Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

7/26/2019
09:00 AM
Alex Wawro, Special to Dark Reading
Alex Wawro, Special to Dark Reading
News
50%
50%

Black Hat Q&A: Inside the Black Hat NOC

Cybersecurity expert Bart Stump explains what it's like to reliably deliver a useful, high-security network for one of the toughest audiences in the world.

When you sign up to attend Black Hat USA in Las Vegas next month, make sure to leave time in your busy schedule to check out the Black Hat Network Operations Center (NOC), the heart of the Black Hat network.

The Black Hat NOC team meet months before the event to strategize the best way to deliver a high-security, high-availability network to one of the biggest cybersecurity events in the world. The fact that this event is packed with security researchers, hackers, and network experts makes the process of deploying and securing the NOC just that much more exciting.

In addition to visiting the NOC itself, Black Hat attendees are invited to attend the special debriefing session offered at the end of the show.

In this popular Briefing, NOC crewmembers run down the tools and techniques they use to set up, stabilize, and secure the network, and describe what improvements they’ve made over the past year. I recently asked NOC leader Bart Stump offers to share his insight into what the NOC crew does and why Black Hat attendees should pay attention.

Alex Wawro: Hey there! Can you tell us a bit about who you are and what you do

Bart Stump: Hello! My name is Bart Stump and I am one half of the NOC leadership at Black Hat. I have been working with Black Hat for 12 years now.

Alex: What does your average workload look like at a Black Hat event?

Bart: The US show is obviously our flagship show and brings a much higher workload leading up to and during the event. Myself, and a small skeleton crew arrive four days before the show starts to begin setting up the network. During the show, there is the regular maintenance and issues that we work to deal with as quickly as possible. We also have obligations with tours, media, and our NOC debrief at the end of the show.

Alex: What's the most challenging thing about working in the Black Hat Network Operations Center?

Bart: I would say it's being able to think on your toes as issues arise [because] they need to be resolved in order to not impact attendees or trainers and speakers. Being able to work as a team and trust those around me to do their part is what makes the NOC go, and keep everything as stable as we do!

Alex: What should attendees know about the NOC that they probably don't?

Bart: Everyone is welcome to come see us, ask questions and stay involved with the work we do. If you have any questions, comments or concerns - we want to hear them! So come visit us and see what we do to keep Black Hat attendees safe!

Alex: Any fun stories from your time on the NOC Crew?

Tons! We have had many experiences over the years as the show continues to grow. From the friendships that I have gained and grown because of Black Hat, to the crazy network traffic we see every show, it is always fun and entertaining for sure!

P.S. we always have stories to tell at our debrief (which always helps close out Black Hat) and would be happy to share more there.

Black Hat USA returns to the Mandalay Bay in Las Vegas August 3-8, 2019. For more information on what’s happening at the event and how to register, check out the Black Hat website.

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

 

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...