Black Hat USA 2024 is full of well timed, related info for at present’s safety professionals. Throughout the convention this August, we’ll share our deep experience in AI-first end-to-end safety and in depth menace intelligence analysis. Be part of us as we current our predominant stage speaker Ann Johnson, Company Vice President and Deputy Chief Info Safety Officer (CISO) of Microsoft Safety, as she shares menace intelligence insights and finest practices from the Workplace of the CISO in her dialog with Sherrod DeGrippo, Director of Menace Intelligence Technique at Microsoft Menace Intelligence Heart (MSTIC).
Additionally at Black Hat, our Microsoft AI Crimson Group can be onsite holding coaching periods, briefings, and panel discussions. And at present, we’re releasing a white paper to reveal the impression of pink teaming in follow when integrated within the AI improvement life cycle. The paper particulars our modern “Break-Repair” method to pink teaming AI techniques and our shut collaboration with Microsoft’s Phi-3 workforce, which allowed us to cut back the harms by 75% in Microsoft’s state-of-the-art small language fashions.1
As a proud sponsor of the inaugural AI Summit at Black Hat, we’re additional investing locally by sharing our learnings in each AI for Safety and Securing AI. We’ll be taking part in a panel dialogue titled “Balancing Safety and Innovation—Dangers and Rewards in AI-Pushed Cybersecurity,” the place we’ll debate the trade-offs between innovation in AI and safety dangers and share methods to foster innovation whereas sustaining strong safety postures.
There’s additionally a sponsored session titled “Moonstone Sleet: A Deep Dive into their TTPs,” offered by Greg Schloemer, Menace Intelligence Analyst at Microsoft, that takes a deep dive into cyber menace actors related to the Democratic Individuals’s Republic of Korea (DPRK), in addition to instructional and interesting theater periods in our Microsoft sales space #1240. With a ton of vital safety content material to catch—all detailed beneath—we hope you’ll make time to attach with us at Black Hat 2024.
Plan your schedule with our standout periods
Be part of us for core Black Hat periods, submitted for consideration by Microsoft subject material specialists and chosen by the Black Hat content material committee to be included in its predominant agenda.
| DATE & TIME | SESSION TITLE | INFORMATION | SPEAKER(S) |
| Saturday, August 3, to Tuesday, August 6, 2024 | AI Crimson Teaming in Observe | Fingers-on coaching on easy methods to pink workforce AI techniques and methods to seek out and repair failures in state-of-the-art AI techniques. | Dr. Amanda Minnich, Senior Researcher, Microsoft; Gary Lopez, Researcher, Microsoft; Martin Pouliot, Researcher, Microsoft |
| Wednesday, August 7, 2024, 10:20 AM PT-11:00 AM PT | Breaching AWS Accounts By way of Shared Sources | Presenting six vital vulnerabilities that we present in AWS, together with the tales and methodologies behind them. | Yakir Kadkoda, Lead Safety Researcher, Aqua Safety; Michael Katchinskiy, Safety Researcher, Microsoft; Ofek Itach, Senior Safety Researcher, Aqua Safety |
| Wednesday, August 7, 2024, 12:40 PM PT-1:50 PM PT | Hacking generative AI with PyRIT | Perceive the presence of safety and security dangers inside generative AI techniques with PyRIT. | Raja Sekhar Rao Dheekonda, Senior Software program Engineer, Microsoft |
| Wednesday, August 7, 2024, 3:20 PM PT | AI Security and You: Views on Evolving Dangers and Impacts | Panel on the nuts and bolts of AI Security and operationalizing it in follow. | Dr. Amanda Minnich, Senior Researcher, Microsoft; Nathan Hamiel, Senior Director of Analysis, Kudelski Safety; Rumman Chowdhury; Mikel Rodriguez, Analysis Scientist, Google Deepmind |
| Wednesday, August 7, 2024, 1:30 PM PT-2:10 PM PT | Predict, Prioritize, Patch: How Microsoft Harnesses LLMs for Safety Response | A crash course into leveraging Giant Language Fashions (LLMs) to cut back the impression of tedious safety response workflows. | Invoice Demirkapi, Safety Engineer, Microsoft Safety Response Heart |
| Wednesday, August 7, 2024, 3:20 PM PT-4:00 PM PT | Compromising Confidential Compute, One Bug at a Time | Evaluate of methodology and the emulation tooling developed for safety testing functions, and the way it influenced our understanding and evaluation technique. | Ben Hania, Senior Safety Researcher, Microsoft; Maxime Villard, Safety Researcher, Microsoft; Yair Netzer, Principal Safety Researcher, Microsoft |
| Thursday, August 8, 2024, 10:20 AM PT-11:00 AM PT | OVPNX: 4 Zero-Days Resulting in RCE, LPE and KCE (through BYOVD) Affecting Thousands and thousands of OpenVPN Endpoints Throughout the Globe | Microsoft recognized vulnerabilities in OpenVPN that attackers may chain and remotely exploit to realize management over endpoints. | Vladimir Tokarev, Senior Safety Researcher, Microsoft |
| Thursday, August 8, 2024, 1:30 PM PT-2:10 PM PT | Safe Boot, Insecure Actuality: Peeling Again Layers of False Safety | A deep dive into the systemic weaknesses which undermine the safety of your boot setting. | Invoice Demirkapi, Safety Engineer, Microsoft Safety Response Heart |
Cease by our sales space (1240) to attach with Microsoft safety specialists
At Black Hat 2024, Microsoft Safety is right here with safety leaders and sources that embody:
- Menace researchers and safety specialists from Microsoft Safety, right here to attach with the group and share insights.
- Stay demos of Microsoft Copilot for Safety, knowledgeable by the 78 trillion alerts Microsoft processes every day, to assist safety professionals be as much as 22% quicker. 2
- Theater displays of Microsoft’s unified safety operations expertise, which brings collectively prolonged detection and response (XDR) and safety info and occasion administration (SIEM), so that you get full visibility into cyberthreats throughout your multicloud, multiplatform setting.
- Fingers-on expertise with Microsoft Safety options that will help you undertake AI safely.
Join with Microsoft leaders and representatives to study our AI-first end-to-end safety for all. Moreover, you’ll be capable of view a number of demonstrations on a variety of subjects together with menace safety, securing AI, multicloud safety, Copilot for Safety, knowledge safety, and superior id. You’ll additionally be capable of join with our Microsoft Clever Safety Affiliation (MISA) companions throughout your go to—the highest specialists from throughout the cybersecurity trade with the shared aim of enhancing buyer safety worldwide. And if in case you have particular inquiries to ask, join a one-on-one chat with Microsoft Safety leaders.
Companion presence on the Microsoft sales space
On the Theater within the Microsoft sales space, watch our sequence of displays and panels that includes Microsoft Menace Intelligence Heart (MSTIC) specialists and Microsoft Researchers. Half of the periods can be offered by the MSTIC Group. The Microsoft sales space may even function periods from choose companions from the Microsoft Clever Safety Affiliation (MISA). MISA is an ecosystem of main Safety firms which have built-in their options with Microsoft Safety know-how with a aim of defending our mutual prospects from cybersecurity threats. Twelve companions will showcase their options at our MISA demo station and 5 companions can be presenting their options in our mini-theater. We might like to see you there. Click on right here to view our full theater session schedule.
Reserve your spot on the Microsoft Safety VIP Mixer
The occasion can be co-hosted by Ann Johnson, Company Vice President and Deputy CISO of Microsoft Safety, and Aarti Borkar, Vice President of Microsoft Safety, Buyer Success and Microsoft Incident Response, and, we’re thrilled to have 5 MISA companions—Avertium, BlueVoyant, NCC Group, Trustwave, and Quorum Cyber—sponsoring our Microsoft Safety VIP Mixer. The mixer is a good time to attach and community with fellow trade specialists, and seize a duplicate of Safety Mixology, a menace intelligence-themed cocktail and appetizer cookbook—you’ll be capable of meet among the contributors! Drinks and appetizers can be offered. Reserve your spot to hitch us at this unique occasion.
Don’t miss the AI Summit at Black Hat
On Tuesday, August 6, 2024, from 11:10 AM PT to 11:50 AM PT, we’ll be a part of a panel dialogue titled “Balancing Safety and Innovation—Dangers and Rewards in AI-Pushed Cybersecurity.” Microsoft is honored to be a VisionAIre sponsor for this occasion. Brandon Dixon, Companion Product Supervisor, Safety AI Technique will debate the trade-offs between innovation in AI and safety dangers, share methods to foster innovation whereas sustaining strong safety, and extra. Observe: The AI Summit is a separate, one-day occasion that includes technical specialists, trade leaders, and safety tsars, designed to provide attendees a complete understanding of the potential dangers, challenges, and alternatives related to AI and cybersecurity.
Microsoft’s Most Invaluable Researchers
Safety researchers are a vital a part of the defender group, on the entrance strains of safety response evolution, working to guard prospects and the broader ecosystem. On Thursday, August 8, 2024, we’ll host our invite-only Microsoft Researcher Celebration. And on August 6, 2024, Microsoft Safety Response Heart (MSRC) will announce the annual high 100 Most Invaluable Researchers (MVRs) who assist shield our prospects via surfacing and reporting safety vulnerabilities underneath Coordinated Vulnerability Disclosure (CVD). Comply with @msftsecresponse on X and Microsoft Safety Response Heart on LinkedIn for the MVR reveal.
Safe your future with Microsoft global-scale menace intelligence
Within the arms of safety professionals and groups, AI can ship the best benefit to organizations of each measurement, throughout each trade, tipping the scales in favor of defenders. Microsoft is bringing collectively each a part of the corporate in a collective mission to advance cybersecurity safety to assist our prospects and the safety group. We provide 4 highly effective benefits to drive safety innovation: large-scale knowledge and menace intelligence; probably the most full end-to-end safety; trade main, accountable AI; and one of the best instruments to safe and govern the usage of AI. Collectively we are able to propel innovation and create a safer world. We’re excited to share the most recent product information and Microsoft Safety improvements throughout Black Hat 2024 and we hope to see you there.
Be part of us on the Microsoft Safety VIP Mixer
Don’t miss this chance to attach with Microsoft Safety specialists and fellow trade leaders—and choose up your copy of Safety Mixology!
For extra menace intelligence steerage and insights from Microsoft safety specialists, go to Safety Insider.
To study extra about Microsoft Safety options, go to our web site. Bookmark the Safety weblog to maintain up with our knowledgeable protection on safety issues. Additionally, observe us on LinkedIn (Microsoft Safety) and X (@MSFTSecurity) for the most recent information and updates on cybersecurity.
Sources:
1Phi-3 Technical Report: A Extremely Succesful Language Mannequin Domestically on Your Telephone, Microsoft. April 2024.
2Microsoft Copilot for Safety is mostly out there on April 1, 2024, with new capabilities, Vasu Jakkal. March 13, 2024.
