All Articles

Image steganography is becoming the attack vector of choice for cyber criminals. This session explains what Stegware is, how it is being used (anti-virus evasion, covert command & control channels, data exfiltration), how it works (redundant data, LS

IoT offers a plethora of new protocols and frequencies over which communication travels. Protocols and services such as SSDP, P25, Zigbee, Z-Wave, WiFi and more provide countless ways to exfiltrate data or infiltrate the network. Through real-world e

The Domain Name System is deceptively simple and often underutilized as a security tool. Once you start looking under the cover there is a wealth of detail that can be used as an early warning system to predict new targeted attacks. In this session F

IaaS clouds transformed datacenter security architecture by enabling programmatic detection of flaws, making the cloud more transparently secure than any legacy architecture. But security practitioners who assume congruence to legacy designs miss whe

Avast CTO Ondrej Vlček breaks down the sophisticated CCleaner supply-chain malware attack, providing new unpublished findings about the unique stealth, steganography and exfiltration techniques used by the attackers. Avast will dissect the malicious

Every day millions of computers perform silently a simple task with great risk exposure: download and execute code through a software updater. An updater introduces a dangerous attack surface represented by unsafe code practice, unsecure protocols or

White hat defense systems continue to improve on supervised learning sets using machine and deep learning neural networks to defend against an exploding attack surface. Zombies that require commands from botnet herders are becoming intelligent, capab

Valued at over $24 billion in total, Ether is the second largest crypto currency, only behind Bitcoin. In the last two years, cybercriminals have exploited code flaws, web app vulnerabilities and social engineering to steal over $100 million in Ether

Software security is often boiled down to the “OWASP Top 10,” resulting in an ineffective sense of what maturity-focused, comprehensive application security could be like. How then should an organization consider building a holistic program that seek

Discussion will start on web app threat model, sharing the effectiveness analysis of common app sec tools including SAST, DAST, IAST, RASP, WAF, bot detection, DB monitoring, open source scan and bin composition analysis. The discussion will cover th

Dave Hogue provided one of the first in-depth perspectives from a “Day in the Life” of NSA’s Cybersecurity Threat Operations Center (NCTOC)—the mission, threat landscape, and offer best principles for CISOs and other network defenders. Mr. Hogue equi

With many organizations using a sandbox to detonate suspicious files, many threats are implementing logic to detect sandbox environments, to alter their behavior and evade detection. This talk will highlight many real-world evasion tactics employed b

Vodafone is one of the world’s largest telecommunications companies, enabling connectivity by providing mobile, fixed and IoT networks to customers around the world. Vodafone is redefining the boundary of the SOC and sees the balance between preventi

Is your SOC overwhelmed with alerts and threats? Cyber-adversaries are wielding tools and machine power, while organizations are still trying to scale their cybersecurity with OpEx and poorly planned CapEx spending. In this session, you will learn fr

Want to detect threats in your organization? Stop reading every feed and curate your threat intel and content so they actually work for your security architecture. By managing meaningful threat intelligence so the external intel maps to internal thre

We’ve got more assets in the cloud than ever. Unfortunately, we also have less visibility and control in these environments, as well. Implementing detection and response controls that leverage cloud provider tools and controls, as well as automation

Security is overdue for actionable forecasts. Like predicting the weather, similar models should work for vulnerabilities. With some open source data and a clever machine learning model, Kenna Securities can predict which vulnerabilities attackers ar

Cloud is a new frontier that requires new architectures, higher velocity processes and crisper business-level metrics—all of which smacks security programs square in the face. This session will leverage the nearly 20 years of the speakers’ combined c

We have handpicked the best talks at RSA Conference - one of the largest IT Security Conference in the world. Following is the list of top talks on Cloud Security & Virtualization at RSA Conference USA 2018.

RSA Conference held its event in San Franci

Our editorial team has handpicked the best of the best talks at RSA Conference - one of the largest IT Security Conference in the world. Following is the list of top talks on Cloud Security & Virtualization at RSA Conference USA 2018.

RSA Conference h