Saturday, May 17, 2008

USA 08 BH Presentation Schedule Is Out!

A list of selected presentations for USA Blackhat 2008 has just come out:

The list of speakers is herein:

Overall looks the selected speakers are of high caliber and work from well known reputable security organizations. Among the speakers, it was nice to see some OWASP fellows being selected such as Ivan Ristic (0 day defense talk) as well as Jacob West of Fortify (Deep Knowledge Day 1) and Shanit Gupta of Foundstone (Turbo Talk).

I thought it was interesting to look at the speaker's company/organization representation by number of talks (No) also to have a sense on which organizations the thought leaders work for.
I also looked at speakers representing themselves as independents professionals (IP):

  1. Root Kit Arms Race: Clear Hat Consulting (2), Intel (1), IP (1), Praetorian Global (1)
  2. 0 Day:Apple(1), NM(1), Pure Hacking (1), IRM-Information Risk Management Plc (1)
  3. 0 Day Defense:Tel-Aviv University(1), OWASP-Breach Security Inc(1), Fourteenforty Research Institute, Inc (1)
  4. AppSec 1.0-2.0/Day 1: iSec Partners (1), Symantec(1), GNUCITIZEN (1)
  5. AppSec 1.0-2.0/Day 2: Secure Windows Initiative(1), Agura Digital Security(1), Offensive Computing LLC-Hexagon Security Group (1), SecNiche Security(1), HP Security Labs(1)
  6. Bots and malware:Microsoft(1), Radware(1), Shmoo Group-Ponte Technologies(1)
  7. Deep Knowledge Day 1:IP(1), Fortify(1)
  8. Deep Knowledge Day2: Ernst & Young (1)
  9. Forensics-Antiforensics:Recurity Labs(1), United States Military Academy(1), IP(1), Trustwave (1)
  10. Hardware:Hypervista Technologies(1), Intel(1),Oak Ridge National Laboratory(1)
  11. The Network:IP(1),Dartmouth College(1)
  12. Developer:Microsoft(1)
  13. OTA:IP(2), Root Labs(1), U. S. Department of Commerce (1),Aladdin Knowledge Systems (1)
  14. Virtualization:IP(3), VMware (1), Unisys (1)
  15. Reverse Engineering: Naval Postgraduate School (1), SAIC(1)
  16. Turbo Talks: Hypervista Technologies (1), IP(2),Gotham Digital Science (2), iSEC Partner(1),Foundstone(1), ETRI (1)

Among the largest organizations I see, Microsoft, Apple, Intel, Symantec, VMWare, Unisys, HP very well represented

Among the well known consulting companies I see: SAIC, Foundstone,Ernst & Young ,iSec Partners, Aladdin Knowledge Systems

Among the well known universities: United States Military Academy,Naval Postgraduate School,Tel-Aviv University,Dartmouth College

Among government/research :Oak Ridge National Laboratory,U. S. Department of Commerce

Overall looks a very threat oriented conference in the blackhat grass roots tradition. I would have welcomed more focus on the countermeasures and software security thought (the developer section as just one representation). The ones that interest me the most besides the developer (too bad only one talk) are zeroday defense, all deep knowledge day 1, all bots and malware, all OTA and some AppSec 1.0-2.0/Day 1 and the turbotalks.

I think one of the challenges when going to conferences is to choose which presentation to attend.

My criteria is to look at:
1) speakers that I know of (because I met, worked with, read about etc)
2) for the speakers that I do not know, I look at the presentation credentials from company/organization representation perspective not individual perspective
3) after 1,2 election I select the topics of my interest

That said, I hope to meet any of my blog readers/people I know of in Las Vegas on August 6 and 7.

No comments: