Join us in Las Vegas as we showcase our Code to CloudTM platform at Black Hat, BSides and Def Con. You won’t want to miss the breakout and theater sessions, demos, parties, prizes and more.
Prisma Cloud will be at three events during the week of August 7 in Las Vegas, Nevada, so mark your calendars!
Prisma Cloud secures every stage of the application lifecycle. The platform helps organizations prioritize and eliminate risks across code/build, infrastructure and runtime.
Kick the week off at BSidesLV. Prisma Cloud by Palo Alto Networks is a Gold Sponsor. Stop by the Tuscany Suites and Casino Hotel to chat with our experts and enter our raffle for a chance to win a Flipper Zero.
Tuesday, August 6th | 3:00 PM
Presented by Yaron Avital, Sr. Staff Researcher
Open-source projects often leverage GitHub Actions for automated builds. Join Yaron as he delves into a novel attack vector where he discovered a treasure trove of secrets — leaked access tokens — hidden within seemingly innocuous build artifacts, available for everyone to consume. These tokens encompassed various cloud services, interesting in their own right, but Yaron aimed to achieve more — taking control over these open-source projects.
Finding hidden GitHub Actions tokens in these artifacts was the easy part, and Yaron even managed to poison the projects’ artifacts and cache. But pushing malicious code into the repositories failed, as the ephemeral tokens created in each workflow run expired as soon as the job was finished. This presented a thrilling challenge, a race against time to steal and use these tokens before they vanish.
This session equips attackers with a novel attack path, revealing how to unearth sensitive data in build artifacts, craft a high-speed exploit to catch ephemeral tokens and utilize them for swift attacks. Yaron will showcase real-world examples of popular open-source projects he was able to breach, including projects maintained by high-profile organizations.
Experience Precision AI technology in action at Black Hat USA 2024.
Palo Alto Networks is a top sponsor and supporter of the Network and Security Operations Center (NOC/SOC) at Black Hat USA 2024 in Las Vegas, NV. Black Hat is a premier cybersecurity conference that brings together security professionals, researchers and leaders to discuss the latest threats, trends and technologies in information security. The event features hands-on training, briefings on the latest in information security research and networking opportunities for professionals at all career levels.
Related: Black Hat Executive Q&A with Wendi Whitmore, Senior Vice President, Unit 42, Palo Alto Networks
Wednesday, August 7 | 2:35 – 3:25 PM
Presented by Michael Sikorski, CTO, Unit 42 and Mike Spisak, Technical Managing Director, Proactive Services, Unit 42
Generative AI is becoming a driving force for innovation across industries, transforming how businesses operate. With rapid growth, though, comes new security risks. This presentation dives into the emerging threats facing generative AI.
Michael and Mike will discuss Unit 42's latest research, revealing how cybercriminals are actively using techniques to manipulate AI systems for malicious purposes. Through examples and live demonstrations, they'll expose how these attacks can bypass security measures, manipulate AI-generated content and compromise sensitive data. They'll then delve into practical defense strategies, empowering organizations to fortify their AI applications against evolving threats.
By understanding the tactics used to both attack and defend AI systems, organizations can better navigate the evolving security challenges and ensure that this powerful technology is used safely and responsibly.
Thursday, August 8 | 10:10 – 11:20 AM
Presented by Anand Tiwari, Manager, Product Management and Harsha Koushik, Technical Product Manager
Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multicloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors, including external and insider threats, lateral movement and data exfiltration, COBRA enables organizations to gain insights into their security posture vulnerabilities. COBRA is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.
COBRA Features
Shift from Findings to Root Causes with Prisma Cloud
Wednesday, August 7 | 10:30 – 10:45 AM
Presented by Cameron Hyde, Product Marketing Manager, Prisma Cloud
Why Visibility Isn’t Enough for Runtime Protection
Wednesday, August 7 | 2:30 – 2:45 PM
Presented by Sohini Mukherjee, Prisma Cloud Solutions Architect
Shifting Left: Perceptions Vs. Realities
Wednesday, August 7 | 3:45 – 4:00 PM
Presented by Nick Ohri, Prisma Cloud Solutions Architect
Cloud Data Risk – Bringing Data into the Security Context
Thursday, August 8 | 1:30 – 1:45 PM
Presented by Brian Pierce, Prisma Cloud Solutions Architect
Wednesday, August 7 | 6 – 8 PM
Experience a modern approach to Japanese Cuisine and specialty libations as you mingle with a who’s who of cybersecurity leaders and experts from around the world. Register for our Networking SOCial now.
Customer and partner engagement is important to us because it’s the building block of your experience and our relationship. If you’d like to schedule a meeting with Prisma Cloud subject matter experts, executives or sales reps, we’ll be available.
Take a minute to explore the many Palo Alto Networks Black Hat activities.
Wrap up the week at Def Con 202,4 where Prisma Cloud researcher Avid Hahami will share his latest insights.
Saturday, August 10th | 1:00 PM
Presented by Aviad Hahami, Sr. Staff Researcher
As DevOps and developers are slowly shifting away from storing long-lived static credentials to the more secure, still kinda-new OIDC alternative — the underlying logic, mechanisms and implementations tend to feel like complicated magic and are mostly overlooked.
In this talk, Aviad will begin by recapping what OIDC is, who the interacting entities are when OIDC is used, and how OIDC is taking place to securely access one's cloud using CI/CD flows.
Once covered, Aviad will be able to alternate points of view between the entities in play and potential vulnerabilities in various setups.
Starting with the user POV, he’ll show you what "under-configurations" looks like and demonstrate how new OIDC configuration options can actually be misconfigurations that could result in a compromise.
He’ll then explore another attack vector where leaking an OIDC token from a single repository in an organization can allow an attacker to abuse under-configurations and access private clouds.
After that, he’ll shift the POV to the identity provider (IdP) to show you what happens if an IdP is misconfigured, and disclose a real-world security vulnerability found in one of the most popular CI vendors that allowed his team to access their customers' cloud environments.
As promised, you don’t want to miss out. See you in Las Vegas!
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.