Announcing the BlueHat 2024 Sessions
2024-10-22 15:0:0 Author: msrc.microsoft.com(查看原文) 阅读量:1 收藏

34 sessions from 54 presenters representing 20 organizations!

We are thrilled to reveal the lineup of speakers and presentations for the 23rd BlueHat Security Conference, in Redmond WA from Oct 29-30.  

This year’s conference continues the BlueHat ethos and Secure Future Initiative mission of “Security Above All Else”.

Security researchers and responders from inside and outside of Microsoft will gather on the Microsoft campus in Redmond, WA to share, debate, and challenge each other, with the shared goal of creating a safer and more secure world for all.

For those unable to attend in-person sessions will be available to view on demand in the weeks following the conference.

Please note that session times and order are still subject to change. The final schedule will be published and provided to attendees in advance of the conference.

Day 1, Tuesday, October 29, 2024
Keynote: Chris Wysopal (Weld Pond)
Co-founder & Chief Security Evangelist, Veracode
Track A: Cloud & Identity Security Track B: OS & App Security
The two sides of UnOAuthorized Presented by Eric Woodruff from Semperis and Cameron Vincent from Microsoft DCOM Research for Everyone! Presented by James Forshaw from Google
Tokens & Takeovers: Cloud-Powered Supply Chain Attacks Presented by Nitesh Surana from Trend Micro and Gaurav Mathur from Microsoft Outlook Unleashing RCE Chaos CVE-2024-30103 & CVE-2024-38021 & CVE-2024-38173 Presented by Michael Gorelik from Morphisec
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD Presented by Cymulate Pointer Problems – Why We’re Refactoring the Windows Kernel Presented by Joe Bialek from Microsoft
Lightning Talks
World of Scams - A systematic analysis of online scams using the Scam Tactics and Techniques Framework Presented by Amit Tambe from F-Secure
A Security Engineer’s Journey: Creating a Developer-Friendly Security Tool Presented by Susan Krkasharian from Microsoft
My Best Frenemy: A Synergy Between Red Team and Blue Team in Oracle's SaaS Security Presented by Svetlana Gaivoronski and David B. Cross from Oracle
Lessons Learned: Scaling Out Securing Open Source Presented by Zachary Steindler from Microsoft
Entitlements on macOS and why they matter Presented by Yves Younan from Cisco Talos
Creating a Transparent Cloud Industry Presented by Justin T Mourfield and Sesha Machiraju from Microsoft How Microsoft is Scaling DAST Presented by Jason Geffner from Microsoft
Echoes of Intrusion: Demystifying MS Graph API Attacks Presented by Miriam Wiesner from Microsoft When the Levee Breaks: Exposing Critical Flaws in Wi-Fi Camera Ecosystems Presented by Mark Mager and Eric Forte from Elastic
Deprecating Azure AD Graph API is Easy and Other Lies We Tell Ourselves Presented by Nestori Syynimaa from Microsoft Sweet QuaDreams or Nightmare Before Christmas? Dissecting an iOS 0-day Presented by Christine Fossaceca from Microsoft and Bill Marczak from Citizen Lab
Day 2, Wednesday, October 30, 2024
Keynote: Amanda Silver
CVP & Head of Product, Developer Division, Microsoft
Track C: Threat Hunting & Intel Threat D: AI & ML Security
Patterns in the Shadows: Scaling Threat Hunting and Intelligence for Modern Adversaries Presented by Mark Parsons and Colin Cowie from Sophos Lessons Learned from Red Teaming 100 Generative AI Applications Presented by Ram Shankar Siva Kumar and Blake Bullwinkel from Microsoft
Scaling AppSec With an SDL for Citizen Development Presented by Michael Bargury from Zenity/OWASP and Don Willits from Microsoft Isolation or Hallucination? Hacking AI Infrastructure Providers for Fun and Weights Presented by Hillai Ben-Sasson and Sagi Tzadik from Wiz
Embedding Sysmon Logs for Enhanced Threat Detection: A Practical Approach to Using RAG in Cybersecurity Presented by Jose Rodriguez from George Mason University Breaking LLM Applications - Advances in Prompt Injection Exploitation Presented by Johann Rehberger from embracethered.com
Lightning Talks
Getting "In Tune" with an Enterprise: Detecting Microsoft Intune Lateral Movement Presented by Brett Hawkins from IBM
AI's got Muffins- the RAG-a-muffins!!! Presented by Vivek Vinod Sharma from Microsoft
Ransomware Resilience: Turning the Tide Against Cyber Extortion Presented by Tom Williams from True Zero Technologies
SafeChatAI: Enhancing Cybersecurity Awareness Using Artificial Intelligence Presented by Ayobami Olatunji from Microsoft
Firmware Security: The Middle Child of Security Presented by Nithin Sade from Google
Three Decades of Network Security Evolution Presented by Vern Paxson from Corelight PyRIT: From LLM Security Research to Practical Attacks Presented by Richard Lundeen from Microsoft
MSTIC Ghost Stories - A Threat Intelligence Year in Review Presented by Rachel Giacobozzi from Microsoft SLIP: Securing LLMs IP Using Weights Decomposition Presented by Adam Hakim from Microsoft
Minting Silver Bullets is Challenging Presented by Josh Brown-White from Microsoft Automate AI Red Teaming in your existing tool chain with PyRIT Presented by Joris de Gruyter and Shiven Chawla from Microsoft

To join the conversation and follow along with BlueHat 2024 please follow us on X/Twitter @MSFTBlueHat and on LinkedIn at aka.ms/MSRC-LinkedIn

Looking forward to seeing you all at BlueHat!

Nic Fillingham, BlueHat Program Manager


文章来源: https://msrc.microsoft.com/blog/2024/10/announcing-the-bluehat-2024-sessions/
如有侵权请联系:admin#unsafe.sh