BlackHat USA 2010 - Talk Selection

Here is the selection of talks I'll be looking forward to seeing. I won't be there in person, so don't worry if you can't seem to find me. One recurring compliant I have with black hat is that small focus on web application security. However, if you are looking to completely focus on web app sec, then you should be attending the OWASP conferences anyway.

Day 1 - 1115-1230 Val Smith, Colin Ames & Anthony Lai:
Balancing the Pwn Trade Deficit

Day 1 - 1345-1500 Neil Daswani:
mod_antimalware: A Novel Apache Module for Containing web-based Malware Infections

Day 1 - 1515 - 1630 Arshan Dabirsiaghi:
JavaSnoop: How to Hack Anything Written in Java

• I've previewed this tool and it looks awesome. Make sure to check this out.

Day 1 - 1645 - 1800 Alex Hutton, Allison Miller:
Ushering in the Post-GRC World: Applied Threat Modeling

• Probably not going to be earth shattering, but if you aren't doing threat modeling then you should see this and get your act together.

Day 2 - 1000 - 1100 Nathan Hamiel, Marcin Wielgoszewski:
Constricting the Web: Offensive Python for Web Hackers

Day 2 - 1115 - 1230 Robert Hansen, Josh Sokol:
HTTPS Can Byte Me

• Good 'ole HTTPS. Its fun to track the problems.  Also check out these resources. OWASP TLS Cheat Sheet and my Thotcon presentation on SSL

-Michael Coates