7 Cool New Security Tools to be Revealed at Black Hat Europe
Black Hat Europe's Arsenal lineup will include demonstrations of tools addressing everything from unsecured cloud buckets to unknown IoT devices.
November 12, 2018
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt30a62794e898b896/64f0d55643af541545a1bd7e/01-arsenaltool.jpg?width=700&auto=webp&quality=80&disable=upscale)
Security researchers will convene in London next month to share findings at Black Hat Europe and unveil new tools at the conference's "Arsenal" event. At Arsenal reseachers will pass around dozens of new tools to advance vulnerability discovery, auditing, and other security practices. Here are a few highlights of what's to come.
As containerization explodes with the enterprise in concert with DevOps practices, an increasing number of organizations are depending on container orchestration tools like Kubernetes to manage their workloads. Michael Cherny, head of security research at Aqua, will demo kube-hunter, an open-source penetration testing and risk assessment platform for Kubernetes that his organization is spearheading.
The growth of artificial intelligence (AI) in enterprise systems is set for stratospheric levels, so it's no surprise to see security researchers similarly harness the power of AI. SNDBOX is what researchers Ariel Koren and Ran Dubin call the first "AI malware research platform designed to scale up research time," and it'll be free for security researchers. The deep learning classifier and AI similarity engines of the tool are built to reduce research time and reduce false positives.
Firmware and embedded software are receiving increased attention from the research community, which is developing tools to help. For example, TROMMEL helps sift through embedded device files to pick up on vulnerable indicators. It then integrates with the vFeed vulnerability and threat intelligence database to reduce the amount of manual work involved in analyzing embedded systems.
The wide physical distribution of Internet of Things devices and sensors makes it particularly tough for researchers seeking to audit their security. Hao Zhao will be presenting a tool called IoXT Hunter, which gives security teams an open-source option designed for large-scale discovery of remote IoT devices. It discovers all known IoT devices within specified ranges of network addresses and performs full remote testing of found devices based on generic payloads or customizable plugin extensions.
A trio of researchers with the University of Tokyo's Secure Information Society Research Group plans to present a tool meant to help resarchers get better visibility on the kinds of Active Directory behavior attackers engage in to supercharge their efforts to get deep into network assets. As they explain, detecting these lateral attacks can be very hard, because they usually use unprotected legitimate accounts and common AD commands that don't look like anomalies. The researchers' solution employs Domain Controller Event logs for detecting quiet attack behavior that uses Domain Administrator privileges. The open-source tool will be unveiled at the show and released concurrently on GitHub.
Cloud security platforms like AWS, Azure, and Google Cloud Platform offer a lot of internally hardened systems but we still see many exposures due to user errors. Jayesh Chauhan will introduce a new tool called CS Suite meant to help security teams audit their cloud platforms for common problems like poorly configured identity and access management policies, publicly readable S3 and Azure buckets, and exposed ports. It bundles together a number of existing open-source tools on a new platform with added capabilities.
Image Source: Adobe Stock (cutimage)
Black Hat Europe returns to London Dec 3-6 2018 with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.
Cloud security platforms like AWS, Azure, and Google Cloud Platform offer a lot of internally hardened systems but we still see many exposures due to user errors. Jayesh Chauhan will introduce a new tool called CS Suite meant to help security teams audit their cloud platforms for common problems like poorly configured identity and access management policies, publicly readable S3 and Azure buckets, and exposed ports. It bundles together a number of existing open-source tools on a new platform with added capabilities.
Image Source: Adobe Stock (cutimage)
Black Hat Europe returns to London Dec 3-6 2018 with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.
Security researchers will convene in London next month to share findings at Black Hat Europe and unveil new tools at the conference's "Arsenal" event. At Arsenal reseachers will pass around dozens of new tools to advance vulnerability discovery, auditing, and other security practices. Here are a few highlights of what's to come.
Read more about:
Black Hat NewsAbout the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024