Headline
Announcing the BlueHat v17 Schedule
September is here! The dash from the close of the call for papers to now has been amazing. We had nearly two hundred submissions spanning the gamut of security topics and presenters. The result is a solid schedule that will challenge and educate all attendees. On behalf of the content advisory board, I want to thank everyone who submitted a paper for consideration.
September is here! The dash from the close of the call for papers to now has been amazing. We had nearly two hundred submissions spanning the gamut of security topics and presenters. The result is a solid schedule that will challenge and educate all attendees. On behalf of the content advisory board, I want to thank everyone who submitted a paper for consideration. There were a lot of great ideas, but we could not put all of them on stage for this instance of BlueHat. We look forward to continuing the security conversation with you in the future.
Microsoft is proud to announce the schedule for the BlueHat v17 Security Conference.
Wednesday, November 8th, 2017 | General Audience
TRACK
Time
Speaker
Company
Talk Subject
KEYNOTE
9:00 – 9:50 AM
Merike Kaeo
Farsight Security
Keynote
Track 1 -Encrypt all the things
10:00 – 10:50 AM
Alban Diquet
Thomas Sileo
Data Theorem
Where, how, and why is SSL traffic on mobile getting intercepted? A look at three million real-world SSL incidents
11:00 – 11:50 AM
Joseph Salowey
Tableau Software
TLS 1.3 – Full speed ahead… mind the warnings – the great, the good and the bad
Track 1 – Battles in Silicon
1:00 – 1:50 PM
Alex Matrosov
Cylance
Betraying the BIOS: Where the Guardians of the BIOS are Failing
2:00 – 2:50 PM
Niek Timmers
Cristofaro Mune
Riscure B.V. &
Independent Embedded Security Consultant
KERNELFAULT: R00ting the Unexploitable using Hardware Fault Injection
3:00 – 3:50 PM
Rob Turner
Qualcomm Technologies
Raising the Bar: New Hardware Primitives for Exploit Mitigations
4:00 – 4:50 PM
Gunter Ollmann
Microsoft
Extracting Secrets from Silicon – A New Generation of Bug Hunting
Track 2 – Hey Microsoft, you got it wrong!
10:00 – 10:50 AM
Casey Smith
Red Canary
You Are Making Application Whitelisting Difficult
11:00 – 11:50 AM
Yong Chuan Koh
MWR Infosecurity
Corrupting Memory in Microsoft Office Protected-View Sandbox
Track 2 – Advancing products meet the new threats
1:00 – 1:50 PM
Saruhan Karademir
David Weston
Microsoft
Securing Windows Defender Application Guard
2:00 – 2:50 PM
Mark Wodrich
Jasika Bawa
Microsoft
Mitigations for the Masses: From EMET to Windows Defender Exploit Guard
3:00 – 3:25 PM
Dean Wells
Microsoft
Don’t let your virtualization fabric become the attack vector
3:30 – 3:55 PM
Jonathan Birch
Microsoft
Dangerous Contents – Securing .Net Deserialization
4:00 – 4:50 PM
Filippo Seracini
Lee Holmes
Microsoft
Born secure. How to design a brand new cloud platform with a strong security posture
Thursday, November 9th, 2017 | General Audience
TRACK
Time
Speaker
Company
Talk Subject
Track 1 – I swear it wasn’t me!
9:00 – 9:50 AM
Kymberlee Price
Sam Vaughan
Microsoft
Down the Open Source Software Rabbit Hole
10:00 – 10:50 AM
Sean Metcalf
Trimarc
Active Directory Security: The Journey
11:00 – 11:50 AM
Alex Ionescu
Crowdstrike
Baby’s First Bounty: Lessons from bypassing Arbitrary Code Guard
Track 1 – Cloud Chasing
1:00 – 1:50 PM
Nate Warfield
Ben Ridgway
Microsoft
All your cloud are belong to us; hunting compromise in Azure
2:00 – 2:25 PM
Oran Brill
Tomer Teller
Microsoft
Go Hunt: An automated approach for security alert validation
2:30 – 2:55 PM
Matt Swann
Microsoft
Scaling Incident Response – 5 keys to successful defense at scale
3:00 – 3:50 PM
Greg Foss
LogRhythm
PIE – An Active Defense PowerShell Framework for Office365
4:00 – 4:50 PM
Mathias Scherman
Daniel Edwards
Tomer Koren
Microsoft
Leveraging Honeypots to Train a Supervised Model for Brute-Force Detection
Track 2 – Phishing for Trust
9:00 – 9:50 AM
Billy Leonard
10 Years of Targeted Credential Phishing
10:00 – 10:50 AM
Alex Weinert
Dana Kaufman
Microsoft
Account Compromise 2017: in the Trenches with the Microsoft Identity Security and Protection Team
11:00 – 11:50 AM
Yacin Nadji
Georgia Institute of Technology
28 Registrations Later: Measuring the Exploitation of Residual Trust in Domains
Track 2 – Attacking Products
1:00 – 1:50 PM
Lei Shi
Mei Wang
Qihoo 360
Out of The Truman Show: VM escape in VMware gracefully
2:00 – 2:50 PM
Matt Nelson
SpecterOps
“_____ Is Not a Security Boundary.” Things I Have Learned and Things That Have Gotten Better from Researching Microsoft Software
3:00 – 3:50 PM
Alexander Chistyakov
Kaspersky Lab
Detection is not a classification: reviewing machine learning techniques for cybersecurity specifics
4:00 – 4:50 PM
Andrea Lelli
Microsoft
WannaCrypt + SMBv1.0 vulnerability = One of the most damaging ransomware attacks in history
Track 3 -Threat Intelligence
9:00 – 9:50 AM
Nick Anderson
Detecting compromise on Windows endpoints with osquery
10:00 – 10:50 AM
Brian Hooper
Jagadeesh Parameswaran
Microsoft
Tales from the SOC: Real-world Attacks Seen Through Defender ATP
11:00 – 11:50 AM
Mark Parsons
Microsoft
Using TLS Certificates to Track Activity Groups
1:00 – 1:50 PM
Chaz Lever
Georgia Institute of Technology
A Lustrum of Malware Network Communication: Evolution and Insights
2:00 – 2:50 PM
Andrew Brandt
Symantec
Dyre to Trickbot: An inside look at TLS-encrypted command-and-control traffic
3:00 – 3:25 PM
Alexis Dorais-Joncas
Thomas Dupuy
ESET
Sednit Reloaded: The Bears’ Operations From Christmas to Halloween
3:30 – 4:50 PM
Chuck McAuley
Ixia Communications
Disrupting the Mirai Botnet
****View full Conference Agenda and Talk Abstracts** **View full Conference Agenda and Talk Abstracts****
Planning for the conference is well underway. This year we have secured the entire conference center so that we can accommodate even more participants. For external community members this is an invite-only conference. The initial round of external invites will go out later today with details on how to register and the timeframe for response. The registration site is live for external participants. Keep watching here for more updates as we get closer to the event.
About BlueHat About BlueHat
BlueHat v17 is a two-day security conference for general audiences. It will be held November 8-9, 2017 at the Microsoft Conference Center here in Redmond. This year will see a larger event, over one thousand people expected in person, as BlueHat welcomes partners from the Microsoft Security Response Alliance Summit. The conference is open to invited external guests and Microsoft employees and contingent staff. More details on logistics and about the conference will be posted throughout the summer and fall here on the BlueHat blog. Check back to get the latest here. We look forward to hearing from you and meeting you again in November.
Phillip Misner,
Principal Security Group Manager, MSRC
BlueHatv17-Survey-Completion-Give-Away-Rules-And-Winners