Endgame will be at RSA 2015!
Stop by the South Hall, Booth #2127 to:
Get a product demo. Learn more about how we help customers instantly detect and actively respond to adversaries.
Learn from our experts. We’ll present three technical talks at our booth throughout the week. No registration required - just show up!
Don’t have an expo pass? Register here for a free expo pass courtesy of Endgame (use the registration code X5EENDGME).
Technical Talk Descriptions
Vulnerability and Exploit Trends: Using Behavioral Analysis and Operating System Defenses to Prevent Advanced Threats
Speaker: Cody Pierce, Endgame Director of Vulnerability Research
Despite the best efforts of the security community—and big claims from security vendors—large areas of vulnerabilities and exploits remain to be leveraged by adversaries. Attendees will learn about:
- A new perspective on the current state of software flaws.
- The wide margin between disclosed vulnerabilities and public exploits including a historical analysis and trending patterns.
- Effective countermeasures that can be deployed to detect, and prevent, the exploitation of vulnerabilities.
- The limitations of Operating System provided mitigations, and how a combination of increased countermeasures with behavioral analysis will get defenders closer to preventing the largest number of threats.
Cody Pierce has been involved in computer and network security since the mid 90s. For the past 13 years he has focused on discovery and remediation of known and unknown vulnerabilities. Instrumental in the success of HP’s Zero Day Initiative program, Cody has been exposed to hundreds of 0day vulnerabilities, advanced threats, and the most current malware research. At Endgame, Cody has lead a successful team tasked with analyzing complex software to identify unknown vulnerabilities and leveraged global situational awareness to manage customer risk.
Sensornet™ Attack Patterns and What They Mean for Defenders
Speaker: Curt Barnard, Endgame Software Implementation Engineer
The Internet is flooded with traffic from web crawlers, port scanners, and brute force attacks. Data analyzed from Sensornet™, a unique network of sensors, allows us to observe trends on the Internet at large. Attendees will learn:
- How to identify if malicious traffic directed at your network service is part of a larger CNO campaign.
- How to get advanced warning of new attacks and malware seen in the wild but not yet reported on.
- How network defenders can better protect themselves against attacks that occur at scale.
- How Endgame identifies malicious hosts that are attempting to leverage exploits such as the Shellshock vulnerability at scale.
Curt Barnard is a network security professional with six years of experience. While attending the Air Force Institute of Technology, he conducted research on advanced methods of covert data exfiltration, steganography, and digital forensics. As a Department of Defense employee, Curt focused on analysis and operations to counter some of the most advanced cyber threats. At Endgame, Curt continues this research, coaxing malicious actors into revealing their TTP’s and creating defensive measures based on real-time threat data.
Using Data Science to Solve Security Problems
Speaker: Phil Roth, Endgame Data Scientist
Data science techniques can help organizations solve their security problems — but they aren’t a silver bullet. Working directly with customers, Endgame has been able to match the right science to unsolved customer security challenges to create effective solutions. In this talk, attendees will experience a small part of that process by learning:
- How machine learning techniques can be used to find security insights in large amounts of data.
- The difference between supervised and unsupervised learning and the different types of security problems they can solve.
- How a lack of labeled data and the high cost of misclassifications present challenges to data scientists in the security industry.
- How Endgame has used an unsupervised clustering technique to group cloud-based infrastructure, a fundamental step in the detection of malicious behavior.
Phil Roth cleans, organizes, and builds models around security data for Endgame. He learned those skills in academia while earning his physics PhD at the University of Maryland. It was there that he built data acquisition systems and machine learning algorithms for a large neutrino telescope called IceCube based at the South Pole. He has also built image processors for air and space based radar systems.