News from the conference

Why open source and collaboration are the future of security
Greg Martin, CTO at ThreatStream, talks about why open source and collaboration are the key drivers of information security innovation. He raises an important question - what will happen if we don't start actively sharing information?

Malicious and risky apps on Android and iOS
Mike Raggo, Security Evangelist at MobileIron, talks about the risky behavior of certain apps downloaded from Google Play or the App Store.

Lessons learned from running 95 bug bounty programs
Casey Ellis, CEO of Bugcrowd, talks about the lessons they've learned after running 95 bug bounty programs as well as the different types of researchers that take part in their programs.

The economics of hacking
Wade Williamson, Security Researcher at Shape Security, talks about the economics of hacking and how some of today's techniques are trying to invert it.

The synergy of hackers and tools at the Black Hat Arsenal
Tucked away from the glamour of the vendor booths giving away t-shirts and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Point of Sale system architecture and security
Lucas Zaichkowsky, Enterprise Defense Architect at AccessData, talks about how financial criminals breach hundreds of merchants each year, displaying a better understanding of how these systems operate than the technicians that maintain them.

Why IT security is broken and how math can save it
Stuart McClure, CEO at Cylance, talks about how the information security industry has evolved when it comes to detecting bad guys, but it's being mostly reactive and not proactive.

How the role of the CSO is changing
Business leaders run out as fast as they can to hire a CSO/CISO as soon as they get hit by a significant breach. Obviously, this is a little backwards. Rick Howard, CSO at Palo Alto Networks, talks about the role of the CSO and how it's changing.

BGP hijacking for cryptocurrency profit
Joe Stewart, Director of Malware Research at Dell SecureWorks, talks about his discovery of suspicious activity occurring on mining systems connected to the mining pool.

Breaking the security of physical devices
Silvio Cesare, Director of Anti-Malware Engineering at Qualys, discusses the security measures of a number of household devices and things. His analysis involved mathematics, software defined radio, and more.

Continuous monitoring for your perimeter
Sumedh Thakar, Chief Product Officer at Qualys, talks about a new approach to vulnerability management and network security, enabling you to immediately identify and proactively address potential problems.

86% of hackers don't worry about repercussions
86% of hackers are confident they will never face repercussions for their activities. In a double-edged sword conundrum, 88% of respondents also believe their own personally identifiable information is at risk of online theft.

The dangers of backdoor passwords
Billy Rios, Director of Threat Intelligence at Qualys, illustrates how backdoor passwords get put into devices, how they manifest themselves, and the implications they bring.

Square launches bug bounty program
Popular California-based financial services and mobile payments company Square has set up a bug bounty program on the HackerOne platform.

How fast can security pros detect a breach?
Industry research shows most breaches go undiscovered for weeks, months or even longer. Despite this evidence, 51 percent of respondents said their organization could detect a data breach on critical systems in 24 to 48 hours.

US switch to chip-and-PIN cards not a panacea for fraud
Many retailers are rushing to support the chip-and-PIN system before October 2015, when the major card issuers plan to implement a liability shift.
Photo galleries