August 24, 2016

Black Hat 2016 Recap and 5 Key Takeaways

Black Hat 2016 Recap and 5 Key Takeaways

Trustlook was thrilled to be part of Black Hat 2016 at Mandalay Bay in Las Vegas. We had a booth in Innovation City, and had the chance to meet many great people in the security industry as well as learn a lot of great new things about cyber security. We successfully launched two new products: Trustlook Sentinel and SkyEye. We were also excited to be interviewed by the Security Guy Radio show and Decrypted Tech. Here are our top 5 takeaways from Black Hat 2016.

1. People Think Mobile is Safe
It was surprising to hear feedback from some industry experts who feel that security issues on mobile devices are “not that big of a deal.” In fact, there were only a handful of mobile security companies at the show. That thinking, unfortunately, is completely wrong. Mobile device usage is growing faster each and every day, and BYOD is becoming the norm across much of the corporate world. Further, the complex technology stack and OS fragmentation in Android devices further complicates matters and increases the fragility of this endpoint. Needless to say, mobile will continue to be a preferred exploitation point for hackers.

2. Partnerships in Security are the Name of the Game
With many companies focusing on different areas of security (such as network, app, cloud, data, mobile, etc.) it’s only natural for these companies to want to work together to develop custom solutions for organizations. We were approached by many companies wanting to leverage our mobile security expertise. CISOs are looking for solutions that solve their problems, not disparate solutions that result in more headaches. Cross-vendor product integrations will continue to grow to meet the complex and unique needs of organizations.

3. Ransomware is Top of Mind
It’s clear the rise of deceptive ransomware is top of mind with customers, vendors, and researchers alike. We went to a great Ransomware session hosted by security firm CyberArk. They shared examples of Ransomware including geo-targeted attacks, as well as info how Ransomware authors use customized local content while focusing their efforts on richer countries that can afford to pay the ransom.

4. Machine Learning, Machine Learning, Machine Learning
If I had a nickel for every time I heard “Machine Learning” at Black Hat… Machine Learning, the technology, has been around for a while in many aspects of life, and increasingly more in security, as threat detection by way of signatures is being replaced by behavioral methods and machine learning. But Machine Learning, the buzzy catchphrase, is still relatively new, and shows no signs of losing its coolness. The good news for Trustlook is that we fit in nicely to any Machine Learning conversation. Our new product Sentinel, the first ever 100% ROM-level malware detection engine, is built upon machine learning in that it improves (i.e. learns) with each behavior it sees in an app.

5. iOS Security is an Issue
We were amazed by the number of people who approached us looking for an iOS security solution. (We are currently developing one). One person, in particular, develops custom security products for executives from large Fortune 500 companies. Most of these execs use an iPhone, or other iOS devices. He has seen first-hand these devices compromised and understands the potential problems when this happens. He wants to build additional security protections into the platform.

Were you at Black Hat 2016? Do you have any thoughts on the show? Let us know in the comments.