binary static analysis talk @ blackhat

[Matt Hargett <matt () use net>]

Since everyone else is announcing talks, products, companies, etc:

I'm doing a talk at Blackhat Europe on Binary Static Analysis 
implementation techniques. Much like the IDS/VPN/Firewall testing talk I 
gave at Defcon 8 after I left NAI, this talk is a collection of in-depth 
non-proprietary techniques and maps to where bodies are buried. It 
includes an introduction to classic static analysis techniques, how they 
work on various assembly programs to find real-world exploitable bugs, 
and how they don't work on various assembly programs. We will discover 
the practical limits of static analysis to determine when runtime 
analysis should probably be used, which is later in the exploit 
disocvery process than most people think.

Anyone who is interested in understanding how the non-proprietary parts 
BugScan 2.0 (and the unreleased 2.1) worked, out of curiosity or need to 
 implement a similar tool should attend. If the turnout is good, it 
will hopefully be offered at Blackhat USA this summer as well.


PS: I started at imeem last week, finally taking a break from this stuff.