COMMENTARY

As always, Black Hat USA 2024 promises to be a treasure trove of insights for cybersecurity professionals. The artificial intelligence craze notwithstanding, vulnerability remediation continues to be the core focus for all sizes of organizations seeking to make security more efficient. Understandably, this year's conference promises a variety of approaches, case studies, and informative discussions on this topic. Here are the seven most illuminating sessions we suggest you attend, for insights on discovering, prioritizing, and patching vulnerabilities:

Speakers: Yakir Kadkoda, Michael Katchinskiy, Ofek Itach

Date: Wednesday, Aug. 7, 10:20 a.m.-11 a.m.

Tracks: Cloud security, enterprise security

Did you know that six critical vulnerabilities in Amazon Web Services (AWS) have the potential to lead to severe breaches, including remote code execution and information disclosure? This session dives into a methodology for discovering these vulnerabilities, and the speakers will introduce a new open source tool for researching service internal API calls. This session is essential for understanding and mitigating complex cloud vulnerabilities.

Speaker: Bill Demirkapi

Date: Wednesday, Aug. 7, 1:30 p.m.-2:10 p.m.

Tracks: AI, ML & data science, application security: defense

Joining this session will help you understand more about how Microsoft leverages large language models (LLMs) to streamline security response workflows. Hear about practical applications of LLMs for deriving vulnerability information, predicting report severity, and generating root causes from crash dumps. This is a seminal session for organizations looking to enhance their vulnerability management with AI.

Speakers: Adnan Khan, John Stawinski

Date: Wednesday, Aug. 7, 1:30 p.m.-2:10 p.m.

Tracks: Enterprise security, application security: offense

This technical deep dive addresses the security risks associated with self-hosted CI/CD runners, highlighting critical vulnerabilities discovered in GitHub and other platforms. Attendees will learn how to defend against pipeline poisoning and privilege escalation attacks, which are vital for securing the software development life cycle.

Speaker: Liv Matan

Date: Wednesday, Aug. 7, 1:30 p.m.-2:10 p.m.

Tracks: Cloud security, application security: offense

Explore how a single faulty command in Google Cloud Platform (GCP) led to a critical RCE vulnerability, affecting millions of servers. This session will provide insights into the complexity of cloud services and present tools for uncovering hidden APIs used by cloud providers. Security leaders managing cloud security in their organizations and seeking to understand cloud service vulnerabilities will find this talk invaluable.

Speakers: Eyal Paz, Liad Cohen

Date: Thursday, Aug. 8, 2:30 p.m.-3 p.m.

Tracks: Application security: defense, exploit development & vulnerability discovery

Learn about the risk of transitive dependencies in software projects, with speakers clearly demonstrating how these vulnerabilities can be exploited. Attendees will learn practical strategies for mitigating these risks and prioritizing vulnerabilities in their threat model, which is crucial for secure software development.

Speakers: Qi Wang, Jianjun Chen, Run Guo, Chao Zhang, Haixin Duan

Date: Thursday, Aug. 8, 2:30 p.m.-3 p.m.

Tracks: Application security: offense, cloud security

Discover how protocol-level evasion vulnerabilities in WAFs can be exploited to bypass security measures. This session introduces WAF Manis, a novel testing framework that uncovered 311 evasion cases and could be extremely useful for those looking to strengthen their Web application defenses against sophisticated attacks.

Speakers: Ryan Kane, Rushank Shetty

Date: Thursday, Aug. 8, 3:20 p.m.-4 p.m.

Tracks: Enterprise security, application security: offense

This session explores the security of immutable backups, highlighting how attackers can target the infrastructure hosting backup data. Learn the processes, failures, and successes in testing immutable backups, crucial for ensuring data resilience against ransomware attacks.

These sessions and many others on vulnerability remediation are a testament to the growing importance of building a culture of proactive security, by addressing the constantly evolving attack surfaces and staying vigilant. Ensuring that you have a robust vulnerability remediation process is a critical and vital security checkpoint in your organization's security posture.