Real World Code Review Using the Right Tools in the Right Place at the Right Time [MP4] [0:42:11] [2012/09/19]Vinne Liu provides a thorough and objective review of the benefits, shortcomings, and trade-offs of static code analysis tools, black box application scanners, and expert analysis. This session is…
Interview with Bryan Sullivan & Vinnie Liu[MP4] [0:06:21] [2012/09/19]Vinnie Liu provides a thorough and objective review of the benefits, shortcomings, and trade-offs of static code analysis tools, black box application scanners, and expert analysis. This session is…
Fuzzed Enough? When its OK to Put the Shears Down[MP4] [0:34:01] [2012/09/19]Jason Shirk, Lars Opstad and Dave Weinstein deliver a multi-part presentation shared between members of the SWI Tools team, discussing several aspects of Fuzzing: “How should I fuzz?”, “When have I…
Interview with Bryan Sullivan with Dave Weinstein and Jason Shirk[MP4] [0:17:53] [2012/09/19]Jason Shirk is a program manager on the SWI Tools team at Microsoft. Lars Opstad is Security group manager of the SWI Tools team, after spending the first 12 years of his Microsoft career in the…
Concurrency Attacks on Web Applications[MP4] [0:53:38] [2012/09/19]Scott Stender and Alex Vidergar of iSec Partners provide insight into the ease with which concurrency flaws can be introduced into systems, offer guidance on evaluating the security impact of such…
Interview with Bryan Sullivan with Scott Stender & Alex Vidergar[MP4] [0:08:53] [2012/09/19]Scott Stender is a founding partner of iSEC Partners, a strategic digital security organization. Alex Vidergar served as a development engineer in the United States Air Force for six years prior to…
Mitigations Unplugged[MP4] [0:42:05] [2012/09/19]Matt Miller explores the technical details of sophisticated mitigations like GS, DEP and ASLR. This presentation explores the technical details of these developments by illustrating the logical…
Interview with Bryan Sullivan & Matt Miller[MP4] [0:07:28] [2012/09/19]Matt Miller has been an active member of the security research and development community, where he focuses primarily on areas relating to exploitation technology and reverse engineering. Matt recently…
Interview with Bryan Sullivan and Adam Shostack[MP4] [0:10:18] [2012/09/19]Adam Shostack is senior program manager in the Security Engineering and Community Group at Microsoft. He is part of the Microsoft Security Development Lifecycle team, where he is responsible for…
Threat Modeling at EMC & Counterpoint: Threat Modeling at Microsoft[MP4] [0:37:44] [2012/09/19]Danny Dhillon shares details of the approach he developed to identify threats and assess risk, as well as general insights from threat modeling at EMC.
Interview with Bryan Sullivan & Danny Dhillon[MP4] [0:09:33] [2012/09/19]Danny Dhillon currently serves as part of the EMC Product Security Office where he specializes in secure design. He is the author of ACM and IEEE conference publications on securing mobile ad hoc…
SDL Sessions Keynote[MP4] [0:16:55] [2012/09/19]Scott Charney discusses using the SDL not just to describe the threats, but to explain how to implement effective engineering solutions.
Interview with Katie Moussouris & Ian Hellen[MP4] [0:14:19] [2012/09/19]Ian Hellen is a Senior Security Engineer in Windows Security Assurance (a.k.a. SWI) at Microsoft. He is working on a toolset to help determine the security risk of code. Over the past 3 years he ran…
Interview with Katie Moussouris & Richard Johnson[MP4] [0:06:56] [2012/09/19]Richard Johnson is a computer security specialist with nearly a decade of professional experience. Currently employed by Microsoft, Richard works with the Security Engineering and Communications…
Interview with Katie Moussouris with Gareth Heyes, Eduardo Vela Nava & David Lindsay[MP4] [0:11:41] [2012/09/19]David Lindsay is a security engineer with Security Innovation, an application security company. Gareth Heyes is based in the UK and specializes in Web application security. He particularly likes…
Interview with Katie Moussouris & Dan Kaminsky[MP4] [0:15:17] [2012/09/19]Dan Kaminsky is a longstanding speaker at the Black Hat Briefings. Dan has spent his entire career with Fortune 500 companies, having worked at Cisco, at Avaya, and most recently as a consultant for…
Interview with Katie Moussouris & Roelof Temmingh[MP4] [0:13:43] [2012/09/19]Born in South Africa, Roelof Temmingh worked as a developer, and later as a system architect at an information security engineering firm. At the start of 2007, Temmingh founded Paterva in order to…
Interview with Katie Moussouris & Iftach Amit[MP4] [0:11:29] [2012/09/19]With over 10 years of experience in the information security industry, Iftach Amit brings a mixture of software development, OS, network and Web security expertise to Aladdin as the Director of…
General Sessions Keynote[MP4] [0:07:59] [2012/09/19]Jon DeVaan discusses how BlueHat focuses on security and privacy issues facing the entire ecosystem.