Skip to main content
banner image
venafi logo

Black Hat Briefings on Cryptographic Keys and Digital Certificates

Black Hat Briefings on Cryptographic Keys and Digital Certificates

generic_blog_banner_image
July 28, 2015 | Gregory Webb

Black Hat USA 2015 is right around the corner and it’s time to start planning which briefings to attend.

Here at Venafi, we’re interested in sessions on protecting cryptographic keys and digital certificates. Keys and certificates are the foundation of online trust, but cybercriminals, hacktivists, and nation states are misusing them to gain unauthorized access and hide their actions.

Venafi and Blue Coat security experts will be conducting cybersecurity briefings that cover 3 different cybersecurity topics and, if you register in advance for a session, you’ll receive a $30 Amazon gift card when you attend. We have also identified others sessions that impact key and certificate security. Check out these briefings we’ve added to our dance card for this year’s Black Hat.

Venafi is a BlackHat USA 2015 Sponsor

Venafi Cybersecurity Briefings

  1. Your Threat Detection Strategy is Only 50% Effective
    While SSL/TLS provides privacy and authentication, it also creates a blind spot for enterprise security. Most organizations lack the ability to decrypt and inspect SSL traffic and bad guys are taking full advantage. This session, co-presented with Blue Coat, provides guidance on how SSL/TLS impacts security controls and how you can eliminate security blind spots. Register here.

  2. Advanced Attacks, Encryption, & Certificate Reputation
    As private encryption keys are now sold on the underground marketplace for circa $1000 each, it has become easy for hackers to breach even the most security conscious organizations. This session demonstrates how certificate reputation services are designed to identify and stop certificate misuse globally. Register here.

  3. Are Certificate-related Outages Impacting Your Business?
    We rely on digital certificates and cryptographic keys for data protection and authentication. But as security instruments, certificates can, and do, expire, bringing down systems and blocking access to servers, websites, and potentially dozens of critical downstream services. Attend and learn how to eliminate outages caused by expired certificates and reduce your security risks. Register here.

All registered attendees for Venafi briefings will also have a chance to win a $100 Amazon gift card per session. To check out what else Venafi is doing at Black Hat, visit Venafi.com/BH2015.

At Black Hat, we also want to hear what other thought leaders have to say about ensuring keys and certificates remain secure and continue to enable online trust. We’re looking forward to the following sessions:

  • Back Doors and Front Doors Breaking the Unbreakable System
    Governments are demanding backdoor access to encrypted data to support criminal and national security investigations, but this is opposed by privacy advocates. This briefing discusses if government agencies could be given backdoor access to encrypted data without weakening encryption systems.

  • Breaking HTTPS with BGP Hijacking
    Many believe BGP hijacking is not a significant threat, because the resulting man-in-the-middle attack cannot decrypt or break into an encrypted connection. But this briefing will show how the trust that SSL/TLS PKI places in internet routing can be exploited and how to prevent it.

  • Faux Disk Encryption: Realities of Secure Storage on Mobile Devices
    With the number of mobile users now surpassing the number of desktop users, this briefing discusses mobile device security and how it must go beyond full-disk encryption to protect against most attacks types. The session will present other secure storage techniques for both iOS and Android.

  • Certifi-gate: Front-Door Access to Pwning Millions of Androids
    Learn how a vulnerability within the Android customization chain can be exploited to access unsecure apps and gain access to any device. This will include information on how hash collisions, IPC abuse, and certificate forging can grant malware complete control of a device.

  • TrustKit: Code Injection on iOS 8 for the Greater Good
    See how Trustkit, a new open-source library for iOS, provides universal SSL public key pinning that the developers call “drag & drop SSL pinning.” This open-source library leverages new iOS 8 rules regarding dynamic linking and will be available for deployment by attendees.

  • Bringing a Cannon to a Knife Fight
    Bulletproof yourself against China’s Great Cannon which intercepts traffic as a man-in-the-middle proxy and turns global visitors to Chinese sites into the world’s largest botnet that carries out attacks on sites deemed a threat to the Chinese Communist Party. Learn how the Great Cannon works, about the timing of its release, why it was used to attack the Github repos, and how it will change as HTTPS and DNSSEC become more widely used.

Are there other sessions at Black Hat that address cryptographic keys and digital certificates that you plan to attend? Thoughts about any of these upcoming briefings? Drop me a comment.

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

generic_blog_banner_image

RSA 2016: How Your Security Foundation Crumbles If Your Keys and Certificates Are Compromised

generic_blog_banner_image

Infographic: Crumbling Cybersecurity—CIOs Are Wasting Millions

generic_blog_banner_image

Infographic: New SANS 20 Requirements for SSL/TLS Security and Management

About the author

Gregory Webb
Gregory Webb
Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat