Headline
Announcing the BlueHat v18 Schedule
Where did the summer go? This year the BlueHat Security Conference moved forward in the schedule to late September. Next year it will settle into a steady orbit of early October moving forward. With that change in schedule, it is hard to believe that it is time to reveal the schedule for BlueHat v18.
Where did the summer go? This year the BlueHat Security Conference moved forward in the schedule to late September. Next year it will settle into a steady orbit of early October moving forward. With that change in schedule, it is hard to believe that it is time to reveal the schedule for BlueHat v18. We had nearly one hundred fifty submissions spanning the gamut of security topics and presenters. That made for some tough choices for the content advisory board and a schedule that will leave wishing you could be in multiple talks at the same time. On behalf of the content advisory board, I want to thank everyone who submitted a paper for consideration. There were a lot of great ideas, but we could not put all of them on stage for this instance of BlueHat. We look forward to continuing the security conversation with you in the future.
Microsoft is proud to announce the schedule for the BlueHat v18 Security Conference.
Wednesday, September 26, 2018 | General Audience
TRACK
Time
Speaker
Company
Talk Subject
KEYNOTE
9:00 – 9:50 AM
Chris Deibler
Twitch
Surviving Cynicism and Building Happy Security Teams
Track 1 – On the Frontier
10:00 – 10:50 AM
Tim MalcomVetter
Walmart
“If we win, we lose”
11:00 – 11:50 AM
Karen Easterbrook
Brian LaMacchia
Microsoft
Record Now, Decrypt Later: Future Quantum Computers Are A Present Threat
Track 1 – Mitigating Attack Classes
1:00 – 1:50 PM
Arshan Dabirsiaghi
Matt Austin
Contrast Security
DEP for the Application Layer – Time for AppSec to Grow Up
2:00 – 2:50 PM
Mingbo Zhang
Saman Zonouz
Rutgers University
A mitigation for kernel TOCTOU vulnerabilities
3:30 – 4:00 PM
Yunhai Zhang
NSFOCUS
Mitigation Bypass: The Past, Present, and Future
4:10 – 5:00 PM
Jordan Rabet
Microsoft
Hardening Hyper-V Through Offensive Security Research
Track 2 – It is all about the Data
10:00 – 10:50 AM
Matti Neustadt Storie
Alex Harmon
Chris Mills
Microsoft
The Law of Unintended Consequences: GDPR Impact on Cybersecurity Readiness and Response
11:00 – 11:50 AM
Gabriel Kirkpatrick
Microsoft
Securely Handling Data in Marginalized Communities
Track 2 – Observations in the Wild
1:00 – 1:50 PM
Fabio Assolini
Kaspersky Lab
Shoot first, ask later: strategies to defend the most phished country in the world
2:00 – 2:50 PM
Luke Jennings
Countercept
Memory Resident Implants – Code Injection is Alive and Well
3:30 – 4:00 PM
Elia Florio
Microsoft
Software Supply Chain attacks in 2018: predictions vs reality
4:10 – 5:00 PM
Dana Baril
Alan Chan
Microsoft
May I see your credentials, please?
Track 3 – Secure Development
10:00 – 10:50 AM
Everett Maus
Microsoft
Go Build A Tool: Best Practices for Building a Robust & Effective Developer Security Tooling
11:00 – 11:50 AM
David Hurley
Bryan Jeffrey
Naveed Ahmad
Microsoft
Improving Security Posture through Increased Agility with Measurable Effectiveness at Scale
Track 3 – Towards a Better Ecosystem
1:00 – 1:50 PM
Mechele Gruhn
Microsoft
MSRC Listens
2:00 – 2:50 PM
Bobby O’Brien
Jan Neutze
Ginny Badanes
Microsoft
Cybersecurity for the Defense of Democracy
3:30 – 4:00 PM
Emily Schecter
Evolving Chrome’s Security Indicators
4:10 – 5:00 PM
Brian Gorenc
Trend Micro
Modern Day Entomology – Examining the Inner Workings of the Bug Bazaar
Thursday, September 27, 2018 | General Audience
TRACK
Time
Speaker
Company
Talk Subject
Track 1 – The Battle on the Box
9:00 – 9:50 AM
Anthony LAOU HINE TSUEI
Peter Hlavaty
Tencent
WSL reloaded: let’s try to do better fuzzing
10:00 – 10:50 AM
Zhuo Ma
Tencent
Massive Scale USB Device Driver Fuzz WITHOUT device
11:00 – 11:50 AM
Matt Oh
Microsoft
Return of the kernel rootkit malware (on Windows 10)
Track 1 – Machine Learning & AI In Practice
1:00 – 1:50 PM
Geoff McDonald
Moustafa Saleh
Microsoft
Badly behaving scripts: Meet AMSI script behavior instrumentation and machine learning
2:00 – 2:50 PM
Jugal Parikh
Holly Stewart
Microsoft
Protecting the Protector, Hardening machine learning defenses against adversarial attacks
3:30 – 4:00 PM
Naveed Azeemi Ahmad
Samuel Crisanto
Microsoft
Crafting synthetic attack examples from past cyber-attacks for applying Supervised Machine Learning in Cyber Defense.
4:10 – 5:00 PM
Abhishek Singh
Aditya Joshi
Microsoft
Linear Time Shellcode Detection Using State Machines and Operand Analysis on the Runtime
Track 2 – Exploiting Hardware Safeguards
9:00 – 9:50 AM
Andrea Allievi
Microsoft
Retpoline – the Anti-spectre type 2 Mitigation in Windows
10:00 – 10:50 AM
Jean-Ian Boutin
Frédéric Vachon
ESET Corporation
First STRONTIUM UEFI Rootkit Unveiled
11:00 – 11:50 AM
Olle Segerdahl
Pasi Saarinen
F-Secure
An ice-cold Boot to break BitLocker
Track 2 – Cloud
1:00 – 1:50 PM
Zisis Sialveras
Census Labs
Straight Outta VMware: Modern exploitation of the SVGA device for guest-to-host escapes
2:00 – 2:50 PM
Ross Bevington
Microsoft
The Matrix has you – protecting Linux using deception
3:30 – 4:00 PM
Mathias Scherman
Microsoft
Malicious User Profiling Using a Deep Neural Net
4:10 – 5:00 PM
Jiangping Xu
Microsoft
Scaling Security Scanning
Track 3 – Behind the Attacks
9:00 – 9:50 AM
Christiaan Beek
Jay Rosenberg
McAfee & Intezer Labs
The Hitchhiker’s Guide to North Korea’s Malware Galaxy
10:00 – 10:50 AM
Matthieu Faou
ESET Corporation
A Turla Gift: Popping calc.exe by sending an email
11:00 – 11:50 AM
Francisco Donoso
Randori
Killsuit: The Equation Group’s Swiss Army Knife for Persistence, Evasion, and Data Exfil
Track 3 – Front Line with Threat Intelligence
1:00 – 1:50 PM
Kyle Wilhoit
Palo Alto Networks
False Flag Foibles: Imitating Nation State Actors and Criminals to Befuddle Media and Researchers
2:00 – 2:50 PM
Jagadeesh Parameswaran
Rahul Sachan
Microsoft
Tales from the SOC: Real-world Attacks Seen Through Azure ATP and Windows Defender ATP
3:30 – 4:00 PM
Adam Weidemann
Ben Koehl
Microsoft
MSTIC Threat Intelligence Year In Review
4:10 – 5:00 PM
Dave Hartley
William Knowles
MWR InfoSecurity
Overt Command & Control: The Art of Blending In
Planning for the conference is well underway. The addition of a workshop day gives participants a chance to mingle and learn together. We are excited to offer a Blackhoodie Reverse Engineering Workshop as part of that day (more here: https://www.blackhoodie.re/Blackhoodie-Bluehat/). Other workshops include threat intelligence workshop and capture the flag competition.
We continue of theme journey through the looking glass as we debut the King of Hearts (sneak a peek here: https://twitter.com/phillip_misner/status/1011410310677200896). For external community members this is an invite-only conference. The initial round of external invites will go out later today with details on how to register and the timeframe for response. The registration site is live for external participants.
Keep watching here for more updates as we get closer to the event.
About BlueHat About BlueHat
BlueHat v18 is a three-day security conference for general audiences. This year that will include two days of conference talks across three tracks and a workshop day. It will be held September 25-27, 2018 at the Microsoft Conference Center here in Redmond. This year will expect over one thousand people in person. The conference is open to invited external guests and Microsoft employees and contingent staff. More details on logistics and about the conference will be posted throughout the summer and fall here on the BlueHat blog. Check back to get the latest here. We look forward to hearing from you and meeting you again in September.
Phillip Misner,
Principal Security Group Manager, MSRC