Forwarded from: B.K. DeLong <firstname.lastname@example.org> For Immediate Release Contacts B.K. DeLong email@example.com +1.617.877.3271 BLACK HAT WINDOWS SECURITY BRIEFINGS 2002 KEYNOTES INCLUDE NSA CHIEF AND DIRECTOR OF STANFORD LAW SCHOOL TECHNOLOGY CENTER NSA System and Network Attack Center (SNAC) Chief Tony Sager & Clinical Director of Stanford Law School's Center for Internet and Society, Jennifer Granick http://www.blackhat.com/ -- Black Hat Inc. today announced the keynote speakers for February's Black Hat Windows Security Briefings and Training 2002, the annual conference and workshop designed to help computer professionals better understand the security risks to their Microsoft Windows systems and information infrastructures by potential threats. Speaker presentations will cover Protocol Attacks, Voice-over-IP, Oracle vulnerabilities, Windows Group Policy, and NTLMv2 Authentication as well as General Windows Exploits, Data Recovery, Incident Investigation & Response, and Better Protection Practices. There is also a special focus on Microsoft SQL vulnerabilities and how to both exploit and fix them. Black Hat Windows will be held at the Radisson Hotel in the heart of New Orleans, 5 through 8 February, 2002. Top-notch speakers will deliver to the conference's core audience of IT & network security experts, consultants and administrators the newest developments on the security problems and vital issues facing organizations using Windows-centric networks. "The intense sessions of Black Hat Briefings bring to light the Windows security and misconfiguration problems confronting organizations and their network administrators. It is a common problem that security gets put off in lieu of constant network growth and upgrades," says Jeff Moss, founder of Black Hat Inc. "Our speakers discuss the strategies involved in correcting existing problems and inform attendees on upcoming issues, preparing them for the future." The keynote speakers for this year's Black Hat Windows Security Briefings include: -- Tony Sager, NSA System and Network Attack Center (SNAC/C4) Chief, part of the Information Assurance Directorate of the National Security Agency (NSA). During his 24 years with NSA, he has served in a variety of technical and management positions, spanning computer security, cryptography, software analysis, and network security. His Center produces the NSA Security Recommendation Guides to Windows 2000, the first of several security products they have released to the public. Tony is also actively involved with a number of community-wide public activities in network security. He has degrees in Mathematics and Computer Science, and dabbles as a PC hobbyist, struggling to protect his home LAN from bad guys and three adventurous adolescent users. -- Jennifer Stisa Granick is a Lecturer in Law and Director of the Litigation Clinic at Stanford Law School's Center for Internet and Society. Ms. Granick's work focuses on the interaction of free speech, privacy, computer security, law and technology. She is on the Board of Directors of the Honeynet Project, a computer security research group, and has spoken at the National Security Agency, to law enforcement officials and to computer security professionals from the public and private sectors in the United States and abroad. Before joining Stanford Law School, Ms. Granick practiced criminal defense of unauthorized access, trade secret theft and email interception cases nationally. She has published articles on wiretap laws, workplace privacy and trademark law. Other Black Hat Windows Security 2002 speakers include: -- Thomas W Shinder, M.D. trainer, writer and consultant. Shinder is a 10-year computing industry veteran who's worked for Fortune 500 companies and has written or contributed to over 20 Windows 2000 related books. He was a Series Editor of the Syngress/Osborne Series of Windows 2000 Certification Study Guides. He is also the author of the best selling book "Configuring ISA Server 2000: Building Firewalls with Windows 2000". Shinder will be giving a presentation with Microsoft's Jim Harrison on "Deploying and Securing Microsoft Internet Security and Acceleration Server" and will be signing some of his books after the talk. -- Laura Robinson, Independent Consultant and Trainer. Robison is a Microsoft Certified Trainer and Systems Engineer on both NT and Windows 2000; a Certified Lotus Professional Systems Administrator, Application Developer and Instructor; and an instructor for Real World Security's @ctive Defense education series. She will be speaking on "The Devil Inside: Planning Security in Active Directory Design". -- Timothy Mullen, CIO and Chief Software architect, AnchorIS.Com. AnchorIS.com is a developer of secure enterprise-based accounting solutions. Mullen is also a columnist for Security Focus' Microsoft Focus section, and a regular contributor of InFocus technical articles. He will be giving a presentation about "Web Vulnerability and SQL Injection Countermeasures: Securing Your Servers From the Most Insidious of Attacks" -- David Litchfield, Managing Director & Co-Founder, Next Generation Security Software. Known as the UK's NT Guru by ZDNet, David is a world-renowned security expert specializing in Windows NT and Internet security. His discovery and remediation of over 100 major vulnerabilities in products such as Microsoft's Internet Information Server and Oracle's Application Server have lead to the tightening of sites around the world. Litchfield will be looking into "Oracle Vulnerabilities". -- Halvar Flake, Reverse Engineer, Black Hat Consulting. Originating in the fields of copy protection and digital rights management, Flake gravitated more and more towards network security. Over time he realized that constructive copy protection is more or less fighting windmills. After writing his first few exploits he was hooked and realized that reverse engineering experience is a very handy asset when dealing with COTS software. With extensive experience in reverse engineering, network security, penetration testing and exploit development he recently joined BlackHat as their primary reverse engineer. Flake will be exposing "Third Generation Exploits on NT/Win2k Platforms". -- JD Glaser, Security Consultant for Foundstone. Glaser specializes in Windows NT system software development and COM/DCOM application development. His most recent achievement was the successful formation of NT OBJECTives, Inc., a software company exclusively centered on building NT security tools. He will be speaking about "One-Way SQL Hacking: Futility of Firewalls in Web Hacking". -- FX, leader of the German Phenoelit group and a Security Solution Consultant at n.runs GmbH. He will be covering "Routing and Tunneling Protocol Attacks". -- Eric Schultze, Senior Technologist, Microsoft Security Strategies Group. Schultze has memorized every security hotfix ever released by Microsoft in a security bulletin. In his spare time, he maintains the Microsoft hotfix XML database and designs new features for HFNetChk. Eric is a former Founder of Foundstone, co-creator of the Extreme/Ultimate Hacking training classes, and technical editor for the Hacking Exposed: Windows 2000 book. Schultze will tell attendees "How to keep up with all those frickin security patches". New tools being released at BlackHat include: -- White Hat Arsenal, the next generation of professional Web security audit software from Jeremiah Grossman of WhiteHat Security, Inc. -- SQLPing 2.0, a tool from Chip Andrews and sqlsecurity.com that reveals detailed server information and sends discovery packets to entire networks for mass interrogation. Black Hat Inc. will also conduct computer security training for several different topics the two days prior to the briefings - 5 through 6 February. Subjects include: -- Advanced Scanning with ICMP -- Auditing Binaries: Reverse Engineering Windows 2000 -- Complete Windows 2000 Security -- NT Network and Web Intrusion Detection Workshop -- Secure Development of Data-Driven Web Applications -- NSA InfoSec Assessment Methodology Course -- Foundstone's Ultimate Hacking: Black Hat Edition The instructors for the training segment of this year's Black Hat are some of the top experts in their field and are fully active in the computer security community. You won't find most of these speakers anywhere else and these handpicked security gurus will train participants in understanding the real threats to any network and how to keep them from being exploited. Other special features of this year's Black Hat Windows Security conference include that the dates are just after the Super Bowl XXXVI being held at the nearby Louisiana Superdome two days before the show, and in the days following the conference, attendees can experience New Orleans' Mardi Gras -- where the main parade goes right past the hotel. Attendees will also have access to a wireless network during the show. To register for BlackHat Briefings, visit the Web site at http://www.blackhat.com or register at the conference. Direct any conference-related questions to firstname.lastname@example.org. For press registration, contact B.K. DeLong at +1.617.877.3271 or via email at email@example.com. About Black Hat Inc. Black Hat Inc. was originally founded in 1997 by Jeff Moss to fill the need for computer security professionals to better understand the security risks and potential threats to their information infrastructures and computer systems. Black Hat accomplishes this by assembling a group of vendor-neutral security professionals and having them speak candidly about the problems businesses face and their solutions to those problems. Black Hat Inc. produces 5 briefing & training events a year on 3 different continents. Speakers and attendees travel from all over the world to meet and share in the latest advances in computer security. For more information, visit their Web site at http://www.blackhat.com ### -- B.K. DeLong Press Coordinator Black Hat Briefings +1.617.877.3271 firstname.lastname@example.org http://www.blackhat.com - ISN is currently hosted by Attrition.org To unsubscribe email email@example.com with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Feb 01 2002 - 06:05:36 PST