• TRUSTWAVE SCHEDULE

  • Join us in Vegas for Black Hat USA, the show sets the benchmark for all other security conferences. Black Hat brings together the brightest in the world for six days of learning, networking, and skill building. The environment is strictly vendor-neutral and focused on the sharing of practical insights and timely, actionable knowledge. Black Hat remains the best and biggest event of its kind, unique in its ability to define tomorrow's information security landscape.

  • Come visit us at booth #1148

  • Highlighted Trustwave Events

    Cybercriminal Underground: The Bad, the Worse and the Ugly

    Wednesday, August 3rd at 4:00 p.m.

    Presenter: Ziv Mador

    For several years now, cybercrime has turned into a money machine - a profession with shared knowledge, tools and services. This session will provide examples of how cybercriminals communicate in close, vetted forums and how they advertise their “merchandise” there. We will also explore how they launch attacks, such as malvertisement campaigns, that successfully infect countless people around the world without human interaction. Examples of the low morale values these (cyber)-criminals have will be included.

    Add to Calendar 08/03/2016 4:00 PM 08/03/2016 4:15 PM America/Los_Angeles Cybercriminal Underground: The Bad, the Worse and the Ugly For several years now, cybercrime has turned into a money machine - a profession with shared knowledge, tools and services. This session will provide examples of how cybercriminals communicate in close, vetted forums and how they advertise their “merchandise” there. We will also explore how they launch attacks, such as malvertisement campaigns, that successfully infect countless people around the world without human interaction. Examples of the low morale values these (cyber)-criminals have will be included. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Can You Detect Cherry Picker?

    Thursday, August 4th at 2:30 p.m.

    Presenter: Ryan Merritt

    Ryan Merritt will show Cherry Picker, a previously unknown malware for point-of-sale devices that Trustwave discovered during a real incident response investigation a couple of months ago. Ryan will also demonstrate how our Endpoint Protection client can detect the malware’s presence.

    Add to Calendar 08/04/2016 2:30 PM 08/04/2016 2:45 PM America/Los_Angeles Can You Detect Cherry Picker? Ryan Merritt will show Cherry Picker, a previously unknown malware for point-of-sale devices that Trustwave discovered during a real incident response investigation a couple of months ago. Ryan will also demonstrate how our Endpoint Protection client can detect the malware’s presence. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Protecting Your Database

    Thursday, August 4th at 10:30 a.m.

    Presenter: Martin Rakhmanov

    In this presentation, Martin will show an example of a database vulnerability discovered by Trustwave SpiderLabs: SAP Adaptive Server Enterprise SQL injection vulnerability in DSAM support code (CVE-2016-4013). He will then show the methods that Trustwave uses to release information on known vulnerabilities (advisory, blog post, etc.). The presentations will end with a scanning demonstration of Trustwave App Detective Pro and how it detects a patch not applied on a target machine and the suggested actions to take.

    Add to Calendar 08/04/2016 10:30 AM 08/04/2016 10:45 AM America/Los_Angeles Protecting Your Database In this presentation, Martin will show an example of a database vulnerability discovered by Trustwave SpiderLabs: SAP Adaptive Server Enterprise SQL injection vulnerability in DSAM support code (CVE-2016-4013). He will then show the methods that Trustwave uses to release information on known vulnerabilities (advisory, blog post, etc.). The presentations will end with a scanning demonstration of Trustwave App Detective Pro and how it detects a patch not applied on a target machine and the suggested actions to take. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Featured Trustwave Speakers

    Mador

    Ziv Mador

    VP, Security Research, Trustwave SpiderLabs

    Ziv manages the global security research team at Trustwave. He is a 20 year veteran of the security industry and is a primary spokesperson for Trustwave and has been a regular speaker at security conferences such as RSA, InfoSecurity, DCC, AusCERT, FIRST, CARO, ISOI, MSRA and WORM.


    Merritt

    Ryan Merritt

    Malware Analysis Research Manager, Trustwave SpiderLabs

    Ryan Merritt is the team lead for the Trustwave SpiderLabs Malware Research group and has over 15 years of Information Security experience.


    Rakhmanov

    Martin Rakhmanov

    Database Security Research Manager, Trustwave SpiderLabs

    Martin Rakhmanov is a Security Research Manager at Trustwave SpiderLabs where his focus is database vulnerability research and product development. He has found dozens of vulnerabilities in all major databases (Oracle Database, Microsoft SQL Server, SAP ASE, IBM DB2 LUW) as well as in other software products.

  • Wednesday, August 3rd, 2016


    10:00am - 7:00pm

    Passport for prizes

    Be sure to stop the Trustwave booth #1148 to get your passport stamped for a chance to win a "Swagway"!

    Add to Calendar 08/03/2016 10:00 AM 08/03/2016 7:00 PM America/Los_Angeles Passport for prizes Be sure to stop the Trustwave booth #1148 to get your passport stamped for a chance to win a "Swagway"! Black Hat USA 2016, Booth #1148 Trustwave false MM/DD/YYYY

    Swagway


    10:00am - 12:00pm

    Red Bull and Starbucks

    Stop by booth #1148 for a morning pick-me-up. Red Bull and Starbucks coffee coolers.

    Add to Calendar 08/03/2016 10:00 AM 08/03/2016 12:00 PM America/Los_Angeles Red Bull and Starbucks Stop by booth #1148 for a monring pick-me-up. Red Bull and Starbucks coffee coolers. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Drinks


    10:30am - 10:45am

    Victim of a CEO Fraud Attack? What to Do Next.

    Email scams known as “CEO Fraud” are increasingly common.  They are a type of “Business Email Compromise” (BEC).  The basic premise of the scam is where an attacker sends an email, pretending to be the CEO of a company, to a suitably high level person in a department, and requests information or money transfers. Attackers do their homework and they figure out which companies to target. This presentation will give some background on this type of attack, show some samples, as well as how to configure the Trustwave Secure Email Gateway to provide optimal protection.

    Add to Calendar 08/03/2016 10:00 AM 08/03/2016 10:45 AM America/Los_Angeles Victim of a CEO Fraud Attack? What to Do Next. Email scams known as “CEO Fraud” are increasingly common. They are a type of “Business Email Compromise” (BEC). The basic premise of the scam is where an attacker sends an email, pretending to be the CEO of a company, to a suitably high level person in a department, and requests information or money transfers. Attackers do their homework and they figure out which companies to target. This presentation will give some background on this type of attack, show some samples, as well as how to configure the Trustwave Secure Email Gateway to provide optimal protection. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Hay

    Phil Hay

    Research Manager, Email Security Team, Trustwave SpiderLabs

    Phil has been working in security for over 15 years, and specializes in analyzing all manner of threats relating to email, including malware, phishing and botnets.


    12:30pm - 12:45pm

    Defeating Exploit Kits

    Anat will give an overview of exploit kits and the threat that they present, as well as demonstrate what a typical attack using an exploit kit to deliver Ransomware looks like and how Trustwave's Secure Web Gateway can be used to protect against it.

    Add to Calendar 08/03/2016 12:30 PM 08/03/2016 12:45 PM America/Los_Angeles Defeating Exploit Kits Anat will give an overview of exploit kits and the threat that they present, as well as demonstrate what a typical attack using an exploit kit to deliver Ransomware looks like and how Trustwave's Secure Web Gateway can be used to protect against it. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Davidi

    Anat Davidi

    Research Manager, Web Client Security Team, Trustwave SpiderLabs

    Anat Davidi has been working in the InfoSec security industry for over 10 years, these days her focus is on research of web-based malware and attacks which goes mainly towards improving Trustwave’s Secure Web Gateway product. This means that she spends most of her days analyzing either browser vulnerabilities or exploit kits.


    2:00pm - 2:15pm

    Defeating Web Application Attacks

    Eliran will present on prevalent web application vulnerabilities and exploits and demonstrate how Trustwave’s Web Application Firewall (WAF) blocks them and provides information to administrators. He will also include a demonstration of the Trustwave App Scanner in action detecting the vulnerability.

    Add to Calendar 08/03/2016 2:00 PM 08/03/2016 2:15 PM America/Los_Angeles How to Overcome Web Application Vulnerabilities Eliran will present on prevalent web application vulnerabilities and exploits and demonstrate how Trustwave’s Web Application Firewall (WAF) blocks them and provides information to administrators. He will also include a demonstration of the Trustwave App Scanner in action detecting the vulnerability. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Itzhak

    Eliran Itzhak

    WAF Security Research Manager, Trustwave SpiderLabs

    Eliran is a Security Research Manager in Trustwave SpiderLabs, leading the research for Trustwave WAF and Modsecurity. He is a 8 year veteran of the security industry and specializes in computer forensics, penetration testing and analysis of a wide range of threats including various web application threats.


    4:00pm - 4:15pm

    Cybercriminal Underground: The Bad, the Worse and the Ugly

    For several years now, cybercrime has turned into a money machine - a profession with shared knowledge, tools and services. This session will provide examples of how cybercriminals communicate in close, vetted forums and how they advertise their “merchandise” there. We will also explore how they launch attacks, such as malvertisement campaigns, that successfully infect countless people around the world without human interaction. Examples of the low morale values these (cyber)-criminals have will be included.

    Add to Calendar 08/03/2016 4:00 PM 08/03/2016 4:15 PM America/Los_Angeles Cybercriminal Underground: The Bad, the Worse and the Ugly For several years now, cybercrime has turned into a money machine - a profession with shared knowledge, tools and services. This session will provide examples of how cybercriminals communicate in close, vetted forums and how they advertise their “merchandise” there. We will also explore how they launch attacks, such as malvertisement campaigns, that successfully infect countless people around the world without human interaction. Examples of the low morale values these (cyber)-criminals have will be included. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Mador

    Ziv Mador

    VP, Security Research, Trustwave SpiderLabs

    Ziv manages the global security research team at Trustwave. He is a 20 year veteran of the security industry and is a primary spokesperson for Trustwave and has been a regular speaker at security conferences such as RSA, InfoSecurity, DCC, AusCERT, FIRST, CARO, ISOI, MSRA and WORM.


    4:00pm - 6:00pm

    Sliders

    Curb those afternoon munchies. Come grab a slider or two at booth #1148.

    Add to Calendar 08/03/2016 4:00 PM 08/03/2016 6:00 PM America/Los_Angeles Sliders Curb those afternoon munchies. Come grab a slider or two at booth #1148. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Sliders


    6:00pm - 6:15pm

    A peak inside Trustwave’s Threat Intel Programs

    During this presentation, Karl Sigler will show how Trustwave leverages our extensive threat intelligence to empower our vast portfolio of products and services/managed services.

    Add to Calendar 08/03/2016 6:00 PM 08/03/2016 6:15 PM America/Los_Angeles A peak inside Trustwave’s Threat Intel Programs During this presentation, Karl Sigler will show how Trustwave leverages our extensive threat intelligence to empower our vast portfolio of products and services/managed services. Trustwave events@trustwave.com false MM/DD/YYYY

    Sigler

    Karl Sigler

    Research Manager, managing Threat Intelligence and IDS/IPS research, Trustwave SpiderLabs

    Karl is responsible for research and analysis of current vulnerabilities, malware and threat trends. Karl and his team run the email advisory service, serve as liaison with Microsoft MAPP program, and coordinate disclosures of discovered vulnerabilities.

  • Thursday, August 4th, 2016


    10:00am - 5:00pm

    Passport for prizes

    Be sure to stop the Trustwave booth #1148 to get your passport stamped for a chance to win a "Swagway"!

    Add to Calendar 08/04/2016 10:00 AM 08/04/2016 5:00 PM America/Los_Angeles Passport for prizes Be sure to stop the Trustwave booth #1148 to get your passport stamped for a chance to win a "Swagway"! Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Swagway


    10:00am - 12:00pm

    Breakfast Burritos

    Breakfast Burritos. Enough Said.

    Add to Calendar 08/04/2016 10:00 AM 08/04/2016 12:00 PM America/Los_Angeles Breakfast Burritos Breakfast Burritos. Enough Said. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Burrito


    10:30am - 10:45am

    Protecting Your Database

    In this presentation, Martin will show an example of a database vulnerability discovered by Trustwave SpiderLabs: SAP Adaptive Server Enterprise SQL injection vulnerability in DSAM support code (CVE-2016-4013). He will then show the methods that Trustwave uses to release information on known vulnerabilities (advisory, blog post, etc.). The presentations will end with a scanning demonstration of Trustwave App Detective Pro and how it detects a patch not applied on a target machine and the suggested actions to take.

    Add to Calendar 08/04/2016 10:30 AM 08/04/2016 10:45 AM America/Los_Angeles Protecting Your Database In this presentation, Martin will show an example of a database vulnerability discovered by Trustwave SpiderLabs: SAP Adaptive Server Enterprise SQL injection vulnerability in DSAM support code (CVE-2016-4013). He will then show the methods that Trustwave uses to release information on known vulnerabilities (advisory, blog post, etc.). The presentations will end with a scanning demonstration of Trustwave App Detective Pro and how it detects a patch not applied on a target machine and the suggested actions to take. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Rakhmanov

    Martin Rakhmanov

    Database Security Research Manager, Trustwave SpiderLabs

    Martin Rakhmanov is a Security Research Manager at Trustwave SpiderLabs where his focus is database vulnerability research and product development. He has found dozens of vulnerabilities in all major databases (Oracle Database, Microsoft SQL Server, SAP ASE, IBM DB2 LUW) as well as in other software products.


    1:00pm - 1:15pm

    Internet Protocols and the Trustwave Global Threat Database

    This talk will outline the various SSL/TLS versions and cryptographic algorithms used for https, ssh and other common internet protocols. Through the use of real world data captured in Trustwave’s Global Thread Database we will show the frequency of these protocols including old and insecure versions. Finally, we will show how to detect these protocols using Trustwave solutions and how to properly secure affected hosts.

    Add to Calendar 08/04/2016 1:00 PM 08/04/2016 1:15 PM America/Los_Angeles Internet Protocols and the Trustwave Global Threat Database This talk will outline the various SSL/TLS versions and cryptographic algorithms used for https, ssh and other common internet protocols. Through the use of real world data captured in Trustwave’s Global Thread Database we will show the frequency of these protocols including old and insecure versions. Finally, we will show how to detect these protocols using Trustwave solutions and how to properly secure affected hosts. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    De La Fuente

    Christophe De La Fuente

    Senior Researcher, Vulnerability Assessment Team, Trustwave SpiderLabs

    Christophe is a Senior Researcher within the Vulnerability Assessment Team at Trustwave’s SpiderLabs, responsible for implementing the vulnerability tests and signatures for our TrustKeeper Vulnerability Management Scanner. He also has extensive experience in penetration tests on web application and network infrastructure.


    2:30pm - 2:45pm

    Can You Detect Cherry Picker?

    Ryan Merritt will show Cherry Picker, a previously unknown malware for point-of-sale devices that Trustwave discovered during a real incident response investigation a couple of months ago. Ryan will also demonstrate how our Endpoint Protection client can detect the malware’s presence.

    Add to Calendar 08/04/2016 2:30 PM 08/04/2016 2:45 PM America/Los_Angeles Can You Detect Cherry Picker? Ryan Merritt will show Cherry Picker, a previously unknown malware for point-of-sale devices that Trustwave discovered during a real incident response investigation a couple of months ago. Ryan will also demonstrate how our Endpoint Protection client can detect the malware’s presence. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Merritt

    Ryan Merritt

    Malware Analysis Research Manager, Trustwave SpiderLabs

    Ryan Merritt is the team lead for the Trustwave SpiderLabs Malware Research group and has over 15 years of Information Security experience.


    3:30pm - 3:45pm

    Time Is of the Essence When It Comes to Threats Against Your Network

    When facing threats against your network, a timely response is of the essence. The Alerting framework within Trustwave SIEM can provide you with near real-time Correlations and Escalations, ensuring you are notified of potential threats as early as possible. Join Jeff Pold as he discusses Trustwave SIEM to learn about the different features of this highly configurable framework; available in standalone Trustwave SIEM products as well as with our Managed SIEM services.

    Add to Calendar 08/04/2016 3:30 PM 08/04/2016 3:45 PM America/Los_Angeles Time Is of the Essence When It Comes to Threats Against Your Network When facing threats against your network, a timely response is of the essence. The Alerting framework within Trustwave SIEM can provide you with near real-time Correlations and Escalations, ensuring you are notified of potential threats as early as possible. Join Jeff Pold as he discusses Trustwave SIEM to learn about the different features of this highly configurable framework; available in standalone Trustwave SIEM products as well as with our Managed SIEM services. Black Hat USA 2016, Booth #1148 Trustwave events@trustwave.com false MM/DD/YYYY

    Pold

    Jeff Pold

    Director, Security Information Services, Trustwave SpiderLabs

    Jeff Pold is Director of Security Information Services, Spiderlabs Research at Trustwave. He manages the SIS teams in Canada and Poland, which focus on supplying parsing support and reporting content for the various Trustwave SIEM product lines, as well as Trustwave MSS. Jeff started working with SIEM in 2004 at Intellitactics, which was then acquired by Trustwave in 2008.