Black Hat Briefings 2003 - Announcement

[Jeff Moss <jmoss () blackhat com>]

Contacts:

B.K. DeLong
press () blackhat com

BLACK HAT BRIEFINGS 2003 SESSIONS HIGHLIGHT NEXT GENERATION SECURITY 
TECHOLOGY, BEST PRACTICES

Top Academic Researchers & Industry Gurus will Focus on Key Vulnerabilities 
and Offer Comprehensive Strategies to Todays Security Problems; PGP Creator 
Phil Zimmermann to Keynote.

http://www.blackhat.com/ -- Black Hat Inc. announced today preliminary 
speaker sessions for this summer's Black Hat Briefings and Training 2003, 
the annual conference and workshop designed to help computer professionals 
better understand the security risks to their computer and information 
infrastructures by potential threats. This year's show will focus on 10 
tracks of hot topics including Incident Response & Computer Forensics, 
Firewalls, Access Control, Routing & Infrastructure, Application Security, 
Intrusion Detection, Log Analysis, Privacy & Anonymity, and Law & Society. 
The Briefings event is being held 30 through 31 July 2003 at the Caesars 
Palace Hotel and Casino in the heart of Las Vegas, with two days of 
training preceding it.

Top-notch speakers will deliver to the conference's core audience of IT & 
network security experts, consultants and administrators the newest 
developments on the vital security issues facing organizations using large 
networks with a mix of operating systems.

"Our goal is to present a vendor-neutral environment where conference 
attendees can receive key intelligence in a face-to-face environment with 
the people developing the tools used by and against hackers," says Jeff 
Moss, founder of Black Hat Inc. "Our speakers discuss the strategies 
involved in correcting existing problems and inform attendees on upcoming 
issues, preparing them for the future."

Phil Zimmermann, cryptographic technologist, will be one of the keynotes 
headlining the event. Zimmermann is the creator of Pretty Good Privacy and 
currently a special advisor and consultant for the PGP Corporation. He is 
best known for being the target of a three-year criminal investigation, 
because the US Government held that export restrictions for cryptographic 
software were violated when PGP was spread around the world following its 
1991 publication as freeware. Zimmermann currently consults for a number of 
companies and industry organizations on matters cryptographic, and is also 
a Fellow at the Stanford Law School's Center for Internet and Society. 
Before founding PGP Inc, Zimmermann was a software engineer with more than 
20 years of experience specializing in cryptography and data security, data 
communications, and real-time embedded systems.

The lineup of Black Hat Briefings presenters for 2003 include:

	-- Thomas Akin, Founding Director, Southeast Cybercrime Institute. Akin is 
a Certified Information Systems Security Professional (CISSP) who has 
worked in Information Security for almost a decade. He is the founding 
director of the Southeast Cybercrime Institute a division or Continuing 
Education at Kennesaw State University. He serves as chairman for the 
Institute's Board of Advisors and is an active member of the Georgia 
Cybercrime Task Force.

	-- Jay Beale, Senior Research Scientist, George Washington University 
Cyber Security Policy and Research Institute. Beale is a security 
specialist focused on host lockdown and security audits. He is the Lead 
Developer of the Bastille project, which creates a hardening script for 
Linux, HP-UX, and Mac OS X, a member of the Honeynet Project, and a core 
participant in the Center for Internet Security.

	-- Chris Conacher, Black Hat Consulting. Conacher has over 6 years 
experience in formal Information Security roles. This time has been spent 
with the Fortune 500 companies BAE Systems (formerly British Aerospace and 
Marconi Space Systems), BAE Systems Airbus and Intel Corporation. He has 
also worked for the Information Risk Management consultancy practice of 
'Big 5' firm KPMG LLP where he specialized in 'High-Tech' companies. Chris' 
time in Information Security has seen him working in England, France, 
Germany, Greece, Russia and the USA. His specialties include the 
development, deployment and review of corporate information security 
programs; the secure integration of Mergers & Acquisitions; data protection 
in disaster recovery planning; and information security business impact 
analysis.

	-- Roger Dingledine, Founder & Owner, Moria Research Labs. Dingledine is a 
security and privacy researcher. While at MIT under professor Ron Rivest, 
he developed Free Haven, one of the early peer-to-peer systems that 
emphasized resource management while retaining anonymity for its 
users.Currently he consults for the US Navy to design and develop systems 
for anonymity and traffic analysis resistance. Recent work includes 
anonymous publishing and communication systems, traffic analysis 
resistance, censorship resistance, attack resistance for decentralized 
networks, and reputation.

	-- Himanshu Dwivedi, Managing Security Architect, @stake. At @stake, 
Himanshu leads the Storage Center of Excellence (CoE), which focuses 
research and training around storage technology, including Network Attached 
Storage (NAS) and Storage Area Networks (SAN). Himanshu's focus in security 
is networking technology and storage architecture, specifically Fibre 
Channel Security.

	-- Jennifer Granick, Litigation Director, Center for Internet and Society, 
Stanford Law School. Ms. Granick's work focuses on the interaction of free 
speech, privacy, computer security, law and technology. She is on the Board 
of Directors for the Honeynet Project and has spoken at the NSA, to law 
enforcement and to computer security professionals from the public and 
private sectors in the United States and abroad. Before coming to Stanford 
Law School, Ms. Granick practiced criminal defense of unauthorized access 
and email interception cases nationally. She has published articles on 
wiretap laws, workplace
privacy and trademark law.

	-- The Honeynet Project is a non-profit, all volunteer security research 
organization dedicated to researching the blackhat community, and sharing 
the lessons learned. Made up of thirty security professional, the Project 
deploys Honeynet around the world to capture and analzye blackhat activity. 
These lessons are then shared with the security community. The Honeynet 
Project began in 1999 and continues to grow with the founding of the 
Honeynet Research Alliance.

	-- Larry Leibrock, Associate Dean and Technology Officer, University of 
Texas McCombs Business School. Leibrock has held or currently holds 
clinical teaching and research appointments at McCombs Business School, 
Institute for Advanced Technology, The University of Texas Law School, 
Emory University, Helsinki School of Economics and Monterrey Technologica 
in Mexico City and Monterrey. He is a member of IEEE, ACM, Internet 
Society, FIRST and USENIX/SAGE and is also a member of the Department of 
Defense Software Engineering Institute and a participant in the Air Force 
Software Technology Conference.

	-- Neel Mehta, Application Vulnerability Researcher, ISS X-Force. Mehta 
works as an application vulnerability researcher at ISS X-Force, and like 
many other security researchers comes from a reverse-engineering 
background. His reverse engineering experience was cultivated through 
extensive consulting work in the copy protection field, and has more 
recently been focused on application security. Neel has done extensive 
research into binary and source-code auditing, and has applied this 
knowledge to find many vulnerabilities in critical and widely deployed 
network applications.

	-- Richard Salgado, Senior Counsel, Computer Crime and Intellectual 
Property Section of the United States Department of Justice. Salgado 
specializes in investigating and prosecuting computer network cases, such 
as computer hacking, denial of service attacks, illegal sniffing, logic 
bombs, viruses and other technology-driven privacy crimes. Often such 
crimes cross international jurisdictions; Mr. Salgado helps coordinate and 
manage the investigation and prosecution of those cases and participates in 
policy development relating to emerging technologies such as the growth of 
wireless networks, voice-over Internet Protocol, surveillance tools and 
forensic techniques.

Black Hat Inc. will also conduct computer security training for several 
different topics several days prior to the briefings - 26 through 29 July.

Subjects include:

        -- Infrastructure Attacktecs™ & Defentecs™: "Hacking Cisco Networks"
        -- Aspects of Offensive Root-kit Technology
        -- Network Application Design & Secure Implementation
        -- NSA InfoSec Assessment Methodology Course
        -- OSSTMM Professional Security Analyst (OPSA)
        -- Forensics Tools and Processes for Windows XP® Platforms
        -- Discover the Hidden: Steganography Investigator Training
	-- Enterprise Security From Day 1 to Completion: A Practical Approach to 
Developing an InfoSec Program
        -- Microsoft Ninjitsu: Securely Deploying MS Technologies
        -- Securing Solaris and Locking Down Linux
        -- Ultimate Hacking: Expert Edition

The instructors for the training segment of this year's Black Hat are some 
of the top experts in their field and are fully-active in the computer 
security community. You won't find most of these speakers anywhere else and 
these handpicked security gurus will train participants in understanding 
the real threats to any network and how to keep them from being exploited.

To register for BlackHat Briefings, visit the Web site at 
http://www.blackhat.com. Direct any conference-related questions to 
info () blackhat com.

For press registration, contact B.K. DeLong via email at press () blackhat com.

About Black Hat Inc.

Black Hat Inc. was originally founded in 1997 by Jeff Moss to fill the need 
for computer security professionals to better understand the security risks 
and potential threats to their information infrastructures and computer 
systems. Black Hat accomplishes this by assembling a group of 
vendor-neutral security professionals and having them speak candidly about 
the problems businesses face and their solutions to those problems. Black 
Hat Inc. produces 5 briefing & training events a year on 3 different 
continents. Speakers and attendees travel from all over the world to meet 
and share in the latest advances in computer security. In addition to the 
Briefings, Black Hat has grown to provide training and consulting services. 
For more information, visit their Web site at http://www.blackhat.com