Every year tens of thousands of security enthusiasts swarm San Francisco for RSA Conference, one of the biggest and best-attended events of its kind. With hundreds of speakers from across the globe delivering groundbreaking talks on hacking, national security and everything in between, it’s little wonder the conference is flourishing. But with so much to digest in so little time, choosing which talks to see can be a challenge.
Thankfully, our guys who jetted out last week escaped the networking lunches long enough to unearth some real gems, and we’d like to share the best of these with you. So, if you couldn’t attend the conference but want a rundown of the highlights – or if you did attend but want to reflect on a great week – check out our favourite moments below.
Hacking Exposed: Hacking Macs
Dmitri Alperovitch, Co-Founder and Chief Technology Officer, CrowdStrike
George Kurtz, Chief Executive Officer, CrowdStrike
In this talk CrowdStrike’s Dmitri Alperovitch and George Kurtz introduced real-world case studies regarding advanced intrusions on MacOS systems. These were presented in the raw style of Kurtz’ Hacking Exposed books and included detailed breakdowns of TTPs and artefacts. The session also demonstrated attacks and provided relevant countermeasures for detection and response. Those paying attention learned the different attacker TTPs on MacOS systems and gained an understanding of how MacOS process-visualisation trees can be used for forensics.
View our datasheet to see how Immersive Labs uses threat intelligence to reduce security teams’ Mean Time to Learn.
Retaining and Growing Cybersecurity Talent: A Proven Model
Deidre Diamond, Founder and CEO, CyberSN and Brainbabe
As CEO of staffing firm CyberSN, women-in-cyber champion Deidre Diamond is only too aware of the talent shortage. In this talk she outlined the importance of retaining cyber talent and demonstrated the importance of using a common language for cybersecurity projects. Attendees learned how a cybersecurity programme with succession planning and training can improve retention, as well as the importance of creating a workplace culture that offers psychological safety.
Read our CEO James Hadley’s thoughts regarding cyber talent development on Forbes.
Lightning in a Bottle, or Burning Down the House?
Dr. Celeste Fralick, Chief Data Scientist, McAfee, LLC
Steve Grobman, Senior Vice President and Chief Technology Officer, McAfee, LLC
Tenuous title, terrific talk. Dr. Celeste Fralick and Steve Grobham used their slot to discuss the implications of evolving technology – particularly the weaponisation of AI and how this can amplify the impact of cyberattacks. It wasn’t quite Asimov, but technophobes would surely have trembled at this ominous glimpse into the future. Though, with RSA being a destination for those excited rather than perturbed by technological advances, it’s fair to say those in attendance were captivated.
See how Immersive Labs addresses different attack techniques using MITRE ATT&CK and other frameworks.
Come Get Your Free NSA Reverse Engineering Tool!
Robert Joyce, Senior Advisor, National Security Agency (NSA)
On Tuesday afternoon Robert Joyce demonstrated the NSA’s exciting new software reverse engineering framework, GHIDRA, for the first time. He unveiled its capabilities – which include disassembly, assembly, decompilation, graphing and scripting – as well as where to download it, how to install it, and who to discuss it with. The platform includes all the features expected in high-end commercial tools, with new and expanded functionality that the NSA has uniquely developed. And best of all? It’s free to use.
Immersive Labs users can try our Introduction to GHIDRA lab here. If you’re not a user but would like to be, speak to one of our experts.
In the Wake of an Attack: Thoughts from a Seasoned CISO
Bob Lord, Chief Security Officer, Democratic National Committee
Dr. Hugh Thompson, RSA Conference Programme Chair, RSA Conference
Bob Lord has over two decades’ security experience: he was Twitter’s first security hire and has acted as CISO at Yahoo, Rapid 7, and now the Democratic National Committee. Meaning when he talks post-attack operations, people tend to listen. In this fascinating discussion with RSA Conference Chair Dr. Hugh Thompson, Lord covered topics including secure by default, the CISO’s ‘active’ role, and the art of communication. He also spoke about his unique challenge helping high-profile US politicians to be digitally secure.
You can read our blog on the state of board-level cyber awareness here.