Mandiant @ Black Hat USA 2013

In just a few short weeks we’ll be boarding a flight to Las Vegas,
NV for Black Hat USA 2013. In
addition to clothes and toiletries, I want to make sure you go to
the annual conference with a full
list of Mandiant’s activities at the show.

Black Hat Exhibitor Floor:

Visit Mandiant
at booth #325
Pick-up a t-shirt and talk to some Mandiant
folks

Reception:

M After Dark

July 30, 2013
7:00 – 9:00 PM
Shadow Bar,
Caesars Palace
Register to attend: http://connect.mandiant.com/Mafterdark-BlackHat-2013

Join
Mandiant for an unforgettable evening at the famed Shadow Bar, in
Caesars Palace. The evening will showcase silhouetted performances
by the shadow dancers, and libations will be served up by the venues
world-class bartenders who are known to juggle bottles, toss limes,
twirl glasses and even do back-flips.

Books & Beer Signing:

Richard Bejtlich: "The Practice of Network Security Monitoring"

Wednesday, July 31
4:30 – 5:00 PM
M Lair:
Verona Room, The Promenade Level

Book signing with
Richard Bejtlich for his new release, "The Practice of
Network Security Monitoring", and happy hour. The first five
people in line for the book signing will win an invitation to a very
special VIP dinner with Richard Bejtlich and Michael Sikorski, and
will receive a free copy of their books. The first 30 people in line
receive a FREE copy of Richard’s book!

Michael Sikorski: "Practical Malware Analysis"

Thursday, Aug 1
4:30 – 5:00 PM
M Lair: Verona
Room, The Promenade Level

Book signing with
Michael Sikorski for his 2012 release, "Practical
Malware Analysis", and happy hour. The first 30 people in line
receive a FREE copy of Michael’s book!

A Day in the Life Presentations

Mandiant Labs (M-Labs)

Wednesday, July 31
12:45-1:30 PM

Mandiant’s Michael Sikorski and Stephen Davis will walk attendees
through a typical day for a malware analyst and how they have
successfully integrated machine learning into their research.

Mandiant MCIRT Analysts

Thursday, August 1
12:45 – 1:30 PM

Mandiant’s James Condon and Mike Scutt will walk attendees
through a typical day as an MCIRT Analyst, using an attack scenario
to highlight the tools and processes used by MCIRT Analysts to
successfully investigate a compromise.

Arsenal:

IOCWriter_11

Presented by William (Will) Gibb

Thursday, August 1
10:00 AM – 12:30 PM
Station
7

With the impending release of the OpenIOC 1.1 format
for sharing threat intelligence, Mandiant will be releasing a set of
open source tools for creating and manipulating OpenIOC objects and
moving data in and out of the OpenIOC format.

Demonstrations
will cover how the tools can be used to create and modify OpenIOC
documents, show how it is possible to store Snort and Yara
signatures in OpenIOC format and convert those OpenIOC documents
back into their native formats. In addition, the integration of
these tools into other open source applications will be demonstrated
with tools that can automatically extract IOCs from unstructured
content.

Mandiant Redline™

Presented by Theodore (Ted) Wilson

Thursday, August 1
12:45 – 3:15 PM
Station
7

Redline,
Mandiant’s premier free tool, provides host investigative
capabilities to users to find signs of malicious activity through
memory and file analysis, and the development of a threat assessment
profile. With Redline, users can:

– Thoroughly audit and
collect all run processes, audit data, and memory images.

–
Analyze and view imported audit data, including narrowing and
filtering results around a given timeframe using Redline’s –
Timeline functionality with the TimeWrinkle™ and TimeCrunch™
features.

– Streamline memory analysis with a proven workflow
for analyzing malware based on relative priority.

– Identify
processes more likely worth investigating based on the Redline
Malware Risk Index (MRI) score.

– Perform Indicator of
Compromise (IOC) analysis. Supplied with a set of IOCs, the Redline
Portable Agent is automatically configured to gather the data
required to perform the IOC analysis and an IOC hit result
review.

OWASP Broken Web

Presented by Chuck Willis

Thursday, August 1
12:45 – 3:15 PM
Station
8

The Open Web Application Security Project (OWASP)
Broken Web Applications project (www.owaspbwa.org) provides a free
and open source virtual machine loaded with web applications
containing security vulnerabilities. This session will showcase the
project VM and exhibit how it can be used for training, testing, and
experimentation by people in a variety of roles.

Demonstrations will cover how the project can be used by
penetration testers who discover and exploit web application
vulnerabilities, by developers and others who prevent and defend
against web application attacks, and by individuals who respond to
web application incidents. New features and applications in the
recently released version 1.1 of the VM will also be
highlighted.

Let us know if you’ll be at Black Hat USA
2013!

Print Share Comment Cite Upload Translate

APA

() » Mandiant @ Black Hat USA 2013. Retrieved from https://www.truth.cx/2013/07/17/mandiant-black-hat-usa-2013/.

MLA

" » Mandiant @ Black Hat USA 2013." - , https://www.truth.cx/2013/07/17/mandiant-black-hat-usa-2013/

HARVARD

» Mandiant @ Black Hat USA 2013., viewed ,

VANCOUVER

- » Mandiant @ Black Hat USA 2013. [Internet]. [Accessed ]. Available from: https://www.truth.cx/2013/07/17/mandiant-black-hat-usa-2013/

CHICAGO

" » Mandiant @ Black Hat USA 2013." - Accessed . https://www.truth.cx/2013/07/17/mandiant-black-hat-usa-2013/

IEEE

" » Mandiant @ Black Hat USA 2013." [Online]. Available: https://www.truth.cx/2013/07/17/mandiant-black-hat-usa-2013/. [Accessed: ]

Select a language:

<div class="c00 c00v1">
 In just a few short weeks we'll be boarding a flight to Las Vegas,
 NV for <a 
 href="http://www.blackhat.com/us-13/">Black Hat USA 2013</a>. In
 addition to clothes and toiletries, I want to make sure you go to
 the annual conference with a <a 
 href="https://www.mandiant.com/events/event/black-hat-usa">full
 list of Mandiant's activities at the show</a>. 
 
 Black Hat Exhibitor Floor: <ul> <li>Visit Mandiant
 at booth #325</li> <li>Pick-up a t-shirt and talk to some Mandiant
 folks</li> </ul> 
   
 
 
 Reception: <ul> <li>
 M After Dark
 July 30, 2013 7:00 - 9:00 PM Shadow Bar,
 Caesars Palace Register to attend: <a 
 href="http://connect.mandiant.com/Mafterdark-BlackHat-2013">http://connect.mandiant.com/Mafterdark-BlackHat-2013</a></li>
 </ul> 
 <a 
 href="http://connect.mandiant.com/Mafterdark-BlackHat-2013">Join</a>
 Mandiant for an unforgettable evening at the famed Shadow Bar, in
 Caesars Palace. The evening will showcase silhouetted performances
 by the shadow dancers, and libations will be served up by the venues
 world-class bartenders who are known to juggle bottles, toss limes,
 twirl glasses and even do back-flips. 
 
 Books & Beer Signing: <ul> <li>
 Richard Bejtlich: "The Practice of Network Security Monitoring"
 Wednesday, July 31 4:30 - 5:00 PM M Lair:
 Verona Room, The Promenade Level</li> </ul> Book signing with
 Richard Bejtlich for his new release, "The Practice of
 Network Security Monitoring", and happy hour. The first five
 people in line for the book signing will win an invitation to a very
 special VIP dinner with Richard Bejtlich and Michael Sikorski, and
 will receive a free copy of their books. The first 30 people in line
 receive a FREE copy of Richard's book! <ul> <li>
 Michael Sikorski: "Practical Malware Analysis"
 Thursday, Aug 1 4:30 - 5:00 PM M Lair: Verona
 Room, The Promenade Level</li> </ul> Book signing with
 Michael Sikorski for his 2012 release, "Practical
 Malware Analysis", and happy hour. The first 30 people in line
 receive a FREE copy of Michael's book! 
 
 A Day in the Life Presentations <ul> <li>
 Mandiant Labs (M-Labs)
 Wednesday, July 31 12:45-1:30 PM</li> </ul>
 Mandiant's Michael Sikorski and Stephen Davis will walk attendees
 through a typical day for a malware analyst and how they have
 successfully integrated machine learning into their research.
 <ul> <li>
 Mandiant MCIRT Analysts
 Thursday, August 1 12:45 - 1:30 PM</li> </ul>
 Mandiant's James Condon and Mike Scutt will walk attendees
 through a typical day as an MCIRT Analyst, using an attack scenario
 to highlight the tools and processes used by MCIRT Analysts to
 successfully investigate a compromise. 
 
 Arsenal: <ul> <li>
 IOCWriter_11
 Presented by William (Will) Gibb
 Thursday, August 1 10:00 AM - 12:30 PM Station
 7</li> </ul> With the impending release of the OpenIOC 1.1 format
 for sharing threat intelligence, Mandiant will be releasing a set of
 open source tools for creating and manipulating OpenIOC objects and
 moving data in and out of the OpenIOC format. Demonstrations
 will cover how the tools can be used to create and modify OpenIOC
 documents, show how it is possible to store Snort and Yara
 signatures in OpenIOC format and convert those OpenIOC documents
 back into their native formats. In addition, the integration of
 these tools into other open source applications will be demonstrated
 with tools that can automatically extract IOCs from unstructured
 content. <ul> <li>
 Mandiant Redline™ 
 Presented by Theodore (Ted) Wilson
 Thursday, August 1 12:45 - 3:15 PM Station
 7</li> </ul> 
 <a 
 href="http://www.fireeye.com/content/fireeye-www/en_US/services/freeware/redline.html">Redline</a>,
 Mandiant's premier free tool, provides host investigative
 capabilities to users to find signs of malicious activity through
 memory and file analysis, and the development of a threat assessment
 profile. With Redline, users can: - Thoroughly audit and
 collect all run processes, audit data, and memory images. -
 Analyze and view imported audit data, including narrowing and
 filtering results around a given timeframe using Redline's -
 Timeline functionality with the TimeWrinkle™ and TimeCrunch™
 features. - Streamline memory analysis with a proven workflow
 for analyzing malware based on relative priority. - Identify
 processes more likely worth investigating based on the Redline
 Malware Risk Index (MRI) score. - Perform Indicator of
 Compromise (IOC) analysis. Supplied with a set of IOCs, the Redline
 Portable Agent is automatically configured to gather the data
 required to perform the IOC analysis and an IOC hit result
 review. <ul> <li>
 OWASP Broken Web 
 Presented by Chuck Willis
 Thursday, August 1 12:45 - 3:15 PM Station
 8</li> </ul> The Open Web Application Security Project (OWASP)
 Broken Web Applications project (<a 
 href="http://www.owaspbwa.org/">www.owaspbwa.org</a>) provides a free
 and open source virtual machine loaded with web applications
 containing security vulnerabilities. This session will showcase the
 project VM and exhibit how it can be used for training, testing, and
 experimentation by people in a variety of roles.
 Demonstrations will cover how the project can be used by
 penetration testers who discover and exploit web application
 vulnerabilities, by developers and others who prevent and defend
 against web application attacks, and by individuals who respond to
 web application incidents. New features and applications in the
 recently released version 1.1 of the VM will also be
 highlighted. Let us know if you'll be at Black Hat USA
 2013! </div>

First name:

Last name:

Related Posts