Skip to main content
banner image
venafi logo

Black Hat 2013 Briefings Day 1 Report

Black Hat 2013 Briefings Day 1 Report

generic_blog_banner_image
August 1, 2013 | Kevin Bocek

The first day of Black Hat was all about the opening keynote: NSA Director General Keith Alexander’s opening stirred emotions but also shared some new insights in to NSA operations.

Most interesting for me was the screenshot of the analyst’s user interface to the NSA’ phone metadata. Looking very Windows 3.11ish, the small screen shot shows how you can search for calls and the data that’s returned back.

black-hat-2013-FISA-records

Beyond the keynote, there were a number of great briefings. Topping the list was the very serious, but at times comical view, in to the FBI’s programs to identify malicious insiders by the agency’s former CISO Patrick Reidy.

black-hat-2013-byod

The FBI learned that looking for insiders could not be performed by merely looking for anomalous behavior outside the norm of the entire user community. Instead, data must be normalized and analysis considered in context of the individual. The use of analytics and recommendations on normalizing data are great lessons for everyone looking to use big data to detect threats.

black-hat-behavioral-detection

Day one also revealed that attacks on SSL and TLS are possible even without access to a server’s master asymmetric keypair. Using session tickets symmetric sessions keys are stored to create a stateless environment for encryption. While reducing server demands, it means TLS sessions could be decrypted without a server’s private.

black-hat-2013-conclusions

While the attack tool demonstrated and released to attendees required server access and memory dumping, something that attackers are capable of pulling off, enterprises need to understand the constantly changing use of keys and certificates. This is especially true as the shift to elastic public and private cloud computing moves in to higher gear and developers are now making security decisions outside the domain of IT security.

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

CA Agility: What Should Security Leaders Do Next?

Maximizing Your CA Agility: Why This Issue Is So Important Right Now

new Venafi technology network

Venafi Technology Network Changes the Way Machine Identities Are Protected

About the author

Kevin Bocek
Kevin Bocek

Kevin Bocek writes for Venafi's blog and is an expert in machine identity protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat