Virtual Event
11:00 AM – 5:00 PM EST
(8:00 AM – 2:00 PM PST)
Join Omdia, Black Hat and Dark Reading at this free, all-day virtual event offering expert insight on the cyber-threats and trends enterprises will face in the coming year.
On December 8, Cybersecurity Outlook 2022 will look at some of the new threats posed by online attackers, as well as evolving products and technologies that may mitigate those threats. You’ll hear from some of the cybersecurity industry’s top thinkers, as well as researchers who have been studying the next wave of cyber vulnerabilities and exploits.
Among the topics that will be covered at Cybersecurity Outlook 2022:
- New threats and attack trends that will emerge in the new year
- The evolution of new security operations technologies, including XDR and DNS security
- Next-generation approaches to current security problems, such as ransomware and zero-day exploits
- Newly-discovered security vulnerabilities in the industry’s most prevalent computing systems, including Active Directory
- Trends in cybersecurity research and the next wave of security flaws emerging in current enterprise technology
- An overview of trends in malware development, including ransomware and database attacks
- Key steps your organization should take to prepare for emerging threats in 2022
And much more!
11:00 AM – 5:00 PM EST
(8:00 AM – 2:00 PM PST)
- 11:00 AM – 11:45 PM EST
In this keynote address, Maxine Holt, head of Omdia Research’s cybersecurity practice, offers a forward-looking view on the threats, technologies and trends expected for 2022, and provides advice on how to prepare for them.
- 11:45 AM – 12:00 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 12:00 PM – 12:05 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 12:05 PM – 12:15 PM EST
Sponsored by: Fortinet
- 12:15 PM – 1:00PM EST
Moderator: Tanner Johnson, Principal Analyst, Omdia
The unprecedented volume and sophistication of cyberattacks in 2021 has highlighted the critical need for enterprises to step up their game in detecting, correlating, and responding to online compromise. One of the most critical trends expected to hit security operations centers in 2022 is the emergence of XDR – the set of tools needed to swiftly analyze cyber data and stop online attacks before they do damage to critical data.
In this insightful keynote address, Omdia principal analyst Eric Parizo offers insight on the future of XDR technology, and recommendations on how enterprises can make the best possible use of emerging detection technologies.
- 1:00 PM – 1:15 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 1:15 PM – 1:20 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 1:20 PM – 1:30 PM EST
Sponsored by: Fortinet
- 1:30 PM – 2:00 PM EST
Moderator: Eric Parizo, Principal Analyst, Security Operations, Omdia
On January 29, 2019, a serious vulnerability was discovered by multiple parties in Group FaceTime which allowed an attacker to call a target and force the call to connect without user interaction from the target, allowing the attacker to listen to the target’s surroundings without their knowledge or consent. While this remarkable bug was soon fixed, it presented a new and unresearched attack surface in mobile applications that support video conferencing.
This presentation covers my attempts to find similar bugs in other messaging applications, including Signal, JioChat, Mocha, Google Duo, and Facebook Messenger.
- 2:00 PM – 2:15 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 2:15 PM – 2:20 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 2:20 PM – 2:30 PM EST
Sponsored by: Fortinet
- 2:30 PM – 3:00 PM EST
Speaker: Omri Ben-Bassat, Security Researcher, Section 52 at Azure Defender for IoT, Microsoft and Tamir Ariel, Security Researcher, Section 52 at Azure Defender for IoT, Microsoft
Moderator: Tanner Johnson, Principal Analyst, Omdia
“BadAlloc” is our code name for a class of integer-overflow related security issues found in popular memory allocators’ core functions such as malloc and calloc. BadAlloc vulnerabilities affect 17 different widely used real time operating systems (i.e., VxWorks, FreeRTOS, eCos), standard C libraries (i.e., newlib, uClibc, Linux klibc), IoT device SDKs (i.e., Google Cloud IoT SDK, Texas Instruments SimpleLink SDK) and other selfmemory management applications (i.e., Redis).
Some of these vulnerabilities go as far back as the early 90’s and all of them collectively impact millions of devices worldwide, mainly IoT and embedded devices as this was out of focus.
In this talk, we’ll present some of the most interesting findings and discuss how we found them. We’ll do a quick root-cause analysis for each of the selected cases and show, in high depth technical level, how this specific kind of vulnerability could be leveraged to a full-blown remote code execution exploit on affected systems. We’ll discuss possible mitigation techniques and propose a method to check whether your application is affected by BadAlloc or similar vulnerability.
Finally, a demo of a working RCE exploit will be presented.
- 3:00 PM – 3:15 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 3:15 PM – 3:20 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 3:25 PM – 3:55 PM EST
Speakers: Alert Logic | Joshua Cigna, Solutions Architect, Yubico | Chenxi Wang, Managing General Partner, Rain Capital | Eric Thomas , Information Security Analyst, HD Supply
Panel: Tom Gorup, Vice President, Security Operations, Alert Logic
In 2020, the global pandemic forced enterprises to make overnight shift to digital business and work-from-home computing. After a year of holding security together with temporary fixes, many security teams are preparing for a new year and a new operating model that will likely combine both in-person and remote computing. In this panel, experts will discuss the outlook for enterprise computing in 2022, and the longterm steps security teams will need to make to support the “back to normal” computing model.
- 3:55 PM – 4:00 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 4:00 PM – 4:05 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 4:05 PM – 4:10 PM EST
Sponsored by: Fortinet
- 4:10 PM – 4:40 PM EST
Speaker: Joseph (Joe) Carson, Chief Security Scientist & Advisory CISO
The past year brought a new wave of malware to enterprise security teams, including database attacks such as Meow and a new round of ransomware that affected well-known businesses and local schools alike.
What new and emerging malware should cyber defenders prepare for in 2022?
In this panel discussion, top experts will offer insight on new threats that may rear their heads in the new year, as well as holdover exploits that will roll over from 2021.
- 4:40 PM – 4:45 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
- 4:45 PM – 4:50 PM EST
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
Prizes & Interaction
Explorer Giveaway
30 Points
Session Viewed
25 Points
Zone Visits
20 Points
Location Chat Attended
10 Points
Documents Viewed
5 Points
Exchanged vCards
11:00am – 5:00pm EST
(8:00am – 2:00pm PST)