Black Hat USA 2014

Midyear Security Report

To view the insights uncovered, get your copy of the Cisco 2014 Midyear Security Report.

  • Date: Wednesday, August 6 – 
    Thursday, August 7
  • Location:Mandalay Bay CC
    Las Vegas, NV
  • Duration:All Day
  • Attendance:In Person
▲ Back to Top


Cisco Security at Black Hat USA 2014

Thank you for taking time to be a part of our activities at Black Hat USA. As you're discovering new security solutions to enhance your threat protection strategy, we invite you to take full advantage of the Cisco 2014 Midyear Security Report, which examines threat intelligence and cybersecurity trends for the first half of 2014. The report underscores just how many different types of weak links exist in the systems we trust, including the Internet itself, and what can be done to reduce their number and impact.

In addition to cybersecurity trends for the first half of 2014, the report also discusses how:

  • The Internet of Things (IoT) changes the security landscape. Anything connected to a network presents an attack surface for adversaries to exploit cars, medical devices, and even baby monitors.
  • Using predictive analytics and machine learning helps identify hard-to-detect threats on the network.
  • Attackers are shifting to less visible, less content-detectable patterns or ways of behaving.
  • Organizations increasingly view cybersecurity as both a strategic risk and a business process.

To view the security insights uncovered, get your copy of the Cisco 2014 Midyear Security Report.

Thanks again for participating in our Black Hat USA experience.

▲ Back to Top

Speakers & Sessions

Behind the DNSBL Curtain

Speaker: Jaeson Schultz
Date: Wednesday, August 6
Time: 2:15 – 3:15 p.m.
Location: Business Hall Theater A

Description: Email administrators use DNS-based block lists (DNSBLs) to keep spam from inboxes. When email is delivered, DNS requests containing IP addresses of email senders are submitted to the DNSBL. The DNSBL server replies, indicating the IP address status in the block list, and based on this, decisions are made by the email admin about routing emails. This presentation looks behind the scenes of SpamCop's block list (SCBL) showing the DNSBL admin's perspective and insights gleaned from SpamCop queries. We will cover abnormal DNSBL SpamCop queries, bots spamming other bots, bots looking up themselves, use of the SCBL by non-mailservers, and more.

Speaker bio: Jaeson Schultz is a technical leader for Cisco's Threat Research Analysis and Communications (TRAC) Team. Jaeson has over 20 years' experience in information security ranging from hardware hacking to log analysis and security policy recommendation to thwarting misuse of Internet application layer protocols such as DNS, HTTP, and SMTP.

▲ Back to Top



Visibility and Control: Advanced Malware Protection Everywhere

Cisco Advanced Malware Protection (AMP) is a comprehensive malware-defeating solution that enables malware detection and blocking, retrospective alerting, continuous analysis, and remediation. AMP is a solution that addresses today's advanced threats and can be deployed across multiple control points: email, web, networks, and endpoints.

Control Without Compromise: Securing the Data Center

This demo highlights how Cisco solutions specifically designed for physical, virtual, and cloud environments enable seamless migration from traditional to next-generation data centers. Built-in capabilities provide critical protection without sacrificing the functionality customers depend on data centers to provide; elastic scalability to eliminate security bottlenecks and maintain performance; and security woven into the intelligent data center fabric, not just at the edge.

Midyear Security Report

The effects of cyberattacks are sobering, in terms of both costs and losses in productivity and reputation. The Cisco 2014 Midyear Security Report examines threat intelligence and cybersecurity trends for the first half of 2014. Cisco's research helps to underscore just how many different types of weak links exist in the systems we use, including the Internet itself.

Open Source Security Solutions

OpenAppID is a powerful new app-focused detection language for automatic detection of client apps, web apps, web app behaviors, and server apps that allow you to create, share, and implement custom application detection. You'll see alerts and application statistics generated in real time by sample application traffic plus the streaming of application statistics and alerts to data visualization products such as Splunk.

Managing the Threat Lifecycle

Today's cyberattacks are more advanced, persistent, and cunning than ever before. To combat these threats, we will show you how to take a holistic approach to security, combating threats across the entire attack continuum by combining Firesight, ISE, and Cisco TrustSec.

Building in Security with Trustworthy Systems

Trustworthy Systems is Cisco's initiative to embed security into each phase of the lifecycle of all its products. Learn about the secure development lifecycle in which Cisco's processes, technologies, and policies are used to protect Cisco product offerings and watch how trust anchor technologies and next-generation encryption, including IETF RFC 7030 Enrollment over Secure Transport (EST), make it easier to establish and maintain a secure infrastructure.

Internet of Things

To securely embrace IoT, organizations will need to adopt a converged security model for information technology (IT) and operational technology (OT) environments, with security solutions implemented across the extended network for a comprehensive security solution. Traditional IT-level security will be centrally managed and controlled within IT, yet customized to fit the specific needs of OT environments. This demonstration will highlight this converged security model by showing the Sourcefire Next-Generation IPS in IDS mode enforcing SCADA policies to effectively protect an industrial control system (ICS) environment.

▲ Back to Top


Cisco Speakeasy

An Invitation-Only After-Hours Event
Cisco Speakeasy

Music · Food · Drink

Date: Wednesday, August 6, 2014
Time: 8:00 – 11:00 p.m.
Location: Boom Box at the Marquee Night Club, Cosmopolitan Hotel
3708 South Las Vegas Boulevard, Las Vegas, NV 89109

Follow Snorty to the Cisco Speakeasy. He pours a mean drink. And occasionally tells a good story.

▲ Back to Top



Mandalay Bay Convention Center

Address: 3950 Las Vegas Blvd. South, Las Vegas, NV 89119
Telephone: 866-642-2056

Black Hat event web site: