Bring your puzzle-solving skills to Black Hat with our annual #F5CipherChallenge! Victors will receive honor, glory, and a chance at winning fabulous prizes! Can you solve this year’s puzzle? Only one way to find out...
TEST YOUR CIPHER SKILLS
Every year at Black Hat we debut a unique t-shirt design that’s also a core clue in our annual cipher challenge. Visit the F5 booth to get yours!
GET THE 2019 T-SHIRT
2016
2017
2018
2019
STRENGTHEN YOUR APP SECURITY STRATEGY
Thursday, August 8
10:00 a.m.–11:20 a.m.
Business Hall (Oceanside) Arsenal Station 7
TOMER ZAIT
SPEAKER
GET THE LATEST INTEL ON THE APP THREATS THAT MATTER
Hear from F5 security experts every 30 minutes in the F5 booth, and learn how to protect your apps from today’s critical threats.
fight the good fight against THE bad bots
Are you blind to encrypted threats?
Understanding the Application Threat Surface
CAN’T MAKE IT TO BLACK HAT USA?
Learn more about securing your apps against today’s most critical threats.
Get the latest Application
Protection Report >
Watch our top application
security webinars >
Read our application protection eBook series >
follow @f5security >
visit us at booth 1104 >
protect your apps with f5 >
Wednesday, August 7
5:05 P.M. – 5:30 P.M.
South Seas ballroom CDF
SPEAKER
Principal Security Researcher
F5
Join us to learn how bots infect, propagate, and attack applications; what types of application attacks are commonly performed by bots; and how you can defend against bad bots without disrupting the good ones.
SEE F5 APP SECURITY IN ACTION
Visit the booth to get a demo, talk to a solutions architect, or see how F5 integrates with your other security solutions.
Bot Defense
SSL Visibility and Orchestration
Managed Security Services
Automation,
Management, and Analytics
+
Learn about emerging application threats, and talk to F5 experts about filling the gaps in your app security strategy.
Watch the video
Are your apps secure against today’s most critical threats?
see you at Black Hat USA 2019
Today, more than 50% of online traffic is generated by bots—and they’re part of almost every attack. Join us to learn how bots infect, propagate, and attack applications; which application attacks are commonly performed by bots; and how you can defend against bad bots without disrupting the good ones.
The majority of malware and data exfiltration hides within encryption, blinding your security inspection tools. Join us to learn how to decrypt and orchestrate your traffic to make your controls more effective.
+
To understand attacks, you first need to understand the application threat surface.
In this session, we’ll deconstruct the application to identify the components and potential threats to help you make decisions on how to protect your organization.
August 3–8 | Mandalay Bay | Las Vegas
Mudit Tyagi
Architect, Security Products
F5
Mikhail Fedorov focuses on researching DDoS attacks and available detection and mitigation techniques. Prior to working at F5, Mikhail designed and implemented secure application infrastructure as a consultant at Russian system integrator Depo Electronics. He has a masters’ degree in physics and a bachelors’ in information technology from Tomsk State University, and has CCDA, CCNP, and CCNP security certifications.
BLACK HAT USA 2019
Go to F5 Labs
< BACK TO EVENTS
CONNECT WITH F5
F5 LABS
DEV CENTRAL
F5 NEWSROOM
The latest in application threat intelligence.
Go to Dev Central
The F5 community for discussion forums and expert articles.
News, blogs, and more.
Go to the newsroom
YOUR APPS—FAST, AVAILABLE, AND SECURE—IN ANY CLOUD.
With 20+ years of application service experience, F5 provides the broadest set of services and security for enterprise-grade apps, whether on-premises or across any multi-cloud environment.
HAVE A QUESTION? |
Support and Sales >
FOLLOW US
explore BLACK HAT USA 2019 >
JOIN F5 FOR DRINKS AND APPETIZERS
Kumi Japanese Restaurant + Bar at Mandalay Bay
Wednesday, August 7
7 p.m. – 9 p.m.
Stop by booth 1104 to pick up your invitation or RSVP here >
Product Management Engineer, Security
F5
MIKHAIL FEDOROV
SPEAKER
Imagine you could browse a target's internal network without deploying anything on the victim’s machine: a one-click setup that provides you a magic tunnel from the outside world. That's the idea behind "ReD Tunnel". The design goal was to use tools (such as the web browser) that already exist on the victim's device. To create this new capability, we combined JavaScript reconnaissance techniques and the DNS rebinding attack. Just open your browser, wait until the victim visits your website, and start browsing the websites within their network.
ReDTunnel: Explore Internal Networks via DNS Rebinding Tunnel
ARSENAL
In June 2018 ProtonMail suffered rapidly morphing sustained DDOS attacks. By creating a toolkit that mimics the ProtonMail attacks, F5 researchers discovered through analysis that the most effective defense against such attacks is a combination of an unsupervised machine learning algorithm to determine a baseline, performing anomaly detection and mitigation, and using another machine learning algorithm to tune the performance of the first. An SOC operator did not have to react at machine speed, but simply monitored the findings and the actions of the machine. https://protonmail.com/blog/a-brief-update-regarding-ongoing-ddos-incidents/ >
Defense Against Rapidly Morphing DDoS
BRIEFING
Mudit Tyagi has 20 years of experience in software engineering and system architecture design for secure application delivery for financial and healthcare services. Prior to joining F5, Mudit was the Founder and CEO of Confiserve. He has bachelors’ degrees in physics and electrical engineering from Columbia University and a masters’ in computer engineering from University of New Mexico.
Tomer Zait is a principal security researcher at F5, and has worked in a range of professions in the security industry (Web Application Firewall Integrator, Penetration Tester, Application Security Engineer, Security Researcher, etc.). During this time, he developed open-source projects—most of them security tools. His projects include: x64dbgpy; ReDTunnel (presented In BlackHat Arsenal ASIA 2019), and PyMultitor (presented In BlackHat Arsenal ASIA/US/EU 2017). Tomer writes regularly for online security magazines and is a seven-time winner of Israeli CTFs.
+
Go to Kumi >