Speaking in Vegas: DEF CON 26 & Black Hat USA 2018

Jul 17, 2018 9:30:00 AM |


Social Share:

1_45DebOnKRL2vQscyPGrjhQShot by Wesley McGrew in Las Vegas in 2017

The most important gathering of hackers and security professionals each year is held in the dry heat of Las Vegas’ summer. It started in 1992 with DEF CON, and has grown into a week-long series of concurrent and complementary conferences, meetings, parties, and events where information security researchers share their latest findings, practitioners network, and IT staff attend to learn about protecting their own companies’ networks. The original conference of the set, DEF CON, remains cash-only at the door—no ID required—allowing both security professionals and the hacking underground to meet with no pretense to break bread and exchange ideas. More than a little actual hacking goes on, as well.

This year will be my eighth year with a speaker badge at DEF CON, and fourth year speaking at Black Hat USA. Each year, I look forward to sharing my work with peer practitioners in penetration testing. This time around, I’m going to be very busy. I’m giving a talk at both Black Hat USA and DEF CON, as well as teaching a workshop at DEF CON!

1_LTHzpMWb505u_mDRZC4PiAShot by Wesley McGrew in Las Vegas in 2017

Talk Preview

I have spent some time with containerization technology over the past years building internal-use tools for HORNE Cyber, and have seen several of our clients move to container technologies, such as Docker, to build and deploy applications. Unlike traditional virtualization, where the hardware of a complete system is emulated for each virtual machine, containerization allows for much more dynamic and lightweight division of resources by sharing an operating system kernel across containers. There is an entire ecosystem of pre-built Docker container images for various applications and software development frameworks, allowing development teams to easily develop new applications for businesses that leverage multiple containers like building blocks. These applications are easy to deploy and scale locally or to various cloud providers. Because of this, multi-container applications are rapidly increasing in popularity among developers.

As Director of Cyber Operations, I’m also very interested in how our teams of penetration testers and application security experts can attack applications that have been built using containerization. I have put together an introductory talk for offense-oriented professionals, “An Attacker Looks at Docker: Approaching Multi-Container Applications”, that will be presented at Black Hat USA 2018 (Thursday, August 9) and DEF CON 26 (Friday, August 10). I’m looking forward to sharing our findings and getting practitioners in this field comfortable with identifying, exploiting, and moving around inside multi-container applications during their penetration testing and red teaming engagements. A whitepaper will be released concurrent with the talk, and a video recording will be made available to the public eventually, as well.

DEF CON 26 Abstract: https://defcon.org/html/defcon-26/dc-26-speakers.html#McGrew

Black Hat USA 2018 Abstract: https://www.blackhat.com/us-18/briefings/schedule/index.html#an-attacker-looks-at-docker-approaching-multi-container-applications-9975

1_S_7ZBXWOJhpwJSu13S33cgShot by Wesley McGrew in Las Vegas in 2017

Workshop Preview

I will also be teaching an updated version of our “Penetration Testing in Hostile Environments: Client and Tester Security” workshop, alongside our Director of Cyber Intelligence, Kendall Blaylock, at DEF CON 26 on Friday, August 10th. This four-hour workshop combines lecture and hands-on exercises to teach penetration testing practitioners how to employ operational security practices on engagements to prevent the exposure of sensitive client data to third-parties. Many penetration testing and red teaming software and hardware tools have vulnerabilities in them, leaving testers and their clients vulnerable to attack and exposure. In this workshop, we discuss ways to mitigate these risks. We’ve updated this training to integrate containerization into the exercises and discussion. This streamlines the exercises and gives penetration testers some experience with the technology.

Registration for this workshop filled within seconds of opening, but if you’d like for us to provide this training at a private event, don’t hesitate to get in touch.

DEF CON 26 Workshop Abstract: https://www.defcon.org/html/defcon-26/dc-26-workshops.html#mcgrew

I am looking forward to spending a week in Vegas with my fellow hackers, and sharing my notes on this blog when I return! If you’re heading out there as well, get in touch and we’ll get together.

Be sure to follow my personal twitter account, @McGrewSecurity, for updates while I’m in Vegas!

1__sfvoNkbyo-qNq0xr9Knvw Shot by Wesley McGrew in Las Vegas in 2017