BlackHat stopped in Barcelona for the 2011 European edition. Second time at the same place, the “Palau de Congressos de Catalunya“. Same format as the previous editions: two days of trainings and two days of briefings. Strange, lot of trainings were canceled! Is it due to the crisis and less registrations?
I’m following “The Web Application Hacker’s Handbook” based on the book of the same name. The trainings follows exactly the book chapters with a lot of hands-on using BurpSuite. The first day ended with the exercises about the SQL injection techniques. Very hard at the end of the day for my brain! It will require a second lecture and more practice!
This year, I’ll present a workshop with Wim Remes about our favorite topic: log management and especially OSSEC. If you find this topic interesting, feel free to join us if you’re attending the conference. Regarding the briefings, here is my first selection:
- Defying Logic – Theory, Design, and Implementation of Complex Systems for Testing Application Logic (Rafal Los)
- Escaping From Microsoft Windows Sandboxes (Tom Keetch)
- Web Application Payloads (Andrés Riancho)
- Fuzzing and Debugging Cisco IOS (Sebastian Muniz & Alfredo Ortega)
- Stuxnet Redux: Malware Attribution & Lessons Learned (Tom Parker)
- Among the blind, the squinter rules : Security visualization in the field (Wim Remes)
- Attacking Microcontroller Environments from a Software Perspective(Don Bailey)
- Attacking and Defending the Smart Grid (Justin Searle)
- Monoculture – the other side (Damir Rajnovic)
I’ll tweet during the talks and write wrap-ups on this blog. Stay tuned! If you’d like to meet, let me know!
Anton,
I don’t believe we did anything special to do that. As Xavier indicated I gave the McGyver SIEM webcast back in October 2010, after that the organizers asked if I wanted to do a workshop based on that presentation. Accidentally my talk submission was also accepted. I think we had an interesting crowd for the workshop and even though they scheduled me against FX, I had a good turn out for my talk. From the feedback I got, this is something people are really fighting with! Data acquisition, normalization, analysis and reporting (including but not limited to metrics) is something people find interesting and want to get better at. Note that a lot of the work I have done started from work that you and people like Raffael Marty have done and the decade-long fight it has taken. Next up is a specific track in Vegas
Hello Anton,
Thank you for the feedback! In fact, they contacted Wim (we performed the workshop both) after he gave a BlackHat webcast about SIEM!
How on earth did you manage to sneak logs to BlackHat? I’ve been trying for nearly 10 years with 100% fail result. In any case, congratulations on doing that log/OSSEC workshop!