SSL Visibility appliance are at the foundation of Blue Coat’s new Business Assurance Technology and Advanced Threat Protection Group.

Once Solera is integrated with existing Blue Coat products, it will work with the WebPulse Collaborative Defense, Blue Coat’s cloud-based service that provides real-time categorization and ratings of web content. The combination of comprehensive web intelligence and Solera’s “security camera for the network” capability, produces revolutionary results: for the first time, users will have the real-time threat intelligence, security visibility and post-breach evidence to see, detect, identify and resolve the full scope of zero-day threats – while protecting against advanced threats and attacks in the future.

Stop by booths 609 & 615 to demo the latest version of the Solera technology and to learn more about the Blue Coat integration. For more info, visit

Symantec is a global leader in providing security, storage and systems management solutions to help our customers Ð from consumers and small businesses to the largest global organizations Ð secure and manage their information, identities, technology infrastructures and related processes against more risks at more points, more completely and efficiently than any other company. Our unique focus is to eliminate information, technology and process risks independent of device, platform, interaction or location. Our software and services protect completely, in ways that can be managed easily and with controls that can be enforced automatically Ð enabling confidence wherever information is used or stored.

As the world becomes increasingly technology-centric and information-driven, Symantec is providing the leading products to ensure the availability of data, to backup and recover information, and prevent its loss. This includes helping consumers organize, backup and easily access their digital music, photos, files and more. Small businesses and large organizations can access and ensure the availability of information, whenever it is needed, with company-wide data protection, archiving and high availability clustering solutions. Since information now resides and is used in more places than ever Ð on phones, notebooks, USB devices, online portals and over global networks, protecting information is increasingly critical. Symantec has leading solutions that can identify and automatically prevent loss of valuable and confidential information Ð on the endpoint, in storage and over the network.

Symantec provides comprehensive security that more people and organizations count on, with the best-of-breed and market-leading products in each of the company's business categories. From zero-day detection of new security threats to anti-fraud countermeasures, Symantec products continue to receive recognition from analysts and industry publications for providing superior threat detection and more in-depth and comprehensive security and data protection. This protection now extends to more information points, from mobile devices to servers, storage, networks and external and unmanaged systems. Symantec software reaches and protects more information points against more risks than any other company.

Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantecª Global Intelligence Network. This network captures worldwide security intelligence data that gives Symantec analysts unparalleled sources of data to identify and analyze, to deliver protection and provide informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam.

More than 240,000 sensors in more than 200 countries and territories monitor attack activity through a combination of Symantec products and services such as Symantec DeepSightª Threat Management System, Symantec ª Managed Security Services and Nortonª consumer products, as well as additional third-party data sources.

Symantec gathers malicious code intelligence from more than 133 million client, server, and gateway systems that have deployed its antivirus products. In addition, Symantec maintains one of the world's most comprehensive vulnerability databases, currently consisting of more than 40,000-recorded vulnerabilities (spanning more than two decades) affecting more than 105,000 technologies from more than 14,000 vendors. Symantec also facilitates the BugTraqª mailing list, one of the most popular forums for the disclosure and discussion of vulnerabilities on the Internet, which has approximately 24,000 subscribers who contribute, receive, and discuss vulnerability research on a daily basis.

More than half of the world's data is protected by Symantec Ð in the home, small business and enterprise, including security of a third of the world's email. At Symantec, we envision a world where security follows information everywhere. Through an information- and identity-centric approach that is device and platform independent, our Security 2.0 vision is fast becoming a reality. Information, personal identities, interactions and communications can be protected against online fraud, spam, viruses, malware, inadvertent loss, theft and more, regardless of the system or technology. It's part of a comprehensive strategy to help customers protect their information more completely than any other software company.

Trustwave is a leading provider of compliance, Web, application, network and data security solutions delivered through the cloud, managed security services, software and appliances. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its TrustKeeper® portal and other proprietary security solutions. Trustwave has helped hundreds of thousands of organizations--ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers--manage compliance and secure their network infrastructures, data communications and critical information assets.

SpiderLabs is the elite security team at Trustwave, offering clients the most advanced information security expertise available today. The SpiderLabs team has performed more than 1,500 computer incident response and forensic investigations globally and has run over 12,000 penetration and application security tests for clients. Companies and organizations in more than 50 countries rely on the SpiderLabs team's technical expertise to identify and anticipate cyber security attacks before they happen. In a rapidly evolving threat environment, SpiderLabs has the extensive field experience to asses threat levels, anticipate weaknesses, investigate breaches, and fortify environments against attacks.

Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia.

For more information, visit

Gold Sponsors

Dell SecureWorks is recognized as an industry leader by top analysts.

Enriched by intelligence from our Counter Threat Unit™ (CTU™) research team, Dell SecureWorks Information Security Services help thousands of organizations predict threats, proactively fortify defenses, continuously detect and stop cyber-attacks, and recover faster from security breaches. Continuing our leadership in providing solutions to address the threat posed by targeted threats, Dell SecureWorks recently launched its Targeted Threat Services portfolio.

Addressing the entire attack cycle, the Targeted Threat Services portfolio is the first and only comprehensive suite of services available, designed specifically to combat targeted attacks. Targeted Threat Services help you anticipate your attackers, detect their tradecraft, disrupt the kill chain and eradicate their presence in your environment. Integral to the offering is the new Targeted Threat Hunting service designed to search your networks to identify the presence of compromises and entrenched threat actors currently operating in your environment.

Dell® SonicWALL® provides intelligent network security and data protection solutions that enable customers and partners to dynamically secure, control, and scale their global networks. Securing any organization with multi-threat scanning based on global input at wire speed, Dell SonicWALL is recognized as an industry leader by Gartner and NSS Labs. Dell SonicWALL solutions are dynamically updated with current threat protection. Reassembly-Free Deep Packet Inspection® and multi-core parallel architecture assure optimal performance. Dell SonicWALL delivers firewall, secure remote access/SSL VPN, anti-spam/email security, and continuous backup and recovery, plus centralized management and reporting, and 24x7 technical support for SMB through Enterprise environments.

FireEye is the leader in stopping advanced cyber attacks that use advanced malware, zero-day exploits, and APT tactics. The FireEye solutions supplement traditional and next-generation firewalls, IPS, anti-virus, and gateways, which cannot stop advanced threats, leaving security holes in networks. FireEye offers the industry's only solution that detects and blocks attacks across both Web and email threat vectors as well as latent malware resident on file shares. It addresses all stages of an attack lifecycle with a signature-less engine utilising stateful attack analysis to detect zero-day threats. Based in Milpitas, California, FireEye is backed by premier financial partners including Sequoia Capital, Norwest Venture Partners, and Juniper Networks

Taking a strategic approach to security, Foreground Security helps organizations align information security with key business objectives. The company was founded by security professionals with over 20 years of experience to provide organizations with cutting-edge information and network security services, designed to significantly refine and improve their protection efforts. Foreground Security enables customers to optimize their network security investments while taking a proactive approach to protecting their most important information assets from potential threats.

Foreground Security offers comprehensive security services that enable Government agencies and commercial organizations to secure critical data, protect identities and demonstrate compliance. The company leverages its experts' unparalleled insights to provide customers with the strategy and know-how required to develop, implement and maintain on-going secure and compliant policies, infrastructure and training.

Foreground Security performs in-depth technical testing of networks, applications, and various security related infrastructure components such as firewalls, virtual and wireless networks. The company employs experienced professionals who hold CISSP, CCSP, CISM, CEH, CHFI and MCSE certifications and who have conducted Penetration Tests, C&A Projects, and Policy development for well over 100 Government agencies and corporations, making Foreground Security the ideal information security partner.

General Dynamics Fidelis Cybersecurity Solutions provides organizations with a robust, comprehensive portfolio of products, services, and expertise to combat today's sophisticated advanced threats and prevent data breaches. Our commercial enterprise and government customers around the globe can face advanced threats with confidence through use of our Network Defense and Forensics Services, delivered by an elite team of security professionals with decades of hands-on experience, and our award-winning Fidelis XPS™ Advanced Threat Defense Products , which provide visibility and control over the entire threat life cycle.

HBGary provides Enterprise Incident Response solutions and services to enable organizations perform the key phases of incident response including detecting zero-days and other unknown malware, validating whether an actual security incident has occurred, and responding to the incident. Customers include Fortune 50 corporations and U.S. government agencies. HBGary is located in Sacramento, Calif. and is a subsidiary of ManTech International Corporation. For information, please visit or our social media accounts: LinkedIn, Twitter, Facebook.

HP is a leading provider of security and compliance solutions for the modern enterprise that wants to mitigate risk in its hybrid environment and defend against advanced threats. Based on market leading products from HP ArcSight, HP Fortify, and HP TippingPoint, the HP Security Intelligence Platform uniquely delivers the advanced correlation, application protection, and network defenses to protect today’s hybrid IT infrastructure from sophisticated cyber threats. For more information, please visit

Imperva is the global leader in data security. Thousand of the world's leading businesses, government organizations, and managed service providers rely on Imperva solutions to prevent data breaches, meet compliance mandates, and manage data risk.

Underscoring Imperva's commitment to data security excellence, our Application Defense Center (ADC) is a world-class security research organization that maintains SecureSphere's cutting edge protection against evolving threats.

The award-winning Imperva SecureSphere is the market leading data security and compliance solution. SecureSphere protects sensitive data from hackers and malicious insiders, provides a fast and cost-effective route to regulatory compliance and establishes a repeatable process for mitigating data risk.

For more information, visit:

Juniper Networks, Junos WebApp Secure is a Web Intrusion Deception system that does not generate false positives because it uses deceptive tar traps to detect attackers with absolute certainty. Junos WebApp Secure inserts detection points into the code and creates a random and variable minefield all over the Web application. These detection points allow you to detect attackers during the reconnaissance phase of the attack, before they have successfully established an attack vector. Attackers are detected when they manipulate the tar traps inserted into the code. And because attackers are manipulating code that has nothing to do with your website or Web application, you can be absolutely certain that it is a malicious action—with no chance of a false positive.

IT security professionals know that false positives diminish the effectiveness of any security program. By using this certainty-based approach, Junos WebApp Secure solves this problem for Web attacks. Furthermore, this product works out-of-the-box and improves your Web application security. There are no rules to write, no signatures to update, no learning modes to monitor, and no log files to review—just attackers to prevent.

For More information, please visit

Mandiant is the information security industry's leading provider of advanced threat detection and incident response solutions and services. Mandiant provides products, professional services and education to Fortune 500 companies, financial institutions, government agencies, domestic and foreign police departments and leading U.S. law firms.

Headquartered in San Diego, CA, Norman Shark is a global leader and pioneer in proactive security software solutions and forensics malware tools. Norman Shark offers enterprise customers a portfolio of solutions for analyzing and building defensible networks against advanced targeted attacks. Please visit for more information.

Rapid7 is the leading provider of security risk intelligence software and cloud solutions. Its integrated vulnerability management and penetration testing products, Nexpose and Metasploit, and mobile risk management solution, Mobilisafe, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are used by more than 2,400 enterprises and government agencies in more than 65 countries, while the Company's free products are downloaded more than one million times per year and enhanced by the more than 200,000 members of its open source security community. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a "Top Place to Work" by the Boston Globe. Its products are top rated by Gartner®, and SC Magazine. The Company is backed by Bain Capital Ventures and Technology Crossover Ventures. For more information about Rapid7, please visit

Splunk® Inc. provides the engine for machine data™. Splunk software collects, indexes and harnesses the massive machine data continuously generated by the websites, applications, servers, networks and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. More than 3,700 enterprises, universities, government agencies and service providers in more than 75 countries use Splunk Enterprise to gain operational intelligence that deepens business understanding, improves service and uptime, reduces cost and mitigates cyber-security risk. To learn more please visit

Stonesoft delivers the industry's most innovative and adaptable network security solutions to protect against advanced threats and reduce network complexity. Through our scalable NGFW, NGIPS, SSL-VPN and multi-factor authentication technologies, we bring military-grade security to any organization, while also delivering true next generation functionality. Built on a dynamic, integrated, software-based platform, Stonesoft solutions are highly adaptable, contextually aware, and easily managed and configured. Using Stonesoft's unique network security engine, users can pick and choose what kind of protection they need in a single solution, eliminate the need for upgrades and scale protection as their security requirements change. In effect, Stonesoft is the only provider in the industry to deliver future-proof security. For more information, visit

Tenable Network Security is relied upon by more than 15,000 organizations, including the entire U.S. Department of Defense and many of the world’s largest companies and governments, to stay ahead of emerging vulnerabilities, threats and compliance-related risks. Its Nessus and SecurityCenter solutions continue to set the standard for identifying vulnerabilities, preventing attacks and complying with a multitude of regulatory requirements. For more information, please visit

ThreatTrack Security specializes in helping organizations identify and stop Advanced Persistent Threats (APTs), targeted attacks and other sophisticated malware that are designed to evade the traditional cyber-defenses deployed by enterprises, and small and medium-sized businesses (SMBs) around the world. The company develops advanced cybersecurity solutions that analyze, detect and remediate the latest malicious threats, including its ThreatAnalyzer malware behavioral analysis sandbox, VIPRE business and consumer antivirus software, and ThreatIQ real-time threat awareness service. To learn more, visit

Tripwire is a leading global provider of risk-based security and compliance management solutions, enabling enterprises, government agencies and service providers to effectively connect security to their business. Tripwire provides the broadest set of foundational security controls including security configuration management, vulnerability management, file integrity monitoring, log and event management. Tripwire solutions deliver unprecedented visibility, business context and security business intelligence allowing extended enterprises to protect sensitive data from breaches, vulnerabilities, and threats. Learn more at or follow us @TripwireInc on Twitter.

Silver Plus Sponsors

BeyondTrust is the only security solution vendor providing Context-Aware Security Intelligence, giving customers the visibility and controls necessary to reduce their IT security risks, while at the same time simplifying their compliance reporting. BeyondTrust offers consistent policy-driven vulnerability and privilege management, role-based access control, monitoring, logging, auditing and reporting to protect internal assets from the inside out. The company’s products empower IT governance to strengthen security, improve productivity, drive compliance, and reduce expense across physical, virtual, mobile and cloud environments. To learn more, visit

The Bit9 Trust-based Security Platform continuously monitors and records all activity on servers and endpoints to detect and stop the advanced persistent threat that evades traditional security defenses. A cloud-based software reputation service combined with policy-driven application control and whitelisting provide the most reliable form of security and malware protection in a model that can be rapidly implemented with less maintenance than traditional tools.

Click Security is all about Real-time Security Analytics. We find the unknown attack activity hidden in the "event haystack" that today goes unnoticed until it is too late.

Signature-based products are easily evaded. Security event logging / management systems and forensics tools are designed only for postmortem analysis of highly structured events. Click Security finds the linkages between seemingly independent network activity events and automatically builds live, "actor-based" information through interactive visualizations – empowering the analyst to see, prioritize, and halt anomalous activity with revolutionary speed and accuracy.

It's all made possible through a breakthrough real-time processing data flow engine; a revolutionary ability to encode any security analytic through open-design, shareable Click Modules; and a world-class module development agency – Click Labs.

Click Security has the only solution designed to move far beyond the traditional "point product" model into the realm of an open security analytics platform enabling crowd-sourced security intelligence sharing.

Click Security is based in Austin, Texas and backed by Sequoia Capital.

Code 42 Software is the creator of CrashPlan, CrashPlan PRO and CrashPlan PROe, award-winning onsite, offsite and cloud backup solutions for consumers and businesses. Established in 2001 as a software development company specializing in enterprise solutions, Code 42 continues to deliver high-performance, easy-to-use hardware and software that protect the world’s data. CrashPlan PROe provides people-friendly, enterprise-tough and secure backup. Engineered with laptops in mind, PROe is continuous backup that won't slow you down and its self-service restores free up IT. PROe is an end-to-end data security solution that automatically encrypts on the source device and remains encrypted during transit and storage. Additionally, PROs's cross-platform backup lets you back up everyone, everywhere. For more information, visit

Cybertap LLC delivers powerful and human-oriented tools to investigators of net-based activity. As more and more organizations capture and retain their raw network traffic to deal with network-oriented reduction of employee productivity, loss/theft of valuable assets, conduct of crimes, and planning of terrorist actions, investigators need tools that allow them to work with and understand that data contextually in its original form as web pages, e-mail, Facebook, and documents. Cybertap Recon reassembles raw network traffic back into its original human-facing form, indexes it for comprehensive and rapid search, and provides investigators with sophisticated analysis tools with which to visualize the content, establish connections, and thus make cases. Recon supports 'Insider Threat' investigations, eDiscovery, eFOIA, lawful intercept, intelligence uses, cyber security, and net-based activity impact assessments.

For additional information, please visit:

Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, applications and sensitive information to improve compliance, productivity and protect organizations against insider threats and advanced external threats. With its award-winning Privileged Identity Management, Sensitive Information Management and Privileged Session Management Suites, organizations can more effectively manage and govern data center access and activities, whether on-premise, off-premise or in the cloud, while demonstrating returns on security investments.

Cyber-Ark Software was founded in 1999 by a team of industry-recognized security experts with the aim of producing a truly effective security offering where complete end-to-end security was the initial, key design consideration rather than applied as an afterthought. Cyber-Ark works with over 1,000 global customers, including more than 35 percent of the Fortune 100 and 7 of the 10 largest banks worldwide

ESET® is on the forefront of proactive endpoint protection, delivering trusted security solutions to make the Internet safer for businesses and consumers. For over 25 years, ESET has led the industry in proactive threat detection and its award-winning NOD32® Antivirus technology has detected 100% of the WildList Organization “In-the-Wild” malware samples since testing began in 1998. ESET recently received its 78th VB100 award and consistently earns high ratings from AV-Comparatives, Virus Bulletin, AV-TEST and other independent testing organizations. ESET NOD32 Antivirus, ESET Smart Security®, ESET Endpoint Solutions, ESET Mobile Security and ESET Cyber Security (solution for Mac®) are trusted by millions of users and are among the most recommended security solutions in the world. IDC has recognized ESET as a top five corporate anti-malware provider.

FireHost is the leader in secure cloud hosting, protecting critical data and brand reputations for companies with significant security, compliance, performance and managed services needs. Since 2009, it has made hacker awareness, management, and prevention a standard part of every customer’s secure cloud hosting environment, blocking more than 60 million attacks on behalf of its customers in 2012 alone. Our company offers the most comprehensive, fully managed cloud infrastructure-as-a-service (IaaS) available today, built specifically for the needs of companies governed by PCI and HIPAA compliance regulations. Some of the largest healthcare, payments and SaaS companies in the world subscribe to FireHost’s secure cloud to ensure their data is safe and always available. FireHost provides services from Dallas, Phoenix, London and Amsterdam.

FireMon is the industry leader in providing enterprises, governments and managed services providers with advanced security management solutions that deliver deeper visibility and tighter control over their network security infrastructure. The integrated FireMon solution suite – Security Manager, Policy Planner and Risk Analyzer – enables customers to identify network risk, proactively prevent access to vulnerable assets, clean up firewall policies, automate compliance, strengthen security throughout the organization, and reduce the cost of security operations. For more information, visit

Ixia develops amazing products so its customers can connect the world. Ixia helps its customers provide an always-on user experience through fast, secure delivery of dynamic, connected technologies and services. Through actionable insights that accelerate and secure application and service delivery, Ixia's customers benefit from faster time to market, optimized application performance and higher-quality deployments. Learn more at

McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. Backed by global threat intelligence, our solutions empower home users and organizations by enabling them to safely connect to and use the Internet, prove compliance, protect data, prevent disruptions, identify vulnerabilities, and monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe.

Palo Alto Networks™ is the network security company. Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 20Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Most recently, Palo Alto Networks has enabled enterprises to extend this same network security to remote users with the release of GlobalProtect™ and to combat targeted malware with its WildFire™ service.

We help organizations keep data safe and block the growing number of complex threats. We protect everywhere and offer complete security with our full range of endpoint, encryption, email, web, network security and UTM products.
We help customers protect their businesses and meet compliance needs. And all our customers benefit from the expertise of our threat analysts located around the world. Their research is at the heart of everything we do. They quickly find the latest threats and update protection for our customers automatically. Plus, our support engineers are experts on all our products, and they're available whenever you need them.
We make our products easy to install and use so you spend less time managing security. With Sophos you can focus on the needs of your business because we're securing your entire organization.

Founded in 1995, SSH Communications Security is the company that invented the SSH protocol - the gold standard protocol for data-in-transit security solutions. Today, over 3,000 customers across the globe, including 7 of the Fortune 10, trust our Information Assurance Platform to secure the path to their information assets. Our platform enables businesses of all types and sizes to protect their information assets by:

  • Developing gold standard data-in-transit security solutions that prevents data loss in both internal and external environments
  • Delivering hardened perimeter security through our multi-channel two-factor authentication
  • Providing internal security control management solutions that enables organizations to more easily manage user keys and monitor administrator traffic across your networks

Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Visit

VMware(NYSE: VMW), the global leader in virtualization and cloud infrastructure, delivers customer-proven solutions that accelerate IT by reducing complexity and enabling more flexible, agile service delivery. VMware enables enterprises to adopt a cloud model that addresses their unique business challenges. VMware's approach accelerates the transition to cloud computing while preserving existing investments and improving security and control. With more than 250,000 customers and 25,000 partners, VMware solutions help organizations of all sizes lower costs, increase business agility and ensure freedom of choice.

Visit for more information.

Websense, Inc. (NASDAQ: WBSN) is a global leader in protecting organizations from the latest cyber attacks and data theft. Websense TRITON comprehensive security solutions unify web security, email security, mobile security and data loss prevention (DLP) at the lowest total cost of ownership. Tens of thousands of enterprises rely on Websense TRITON security intelligence to stop advanced persistent threats, targeted attacks and evolving malware. Websense prevents data breaches, intellectual property theft and enforces security compliance and best practices. A global network of channel partners distributes scalable, unified appliance- and cloud-based Websense TRITON solutions.

Websense TRITON stops more threats, visit to see proof. To access the latest Websense security insights and connect through social media, please visit For more information, visit and

Silver Sponsors

AccessData Group has pioneered computer forensics and litigation support for more than twenty years and is the maker of FTK and Summation. Over that time, the company has grown to provide a family of stand-alone and enterprise-class solutions that enable digital investigations of any kind, including computer forensics, incident response, e-discovery, legal review, IP theft, compliance auditing and information assurance. More than 100,000 users in law enforcement, government agencies, corporations and law firms around the world rely on AccessData software solutions and its premier digital investigations and hosted review services. AccessData Group is also a leading provider of digital forensics and litigation support training and certification., a Fortune 500 company based in Seattle, opened on the World Wide Web in July 1995 and offers Earth's Biggest Selection, where customers can find and discover anything they might want to buy online. The brightest minds come to Amazon to develop technology that improves the lives of shoppers and sellers around the world. Always looking for new ways to help customers, in 2006 Amazon opened up access for developers to on-demand technology infrastructure services based in the company’s own back-end platform through Amazon Web Services (AWS). The AWS platform has grown rapidly since the launch of the first service and it is now the underlying infrastructure for hundreds of thousands of businesses in over 190 countries around the world from start-ups to enterprises to government agencies. Examples of Amazon Web Services’ technologies include Amazon Elastic Compute Cloud, Amazon Simple Storage Service, Amazon SimpleDB, Amazon Simple Queue Service, Amazon Flexible Payments Service, and Amazon Mechanical Turk. For more info, visit:

Appthority provides the industry’s first fully automated App Risk Management service that employs static and dynamic analysis to discover the true behavior of apps and measure the total risk within minutes. Bringing trust to the app ecosystem, the company has built the largest database of analyzed public and private apps from a global network of sources. Appthority has analyzed over a million apps for its customers, allowing organizations to protect corporate privacy and mitigate risks associated with unwanted app behaviors. Appthority is the only service that assesses multiple mobile operating systems, is cloud-based and platform-agnostic. Via a standalone web portal or as an extensive network of integration partners, Appthority brings security and app risk management to existing enterprise mobility solutions like MAM and MDM.

From the enterprise perimeter to the service provider core, the world’s leading network operators rely on Arbor Networks to proactively fend off malicious threats such as botnets, malware and distributed denial of service (DDoS) attacks, while strengthening the availability and quality of their services. Through its unparalleled, privileged relationships with worldwide service providers and global network operators, Arbor provides unequalled insight into and perspective on Internet security and traffic trends via ATLAS ®, a unique partnership with 270+ network operators across the globe who share an amazing 42Tbps of network traffic. This unique view gives Arbor customers a considerable competitive advantage because of the powerful combination of the micro view of their own network together with the macro view of global Internet traffic. With this unique vantage point, Arbor is ideally positioned to deliver intelligence about malware, exploits, phishing and botnets that threaten Internet infrastructure and services.

Barracuda Networks is the leading provider of award-winning IT solutions designed to simplify and secure your network. With fanatical support and a portfolio spanning security, networking and data protection, Barracuda Networks solutions ensure total business continuity. Our market leading Web Application firewall improves application delivery and security when it matters most — 24 hours a day. The award-winning Barracuda NG Firewall protects your business and improves connectivity whether you have one office or offices all over the world allowing granular management from a central location. Our ADC, security and content filtering solutions allow you to report, monitor and control social media and Web applications that cause security, bandwidth and productivity issues for organizations of all sizes.

BlackBerry Security, Research in Motion (RIM), is a world class organization providing end to end security focus including: driving the BlackBerry security message globally, security accreditations, development of security products, advanced threat research, building mitigations into BlackBerry products, and by rapidly responding to security incidents. More information:

Coverity, Inc., the leader in development testing, is the trusted standard for companies that need to protect their brands and bottom lines from software failures. More than 1,100 Coverity customers use the Coverity Development Testing Platform to automatically test source code for software defects that could lead to product crashes, unexpected behavior, security breaches or catastrophic failure. Coverity is a privately held company headquartered in San Francisco. Follow us on Twitter or check out our blog.



As the experts in advanced threat protection, Damballa discovers active threats that bypass all security prevention layers. Damballa identifies evidence of malicious network traffic in real time, rapidly pinpointing the compromised devices that represent the highest risk. Our patent-pending solutions automatically detect and terminate criminal activity, stopping data theft, minimizing business disruption, and reducing the time to response and remediation. Damballa protects any device or OS including PCs, Macs, Unix, iOS, Android, and embedded systems. Damballa protects more than 300 million endpoints globally at enterprises in every major market and for the world's largest ISP and telecommunications providers. For more information, visit, or follow us on Twitter @DamballaInc.

Emulex, a leader in network connectivity, monitoring and management, provides hardware and software solutions for global networks that support enterprise, cloud, government and telecommunications. Emulex’s products enable unrivaled end-to-end application visibility, optimization and acceleration. The Company's I/O connectivity offerings, including its line of ultra high-performance Ethernet and Fibre Channel-based connectivity products, have been designed into server and storage solutions from leading OEMs, including Cisco, Dell, EMC, Fujitsu, Hitachi, HP, Huawei, IBM, NetApp and Oracle, and can be found in the data centers of nearly all of the Fortune 1000. Emulex’s monitoring and management solutions, including its portfolio of network visibility and recording products, provide organizations with complete network performance management at speeds up to 100Gb Ethernet. Emulex is headquartered in Costa Mesa, Calif., and has offices and research facilities in North America, Asia and Europe. For more information about Emulex (NYSE:ELX) please visit

ERPScan is an award-winning innovative company founded in 2010, the leading SAP AG partner in discovering and solving security vulnerabilities. ERPScan is engaged in the research of ERP and business application security, particularly SAP, and the development of SAP system security monitoring, compliance, and cybercrime prevention software. Besides, the company renders consulting services for secure configuration, development, and implementation of SAP systems which are used by SAP AG and Fortune 500 companies, and conducts comprehensive assessments and penetration testing of custom solutions.

The company’s expertise is based on research conducted by the ERPScan research subdivision which is engaged in vulnerability research and analysis of critical enterprise applications and gain multiple acknowledgments from biggest software vendors like SAP, Oracle, IBM, VMware, Adobe, HP, Kaspersky, Apache, and Alcatel for finding vulnerabilities in their solutions. ERPScan experts are frequent speakers in prime international conferences held in USA, Europe, CEMEA, and Asia, such as BlackHat, RSA, HITB, and Defcon. ERPScan researchers lead project OWASP-EAS, which is focused on enterprise application security. Our flagship product is ERPScan Security Monitoring Suite for SAP: award-winning innovative software and the only solution in the market which can analyze all tiers of ERP security (continuous monitoring, standard compliance, vulnerability assessment, SoD, and source code review).

For more details, please visit

F5 Networks is the global leader in Application Delivery Networking (ADN), focused on ensuring the secure, reliable, and fast delivery of applications. F5's flexible architectural framework enables community-driven innovation that helps organizations enhance IT agility and dynamically deliver services that generate true business value. F5's vision of unified application and data delivery offers customers an unprecedented level of choice in how they deploy ADN solutions. It redefines the management of application, server, storage, and network resources, streamlining application delivery and reducing costs. Global enterprise organizations, service and cloud providers, and Web 2.0 content providers trust F5 to keep their business moving forward. For more information, go to

Fluke Networks is the world-leading provider of network test and monitoring solutions to speed the deployment and improve the perfor­mance of networks and applications. Leading enterprises and service providers trust Fluke Networks' products and expertise to help solve today's toughest issues and emerging challenges in WLAN security, mobility, unified communications and datacenters. Based in Everett, Washington, the company distributes products in more than 50 countries. For more information on our wireless solutions, visit

ForeScout is the leading provider of automated security control solutions for Fortune 1000 enterprises and government organizations. ForeScout's automated solutions for network access control, mobile security, threat prevention and endpoint compliance empower organizations to gain access agility while preempting risks and eliminating remediation costs. Because ForeScout's CounterACT portfolio is easy to deploy, unobtrusive, intelligent and scalable, they have been chosen by over 1000 of the world's most secure enterprises and military installations for global deployments spanning 37 countries. Within hours, ForeScout customers can see and control everything on their network—all devices, all operating systems, all applications, all users.

Fortinet, a global provider of IT security, delivers customer-proven solutions providing organizations with the power to protect and control their IT infrastructure. Our customers rely on our purpose-built technologies, integrated solution architecture, and global security intelligence to block external threats and gain precise control of their network, data, and users. With 150,000+ customers in every industry around the world, Fortinet has the broad base of experience necessary to help secure diverse networks, and improve network and business performance.

Fortinet is a 100% security focused company, and was created with an integrated security vision to increase protection and control, while optimizing performance, simplifying management and reducing costs. The company pioneered an innovative, high performance multithread network security platform to address the fundamental problems of ever-evolving, sophisticated multi-vector IT threat landscape. Fortinet has pursued that vision for the last 12 years by continuing to innovate and enrich its solution portfolio.

Gigamon® provides an intelligent Visibility Fabric™ architecture to enable the management of increasingly complex networks. Gigamon technology empowers infrastructure architects, managers and operators with pervasive visibility and control of traffic across both physical and virtual environments without affecting the performance or stability of the production network. Through patented technologies, centralized management and a portfolio of high availability and high-density fabric nodes, network traffic is intelligently delivered to management, monitoring and security systems. Gigamon solutions have been deployed globally across enterprise, data centers and service providers, including over half of the Fortune 100 and many government and federal agencies.

Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase® platform provides proven solutions for government, corporate and law enforcement organizations to respond to computer security incidents, eDiscovery requests or regulatory inquiries; conduct internal investigations; perform data and compliance auditing; and secure sensitive data. There are more than 30,000 licensed users of the EnCase technology worldwide, and thousands attend Guidance Software's renowned training programs annually. For more information, visit:

GuruCul is the leading provider of security and business intelligence solutions. GuruCul products will improve risk, threat, and compliance postures by applying a unique identity centric approach of correlating identity, activity, and access information to provide actionable data and prioritized alerts. GuruCul has developed industry's most advanced patent pending algorithms for risk profiling and analyzing trends, to detect threats and anomalous behavior. GuruCul's intelligent risk platform will help your organization efficiently protect intellectual property and effectively manage risk.

GuruCul Risk Analytics Capabilities:

  • 360 view of user Identity, Access, and Activity Profile Information
  • Advanced Identity, Access, and Activity Analytics
  • Insider and Advanced Persistent Threat Detection
  • Risk Based Access Controls
  • Privileged & Shared Account Monitoring
  • Identity and Access Intelligence
  • Risk Based Compliance
  • Activity Self Audit Statements
  • Forensic / Investigation Assistance
  • Intelligent Roles Based Access

IronKey™ solutions meet the challenge of protecting today’s mobile workforce, featuring secure USB solutions for data transport and mobile workspaces. The IronKey line includes the world’s leading hardware encrypted USB drives, PC on a Stick™ workspaces for Windows To Go, and cloud-based or on-premise centralized secure device management solutions.

The IronKey drive was designed and built to be The World’s Most Secure Flash Drive™. The IronKey brand has earned a reputation for high-security, ruggedness, strong customer support, a user-friendly interface and cloud-based device management. These are attributes that Imation extends across its line of portable, secure USB solutions.

IronKey is the mobile security portfolio of Imation Corp. Imation common stock is traded on the New York Stock Exchange under the trading symbol “IMN.”

Immunity is an industry leader in discovering, developing and delivering offensive information security technologies and services. This includes exploitation and vulnerability analysis software, wireless penetration testing hardware, security analysis services and attack training.

Immunity products include exploitation development tools, vulnerability assessment tools, and remote control technologies. Immunity delivers consulting services including penetration testing, vulnerability management, and Immunity's experts provide regular training classes.

Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope’s security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visit

Magnet Forensics is a global leader in the development of forensic software solutions. Our flagship product INTERNET EVIDENCE FINDER™ (IEF) was developed by a former forensic examiner who recognized the need for an easy to use, comprehensive tool to help perform digital investigations. Since its creation, IEF has quickly become a trusted solution for thousands of the world’s top law enforcement, government, military and corporate organizations in over 92 countries, used to recover 200+ Internet-related communications to support their most important investigations. For a free 14-day trial of IEF please click here, or visit us online at:

Mocana unlocks the extended mobile enterprise and simplifies wide-scale deployments by securing apps automatically, in seconds. The company's Mobile Application Protection (MAP™) app-shielding solution - distributed globally by SAP - mitigates the complexities of mobile management, while freeing developers from tedious and expensive security coding projects. Launched in 2004 and recognized by the World Economic Forum as a 2012 Technology Pioneer, Mocana is the app security expert, with deep expertise born from a decade of experience securing mission- and life-critical embedded devices across the Internet of Things; from mobile handsets to medical devices to aerospace and defense, from datacom to retail POS to smart grid and industrial automation.

Since its inception in 1986, NCP Engineering has delivered innovative software that allows enterprises to implement a new way to secure remote access and overcome the complexities of creating, managing and maintaining network access. NCP's award winning product line spans the spectrum of remote access, from hybrid IPSec / SSL VPN to end-point firewalls and network access control (NAC) functions. The company's products support organizations with complex remote user needs, who want to leverage the latest end-devices to increase staff productivity, reduce network administration and adapt policy changes on-the-fly. Each solution is interoperable with existing third-party software or hardware. Headquartered in the San Francisco Bay Area, the company serves 30,000+customers worldwide throughout the healthcare, financial, education and government markets, as well as many Fortune 500 companies. NCP has established a network of national and regional technology, channel, and OEM partners to serve their customers.

Please visit for more information

Net Optics is the leading provider of total application and network visibility solutions that deliver real-time intelligence for peak performance in network monitoring and security. Businesses rely on us for scalable, end-to-end visibility, enabling them to optimize network functionality across physical, virtual and cloud environments as well as branch offices.

We provide total visibility into the entire network, helping customers control access while remaining secure and compliant. We allow them to maintain data and network integrity as they move into cloud computing and creation and hosting of critical applications.

Currently, more than 7,500 enterprises, service providers and government organizations—including 85 of the Fortune 100—trust Net Optics’ plug-and-play family of Application-Aware Network Performance Management (AA-NPM), Network Packet Broker (NPB), Virtual/Cloud and Visibility Management System (VMS) solutions to deliver immediate results and quick time-to-value through an easy-to-use interface. We maintain a global presence through leading OEM partner and reseller networks.

NopSec helps businesses holistically manage IT security vulnerabilities for applications and infrastructure, on premises and in the cloud. We believe that proactively reducing risk can complement and enable business objectives. Our flagship product, Unified VRM, aggregates the results of 3rd party scanners, proactively prioritizes vulnerabilities based on business risk, and expedites remediation by automating the ticketing process and reports. NopSec was selected as one of the "Top Emerging Security Vendors 2012" CRN Magazine in 2012. For more information on Unified VRM, please visit:

Onapsis is the leading provider of cybersecurity, compliance and continuous monitoring solutions for ERP systems and business-critical infrastructure. Through its innovative solutions, Onapsis helps its customers to protect their core business platforms from espionage, sabotage and fraud attacks.

Large organizations rely on SAP, Oracle E-Business Suite, PeopleSoft and Siebel platforms to store and process their most sensitive business information. Onapsis enables them to increase the security level of these systems while enforcing compliance requirements, decreasing financial fraud risks and reducing audit costs drastically. Onapsis solutions are trusted by several Fortune Global 100 companies, large governmental entities and military agencies.

Onapsis X1, the company's flagship product, is the industry's first comprehensive solution for the Automated Security Assessment of SAP platforms. Being the first and only SAP-certified solution of its kind, Onapsis X1 Enterprise allows customers to perform Automated Vulnerability Assessments and Security & Compliance Audits over their entire SAP platform. For organizations that need to go deeper, Onapsis X1 Consulting Pro also safely exploits existing weaknesses to illustrate the associated business impacts.

Onapsis is built upon a world-renowned team of experienced security researchers leading the SAP & ERP security fields. These experts were also the first to perform specialized SAP Penetration Tests, Vulnerability Assessments and Security Audits. Because of its cutting-edge research, Onapsis is continuously invited to lecture at the most important security conferences in the world, private companies and defense agencies.

If you are wondering whether your ERP systems and business-critical infrastructure are exposed, find more information at

OPSWAT is the industry leader in software management SDKs, interoperability certification, secure browsing technology and multiple-engine malware scanning solutions. OPSWAT's Metascan technology enables easy API integration of multiple anti-malware engines into proprietary solutions. Combining up to 30 antivirus engines in a single box, Metascan optimizes engines to scan simultaneously and efficiently. Metascan technology is licensed by many large corporations, governments, and defense agencies for malware research and advanced threat detection. Metascan is also synergetic with third-party sandboxing tools for effectively analyzing malicious code. Try the online demo at OPSWAT also offers: Secure Virtual Desktop for shielding sensitive data while browsing anonymously from any computer (perfect for securing access to cloud-based solutions); GEARS for managing networks from the cloud and identifying potential security risks on endpoints; AppRemover for thoroughly uninstalling security applications; and MD4SA for quickly scanning endpoints for active malware without the need for installation.

Founded in 1944, Parsons is an engineering, construction, technical, and professional services firm with revenues of $3 billion in 2012.

Parsons is a leader in many diversified markets with a focus on defense/security, environmental/infrastructure, transportation, and resources. Parsons delivers design/design-build, program/construction management, and other professional services packaged in innovative alternative delivery methods to federal, regional, and local government agencies, as well as to private industrial customers worldwide.

We conquer the toughest logistical and technical challenges and deliver landmark projects across the globe. Today, more than 11,500 employees are engaged in executing more than 2,000 projects in 25 countries around the world. For more about Parsons, please visit

PhishMe provides organizations the ability to improve their employees’ resilience towards spear phishing, malware, and drive-by attacks. The detailed metrics PhishMe provides make it easy to measure the organization’s progress in successfully managing employees’ security behavior. With over 3.5 million individuals trained in 140 countries, PhishMe has been proven to reduce the threat of employees falling victim to advanced cyber attacks by up to 80 percent.

PhishMe’s methodology entails periodically immersing employees in simulated phishing scenarios, and presenting bite-sized, engaging training, instantly to those found susceptible. The solution provides clear and accurate reporting on user behavior, allowing customers to measure improvement over time. PhishMe works with Federal Agencies and Fortune 1000 companies across many industries to include financial services, healthcare, higher education and defense. For additional information, please visit:

Pico Computing offers scalable, FPGA-based platforms for embedded and high performance computing. Customer applications include cryptography, signal and video processing, DSP, bioinformatics and financial computing.

We specialize in highly integrated computing platforms based on Field Programmable Gate Array (FPGA) technologies. We offer standard and custom products, and we provide consulting and engineering services. We are the experts in FPGA-accelerated algorithms for data security.

Pico Computing E-Series cards are designed to be easy to use, fast to deploy, and scalable. Use a single E-Series card for rapid algorithm prototyping. Deploy your application as an embedded system, or scale to multiple FPGAs using an SC-Series FPGA cluster.

Pico EX-Series boards offer high performance for the most demanding data security applications. Deploy multiple EX-Series boards in a rack-mounted cluster for truly amazing levels of password cracking performance. Our latest FPGA computing board, the Pico EX-500, can be equipped with up to 12 Xilinx FPGAs on a single, 16-lane PCI Express card. Up to 11 EX-500 cards can be installed in a standard 4U rack mounted chassis.

Pico Computing is headquartered in Seattle, Washington and has customers worldwide. For more information or to request a free Data Security White Paper, visit

Proofpoint, Inc. (NASDAQ:PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance and secure communications. Organizations around the world depend on Proofpoint's expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information.

Radware (NASDAQ:RDWR), a global leader in integrated application delivery and network security solutions, assures the full availability, maximum performance, and complete security of business-critical applications for nearly 10,000 enterprises and carriers worldwide. Radware's family of cutting-edge security solutions provide integrated application and network security technologies to enhance best of breed, multi-layered security architectures.

The full suite of award-winning attack mitigation technologies include: intrusion prevention, web application firewall, DoS protection, network behavioral analysis, and reputation preservation capabilities. These are integrated into one solution Ð DefensePro® Ð for ease of deployment and cost-effectiveness. These technologies are complemented by an advanced SEIM management and forensics system (APSolute Visionª) and professional security services. Radware's Emergency Response Team (ERT) provides 24*7, on-site support for customers facing immediate attack. In addition, Radware' security operations center (SOC) provides necessary ongoing updates for emergency signature creation; emerging threat mitigation, detection and updates; and custom signature development. Both the ERT and SOC have been industry recognized for providing first and necessary safeguards against: WikiLeaks Operation Payback; South Korean DDoS attacks; and iPhone, Oracle, Italian Job and Windows vulnerabilities.

Radware also provides a custom Managed Security Service Provider (MSSP) solution for target customers in need. With this complete suite of products, services, and tailored offerings, Radware is optimally suited to meet your current and emerging security needs.

For more information on how Radware can take your security operations to the next level, please visit or contact us at

RedSeal Networks is the leading provider of risk based security management solutions for cyber attack prevention. The RedSeal Platform delivers the industry’s most powerful network security insights, enabling enterprises to continuously audit and monitor IT compliance. Using patented network visualization and predictive threat modeling, RedSeal eliminates network security dark space by providing the most complete picture of access risk. Backed by Venrock, OVP, Sutter Hill, JAFCO, Leapfrog and IN-Q-Tel, RedSeal is used by the world’s largest government and commercial organizations to dramatically cut compliance costs, prioritize vulnerability remediation efforts and reduce IT security risk profiles. For more information, visit

ReversingLabs delivers industry leading file analysis tools that drastically accelerate and broaden security analysts' ability to detect new threats, respond to incidents, find hidden information and verify software integrity.

TitaniumCore™ is the world's fastest and most comprehensive tool for automated static decomposition of files. The engine automatically extracts all contained objects and their internal information from a sample and stores them in a database for further analysis. A single server can process 100,000 samples daily.

TitaniumCloud™ service provides internal information and virus scanning results for over 1Billion goodware and malware files. Samples are scanned twice daily with 27 anti-virus products and the history is stored in the TiCloud database.

ReversingLabs products reduce analysis tasks from days to seconds, enabling analysts to respond quicker and cover more potential threats. Our customers include antivirus vendors, security vendors, government agencies, and commercial enterprises across the globe. Visit us at:

SAINT Corporation, a global leader in network security, offers the first integrated vulnerability assessment and penetration testing. Examine your network with the SAINT vulnerability scanner, and expose where an attacker could breach your network. Go to a higher level of visibility with the SAINTexploit penetration testing tool and exploit the vulnerability to prove its existence without a doubt. The SAINT scanner and penetration testing tools are fully integrated within the same interface, making it easy to determine where to begin remediation--with the exploitable vulnerabilities found by the scanner. WebSAINT, the online SaaS (Software as a Service) vulnerability scanner, is ideal for organizations that need to perform vulnerability scans or meet PCI ASV third party quarterly scanning requirements. SAINT is a PCI Approved Scanning Vendor (ASV). WebSAINT Pro is the online SaaS solution that includes vulnerability scanning, penetration testing, and Web application scanning along with the full functionality of the award winning SAINT scanner and exploit technology. In 2011, SAINTscanner became the first product to receive validation by NIST for the U.S. Government Configuration Baseline (USGCB) as well as FDCC and other scanner specifications. SAINT SCAP supports includes OVAL, CPE and CVE enumeration, and CVSS scoring.

SAINT can help to

  • Manage and reduce security risks to your network
  • Document compliance with government and industry regulations like PCI, HIPAA, SOX, FISMA, and with internal policies
  • Emulate potential attackers with the suite of exploit tools.

For more information, visit, call 1(800) 596-2006 or send a message to

Secure Ninja- Expert InfoSec Training and Certification & Security Services. CISSP, CEH v7.1, CHFI v8, Security+, CISM, ECSA, FITSP, VMware, Cloud Security, PMP and more. Secure Ninja has trained and/or certified thousands of individuals. With an overall course pass rate approaching 98%, Secure Ninja is well above the industry average for technical training success. Our classes come in flexible formats (Boot Camp, Live Online, Evenings, Weekends and On-site) to meet your busy schedule or organizational need. Secure Ninja services/consulting specialize in governance, risk and compliance programs for government agencies including information assurance, IV&V security assessments, and cyber-security solutions. Secure Ninja has the knowledge and experience to keep your sensitive information safe. All Black Hat USA 2012 attendees receive 20% off our regular pricing. For More information call 703-535-8600 or visit

Securonix is the Security Intelligence Platform that identifies IT threats using advanced identity, access, and behavior analytics and scores the results in actionable business risk terms. Security, risk, and fraud management groups use Securonix to focus their SOC, IT risk, SIEM, IAM, DLP and fraud programs on the real and emerging threats.

Skybox Security provides security risk management solutions for large enterprises and government and defense agencies worldwide. Skybox’s platform for vulnerability and threat management, and network security management leverage unique technology that excels in solving difficult cybersecurity challenges, enabling network visibility, preventing attacks and improving security processes.

Nac-tile Dysfunction? Don’t suffer in silence. StillSecure Safe Access NAC: Deploy within an hour for full visibility of your network, and of course manage that BEEEYOD guy. Safe Access is the leading provider of Network Access Control (NAC) for the US DoD and heavily deployed within the commercial sector. Providing visibility, knowledge and control, Safe Access helps to fulfill compliance across industry. Over 2,000 vendor agnostic tests allow you to tailor your compliance policy, enforce, quarantine and remediate for a much more satisfying experience. Safe Access is fully virtualizable, reducing your hardware and administration costs.

For more information please visit

StrongAuth, Inc. is a Silicon Valley-based company that has been focused on enterprise key-management infrastructure since 2001. It is the creator of many free and open-source cryptographic tools, as well as a web-application architecture for secure cloud computing.

Regulatory Compliant Cloud Computing (RC3). Some of StrongAuth's open-source solutions include:

  • StrongKey - the industry's first open-source Symmetric Key Management System (SKMS)
  • StrongAuth KeyAppliance - the industry's first encryption, tokenization and key-management appliance
  • StrongKey CryptoEngine - an open-source library for encrypting files/objects for the Cloud
  • StrongKey CryptoCabinet - an open-source web-application built using the RC3 architecture
Building PKIs and SKMS for some of the smallest and largest companies in the world, its value-packed solutions are used in mission-critical environments to keep information secure.

TeleCommunication Systems, Inc. (TCS) (NASDAQ: TSYS) is a world leader in highly reliable and secure mobile communication technology, training, and services. TCS infrastructure forms the foundation for market-leading solutions in E9-1-1, text messaging, commercial location and deployable wireless communications. TCS is at the forefront of new mobile cloud computing services providing wireless applications for navigation, hyper-local search, asset tracking, social applications and telematics. TCS trains tomorrow’s cyber security experts through its Art of Exploitation (AoE) curriculum, which delivers focused training to aspiring cyber experts. Government agencies utilize TCS' cyber security expertise and professional services for mission-critical communications. Headquartered in Annapolis, MD, TCS maintains technical, service and sales offices around the world. To learn more about emerging and innovative wireless technologies, visit

The Hacker Academy (THA) is an online learning platform for ethical hacking and penetration testing that provides real world tools, concepts, and 24/7 hands on training in a cloud based environment. The Hacker Academy provides a true understanding of how hacking actually works and what it feels like from a "bad guys" perspective, which arms you with the knowledge to protect your own systems.

THA is a division of MAD Security, an information security training firm focused on the human side of information security. While technology helps to stop hackers, viruses and malware, humans remain the single biggest threat. MAD Security's deep understanding of human nature has led to the development of a unique approach that enables our clients to effectively reduce the threat against their organizations. For more information, visit:

TIBCO LogLogic® is a leading log and security management provider. Trusted globally by 1000+ companies and 200+ partners, our solutions collect and analyze terabytes of Big Data generated by IT assets and give Security, Compliance, and IT Operations professionals actionable information to identify issues within their environment proactively or for forensics.


University of Maryland University College (UMUC) is a member institution of the University System of Maryland and a leader in high-quality online education. As a natural evolution of its programs in information assurance, the university has launched undergraduate and graduate degrees and certificates in cybersecurity, cybersecurity policy, data analytics, digital forensics and cyber investigation. Located near the nation's capital, UMUC is one of the largest public universities in the United States, serving 92,000 students and offering more than 95 undergraduate and graduate programs. It is an NSA/DHS Center of Academic Excellence for Information Assurance Education. To learn more, visit

Mobile apps are ground-zero for new cyber attacks due to the ease at which attackers can access sensitive data through insecure mobile apps. Attackers get to these mobile apps through targeted or automated attacks. Because mobile apps are installed on personal mobile devices traditional security approaches are no longer effective.

Companies attempt to secure mobile devices by using legacy end point security techniques. At the same time mobile users expect a seamless user experience. Companies are faced with having to strip out key security features or sacrifice the mobile user experience.

V-Key solves this problem. It secures the mobile apps themselves, not the device, with its one-of-a-kind intrusion protection and intelligence technology. V-Key ensures the security of your organization's data by securing the mobile apps not the device, rendering the data, mobile transactions and the mobile apps themselves far more secure than securing the device itself. Visit us at for more information.

VASCO Data Security is a leading provider of strong authentication and e-signature solutions, specializing in protecting online accounts, identities, and transactions. VASCO helps 10,000+ organizations in over 100 countries to ensure secure access to networks, web applications, LANs, and online portals for their customers, partners, and employees with a wide range of solutions from OTPs to mobile authentication to PKI. For more information, visit

Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys from the desktop to the datacenter built specifically for encryption management interoperability across heterogeneous environments. Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi also publishes best practices for effective key and certificate management at Venafi customers include the world's most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit

Vigilant by Deloitte is the cyber incident risk management solutions group of Deloitte & Touche LLP’s Security and Privacy Services, offering consulting services, managed services, and information services to help organizations protect their critical data and infrastructure from emerging cyber threats. In combination with Deloitte's larger portfolio of security services, we help companies with their information risk management initiatives, working to advance and evolve security solutions, improve enterprise security and value, and develop risk aware programs and processes. • Identity Access Management • Cyber Threat & Vulnerability Management • Governance, Risk & Compliance • Information & Technology Risk Management • Resiliency • Privacy & Data Protection • Enterprise Application Integrity

WatchGuard Technologies Since 1996, WatchGuard Technologies has provided reliable, easy-to-manage security appliances to hundreds of thousands of businesses worldwide. WatchGuard's award-winning extensible threat management (XTM) network security solutions combine firewall, VPN, and a suite of security services to boost protection in critical attack areas. The extensible content security (XCS) line of products offers content security across email and web, as well as data loss prevention. Both product lines help you meet regulatory compliance requirements including PCI DSS, HIPAA, SOX and GLBA. Represented by more than 15,000 partners in 120 countries, WatchGuard is headquartered in Seattle, Washington, with offices in North America, Latin America, Europe, and Asia Pacific. For more information, visit

Headquartered in Santa Clara, California, WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. It delivers the flexibility, simplicity and manageability that organizations need to take control of website security and prevent Web attacks. Furthermore, WhiteHat Sentinel enables automated mitigation of website vulnerabilities via integration with Web application firewalls and Snort-based intrusion prevention systems.

wolfSSL is an open source internet security company whose primary products include the wolfSSL embedded SSL library, wolfCrypt embedded crypto engine, SSL Inspection, and the wolfSSL Embedded Web Server. Primary users are programmers building security functionality into applications, devices, and cloud services. wolfSSL employs the dual licensing model offering products under both the GPLv2 as well as a standard commercial license.

wolfSSL's products are designed to offer optimal embedded performance, rapid integration into existing applications and platforms, the ability to leverage hardware crypto solutions, and support for the most current standards. All products are designed for ease-of-use with clean APIs, and are backed by a dedicated and responsive support and development team.

Wifi Networking Lounge

Founded in 2000, Stroz Friedberg is a global leader in investigations, intelligence, and risk services. It provides expertise in digital forensics, cybercrime and incident response, security science, forensic accounting, compliance, due diligence, data discovery and analytics. Working at the intersection of technology, investigations, regulatory governance and behavioral science, the company is driven by a core purpose—seeking truth so clients can find the assurance and answers they need to move forward with certainty.

With eleven offices across nine U.S. cities, London, and Hong Kong, Stroz Friedberg assists in managing critical risk for Fortune 100 companies as well as 80% of the AmLaw 100 and the Top 20 UK law firms. Learn more at

Sponsored Workshops

Booz Allen Hamilton is a leading provider of management consulting, technology, and engineering services to the US government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profit organizations. Booz Allen is headquartered in McLean, Virginia, employs more than 24,000 people, and had revenue of $5.76 billion for the 12 months ended March 31, 2013. To learn more, visit (NYSE: BAH)

Headquartered in San Diego, CA, Norman Shark is a global leader and pioneer in proactive security software solutions and forensics malware tools. Norman Shark offers enterprise customers a portfolio of solutions for analyzing and building defensible networks against advanced targeted attacks. Please visit for more information.

NSS Labs, Inc. is the world's leading information security research and advisory company. NSS is both an analyst firm specializing in security technologies and a testing laboratory widely recognized as the “go to” company for research and unbiased reporting. We deliver a unique mix of test-based research and expert analysis to provide our clients with the right information they need to make IT decisions. CIOs, CISOs, and information security professionals from many of the largest and most demanding enterprises rely on NSS.

Pwnie Express offers innovative, rapid-deployment penetration testing products including the Pwn Plug, the Power Pwn and the Pwn Pad. Citadel PX, our newest offering, allows pentesting for multiple branch offices. While many other security assessment products focus on depth of coverage, Pwnie Express focuses on flexibility, open core approach, and ease of deployment. Winner of SC Magazine’s Industry Innovator in 2012, Pwnie Express is pleased host 2 Sponsored Workshops for Blackhat 2013.

RiskIQ is a leading provider of enterprise security solutions beyond the firewall. The company’s proprietary technology intelligently interacts with websites and mobile applications, modeling user behavior to detect anomalies, policy violations and previously undetected threats. Armed with a purpose-built, worldwide proxy network that spans the globe, the company scans millions of web pages and mobile applications to provide enterprises with visibility and control beyond their corporate borders. As active participants of the Online Trust Alliance (OTA) and the Cloud Security Alliance (CSA), RiskIQ is at the forefront of defining security for emerging digital ecosystems. RiskIQ is headquartered in San Francisco and is backed by private-equity firm Summit Partners. To learn more about RiskIQ, visit

Spikes Inc. solves the biggest security threat facing enterprise today: malware through the browser. Employees get hacked by simply visiting infected websites that open doors into a company’s networks. Thanks to “watering hole” attacks, even white listed websites can be a threat. Spikes redefines the web browser by moving the browser off the user’s computer and outside the firewall. This paradigm shift provides unprecedented protection from malicious attacks through the browser while still providing a great user experience.

Spikes is a US based information security technology company founded by Branden Spikes, former CIO and network security architect of SpaceX and PayPal. To learn more about Spikes, go to

Tabletop Sponsors

AhnLab creates agile, integrated Internet security solutions for consumers and businesses. The businesses served range in size from SMBs to enterprise organizations. Founded in 1995, AhnLab is a global leader in security research and product development. AhnLab delivers comprehensive protection for networks, transactions, and essential services. The technology combines cloud analysis with endpoint and server resources. This delivers best-of-breed breach detection and threat prevention from advanced malware, Advanced Persistent Threats (APTs), and Denial of Service (DDoS) attacks. AhnLab solutions scale easily for high-speed networks. This multi-dimensional approach gives global protection against attacks that evade traditional security defenses.

Booz Allen Hamilton is a leading provider of management consulting, technology, and engineering services to the US government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profit organizations. Booz Allen is headquartered in McLean, Virginia, employs more than 24,000 people, and had revenue of $5.76 billion for the 12 months ended March 31, 2013. To learn more, visit (NYSE: BAH)

Bromium has pioneered new endpoint security technologies that protect enterprises from advanced threats. Rather than relying on detection to prevent attacks, Bromium leverages hardware-enforced isolation to protect endpoints from even “undetectable” threats, while providing actionable intelligence on malware behavior - enabling IT to understand attack intents and bolster existing defenses.

Checkmarx is the developer of next generation Static Code Analysis (SCA) solutions.

The company pioneered the concept of a query language-based solution for identifying technical and logical code vulnerabilities. Checkmarx provides the best way for organizations to introduce security into their Software Development Lifecycle (SDLC) which systematically eliminates software risk.

Deja vu Security, a Seattle-based security firm, focuses on helping its clients build secure solutions. It is an industry leader in secure development, security fuzz testing, embedded device security, and penetration testing. Deja vu Security’s widely adopted security fuzzing platform, Peach Enterprise Fuzzer, can help you find unknown vulnerabilities.

FileTrek provides an innovative approach to information security and forensic investigations by using worklog data of enterprise users. The solution addresses the challenges related to advanced detection of risk and data loss by effectively tracking and maintaining control over sensitive unstructured information and intellectual property as it travels throughout the extended enterprise.

Lastline protects networks against target attacks, APT’s, and zero-day targeted attacks across all threat vectors. Lastline’s malware defense solution performs high-resolution analysis of incoming threats and outgoing network traffic, and combines this with active discovery of the threat landscape (the malscape.) The result is actionable threat intelligence that enables effective remediation.

Using its consulting team's deep security knowledge and its own CorrelatedVM vulnerability management & reporting solution, NetSPI acts as a trusted advisor to large enterprises by providing penetration testing, assessment, and advisory services designed to analyze and mitigate risks and ensure compliance with relevant regulations and industry standards. More information available at

Norse is the leading provider of live, actionable, cyber threat intelligence and solutions that enable organizations to prevent financial fraud and proactively defend against today’s most advanced cyber threats. Norse’s live global threat intelligence platform is a patent-pending infrastructure-based technology that continuously collects and analyzes live high risk Internet traffic identifying the sources of cyber attacks and fraud.

SAT secures enterprise mobile applications with adaptive authentication & real-time monitoring. Six authentication factors, real-time token proximity monitoring, one-click sign-on off-network. No coding or integration.

No more lost devices, password theft, session/device attacks... remote wipes that fail.

SAT is the Only technology that enables enterprise mobility with no compromise to security or usability:

Seculert is a comprehensive cloud-based solution for protecting organizations from advanced persistent threats (APTs). Only Seculert fully leverages the power of the cloud to keep up with the constantly-changing threat landscape and provide enterprises with a cost-effective solution for detecting, stopping and remediating advanced malware attacks throughout the organization.

Sourcefire, a world leader in intelligent cybersecurity solutions, is transforming the way global large- to mid-size organizations and government agencies manage and minimize security risks. From a next-generation network security platform to advanced malware protection, Sourcefire’s threat-centric approach provides Agile Security® for protection before, during and after an attack.

SpectorSoft is the global leader in Insider Threat Detection. More than 36,000 customers worldwide use SpectorSoft solutions daily to detect actions that threaten their business. By monitoring the source of Insider Threats – the employee with access – SpectorSoft solutions increase visibility, strengthen security, and reduce risk. Learn how we provide visibility into Insider Threats at

Boston-based Trusteer is the leading provider of endpoint cybercrime prevention solutions that protect businesses against advanced threats and prevent data breach. Hundreds of organizations and millions of end users rely on Trusteer to protect critical endpoint applications on computers and mobile devices from advanced malware and spear-phishing attacks. Trusteer’s Cybercrime Prevention Architecture combines multi-layer security software with real-time threat intelligence to stop emerging threats that are invisible to legacy security solutions.

Versafe enables financial organizations to protect their entire user base from the full spectrum of malware and online threat types, across all devices, while being fully transparent to the end-user. Instead of trying to lock down the endpoint, Versafe protects the real-time communication between end-user devices and the web and mobile application, without requiring any software download or device registration.

Association Sponsor


Panoply is a network assessment/defense competition combined into a single event. Returning for the second year, The Panoply competition is officially sanctioned by Black Hat and open exclusively to attendees. Competition conducted by the CIAS - founders of Panoply and the National Collegiate Cyber Defense Competition. For more information visit: and

The Cloud Security Alliance is a not-for-profit organization with a mission to promote best practices and industry-wide education on security assurance within Cloud Computing. Led by industry practitioners, corporations and consumers, CSA serves as an incubator for international cloud standards and is the go-to source for cloud security research and tools.

The Electronic Frontier Foundation (EFF) is the leading organization defending civil liberties in the digital world. We guard free speech online, fight illegal surveillance, support emerging technologies, defend digital innovators, and work to ensure that our rights and freedoms are enhanced, rather than eroded, as our use of technology grows.

IEEE Security & Privacy magazine provides articles with both a practical and research bent by the top thinkers in the field along with case studies, tutorials, columns, and in-depth interviews and podcasts for the information security industry.

(ISC)² is the largest not-for-profit membership body of certified information and software security professionals worldwide, with nearly 90,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the requirements of ISO/IEC Standard 17024. (ISC)² offers education programs and services based on its CBK®, a compendium of information security topics. Visit

The Information Systems Security Association (ISSA)® is dedicated to developing and connecting cybersecurity leaders globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure. Join one of ISSA’s 150 chapters today.

MITRE's "Making Security Measurable" cybersecurity effort provides standards-based building blocks for transforming security in the enterprise. Through development and adoption of standardized enumerations, establishment of languages and interface standards for conveying information amongst tools and organizations, and by sharing security guidance and measurement goals with others by encoding them in these standardized languages and concepts, organizations across the world can dramatically change their security posture, vendor independence and flexibility. Come visit us to learn more about MITRE's community efforts: CVE®, OVAL™, CAPEC™, CWE™, MAEC™, STIX™, CybOX™, and TAXII™ initiatives. More information available at

The OWASP Foundation is a worldwide not-for-profit organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.

Media Sponsors

The Ethical Hacker Network Online Magazine provides the best source for advancing careers in ethical hacking. Great columns, tutorials, book reviews, course reviews, certification info, interviews, Free Monthly Giveaways worth $1000s, a Global Calendar of Events and Community Forums. Want to hack for a living? Join EH-Net and get involved!

For any digital distribution, our link is

InfoSec News is one of the longest running and most respected security news sites. The site's focus is the distribution of information security news articles from a variety of sources including newspapers, magazines, and various online resources.

Arsenal Sponsor

NETpeas is the leading provider of the First Marketplace Cloud-based Multi-Engines Vulnerability Management Service.

COREvidence™ integrates solutions & services to create a single access. Customers have access to Technology Leaders in Vulnerability Management, Compliance and IT Monitoring. COREvidence™ combines astonishing benefits as flexibility of and accurate scanning using Multiple Engines and Unified straight-to-the-point deliverables.

Wireless Provider

Xirrus is the leading provider of high-performance wireless networks. Xirrus solutions perform under the most demanding circumstances, offering consistent “wired-like” performance with superior coverage and security. The Xirrus suite of WI-FI optimized solutions -- Arrays, access points, cloud services, and wired switches -- provide seamless connectivity and unified management across the network. Please visit for more information.

Conference-At-A-Glance Sponsor

High-Tech Bridge is a leading penetration testing and ethical hacking company in Europe according to Frost & Sullivan's market research performed in 2012. High-Tech Bridge has recently introduced ImmuniWeb® - innovative hybrid SaaS solution for web application security assessment.

ImmuniWeb® enables one to assess his website in simple, efficient, reliable and cost-affordable manner.