LAS VEGAS--(BUSINESS WIRE)--Awake Security today announced details regarding its upcoming presence at Black Hat 2018. Rahul Kashyap, President & CEO, along with threat researchers Troy Kent and David Pearson, will be presenting and hosting workshops demonstrating how the most damaging, non-malware attacks can be detected and remediated using the power of Network Traffic Analysis (NTA). A sponsor of Black Hat 2018, Awake be demonstrating its Network Detection and Response Platform in the Business Hall, booth #IC2529.
The recent indictment of 12 Russian military intelligence officials for attacking the DNC emphasizes the importance of NTA solutions in identifying behaviors indicative of malicious intent. These activities include attack techniques such as remote access, privileged escalation and lateral movement, data exfiltration and more. According to Gartner, “Enterprises looking for a network-based approach to identify advanced attacks that have bypassed perimeter security should consider NTA as a way to help identify, manage and triage these events.”1 Through their presentations, Awake will demonstrate how the power of the network can be used to detect and respond to today’s advanced attacks.
Awake will be participating in the following sessions at the AGC Partner’s 2018 Disrupt!on Conference, Black Hat and DEF CON 26:
Presenter: Rahul Kashyap, President & CEO
Session Title: Cyber Data Distillation
In this panel,
Kashyap will discuss the tremendous volume of data that cybersecurity
teams are being asked to work with and how artificial intelligence and
machine learning can help democratize capabilities such as network
traffic analysis for organizations that struggle to find human talent to
fill those needs.
This session will be held at the AGC Partners 2018 Disrupt!on Conference, August 7, 2018, from 4:50 - 5:25 p.m. PDT, at the Luxor Hotel & Casino.
Presenter: Troy Kent, Threat Researcher
Session Title: Unknown Knowns: Missing the Attacker Hiding in Plain
Sight
This session will explore attack scenarios designed to
confuse and trick security analysts to bypass detection. Kent will dive
into specific examples of the protocols and techniques attackers use and
how network traffic analysis can identify these patterns to dramatically
reduce attacker dwell time.
This session will be held on Wednesday, August 8, 2018 from 2:25 – 2:45 pm PDT at the Innovation Theater, Oceanside, Mandalay Bay.
Presenters: Rahul Kashyap, President & CEO; Baibhav Singh, Security Researcher, Samsung Research America
Session Title: Back to the Future: A Radical Insecure Design of KVM
on ARM
The KVM Hypervisor is part of the Linux kernel and by
default it is enabled on all supported ARM system. In ARM architecture
KVM is implemented through split-mode virtualization and runs across
different privileged CPU modes. This talk will discuss about the design
and a security issue in a way Linux kernel initializes the KVM
Hypervisor. An attacker having access to host EL1 can execute code in
EL2. This security issue can be exploited by an attacker to install a
Hypervisor root kit on ARM system.
This session will be held Wednesday, August 8, 2018 from 5:05 – 5:30 p.m. PDT, at Lagoon JKL, Mandalay Bay.
Presenter: David Pearson, Principal Threat Researcher
Workshop Title: The Truth is in the Network: Reverse
Engineering Application-Layer Protocols Via PCAP
Reverse
engineering has become an increasingly important element of network
security. The ability to break a system down in order to understand its
base components and how they interact is critical to understanding not
just how the system works, but the ways it can leave your network
vulnerable. This training will provide a deep technical dive into the
network traffic of a common remote access application.
This training will be held at DEF CON 26 on Thursday, August 9, 2018 from 2:30 – 6:30 pm PDT, in Icon F, The LINQ Hotel & Casino.
For full details on Awake at Black Hat, please visit https://lp.awakesecurity.com/awake-blackhat-usa-2018
About Awake Security
Awake’s Network Detection and Response
Platform helps organizations detect and hunt for threats missed by
traditional security solutions. The company’s innovations in artificial
intelligence and advanced network traffic analysis transform security
operations by automatically detecting attackers’ evolving tactics,
techniques and procedures, including non-malware activity. The platform
continuously discovers and scores entities based on risk by profiling
network traffic to learn and analyze the behaviors of managed and
unmanaged users, devices and applications as well as the external
destinations they interact with. All of this is done without relying on
agents, integrations, training periods or continuous model updates.
Recognized as one of the top 10 security innovators at the RSA Conference 2018, Awake is headquartered in Sunnyvale, CA and backed by Greylock Partners and Bain Capital Ventures. Learn more at https://www.awakesecurity.com and follow Awake on Twitter (https://twitter.com/awakesecurity), LinkedIn (https://www.linkedin.com/company/awake-security) and Facebook (https://www.facebook.com/AwakeSecurity/).
1 “Gartner Top Technologies for Security in 2017,” July 5, 2017