{"id":56638,"date":"2024-07-17T16:00:00","date_gmt":"2024-07-17T16:00:00","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/connect-with-microsoft-security-at-black-hat-usa-2024\/"},"modified":"2024-07-17T16:00:00","modified_gmt":"2024-07-17T16:00:00","slug":"connect-with-microsoft-security-at-black-hat-usa-2024","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/connect-with-microsoft-security-at-black-hat-usa-2024\/","title":{"rendered":"Connect with Microsoft Security at Black Hat USA 2024\u200b\u200b"},"content":{"rendered":"

Black Hat USA 2024<\/a> is packed with timely, relevant information for today\u2019s security professionals. During the conference this August, we\u2019ll share our deep expertise in AI-first end-to-end security and extensive threat intelligence research. Join us as we present our main stage speaker Ann Johnson, Corporate Vice President and Deputy Chief Information Security Officer (CISO) of Microsoft Security, as she shares threat intelligence insights and best practices from the Office of the CISO in her conversation with Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft Threat Intelligence Center (MSTIC).  <\/p>\n

Also at Black Hat, our Microsoft AI Red Team<\/a> will be onsite holding training sessions, briefings, and panel discussions. And today, we\u2019re releasing a white paper to demonstrate the impact of red teaming<\/a> in practice when incorporated in the AI development life cycle. The paper details our innovative \u201cBreak-Fix\u201d approach to red teaming AI systems and our close collaboration with Microsoft\u2019s Phi-3 team, which allowed us to reduce the harms by 75% in Microsoft\u2019s state-of-the-art small language models.1<\/sup>   <\/p>\n

As a proud sponsor of the inaugural AI Summit at Black Hat, we\u2019re further investing in the community by sharing our learnings in both AI for Security and<\/em> Securing AI. We\u2019ll be participating in a panel discussion titled \u201cBalancing Security and Innovation\u2014Risks and Rewards in AI-Driven Cybersecurity,\u201d where we\u2019ll debate the trade-offs between innovation in AI and security risks and share strategies to foster innovation while maintaining robust security postures.  <\/p>\n

There\u2019s also a sponsored session titled \u201cMoonstone Sleet: A Deep Dive into their TTPs,\u201d presented by Greg Schloemer, Threat Intelligence Analyst at Microsoft, that takes a deep dive into cyber threat actors associated with the Democratic People\u2019s Republic of Korea (DPRK), as well as educational and engaging theater sessions in our Microsoft booth #1240<\/strong>. With a ton of critical security content to catch\u2014all detailed below\u2014we hope you\u2019ll make time to connect with us at Black Hat 2024. <\/p>\n

Plan your schedule with our standout sessions\u202f <\/h2>\n

Join us for core Black Hat sessions, submitted for consideration by Microsoft subject matter experts and selected by the Black Hat content committee to be included in its main agenda.  <\/p>\n

\n\n\n\n\n\n\n\n\n\n\n\n
DATE & TIME<\/strong> <\/td>\nSESSION TITLE\u202f<\/strong> <\/td>\nINFORMATION<\/strong> <\/td>\nSPEAKER(S)<\/strong> <\/td>\n<\/tr>\n
Saturday, August 3, to Tuesday, August 6, 2024 <\/strong> <\/td>\nAI Red Teaming in Practice <\/td>\nHands-on training on how to red team AI systems and strategies to find and fix failures in state-of-the-art AI systems. <\/td>\nDr. Amanda Minnich, Senior Researcher, Microsoft;  
Gary Lopez, Researcher, Microsoft; 
Martin Pouliot, Researcher, Microsoft  <\/td>\n<\/tr>\n
Wednesday, August 7, 2024, 10:20 AM PT-11:00 AM PT<\/strong> <\/td>\nBreaching AWS Accounts Through Shared Resources\u202f  <\/td>\nPresenting six critical vulnerabilities that we found in AWS, along with the stories and methodologies behind them. <\/td>\nYakir Kadkoda, Lead Security Researcher, Aqua Security; 
Michael Katchinskiy, Security Researcher, Microsoft; 
Ofek Itach, Senior Security Researcher, Aqua Security <\/td>\n<\/tr>\n
Wednesday, August 7,<\/strong> 2024,<\/strong> 12:40 PM PT-1:50 PM PT<\/strong><\/td>\nHacking generative AI with PyRIT <\/td>\nUnderstand the presence of security and safety risks within generative AI systems with PyRIT. <\/td>\nRaja Sekhar Rao Dheekonda, Senior Software Engineer, Microsoft <\/td>\n<\/tr>\n
Wednesday, August 7, 2024, 3:20 PM PT <\/strong><\/td>\nAI Safety and You: Perspectives on Evolving Risks and Impacts <\/td>\nPanel on the nuts and bolts of AI Safety and operationalizing it in practice. <\/td>\nDr. Amanda Minnich, Senior Researcher, Microsoft;  
Nathan Hamiel, Senior Director of Research, Kudelski Security;  
Rumman Chowdhury; 
Mikel Rodriguez, Research Scientist, Google Deepmind <\/td>\n<\/tr>\n
Wednesday, August 7,<\/strong> 2024,<\/strong> 1:30 PM PT-2:10 PM PT<\/strong> <\/td>\nPredict, Prioritize, Patch: How Microsoft Harnesses LLMs for Security Response\u202f <\/td>\nA crash course into leveraging Large Language Models (LLMs) to reduce the impact of tedious security response workflows. <\/td>\nBill Demirkapi, Security Engineer, Microsoft Security Response Center <\/td>\n<\/tr>\n
Wednesday, August 7, 2024, 3:20 PM PT-4:00 PM PT<\/strong><\/td>\nCompromising Confidential Compute, One Bug at a Time <\/td>\nReview of methodology and the emulation tooling developed for security testing purposes, and how it influenced our understanding and review strategy. <\/td>\nBen Hania, Senior Security Researcher, Microsoft; Maxime Villard, Security Researcher, Microsoft; Yair Netzer, Principal Security Researcher, Microsoft <\/td>\n<\/tr>\n
Thursday, August 8, 2024, 10:20 AM PT-11:00 AM PT<\/strong><\/td>\nOVPNX: 4 Zero-Days Leading to RCE, LPE and KCE (via BYOVD) Affecting Millions of OpenVPN Endpoints Across the Globe <\/td>\nMicrosoft identified vulnerabilities in OpenVPN that attackers could chain and remotely exploit to gain control over endpoints. <\/td>\nVladimir Tokarev, Senior Security Researcher, Microsoft <\/td>\n<\/tr>\n
Thursday, August 8,<\/strong> 2024,<\/strong> 1:30 PM PT-2:10 PM PT<\/strong>  <\/td>\nSecure Boot, Insecure Reality: Peeling Back Layers of False Security <\/td>\nA deep dive into the systemic weaknesses which undermine the security of your boot environment. <\/td>\nBill Demirkapi, Security Engineer, Microsoft Security Response Center <\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

Stop by our booth (1240) to connect with Microsoft security experts\u202f <\/h2>\n

At Black Hat 2024, Microsoft Security is here with security leaders and resources that include:\u202f\u202f <\/p>\n