Well, it's almost BlackHat time. Here are my picks so far for Day 1. As you can see, I still haven't narrowed it down completely.

11:15-12:30 Option 1: Dan Kaminsky, "DNS Goodness". On one hand, the DNS vulnerability is already public; on the other hand, the talk will probably still be interesting even if the 0day hype is missing. Option 2: Nate Lawson, "Highway to Hell: Hacking Toll Systems". My formal education and early work was in Electrical Engineering, so I'm always interested in hardware talks. I haven't touched a soldering iron in years so I have to live vicariously through people like Nate.

13:45-15:00 Option 1: Chris Hoff, "The Four Horsemen of the Virtualization Security Apocalypse". I haven't been paying enough attention to virtualization security and I think this talk will be quite informative. Option 2: Danny Quist and Colin Ames, "Temporal Reverse Engineering". Sounds like an interesting approach.

15:15-16:30 Option 1: Hovav Shacham, "Return-Oriented Programming: Exploits Without Code Injection". The topic sounds pretty straightforward conceptually but it will be interesting to see the implementation. Option 2: Tom Stracener and Robert Hansen, "Xploiting Google Gadgets: Gmalware and Beyond". Not expecting any huge revelations on this one but it's likely to be entertaining.

18:00-19:00 The Pwnie Awards. Turnout last year was kind of slim, but I bet the room will be full this year as it's been publicized more.

Day 2 picks coming soon!

FREE Security Tutorials from Veracode

Flash Security Settings
SQL Injection Tutorial
Cyber Threats
Mobile Security Threats
CRLF Injection

Veracode Security Solutions

Binary Analysis
Application Testing
Software Security

Veracode Data Security Resources

Data Leaks
Secure Data
Data Breach

About Chris Eng

Chris Eng, vice president of research, is responsible for integrating security expertise into Veracode’s technology. In addition to helping define and prioritize the security feature set of the Veracode service, he consults frequently with customers to discuss and advance their application security initiatives. With over 15 years of experience in application security, Chris brings a wealth of practical expertise to Veracode.

Comments (0)

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.