NetSPI, the proactive security solution, will be participating in several speaking sessions and appearances during Black Hat USA 2024 and DEF CON 32, taking place at the Mandalay Bay Expo Hall in Las Vegas from August 3 to 13.
On the heels of its June 2024 acquisition of Hubble Technology, a cyber asset attack surface management (CAASM) provider, the company will showcase The NetSPI Platform at Booth #2750 in the Mandalay Bay Convention Center. The integration of CAASM into The NetSPI Platform will enable security teams to achieve complete visibility of rapidly evolving attack surfaces and better prioritize vulnerabilities across the entire IT estate.
Come to the booth to discuss your proactive security needs and see NetSPI’s Penetration Testing as a Service (PTaaS), External Attack Surface Management (EASM), Cyber Asset Attack Surface Management (CAASM), and Breach and Attack Simulation (BAS) solutions in action. You can also book an on-site meeting with NetSPI here.
Additionally, NetSPI will host five speaking sessions during Black Hat, DEF CON, and BSides Las Vegas, the most the company has had since its inception. Talks include:
The Tale of Two ASMs: EASM and CAASM
Thursday, August 8 | 1:30-1:50 PM | Business Hall Theatre D, Mandalay Bay
NetSPI’s Chief Product Officer Vinay Anand and Chief Technical Officer Tom Parker will discuss how to improve continuous threat and exposure management (CTEM) by pairing EASM with CAASM. The duo will address the challenge of mapping a complete view of the attack surface, how EASM and CAASM work together to reduce attack surface sprawl, and tangible steps to achieve CTEM.
Beams & Light Streams: Letting Hackers Go Pew Pew, Building Affordable Light-Based Hardware Security Tooling
Thursday, August 8 | 11:20 AM-12 PM | Islander EI, Level 0
NetSPI’s Sam Beaumont, Director of Transportation, Mobility, and Cyber Physical Systems, and Larry “Patch” Trowell, Director of Hardware and Embedded Systems, join together to demonstrate how laser (or light) based hardware attacks aren’t just for nation-state actors. In fact, these attacks can be executed with a limited budget and hacker-and-maker mentality, right from home. Through inexpensive technology alternatives, Sam and Larry will unveil hardware malware, detect supply chain chip replacements, and delve into the realm of laser logic state imaging, integrating optics, laser selection, and machine learning components in their session.
GCPwn: A Pentester’s GCP Tool
Friday, August 10 | 10-10:30 AM | LVCC, West Hall Floor 1, DEF CON Cloud Village
Scott Weston, Senior Security Consultant at NetSPI, will share a new framework in Python specifically for the Google Cloud Platform, GCPwn. The overall goal is to make an up-to-date, maintained enumeration and exploit toolset for GCP pentesters, red teams, and security researchers that reduces the barrier of entry for learning GCP by allowing users to make their own modules that easily incorporate with the overall framework.
The Immortal Retrofuturism of Mainframe Computers and How to Keep Them Safe
BSides Las Vegas – Tuesday, August 6 | 2:30-2:55 PM | Proving Ground Track
DEF CON 32 – Sunday, August 11 | 10:15-10:45 AM | AppSec Village
Michelle Eggers, Security Consultant at NetSPI, will explore the pervasiveness of mainframe technology, why it will remain relevant to the future landscape of mission-critical applications, and share five trusted solutions for helping to secure these incredible computers.
Identity Theft is Not a Joke, Azure!
Saturday, August 10 | 11:10-11:50 AM | LVCC, West Hall Floor 1, DEF CON Cloud Village
Karl Fosaaen, Vice President of Research at NetSPI, will delve into the nuanced landscape of Managed Identities across multiple Azure services. He’ll explore how attackers exploit access to services with these identities to escalate privileges, move laterally, and establish persistence within Azure tenants. He’ll end the session by showcasing a tool designed to automate attacks against User-Assigned Managed Identities.
NetSPI Principal Security Consultant Tib3rius and Director of Mainframe Pentesting Phil Young will be hosting contests during DEF CON. This includes a team-based quiz show focused on man pages and software documentation (Aw, man.pages!), a cybersecurity-themed Family Feud game (Feet Feud), and a telecom-based CTF hosted on live VoIP lines routed through a modified asterisk PBX (PhreakMe).
- Aw, man.pages!: Friday, August 9 | 12-1 PM | Contest Stage
- Feet Feud: Saturday, August 10 | 7-8 PM | Tracks 3 & 4
- PhreakMe: Friday and Saturday 10 AM-6 PM; Sunday 10 AM-1 PM | Online and in-person in the contest area
You can also join NetSPI for a poolside happy hour at Mandalay Bay’s Daylight Beach Club on Thursday, August 8, from 3 to 7 PM, for food, drinks, and networking. Secure your spot today.
About NetSPI
NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most.
Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI helps security teams take a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.
By continually advancing solutions such as Penetration Testing as a Service (PTaaS), External Attack Surface Management (EASM), Cyber Asset Attack Surface Management (CAASM), and Breach and Attack Simulation (BAS), NetSPI goes beyond the noise to deliver high impact results and recommendations based on business needs, so customers can protect their priorities, perform better, and innovate with confidence.
NetSPI secures the most trusted brands on Earth, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, three of the five largest healthcare companies, four MAMAA Big Tech companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500.
NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India. Follow NetSPI on LinkedIn and X.
NetSPI Media Contacts:
Jessica Bettencourt
Inkhouse for NetSPI
NetSPI@inkhouse.com
Victoria Norris
NetSPI
Victoria.Norris@netspi.com
SOURCE NetSPI