Black Hat DC 2010 //sponsors
Hyatt Regency Crystal City • Jan 31 - Feb 3
Platinum Sponsor
Novell offers a compelling set of security management tools. Novell* Sentinel* is an award winning SIEM tool that enables organizations to meet compliance goals and harden their IT environment. Sentinel automates incident identification and resolution based on built-in business rules. With Sentinel*, IT administrators can monitor and track the status of violations and remediation actions, and can quickly identify new trends or attacks across the extended enterprise using virtually any data source.
To simplify compliance with PCI-DSS, Sarbanes-Oxley and other regulations, Novell* Sentinel* Log Manager enables you to collect, store, analyze and manage data logs from all across your enterprise. It is a powerful log management solution that lights a clear path to complete, real-time security information and event management.
Follow us on Twitter: @novellsentinel
Palantir is the industry-leading software platform for data analytics. Our enterprise analytic platform ensures a secure collaborative environment where users can ingest structured and unstructured data. Inside the platform, analysts perform link analysis, query broader networks around specific entities, search across massive data repositories, and disseminate new knowledge to the enterprise in an intuitive and seamless manner. Exporting this knowledge into the Palantir XML format puts previously disorganized data points into a structured format, where a Palantir investigation can port to other programs or other Palantir instances.
Gold Sponsors
ArcSight (NASDAQ:ARST) is a leading global provider of compliance and security management solutions that protect enterprises and government agencies. ArcSight helps customers comply with corporate and regulatory policy, safeguard their assets and processes, and control risk. The ArcSight platform collects and correlates user activity and event data across the enterprise so that businesses can rapidly identify, prioritize, and respond to compliance violations, policy breaches, cybersecurity attacks, and insider threats. For more information, visit www.arcsight.com.
Berico Technologies provides analytical and information technology/software development services to the U.S. Government and the private sector in support of high-visibility, complex projects. Berico’s mission is to provide top quality, innovative solutions to the toughest national security challenges through a combination of tailored products and services.
Berico Technologies is actively seeking Full Scope Poly cleared C/C++ and Java Developers in the DC/NOVA/MD area with expert knowledge in the fields of R&D, reverse engineering, malware analysis and embedded development. We are looking for team members who are passionate about learning new technologies and further developing their technical skill set to support our cutting-edge projects for the Intelligence and Defense communities.
Berico Technologies offers an extremely competitive compensation package which includes:
- Employer paid Healthcare premiums and deductibles
- Employer Paid Tuition (relevant to job)
- Employer paid Training Allowance (5K a year)
- Book Allowance ($500 a year)
- 401k plus 4% Matching (fully vested from day 1!)
- MSDN License
To learn more about Berico Technologies and our specific career opportunities, please email abe@bericotechnologies.com or visit our website at http://www.bericotechnologies.com.
***Do you know someone who would be a perfect fit with Berico Technologies? For every Full Scope Poly Cleared candidate you refer that Berico hires, we will pay you $2,000!!!
Core Security Technologies is the leader in commercial-grade penetration testing software solutions that IT executives rely on to expose vulnerabilities, measure operational risk, and assure security effectiveness. The company’s CORE IMPACT product family offers a comprehensive approach to assessing the security of network systems, endpoint systems, email users, web applications and wireless networks against complex threats.
Fortify® Software is the leader in the category of Software Security Assurance. We provide unique security solutions that protect government agencies from today’s greatest security risk: the software that runs their agencies.
Government organizations throughout the US and across the globe are experiencing dramatic increases in the quantity and sophistication of cyber crime attacks. The hackers include foreign governments, organized crime, and even individuals. As a result of the recent increase, several compliance regulations, such as FISMA, have been developed to help government agencies understand what steps need to be taken. However most agencies find they must go beyond FISMA to ensure they are protecting the software that runs their agencies and the securing their confidential data.
Fortify offers a comprehensive suite of solutions, which enables an agency to conduct static analysis of an application’s source code, dynamic analysis of a running application, and real time monitoring and protection for a deployed application. No other company offers all three of these solutions in one integrated platform. Fortify is trusted by more government agencies than any other application security company and is leading the industry in vulnerability research, tool development, and deployment practices.
Harris Corporation's Crucial Security Programs supports national security programs for the United States Government. Our engineers and scientists possess unique skills, direct experience, and subject matter expertise in the intelligence collection, processing, and analysis domains.
Past performance includes: offensive and defensive computer security, research and development, wireless engineering, penetration testing, computer forensics, reverse engineering of malware, very large databases, bulk data loading, network engineering, security architecture, OPSEC, COMSEC, secure operations centers, and data visualization.
Crucial Security Programs is developing advanced digital media exploitation technologies that enable reductions in processing time, greater processing efficiency, and faster access to actionable intelligence. We have over nine years of experience engineering and managing automated solutions for media exploitation on a large scale and provide continuing support to government customers in this and related IA/IO areas. Crucial Security works in a results-oriented partnership with our customers—making their mission, our mission.
Intel SOA Expressway
SOA Expressway is a gateway soft-appliance deployed to address common XML and SOA problem areas such as acceleration, security, service mediation and runtime service governance. SOA Expressway is available for any organization deploying services (SOA), hosted services (SaaS) or Web 2.0 (RIA). Available for standard operating systems such as Windows and Linux and requires no special custom hardware other than standard OEM servers.
For DoD of federal deployments, SOA Expressway can be deployed as a tamper proof hardware appliance with external crypto processing delivered by a Hardware Security Module. SOA expressway has the certifications, performance benchmarks, and scalability demanded by federal high assurance deployments.
SOA Expressway delivers:
- Service Governance: Runtime governance for enforcing service policies & reporting
- Security Features: Security proxy, services firewall, AAA, TLS, trust mediation, & core XML IP
- Performance: Best-in-class wire speed acceleration
- Service Mediation: Sophisticated service mediation with non-XML data handling
- Software Appliance: Appliance manageability with software extensibility
For more information, visit: www.comparedatapower.com
Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Headquartered in Seattle, WA, with locations around the world, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, router, aerospace, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts the likes of Dan Kaminsky, Ilja van Sprundel, Mike Davis, Tiller Beauchamp, Ward Spangenberg, and Wes Brown—talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, Shakacon, BlueHat, CanSec, and WhatTheHack.
With the majority of IOActive’s customers ranked in the top 30% of the Fortune 500, IOActive is positioned and well experienced to handle a variety of security needs. IOActive has:
- Worked on IT disaster recovery and business continuity planning for major insurance companies, state organizations, and energy companies
- Developed and delivered secure application development programs based upon OWASP's top ten vulnerabilities, and application and network threat modeling methodologies to major software and telecommunication companies
- Helped various Fortune 500 organizations with services ranging from enterprise risk management to independent technical validations of security hardware and a wide range of applications
Johns Hopkins Engineering for Professionals (EP) offers part-time graduate degree and certificate programs that enable working professionals to advance their skills, knowledge, and value.
In today's world, the need to protect an organization's information and operating systems from attack is of critical importance. Johns Hopkins University's Master of Science in Information Assurance provides students with the technical foundations and applied knowledge necessary to defend information assets from technically sophisticated adversaries.
EP faculty, students, alumni, and partners form a community of experts that prepares students to become leaders in technology and innovation and to apply that expertise to their organizations’ success. Classes held on weekday evenings and Saturdays, at eight campuses within the Baltimore/Washington, D.C. corridor, and online. With more than 2,700 enrolled students and over 400 faculty members from the JHU Whiting School of Engineering, the JHU Applied Physics Laboratory, and many private and government organizations, Johns Hopkins Engineering for Professionals is the largest part-time graduate engineering program in the country.
LogLogic® is the leader in log and security management solutions. Supported by more than 200 partners and trusted by more than 1,000 customers worldwide, LogLogic solutions provide visibility and control to any IT infrastructure so that organizations can significantly improve security, compliance and network performance. LogLogic's open log management platform enables customers to collect, search, and store massive amounts of IT log data for a comprehensive fingerprint of activity. LogLogic’s business applications correlate user activities and event data in real-time for an integrated approach to security event management, database security management, security change management and compliance management, resulting in improved accountability and lower costs for any organization.
Lookingglass delivers industry’s first Global Cyber Situational Awareness network intelligence platform, offering a real-time virtual, physical and contextual view of the global Internet extending into the enterprise. Lookingglass’ core product, ScoutVision™, helps emergency responders predict and monitor impacts to the Internet and critical communications infrastructure during cyber attacks or network outages, physical terror attacks, natural disasters, and other destructive catastrophes.
It all started with a few questions:
- "What is the next generation security platform?"
- "How can customers achieve the ‘comprehensive cyber situational awareness’ ideal?"
- "Where does the enterprise boundary end?"
- "How vulnerable is the Internet and each one of us who depends on it?"
The Lookingglass team set out to answer these questions. In the process, Lookingglass developed a solution that will change the way cyber professionals view, analyze and act on Internet activity. ScoutVisionTM offers features delivered in modules unique to Enterprise Security Management, Critical Infrastructure Protection, Cyber Defense, Cyber Intelligence, and Investigative Analysis applications.
ScoutVision™ provides a dynamic view of the world’s enterprise and Internet activity. By fusing data from various proprietary sources and partnerships, ScoutVision™ is the only solution that provides analysis and visualization of logical (IP routing), physical (geo-location) and transit medium (fiber, satellite) topology. Features include:
- Advanced Monitoring and Visualization
- Internet / Enterprise Routing and Infrastructure Analytics
- Malicious Activity and IP Threat Intelligence
- Geo-Selection and Cyber Dashboard
- Collaboration, Alerts, and Warnings
Download our white papers on Network Analysis 2.0 at www.lgscout.com/knowledge-center. Twitter handle: ScoutVision.
Microsoft is proud to be a continuing sponsor of the Black Hat Security conference. We appreciate Black Hat providing a unique forum in which security researchers from all over the world, IT Pros and industry luminaries can gather to share insights, knowledge and information to advance security research.
Microsoft remains dedicated to software security and privacy and continues to collaborate with the community of people and technology organizations helping to protect customers and the broader ecosystem, Microsoft is also dedicated to software security and privacy.
Since the onset of Trustworthy Computing we have fostered a culture of security within Microsoft that includes developing secure code, building strong relationships with industry researchers and partners, and providing guidance to help protect customers. We would like to thank all of the customers, partners and security researchers who have worked with us to advance the state of the art in security science. Only by working together with partners, researchers and the community can we all ensure the advancement and success of the technology industry.
netForensics security information and event management solutions enable organizations of all sizes to rapidly identify and respond to threats and adhere to ever-changing compliance regulations. Our software and appliance products collect and centralize volumes of event log data to deliver accurate, actionable, real-time security intelligence. netForensics offers its award-winning nFX Cinxi One, recognized for its ease of deployment and management, and the industry’s only solution that combines security information management (SIM) and log management on one appliance. For over a decade, our nFX SIM One software solution has helped enterprises, managed service providers, and government agencies around the world to manage risk, protect their assets, and maintain compliant operations. For more information visit: http://www.netforensics.com
NetWitness® Corporation is the world leader in network forensics and automated threat intelligence solutions, helping government and commercial organizations discover, prioritize and remediate complex IT risks. NetWitness solutions concurrently solve a wide variety of information security problems including: advanced persistent threat management; sensitive data discovery and advanced data leakage detection; malware activity discovery; insider threat management; policy and controls verification and e-discovery. Originally developed for the US Intelligence Community, NetWitness has evolved to provide enterprises around the world with breakthrough methods of network content analysis and host-based risk discovery and prioritization. NetWitness customers include Defense, National Law Enforcement and Intelligence Agencies, Top US and European Banks, Critical Infrastructure, and Global 1000 organizations. NetWitness has offices in the U.S. and the U.K. and partners throughout North and South America Europe, the Middle East, and Asia.
To download the freeware version of NetWitness Investigator, visit http://download.netwitness.com. For more information about securing your entire organization with NetWitness NextGen, contact: sales@netwitness.com. Twitter handle: NetWitness.
NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure. NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit nww.nitrosecurity.com
Pico Computing offers scalable, FPGA-based platforms for embedded and high performance computing. Customer applications include cryptography, signal and video processing, DSP, bioinformatics and financial computing.
We specialize in highly integrated computing platforms based on Field Programmable Gate Array (FPGA) technologies. We offer standard and custom products, and we provide consulting and engineering services. We are the experts in FPGA-accelerated algorithms for data security.
Pico Computing E-Series cards are designed to be easy to use, fast to deploy, and scalable. Use a single E-Series card for rapid algorithm prototyping. Deploy your application as an embedded system, or scale to multiple FPGAs using an SC-Series FPGA cluster.
Pico EX-Series boards offer high performance for the most demanding data security applications. Deploy multiple EX-Series boards in a rack-mounted cluster for truly amazing levels of password cracking performance. Our latest FPGA computing board, the Pico EX-500, can be equipped with up to 12 Xilinx FPGAs on a single, 16-lane PCI Express card. Up to 11 EX-500 cards can be installed in a standard 4U rack mounted chassis.
Pico Computing is headquartered in Seattle, Washington and has customers worldwide. For more information or to request a free Data Security White Paper, visit www.picocomputing.com.
Qualys, Inc. is the leading provider of on demand IT security risk and compliance management solutions – delivered as a service. Qualys’ Software-as-a-Service solutions are deployed in a matter of hours anywhere in the world, providing customers an immediate and continuous view of their security and compliance postures.
The QualysGuard® service is used today by more than 4,000 organizations in 85 countries, including 40 of the Fortune Global 100 and performs more than 200 million IP audits per year. Qualys has the largest vulnerability management deployment in the world at a Fortune Global 50 company.
Qualys has established strategic agreements with leading managed service providers and consulting organizations including BT, Etisalat, Fujitsu, IBM, I(TS)2, LAC, NTT, SecureWorks, Symantec, Tata Communications and TELUS.
RedSeal security posture management software enables organizations to continuously and accurately assess and strengthen their cyber-defenses. Unlike systems that detect attacks once they occur, RedSeal identifies security holes before hackers discover them. RedSeal delivers actionable steps for risk remediation and continuous compliance with regulations such as PCI, FISMA, and SOX.
RedSeal Network Advisor is automated security posture management software for network security. Every day, it gathers the configurations of all your network devices: firewalls, routers, load balancers, and more. It analyzes how the rules on all of these devices work together to defend business assets on your network. RedSeal validates this access control against both regulations and your own security policies to quickly identify mistakes and oversights that create potential attack paths. The result: you get the security you expected when you invested in your network devices in the first place.
RedSeal Vulnerability Advisor transforms scanning into actionable vulnerability management. Tightly integrated with and leveraging RedSeal Network Advisor’s network analysis, Vulnerability Advisor combines access information with your vulnerability scans. It identifies vulnerabilities that are exposed to un-trusted networks and those that are protected to generate a prioritized list of the vulnerabilities that pose the greatest business risk. Finally, RedSeal identifies gaps in your scanning so you know where to extend coverage to be secure.
Research In Motion Limited is a leading designer, manufacturer, and marketer of innovative wireless solutions for the worldwide mobile communications market. Through the development of integrated hardware, software, and services that support multiple wireless network standards, RIM provides platforms and solutions for seamless access to time-sensitive information including email, phone, SMS messaging, Internet and intranet-based applications. RIM technology also enables a broad array of third-party developers and manufacturers to enhance their products and services with wireless connectivity to data. RIM’s portfolio of award-winning products, services, and embedded technologies are used by thousands of organizations around the world and include the BlackBerry® wireless platform, the RIM Wireless Handheld™ product line, software development tools, radio-modems, and software/hardware licensing agreements. Founded in 1984 and based in Waterloo, Ontario, RIM operates offices in North America, Europe, and Asia Pacific.
For more information, visit www.rim.com or www.blackberry.com.
Rovi Corporation delivers technology solutions that enable consumers to intuitively connect and discover to new entertainment content from many sources and locations. The company provides industry leading interactive media and program guides; a catalog of entertainment metadata; advanced media recognition solutions and industry standard networking technologies for the discovery of new media. These solutions are deployed by companies working to create a more cohesive entertainment experience for the consumers. More information about Rovi can be found at www.rovicorp.com.
Rsignia, Inc. is the industry leader in providing network security, protection, and digital assets monitoring and management. Through superior engineering, we provide custom solutions that address new and emerging security issues including lawful intercept and data forensics. We take a full large scale systemic architecture approach, with full understanding of front end data acquisition, to signal processing, storage, record and session replay, to real-time analysis, post replay, to threat detection methods, as well as implementing required data center necessities such as power and cooling; a comprehensive solution which fit your specific needs and requirements.
SAINT Corporation, a global leader in network security, offers the first integrated vulnerability assessment and penetration testing. Examine your network with the SAINT vulnerability scanner, and expose where an attacker could breach your network. Go to a higher level of visibility with the SAINTexploit™ penetration testing tool and exploit the vulnerability to prove its existence without a doubt. The SAINT scanner and penetration testing tools are fully integrated within the same interface, making it easy to determine where to begin remediation—with the exploitable vulnerabilities found by the scanner.
WebSAINT, the online SaaS (Software as a Service) vulnerability scanner is ideal for organizations that need to perform vulnerability scans or meet PCI ASV third party quarterly scanning requirements. WebSAINT Pro, is the online SaaS solution that includes vulnerability scanning, penetration testing, and Web application scanning along with the full functionality of the award winning SAINT scanner and exploit technology.
SAINT provides support to the Security Content Automation Protocol (SCAP) specification as an Unauthenticated Vulnerability Scanner and Authenticated Vulnerability and Patch Scanner. SAINT SCAP supports includes OVAL, CPE and CVE enumeration, and CVSS scoring.
SAINT can help to –
- Manage and reduce security risks to your network
- Document compliance with government and industry regulations like PCI, HIPAA, SOX, FISMA, and with internal policies
- Emulate potential attackers with the suite of exploit tools.
For more information, visit www.saintcorporation.com, call 1(800) 596-2006 x0119 or send a message to sales@saintcorporation.com.
SecureWorks is a market leading provider of world-class information security services with over 2,600 clients worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, including more than ten percent of the Fortune 500, rely on SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong client service, award-winning security technology and experienced security professionals makes SecureWorks the premier provider of information security services for any organization. Positioned in the Leader’s Quadrant of Gartner’s Magic Quadrant for MSSPs, SecureWorks has also won SC Magazine's "Best Managed Security Service" award for 2006, 2007, 2008 & 2009 and has been named to the Inc. 500, Inc. 5000 and the Deloitte lists of fastest-growing companies.
Solera Networks develops high-speed active network forensics solutions for both physical and virtual networks. These solutions are unmatched in speed and scalability—capturing, indexing, searching, and replaying all network traffic, even in 10Gb environments. The Solera Networks architecture provides open platform interoperability, extensible storage, and portability. These capabilities enable security professionals to quickly identify the source of any attack, remediate, and fortify against further risk.
Using their groundbreaking technology, Solera Networks also provides a suite of lossless traffic capture, index, storage and search products that can be used to strengthen Cybersecurity:
- Solera DS™ Capture Appliances – Full network capture (both packet header and payload), up to 10Gbps with onboard storage up to 16TB
- DS SAN – Add to Solera DS Appliances to expand and scale to any storage need.
- Solera DeepSee™ Forensics Suite – Complete indexing of all captured traffic and web-like searching for instant artifact reconstruction and replay of any network event. The suite includes DeepSee Reports™, DeepSee Search™ and DeepSee Sonar.™
- Solera Virtual Appliance – The only virtual capture appliance in the market that provides full capture, indexing, and replay for complete visibility within virtual environments.
- Solera APIs – Solera Networks offers REST-based APIs to allow third-party network analysis tool providers to directly integrate into Solera DS capture and network forensics appliances. With the REST APIs, these tools can make direct calls to the Solera DS file system and interface to provide full context to any security event.
Splunk was born from our founders’ frustration in managing and securing some of the world's largest IT infrastructures. Armed with state-of-the-art IT tools, they found it nearly impossible to locate the root cause of problems, investigate security attacks and assemble all the data required for compliance audits. Their conclusion: the silo approach to managing IT, with separate tools for every technology and IT function, was cumbersome, costly and didn't scale.
So, they founded Splunk to develop a new approach. The concept is simple. If Google can index and let users instantly search billions of pages of Web content, why not do the same for the datacenter? This new approach, called IT Search, is changing the way we manage, secure and audit IT infrastructures. Using Splunk IT Search software, organizations can now search and analyze all their IT data from one place in real time.
With Splunk, they can now troubleshoot outages, investigate security incidents and demonstrate compliance in minutes, instead of hours or days. Splunk arms IT with a new level of visibility and insight to protect critical resources, increase productivity and deliver improved service quality. Download a free version of Splunk today: http://www.splunk.com/download
SRA is a leading provider of information technology and strategic consulting services for government organizations serving the national security, civil government and global health markets. A trusted leader in cyber security, SRA operates some of the largest security operations centers within the U.S. federal government. Through SRA One Vault™ – our end-to-end cyber security solution suite – combine leading-edge technologies, proven methodologies and multi-disciplined cyber expertise to provide our clients with a proactive approach that enables them to stay ahead of today’s most sophisticated cyber threats while minimizing the gap to exposure. SRA One Vault...Intelligent Cyber Security.
StillSecure delivers comprehensive network security that protects organizations from the perimeter to the endpoint. Offering both products and managed security services, StillSecure enables customers to affordably deploy the optimal blend of technologies for locking down their assets and complying with security policies and regulations. StillSecure customers range from mid-market companies to the world’s largest enterprises and agencies in government, financial services, healthcare, education and technology. For more information please call (303)381-3830 or visit http://www.stillsecure.com
TippingPoint provides security solutions that secure next-generation data centers for enterprises, government agencies, service providers and academic institutions. TippingPoint’s modern network security platform and intrusion prevention system (IPS) can be rapidly deployed, providing immediate protection at critical entry and isolation points in the network. With TippingPoint, data centers remains protected through network security filters continually updated by Digital Vaccine® Labs (DVLabs), TippingPoint’s cutting-edge team of top security researchers. TippingPoint solutions automate most security functions, freeing organizations from the growing associated cost burden and helping security executives drive to zero administration.
Trustwave is the leading provider of on-demand and subscription-based information security and compliance management solutions to businesses and government entities throughout the world. Trustwave has helped thousands of organizations ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers manage compliance and secure their network infrastructure, data communications and critical information assets.
SpiderLabs is Trustwave's advanced security team responsible for incident response & forensics, penetration testing and application security for Trustwave's clients. In addition, the team provides intelligence and research to enhance Trustwave's product and service offerings through real-world experience. SpiderLabs has responded to hundreds of security incidents, performed thousands of penetration tests, and security tested hundreds of business applications for the organizations ranging from the largest companies in the world to nimble startups. Members of SpiderLabs are frequently asked to speak at security conferences around the world including Black Hat, DEFCON, OWASP, SANS, SecTor, ShmooCon, SOURCE, ToorCon, and YSTS.
Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia.