Last week I attended Microsoft's Bluehat conference for the first time and found the experience to be pretty positive. Here are a few highlights
New Tools Announced
- Microsoft Threat Modeling tool v3.1 RC2 (Public release date: unknown)
- CSSH is a CSS history theft tool combining a crawler to enumerate the links you've visited on a site.
- The fuzzing talk 'Fuzzed Enough? When It’s OK to Put the Shears Down' was decent. It is amazing just how much time and effort Microsoft puts into fuzzing.
- The Crimeware talk 'Crimeware Behind the Scenes' discussed how attackers are geolocating countries to attack. Not new, but rarely spoken about.
- The 'Concurrency Attacks on Web Applications' talk was good. This discussed race conditions in web applications and the impacts of multi-threaded web frameworks.
- The 'WAF vs SDL shootout' panel was as expected. Everybody thought that WAF's were are over hyped and had little value.
- The 'Investigating Individuals and Organizations Using Open Source Intelligence' talk was neat. A tool by Roelof Temmingh was demo'd showing how to identify associations between people and data sets. This tool is definitely something I'll be looking into.
Mike Andrews also has a decent writeup of the event at http://www.mikeandrews.com/2008/10/19/bluehat-review/
More Information: http://technet.microsoft.com/en-us/security/cc748656.aspx