My take on Black Hat conferences and the big absence: The Cloud Platform

Updated: Jun 9, 2019



Let me just start by saying that I don't usually write articles; so please excuse me for any mistakes you might encounter (or let me know so I can correct them).


I have been considering writing something about Black Hat since last year's event but I thought I'd experience a few more of the conferences before expressing my opinion.


First of all I went to Black Hat EU with a lot of expectation last year...and, despite the fact I've attended a few security conferences, the quality of the conference and the talks really surprised me.

So this year I decided to step up my game and also visit Black Hat USA...and let me say, it was BIG...but the content was somewhat different from the European one (I'll refer to the Black Hat conferences 2016 from now)


The major differences that I noticed between Black Hat USA and EU was the variety of subjects and how much the "take home" notes were applicabile to my day to day job (note that your view might be slightly different if you are more into pen testing, instead of architecture like me).


I found the Black Hat USA briefings much more applicable to the day to day work in a security practice while the talks in the EU one were somewhat more accademic and abstract, more applicable to a research environment.


Black Hat USA was more focused on the cloud subject where in the European counterpart the cloud was almost not present at all.


Staying on the subject of the cloud, I felt that Amazon and AWS was the big winner in the cloud competition (and this is just my personal opinion). Throughout the conference I had the feeling that AWS was being regarded as the de-facto standard for cloud platform and the talks were focused on how to exploit its weakness. But, Azure IAAS, PAAS and SAAS were absolutely absent.



credits: pictures from presentation ACCOUNT JUMPING POST INFECTION PERSISTENCY & LATERAL MOVEMENT IN AWS Dan Amiga (dan@fire.glass), Dor Knafo (dor@fire.glass) ]

One of the best presentations on AWS was How to maintain persistency in a compromised AWS Account as I thought it to be one of the most interesting and applicable talks on the cloud topic.

[credits: pictures from presentation ACCOUNT JUMPING POST INFECTION PERSISTENCY & LATERAL MOVEMENT IN AWS

Dan Amiga (dan@fire.glass), Dor Knafo (dor@fire.glass) 




In Black Hat EU on the other hand, Microsoft did an interesting presentation on the subject of defending an active directory environment and how to apply offending techniques to defensive strategy (cyber security judoers). This presentation was not focused on cloud specific topics (read as Azure/Office 365), but since active directory is so rooted in the fabric of Azure and Office 365 it is somehow applicable to the day to day life of a cloud defender.



Microsoft has really changed...as now they are much more security focused.


Nonetheless, in my opinion, they are still doomed by backward compatibility weaknesses.


[credits: pictures from presentation Cyber Judo: Offensive Cyber Defense Tal Be'ery (twitter @TalBeerySec) and Itai Grady (twitter @ItaiGrady ]

Last but not least the Black Hat EU location this year, the Design Business centre, felt rather awkward and very small.


I felt the location was more for architecture and design conferences rather than big security/IT conferences like the Black Hat (instead the Infosec at the Olympia had way too much space).


Maybe my judgment was a bit biased by the spaciousness of the Black Hat USA conference.





In conclusion, the two conferences felt quite diverse and with different focuses...I suppose this is a benefit.


The overall conclusion of each year is that the security defenders are always one step behind the attackers as the technology seems to be moving and developing faster than the cybersecurity practice can even grasp.


My humble opinion on this is that we should build security in the very fabric of the technology that we build without making them too expensive.


I will write another article with more details on the various talks as soon as I can and as soon as I can make sure the articles don't break any rules with Black Hat (we don't want to break any copyright laws, do we :))


Please consider this article my personal opinion and not a representation of the company or the industry I work for.


If you find anything offensive or inappropriate please let me know and I'll be happy to correct it.


Moreover English is not my native language so please excuse any typos or errors in the articles (let me know if you spot one).


Finally, on a less serious note, my hat (black) off to the merchandise as it was really nice in both locations and they had very soft but funny looking bears.



Let me know what you think, I'm open to suggestions and advice. Also let me know of any other conferences that might be interesting. I'm planning to attend BH USA and EU 17 and possibly DEFCON.


6 views

© 2020 by NSC42 LTD

  • White LinkedIn Icon
  • YouTube - White Circle
  • White Twitter Icon
  • medium logo
  • White LinkedIn Icon