Black Hat USA: 4 Cyber Security Trends from Vegas
As you complete your recovery from Black Hat 2016 — and, more likely, Las Vegas — it’s a good time to evaluate the cyber security news, trends and technology from the event.
A10 Networks experts scoured the expo floor for the most intriguing and game-changing sessions, papers, technology and innovation. While certainly not a comprehensive list, here’s what we found most interesting.
Finding threat behavior
Behavioral baselining and analytics are the driving business for many new cyber security companies exhibiting at Black Hat USA. They are using advanced algorithms to automatically identify behavioral anomalies indicative of advanced threats.
- Web Application Firewalls: Attacking Detection Logic Mechanisms
- The Beast Within: Evading Dynamic Malware Analysis Using Microsoft COM
- AVLeak: Fingerprinting Antivirus Emulators For Advanced Malware Evasion
- An AI Approach to Malware Similarity Analysis: Mapping the Malware Genome with a Deep Neural Network
Machine-learning, automatic detection
Automated response to specific threats is becoming more accepted as threat detection technologies become more accurate. Many vendors, including A10 Networks partners Cylance and Vectra Networks, are already applying this technology in their solutions. Cylance published the first paper below, while Vectra won a Best of Black Hat Award for “Most Innovative Emerging Company.”
- Applied Machine Learning for Data Exfil and Other Fun Topics
- Hardening AWS Environments and Automating Incident Response for AWS Compromises
See the data
Data visualization is driving a lot of UI development, providing the ability to “see” threats unfolding and the potential scope of their impact throughout both internal networks and the cloud.
Encrypted threats and decryption solutions
Attendees are more aware of the threats to their network brought about by encrypted threats. Most are looking for solutions that don’t introduce the network performance degradation they are seeing when they activate onboard SSL decryption and encryption in their existing solutions.
Conversely, decryption is still a controversial practice when weighed against compliance and data privacy concerns, highlighting the need for the ability to set granular policies about which data is decrypted.
- Certificate Bypass: Hiding and Executing Malware from a Digitally Signed Executable
- Side-Channel Attacks on Everyday Applications
- Crippling HTTPS with Unholy PAC
- HTTP-Encrypted Information can be Stolen through TCP-Windows
- HTTP Cookie Hijacking in the Wild: Security & Privacy Implications
- An Inconvenient Trust: User Attitudes toward Security and Usability Tradeoffs for Key-Directory Encryption Systems