• TRUSTWAVE SCHEDULE

  • Join us in Vegas for Black Hat USA, the show sets the benchmark for all other security conferences. Black Hat brings together the brightest in the world for six days of learning, networking, and skill building. The environment is strictly vendor-neutral and focused on the sharing of practical insights and timely, actionable knowledge. Black Hat remains the best and biggest event of its kind, unique in its ability to define tomorrow's information security landscape.

  • Come visit us at booth #954

  • Highlighted Trustwave Events

    The Importance of Continuous Penetration Testing

    Wednesday, July 26th at 2:00 p.m.

    Presenter: Will Harmon

    A high-level review of the top threats and attack vectors from the 2017 Trustwave Global Security Report, followed by an informative dialog on the benefits of moving from annual or semi-annual penetration testing to continuous testing.

    Add to Calendar 07/27/2017 01:00 PM 07/27/2017 01:15 PM America/Los_Angeles The Importance of Continuous Penetration Testing A high-level review of the top threats and attack vectors from the 2017 Trustwave Global Security Report, followed by an informative dialog on the benefits of moving from annual or semi-annual penetration testing to continuous testing. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Harmon

    Will Harmon

    Trustwave Government Solutions, Practice Lead - SpiderLabs

    Will is a military veteran and brings more than 14 years of experience in the cyber security space. He has extensive experience in both the public and private sector performing penetration tests, vulnerability management, intrusion detection, and digital forensic investigations.


    Tranewreck

    Wednesday, July 26th at 5:15 p.m.

    Presenter: Jeff Kitson

    Tranewreck provides an overview of a popular consumer IoT thermostat and its potentially dangerous vulnerabilities. The vulnerabilities covered in this presentation won the 0-day Rabble Rouser contest for the IoT Village at Defcon 24.

    Add to Calendar 07/26/2017 5:15 PM 07/26/2017 5:45 PM America/Los_Angeles Tranewreck Tranewreck provides an overview of a popular consumer IoT thermostat and its potentially dangerous vulnerabilities. The vulnerabilities covered in this presentation won the 0-day Rabble Rouser contest for the IoT Village at Defcon 24. Trustwave events@trustwave.com false MM/DD/YYYY

    Kitson

    Jeff Kitson

    Senior Security Researcher

    Jeff Kitson is a Senior Security Researcher with Trustave SpiderLabs. His research focuses include IoT security and critical infrastructure.

  • Wednesday, July 26th, 2017


    10:00am - 7:00pm

    Show Floor is Open


    10:00am - 12:00pm

    Red Bull and Starbucks

    Stop by booth #954 for a morning pick-me-up. Red Bull and Starbucks coffee coolers.

    Add to Calendar 07/26/2017 10:00 AM 07/26/2017 12:00 PM America/Los_Angeles Red Bull and Starbucks Stop by booth #954 for a monring pick-me-up. Red Bull and Starbucks coffee coolers. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Drinks


    10:30am - 10:45am

    State of Network Security & PCI DSS Compliance

    PCI compliance is an ongoing effort. This talk will cover the state of network security in 2017 and highlight the most common threats as well as a few high profile threats detected by the Trustwave scanner in the past year.

    Add to Calendar 07/26/2017 10:30 AM 07/26/2017 10:45 AM America/Los_Angeles State of Network Security & PCI DSS Compliance PCI compliance is an ongoing effort. This talk will cover the state of network security in 2017 and highlight the most common threats as well as a few high profile threats detected by the Trustwave scanner in the past year. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Parikh

    Prutha Parikh

    Security Research Manager

    As Manager of the Trustwave SpiderLabs Vulnerability Assessment security research team, Prutha is responsible for the vulnerability research effort behind Trustwave's PCI ASV certified network scanning services. With over 10 years in the security industry, she has experience in software development, web application security, penetration testing and vulnerability research in addition to network protocol analysis, network scanner signature development, firewall reviews and security assessments of database systems.


    12:30pm - 12:45pm

    Endpoint Detection and a Hackers ToolKit

    Anti-virus isn't dead but long live Endpoint Detection!  This session will showcase an incident responders view of dealing with a hackers toolkit in real-time during a recent POS compromise investigation.

    Add to Calendar 07/26/2017 12:30 PM 07/26/2017 12:45 PM America/Los_Angeles Endpoint Detection and a Hackers ToolKit Anti-virus isn't dead but long live Endpoint Detection!  This session will showcase an incident responders view of dealing with a hackers toolkit in real-time during a recent POS compromise investigation. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Presser

    Matt Presser

    Senior Security Consultant

    As a Senior Security Consultant with Trustwave's SpiderLabs group, Matt performs Incident Response and Digital Forensics Investigation for Trustwave clients. 


    2:00pm - 2:15pm

    The Importance of Continuous Penetration Testing

    A high-level review of the top threats and attack vectors from the 2017 Trustwave Global Security Report, followed by an informative dialog on the benefits of moving from annual or semi-annual penetration testing to continuous testing.

    Add to Calendar 07/26/2017 2:00 PM 07/26/2017 2:15 PM America/Los_Angeles The Importance of Continuous Penetration Testing A high-level review of the top threats and attack vectors from the 2017 Trustwave Global Security Report, followed by an informative dialog on the benefits of moving from annual or semi-annual penetration testing to continuous testing. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Harmon

    Will Harmon

    Trustwave Government Solutions, Practice Lead - SpiderLabs

    Will is a military veteran and brings more than 14 years of experience in the cyber security space. He has extensive experience in both the public and private sector performing penetration tests, vulnerability management, intrusion detection, and digital forensic investigations.


    3:00pm - 6:00pm

    Ice Cream Bars

    Curb those afternoon munchies. Come grab an ice cream bar at booth #954.

    Add to Calendar 07/26/2017 03:00 PM 07/26/2017 06:00 PM America/Los_Angeles Ice Cream Bars Curb those afternoon munchies. Come grab an ice cream bar at booth #954. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Ice Cream


    4:00pm - 4:15pm

    Enriching Threat Intelligence With Dark Web Research

    This session will feature a discussion about using dark web research tools to increase the effectiveness of threat intel applications and security operations.

    Add to Calendar 07/26/2017 4:00 PM 07/26/2017 4:15 PM America/Los_Angeles Enriching Threat Intelligence With Dark Web Research This session will feature a discussion about using dark web research tools to increase the effectiveness of threat intel applications and security operations. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Wilson

    Dennis Wilson

    Sr Manager, Cyber Threat Detection - Trustwave SpiderLabs

    Dennis leads the Trustwave SpiderLabs Cyber Threat Detection team. He has 15 years of experience in cyber warfare and software engineering with the US Air Force and private sector managed security services. Leads global team of threat analysts and security engineers in a 24/7 MSS operations.


    5:15pm - 5:45pm

    Tranewreck

    Tranewreck provides an overview of a popular consumer IoT thermostat and its potentially dangerous vulnerabilities. The vulnerabilities covered in this presentation won the 0-day Rabble Rouser contest for the IoT Village at Defcon 24.

    Add to Calendar 07/26/2017 5:15 PM 07/26/2017 5:45 PM America/Los_Angeles Tranewreck Tranewreck provides an overview of a popular consumer IoT thermostat and its potentially dangerous vulnerabilities. The vulnerabilities covered in this presentation won the 0-day Rabble Rouser contest for the IoT Village at Defcon 24. Trustwave events@trustwave.com false MM/DD/YYYY

    Kitson

    Jeff Kitson

    Senior Security Researcher

    Jeff Kitson is a Senior Security Researcher with Trustwave SpiderLabs. His research focuses include IoT security and critical infrastructure.

  • Thursday, July 27th, 2017


    10:00am - 5:00pm

    Show Floor is Open


    10:00am - 12:00pm

    Breakfast Burritos

    Come get a breakfast burrito while its hot at booth #954!

    Add to Calendar 07/27/2017 10:00 AM 07/27/2017 12:00 PM America/Los_Angeles Breakfast Burritos Come get a breakfast burrito while its hot at booth #954! Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Burritos


    10:30am - 10:45am

    A Look at our Threat Intelligence Program

    Join this session to get an insider’s view on how Trustwave leverages both internally researched threat intelligence as well as 3rd party relationships to strengthen our vast portfolio of products and services/managed services.

    Add to Calendar 07/27/2017 10:30 AM 07/27/2017 10:45 AM America/Los_Angeles A Look at our Threat Intelligence Program Join this session to get an insider’s view on how Trustwave leverages both internally researched threat intelligence as well as 3rd party relationships to strengthen our vast portfolio of products and services/managed services. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Sigler

    Karl Sigler

    Security Research Manager, Trustwave SpiderLabs Threat Intelligence

    Karl is responsible for research and analysis of current vulnerabilities, malware and threat trends. In addition to maintaining the Threat Intelligence program, Karl and his team manage the IDS/IPS signature development, serve as liaison with Microsoft MAPP program, and coordinate the Responsible Disclosures of discovered vulnerabilities.


    1:00pm - 1:15pm

    The Importance of Continuous Penetration Testing

    A high-level review of the top threats and attack vectors from the 2017 Trustwave Global Security Report, followed by an informative dialog on the benefits of moving from annual or semi-annual penetration testing to continuous testing.

    Add to Calendar 07/27/2017 01:00 PM 07/27/2017 01:15 PM America/Los_Angeles The Importance of Continuous Penetration Testing A high-level review of the top threats and attack vectors from the 2017 Trustwave Global Security Report, followed by an informative dialog on the benefits of moving from annual or semi-annual penetration testing to continuous testing. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Harmon

    Will Harmon

    Trustwave Government Solutions, Practice Lead - SpiderLabs

    Will is a military veteran and brings more than 14 years of experience in the cyber security space. He has extensive experience in both the public and private sector performing penetration tests, vulnerability management, intrusion detection, and digital forensic investigations.


    2:30pm - 2:45pm

    AppDetectivePRO at Work

    Get a better understanding of how to protect your databases in this session, where you will hear a firsthand review of a couple of Trustwave AppDetectivePRO scans (MongoDB and one more), learn how it works (and what our experts look for) and how to interpret the results.

    Add to Calendar 07/27/2017 02:30 PM 07/27/2017 02:45 PM America/Los_Angeles AppDetectivePRO at Work Get a better understanding of how to protect your databases in this session, where you will hear a firsthand review of a couple of Trustwave AppDetectivePRO scans (MongoDB and one more), learn how it works (and what our experts look for) and how to interpret the results. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Zakharevich

    Vladimir Zakharevich

    Senior Security Researcher

    Vladimir Zakharevich is a Senior Security Researcher at Trustwave SpiderLabs where he works on vulnerability research and product development. His main focus is security of databases and IoT.

    Rakhmanov

    Martin Rakhmanov

    Security Research Manager

    Martin Rakhmanov is a Security Research Manager at Trustwave SpiderLabs where his focus is database vulnerability research and product development.


    3:30pm - 3:45pm

    How to Fail Your PCI DSS Assessment

    Staying on top of current, as well as emerging requirements for PCI DSS compliance can be a daunting task and ignorance can delay achieving compliance (or worse). Come learn some of the best practices for managing the PCI DSS compliance process year-round.

    Add to Calendar 07/27/2017 03:30 PM 07/27/2017 03:45 PM America/Los_Angeles How to Fail Your PCI DSS Assessment Staying on top of current, as well as emerging requirements for PCI DSS compliance can be a daunting task and ignorance can delay achieving compliance (or worse). Come learn some of the best practices for managing the PCI DSS compliance process year-round. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Buck

    Kevin Buck

    Senior Security Consultant

    Kevin has over 30 years of experience in IT and programming on every platform from mainframes to embedded systems across multiple industries, with a focus in IT security for the last 15 years. After 10 years as a security manager for a level 1 PCI merchant, he now performs PCI assessments and consults with clients seeking best practice and compliance.


    4:15pm - 4:45pm

    Trustwave SpiderLabs Forensic Challenge

    Attackers frequently use a variety of methods to obfuscate their data. Use your favorite method to crack the code and become the first forensic all-star to solve the challenge to win a fabulous prize and bragging rights. Couldn’t crack the code? Come to this session hear how to solve the challenge.

    Add to Calendar 07/27/2017 04:15 PM 07/27/2017 04:45 PM America/Los_Angeles Trustwave SpiderLabs Forensic Challenge Attackers frequently use a variety of methods to obfuscate their data. Use your favorite method to crack the code and become the first forensic all-star to solve the challenge to win a fabulous prize and bragging rights. Couldn’t crack the code? Come to this session hear how to solve the challenge. Black Hat USA 2017, Booth #954 Trustwave events@trustwave.com false MM/DD/YYYY

    Antonakos

    James Antonakos

    Incident Response Consultant

    James Antonakos is an Incident Response Consultant for the SpiderLabs team at Trustwave, where his work involves computer forensics in PCI and malware investigations, malware and threat hunting research, security analysis and blogging, and conference presentations. James is passionate about all things Information Security, especially things related to PCI, IT security auditing, computer forensics, and malware analysis.

  • Trustwave Literature Request


    No need to carry all that great material around the show floor - simply pick the information that interests you, and we will send it directly to your inbox!

  • Trustwave SpiderLabs Forensic Challenge


    Have fun and compete with your colleagues to be the first to solve our riddles.

    Attackers frequently use a variety of methods to obfuscate their data. Show off your skills and take part in the Trustwave SpiderLabs Forensic Challenge using your favorite method to crack the code. Become the first forensic all-star to solve the challenge to win a fabulous prize and ultimate bragging rights.

    During incident response, a WAV file was found on a compromised computer. There is some suspicion that it may contain exfiltrated data based on comments from a forensic investigator who began decoding it before his laptop was stolen.

    The WAV file was located in a folder named “Dreamworks2002” and is believed to contain three lists of IP addresses harvested via the compromised system. There may also be a secret message within the exfiltrated data.

    Your Challenge

    We provide you a copy of the WAV file (imdb-tt026446.wav):

    Download Now

    Based on this file, you will need to answer the following questions:

    1. What are the IP addresses in the three lists?
    2. If it exists, decode the secret message.
      Hint: ASCII codes are from 0 to 127.

    Once you solve the riddle, bring your answers to the Trustwave booth #954 to have them verified.

    Stumped? Swing by our booth on Thursday, July 28 at 4:15 p.m. and we will walk you through how to solve the challenge.