It seems as though the hype over talks at Black Hat 2012 is centered more on the speakers than specific content. Case in point, remember the flurry of discussion over DNSSEC, SSL vulnerabilities and SCADA in years past? Those are still hot session topics, but more so this year, it's the speakers' name recognition that's driving many of the discussions. In the Black Hat 2012 agenda, you may notice a few nebulous talk abstracts with heavy...
hitters in the byline.
Much of the media's hype thus far is a result of the new track chairs and the briefings they're throwing their weight and attention behind. I am impressed with this year's content; there's quite a bit of new research being presented that will stimulate the industry. But, as expected, these groundbreaking sessions are laced in an agenda with many throwbacks and reworks of previously presented content.
More from Black Hat 2012
See more of SearchSecurity.com's special coverage of Black Hat 2012.
This year's session topics seem less diverse than some of years past. In 2011, we saw variegated content centered around the usual topic suspects: malware, application vulnerabilities, cell phone and OS hacking, with a little bit of other stuff thrown in, including talks on networking and infrastructure routing attacks, hardware hacking of USBs and Arduinos, and even a talk on unmanned aerial vehicles (UAVs).
This year's topics seem a little more pocketed in their genres. I noted the majority of topics fell into one of five specific categories: HTML5/Java/browser vulnerabilities, SCADA/smart meter vulnerabilities, kernel attacks, cellular vulnerabilities and Windows 8. Now, obviously not all talks fell into these topics, but I'd call these trending themes for 2012. The decrease in diversity in topics may be due, in part, to the new tracks Black Hat introduced this year. This year's briefings are distributed among five tracks: mobile, defense, application security, malware and "breaking things."
Regardless of the breadth of content, briefings and trainings at Black Hat are the leading source for the security industry's efforts in research and analysis, and whatever the topics, I think we can expect the same level of technical acumen founder Jeff Moss and crew have been delivering for 15 years.
Keep an eye out as you attend this year's briefings and see what you think the trending topics are for 2012.
Jennifer Jabbusch Minella is CISO at Carolina Advanced Digital, Inc., an IT infrastructure, security and management consultancy. Jennifer blogs at Security Uncorked.