• 5 things infosec can learn from adventure games

    As an active adventure gamer and a natural seeker of reusable patterns, Iíve noticed that some of the things I do to achieve success in video games can be applied to information security.

  • The economics of hacking

    In this podcast recorded at Black Hat USA 2014, Wade Williamson, Security Researcher at Shape Security, talks about the economics of hacking and how some of today's techniques are trying to invert it.

  • Why every security-conscious organization needs a honeypot

    When you think about the layers of security your business needs, you probably think about firewalls, authentication systems, intrusion prevention, antivirus, and other common security controls. However, I suspect few think about honeypots. Thatís a shame, as honeypots make perfect network security canaries, and can improve any organizationís defense.

  • Point of Sale system architecture and security

    To most people, Point of Sale (POS) systems with integrated payment processing are a black box where magic happens.

    In this podcast recorded at Black Hat USA 2014, Lucas Zaichkowsky, Enterprise Defense Architect at AccessData, talks about how financial criminals breach hundreds of merchants each year, displaying a better understanding of how these systems operate than the dealer technicians that install and maintain them.

  • How important is website security?

    In this interview, Nicholas Sciberras, Product Manager at Acunetix, illustrates why website security should be a priority in any organization. He talks about the challenges involved in auditing website security, illustrates the pros and cons of using remote vs. in-house security testing, and more.

  • Why IT security is broken and how math can save it

    In this podcast recorded at Black Hat USA 2014, Stuart McClure, CEO at Cylance, talks about how the information security industry has evolved when it comes to detecting bad guys, but it's being mostly reactive and not proactive. Signature-based technologies are flawed and easily bypassed since they incorporate only a fraction of characteristics of a bad file or activity.

  • Securing the U.S. electrical grid

    The Center for the Study of the Presidency & Congress (CSPC) launched a project to bring together representatives from the Executive Branch, Congress, and the private sector to discuss how to better secure the U.S. electric grid from the threats of cyberattack, physical attack, electromagnetic pulse, and inclement weather.

    The result is the Securing the U.S. Electrical Grid report, and talking about critical security challenges we have Dan Mahaffee, the Director of Policy at CSPC.

  • Securing networks in the Internet of Things era

    The IoT will probably represent the biggest change to our relationship with the Internet since its inception. But first, we need to work out how itís going to become reality on such a vast scale. Clearly, adding these billions of devices to networks is going to have a knock-on effect, yet thereís been relatively little commentary dedicated to the question of how the IoT is going to be delivered in practical terms. This means asking what the IoT means for networks and IT departments, and how weíre going to ensure that itís sufficiently secure.

  • Why youíre not as secure as you think you are

    There are 2.4 billion Internet users in the world today. Many of these users, in good faith, leave their personal online security up to their service providers. Sadly, time and time again, we see these companies fail to effectively protect sensitive customer data.

  • How the role of the CSO is changing

    Since Steve Katz became the first CISO back in 1995, both business leaders and the security industry in general have been thinking and rethinking the need for such a person and the responsibilities that he or she should have.

    In this podcast recorded at Black Hat USA 2014, Rick Howard, CSO at Palo Alto Networks, talks about the role of the CSO and how it's fundamentally changing.

Videos      Podcasts


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Thu, Aug 28th