Locknote: Conclusions and Key Takeaways from Day 2

Presented at Black Hat USA 2020 Virtual, Aug. 6, 2020, 3:30 p.m. (30 minutes)

<p>At the end of day two of this year's virtual conference, join Black Hat Review Board members Rodrigo Rubira Branco, Aanchal Gupta, Kymberlee Price, and Stefano Zanero for an insightful conversation on the most pressing issues facing the InfoSec community. This Locknote will feature a candid discussion on the key takeaways from day two and how these trends will impact future InfoSec strategies.</p>

Presenters:

  • Rodrigo Rubira Branco - Senior Principal Engineer, Amazon Web Services
    <span>Rodrigo Rubira Branco (BSDaemon) works as Senior Principal Engineer at Amazon Web Services (AWS). Previously, Rodrigo was the Chief Security Researcher of Intel Corporation where he led the STORM (STrategic Offensive Research & Mitigations) team. At Intel, Rodrigo also led the Core Client and BIOS Teams. He is the Founder of the Dissect || PE Malware Analysis Project. Rodrigo held positions as Director of Vulnerability & Malware Research at Qualys and as Chief Security Research at Check Point where he founded the Vulnerability Discovery Team (VDT) and released dozens of vulnerabilities in many important software. In 2011 he was honored as one of the top contributors of Adobe. Previous to that, he worked as Senior Vulnerability Researcher in COSEINC, as Principal Security Researcher at Scanit and as Staff Software Engineer in the IBM Advanced Linux Response Team (ALRT) also working in the IBM Toolchain (Debugging) Team for the PowerPC Architecture. He is a member of the RISE Security Group and is one of the organizers of Hackers to Hackers Conference (H2HC), the oldest security research conference in Latin America. He is an active contributor to open-source projects (like ebizzy, linux kernel, others). Accepted speaker in lots of security and open-source related events as Black Hat, Hack in The Box, XCon, OLS, Defcon, Hackito, Zero Nights, PhDays, Troopers, Andsec, Ekoparty and many others. Rodrigo is also part of the committee for many security conferences, such as Black Hat USA/Europe/Asia (invited reviewer), Offensive Con, Langsec and others.</span>
  • Stefano Zanero - Associate Professor, Politecnico di Milano
    Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and cybersecurity in general. Besides teaching "Computer Security" and "Computer Forensics" at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 70 scientific papers and books. He is a Senior Member of the IEEE (for which he sits on the MGA board), the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Stefano co-founded the Italian chapter of ISSA (Information System Security Association). He has been named a Fellow of ISSA and sits in its International Board of Directors. Stefano is also a co-founder and chairman of Secure Network, a leading information security consulting firm based in Milan and in London; a co-founder of 18Months, a cloud-based ticketing solutions provider; and a co-founder of BankSealer, a startup in the FinTech sector that addresses fraud detection through machine learning techniques.
  • Aanchal Gupta - Vice President, Microsoft
    <p><span class="gmail-spellingerror">Aanchal</span><span class="gmail-normaltextrun"> Gupta is Vice President for Azure Security at Microsoft. Previously, as CISO for Novi at Facebook, she led a team responsible for assessing and mitigating security risks across Facebook's cryptocurrency initiative. </span><span class="gmail-spellingerror">Aanchal</span><span class="gmail-normaltextrun"> joined Facebook in 2016 after serving as Chief Information Security Officer at Microsoft for Skype and Skype for Business. Prior to Microsoft, </span><span class="gmail-spellingerror">Aanchal</span><span class="gmail-normaltextrun"> led Yahoo's Global Identity team, contributing to various authentication and authorization open standards such as OpenID and OAuth. </span><span class="gmail-spellingerror">Aanchal</span><span class="gmail-normaltextrun"> was named one of Business Insider's "Most powerful female engineers of 2018". She is a member of the Internet Security Research Group Board of Directors, and a fellow at the RSA (Royal Society for the encouragement of Arts, Manufactures and Commerce). She serves on technical advisory boards for security startup </span><span class="gmail-spellingerror">ThreatWatch</span><span class="gmail-normaltextrun"> Inc. </span><span class="gmail-spellingerror">Aanchal</span><span class="gmail-normaltextrun"> is passionate about building diverse teams and serves on the review board for the Grace Hopper, Enigma, and Black Hat conferences. </span></p>
  • Kymberlee Price - Security Community and Partner Engagement Programs, Microsoft
    <span class="lt-line-clampraw-line">Kymberlee Price currently leads the Microsoft Security Response Center's Community & Partner Programs organization, whose mission is to protect customers through collaboration with external industry partners. Programs under her direction include Microsoft’s bug bounty programs and security researcher engagement initiatives, Microsoft Active Protections Program, BlueHat security conferences, and OSS security response strategy. </span><br><br><span class="lt-line-clampraw-line">With 17 years' specialization in application security incident response, Ms. Price got her start by pioneering the first security researcher outreach program in the software industry at Microsoft in 2003, the very team she now leads. She was later a principal investigator in the Zotob criminal investigation and analyzed APT's at Microsoft. Leaving Microsoft in 2009 she spent 4 years investigating open source vulnerabilities in BlackBerry's Security Response Team, followed by three years directing the efforts of crowdsourced security researchers at Bugcrowd. In 2017 she returned to Microsoft and her passion for application security and open source security management. </span><br><br><span class="lt-line-clampraw-line">Kymberlee speaks regularly on vulnerability management and product incident response best practices at conferences around the world including Black Hat, Kaspersky Security Analyst Summit, RSA, Nullcon, and Metricon. She holds dual Bachelor of Science degrees in Behavioral Psychology and Public Health Education.</span>

Links:

Similar Presentations: