Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

7/26/2019
09:00 AM
Alex Wawro, Special to Dark Reading
Alex Wawro, Special to Dark Reading
News
50%
50%

Black Hat Q&A: Inside the Black Hat NOC

Cybersecurity expert Bart Stump explains what it's like to reliably deliver a useful, high-security network for one of the toughest audiences in the world.

When you sign up to attend Black Hat USA in Las Vegas next month, make sure to leave time in your busy schedule to check out the Black Hat Network Operations Center (NOC), the heart of the Black Hat network.

The Black Hat NOC team meet months before the event to strategize the best way to deliver a high-security, high-availability network to one of the biggest cybersecurity events in the world. The fact that this event is packed with security researchers, hackers, and network experts makes the process of deploying and securing the NOC just that much more exciting.

In addition to visiting the NOC itself, Black Hat attendees are invited to attend the special debriefing session offered at the end of the show.

In this popular Briefing, NOC crewmembers run down the tools and techniques they use to set up, stabilize, and secure the network, and describe what improvements they’ve made over the past year. I recently asked NOC leader Bart Stump offers to share his insight into what the NOC crew does and why Black Hat attendees should pay attention.

Alex Wawro: Hey there! Can you tell us a bit about who you are and what you do

Bart Stump: Hello! My name is Bart Stump and I am one half of the NOC leadership at Black Hat. I have been working with Black Hat for 12 years now.

Alex: What does your average workload look like at a Black Hat event?

Bart: The US show is obviously our flagship show and brings a much higher workload leading up to and during the event. Myself, and a small skeleton crew arrive four days before the show starts to begin setting up the network. During the show, there is the regular maintenance and issues that we work to deal with as quickly as possible. We also have obligations with tours, media, and our NOC debrief at the end of the show.

Alex: What's the most challenging thing about working in the Black Hat Network Operations Center?

Bart: I would say it's being able to think on your toes as issues arise [because] they need to be resolved in order to not impact attendees or trainers and speakers. Being able to work as a team and trust those around me to do their part is what makes the NOC go, and keep everything as stable as we do!

Alex: What should attendees know about the NOC that they probably don't?

Bart: Everyone is welcome to come see us, ask questions and stay involved with the work we do. If you have any questions, comments or concerns - we want to hear them! So come visit us and see what we do to keep Black Hat attendees safe!

Alex: Any fun stories from your time on the NOC Crew?

Tons! We have had many experiences over the years as the show continues to grow. From the friendships that I have gained and grown because of Black Hat, to the crazy network traffic we see every show, it is always fun and entertaining for sure!

P.S. we always have stories to tell at our debrief (which always helps close out Black Hat) and would be happy to share more there.

Black Hat USA returns to the Mandalay Bay in Las Vegas August 3-8, 2019. For more information on what’s happening at the event and how to register, check out the Black Hat website.

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

 

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
4 Tips to Run Fast in the Face of Digital Transformation
Shane Buckley, President & Chief Operating Officer, Gigamon,  12/9/2019
US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts
Jai Vijayan, Contributing Writer,  12/5/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4245
PUBLISHED: 2019-12-11
Orca has arbitrary code execution due to insecure Python module load
CVE-2013-4593
PUBLISHED: 2019-12-11
RubyGem omniauth-facebook has an access token security vulnerability
CVE-2013-6495
PUBLISHED: 2019-12-11
JBossWeb Bayeux has reflected XSS
CVE-2013-7370
PUBLISHED: 2019-12-11
node-connect before 2.8.2 has cross site scripting in methodOverride Middleware
CVE-2019-18935
PUBLISHED: 2019-12-11
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote cod...