{"id":134756,"date":"2024-07-17T09:00:00","date_gmt":"2024-07-17T16:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=134756"},"modified":"2024-09-10T11:17:55","modified_gmt":"2024-09-10T18:17:55","slug":"connect-with-microsoft-security-at-black-hat-usa-2024","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2024\/07\/17\/connect-with-microsoft-security-at-black-hat-usa-2024\/","title":{"rendered":"Connect with Microsoft Security at Black Hat USA 2024\u200b\u200b"},"content":{"rendered":"\n

Black Hat USA 2024<\/a> is packed with timely, relevant information for today\u2019s security professionals. During the conference this August, we\u2019ll share our deep expertise in AI-first end-to-end security and extensive threat intelligence research. Join us as we present our main stage speaker Ann Johnson, Corporate Vice President and Deputy Chief Information Security Officer (CISO) of Microsoft Security, as she shares threat intelligence insights and best practices from the Office of the CISO in her conversation with Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft Threat Intelligence Center (MSTIC).  <\/p>\n\n\n\n

Also at Black Hat, our Microsoft AI Red Team<\/a> will be onsite holding training sessions, briefings, and panel discussions. And today, we’re releasing a white paper to demonstrate the impact of red teaming<\/a> in practice when incorporated in the AI development life cycle. The paper details our innovative \u201cBreak-Fix\u201d approach to red teaming AI systems and our close collaboration with Microsoft\u2019s Phi-3 team, which allowed us to reduce the harms by 75% in Microsoft\u2019s state-of-the-art small language models.1<\/sup>   <\/p>\n\n\n\n

As a proud sponsor of the inaugural AI Summit at Black Hat, we’re further investing in the community by sharing our learnings in both AI for Security and<\/em> Securing AI. We\u2019ll be participating in a panel discussion titled “Balancing Security and Innovation\u2014Risks and Rewards in AI-Driven Cybersecurity,” where we’ll debate the trade-offs between innovation in AI and security risks and share strategies to foster innovation while maintaining robust security postures.  <\/p>\n\n\n\n

There\u2019s also a sponsored session titled \u201cMoonstone Sleet: A Deep Dive into their TTPs,\u201d presented by Greg Schloemer, Threat Intelligence Analyst at Microsoft, that takes a deep dive into cyber threat actors associated with the Democratic People\u2019s Republic of Korea (DPRK), as well as educational and engaging theater sessions in our Microsoft booth #1240<\/strong>. With a ton of critical security content to catch\u2014all detailed below\u2014we hope you\u2019ll make time to connect with us at Black Hat 2024. <\/p>\n\n\n\n

Plan your schedule with our standout sessions\u202f <\/h2>\n\n\n\n

Join us for core Black Hat sessions, submitted for consideration by Microsoft subject matter experts and selected by the Black Hat content committee to be included in its main agenda.  <\/p>\n\n\n\n

DATE & TIME<\/strong> <\/td>SESSION TITLE\u202f<\/strong> <\/td>INFORMATION<\/strong> <\/td>SPEAKER(S)<\/strong> <\/td><\/tr>
Saturday, August 3, to Tuesday, August 6, 2024 <\/strong> <\/td>AI Red Teaming in Practice <\/td>Hands-on training on how to red team AI systems and strategies to find and fix failures in state-of-the-art AI systems. <\/td>Dr. Amanda Minnich, Senior Researcher, Microsoft;  
Gary Lopez, Researcher, Microsoft; 
Martin Pouliot, Researcher, Microsoft  <\/td><\/tr>
Wednesday, August 7, 2024, 10:20 AM PT-11:00 AM PT<\/strong> <\/td>Breaching AWS Accounts Through Shared Resources\u202f  <\/td>Presenting six critical vulnerabilities that we found in AWS, along with the stories and methodologies behind them. <\/td>Yakir Kadkoda, Lead Security Researcher, Aqua Security; 
Michael Katchinskiy, Security Researcher, Microsoft; 
Ofek Itach, Senior Security Researcher, Aqua Security <\/td><\/tr>
Wednesday, August 7,<\/strong> 2024,<\/strong> 12:40 PM PT-1:50 PM PT<\/strong><\/td>Hacking generative AI with PyRIT <\/td>Understand the presence of security and safety risks within generative AI systems with PyRIT. <\/td>Raja Sekhar Rao Dheekonda, Senior Software Engineer, Microsoft <\/td><\/tr>
Wednesday, August 7, 2024, 3:20 PM PT <\/strong><\/td>AI Safety and You: Perspectives on Evolving Risks and Impacts <\/td>Panel on the nuts and bolts of AI Safety and operationalizing it in practice. <\/td>Dr. Amanda Minnich, Senior Researcher, Microsoft;  
Nathan Hamiel, Senior Director of Research, Kudelski Security;  
Rumman Chowdhury; 
Mikel Rodriguez, Research Scientist, Google Deepmind <\/td><\/tr>
Wednesday, August 7,<\/strong> 2024,<\/strong> 1:30 PM PT-2:10 PM PT<\/strong> <\/td>Predict, Prioritize, Patch: How Microsoft Harnesses LLMs for Security Response\u202f <\/td>A crash course into leveraging Large Language Models (LLMs) to reduce the impact of tedious security response workflows. <\/td>Bill Demirkapi, Security Engineer, Microsoft Security Response Center <\/td><\/tr>
Wednesday, August 7, 2024, 3:20 PM PT-4:00 PM PT<\/strong><\/td>Compromising Confidential Compute, One Bug at a Time <\/td>Review of methodology and the emulation tooling developed for security testing purposes, and how it influenced our understanding and review strategy. <\/td>Ben Hania, Senior Security Researcher, Microsoft; Maxime Villard, Security Researcher, Microsoft; Yair Netzer, Principal Security Researcher, Microsoft <\/td><\/tr>
Thursday, August 8, 2024, 10:20 AM PT-11:00 AM PT<\/strong><\/td>OVPNX: 4 Zero-Days Leading to RCE, LPE and KCE (via BYOVD) Affecting Millions of OpenVPN Endpoints Across the Globe <\/td>Microsoft identified vulnerabilities in OpenVPN that attackers could chain and remotely exploit to gain control over endpoints. <\/td>Vladimir Tokarev, Senior Security Researcher, Microsoft <\/td><\/tr>
Thursday, August 8,<\/strong> 2024,<\/strong> 1:30 PM PT-2:10 PM PT<\/strong>  <\/td>Locked Down but Not Out: Fighting the Hidden War in Your Bootloader<\/td>A deep dive into the systemic weaknesses which undermine the security of your boot environment. <\/td>Bill Demirkapi, Security Engineer, Microsoft Security Response Center <\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

Stop by our booth (1240) to connect with Microsoft security experts\u202f <\/h2>\n\n\n\n

At Black Hat 2024, Microsoft Security is here with security leaders and resources that include:\u202f\u202f <\/p>\n\n\n\n