Black Hat Europe 2014

Black Hat Europe 2014, a premiere conference on information security, convened in Amsterdam this October. The Tenable EMEA team was there in full force, meeting customers and conversing with other security specialists. Here is a sampling of the Tenable Black Hat perspective.

Vulnerabilities and credibility

By Colin West, Director of Sales Engineering, EMEA

It was great to see so many of our customers attending Black Hat 2014 in Amsterdam. During the first day, visitors to our stand were often four deep, which was so exciting. 

Our customers wanted details about upcoming Nessus updates and they also wanted to share their experiences with Tenable products. Many college and university students told us that their cybersecurity lectures often featured Tenable tools. Some had even conducted lab comparisons, finding Tenable’s solutions to be the most performant and to provide the widest coverage in vulnerability detection.

Conversations on the stand often focused on the latest breach or vulnerability and many customers were strong advocates of using social media for getting their latest security updates. One customer explained how important it is to have its vendors communicating on the latest threat landscape and how they relied on sources such as the Tenable Blog, Discussion Forums, and commentary in the trade press. 

Many speakers also visited us at Black Hat. One interesting conversation focused on the number of attacks launched on SCADA devices and HVAC in EMEA. That person thought that the Tenable passive vulnerability scanning approach was the only true way to keep on top of these threats.

Overall, it was a great event and we look forward to returning next year!

Global mobile

By Leslie Forbes, Sales Engineer, EMEA

Black Hat Europe was a busy conference. Attendees came from all across Europe and Scandinavia, ranging from students to VPs. Interests extended from personal curiosity to multi-national projects. From the attendee’s point of view, it seems the briefing sessions were most valuable and insightful.

From a vendor’s perspective, most of the talk trended around mobile – and mainly from the Android camp, since it’s imminently hackable.

• One speaker talked about the threat of OEMs delivering customised versions of the stock Android. Tweaking so many options can make the resultant system much more vulnerable. So his research was to define a set of “base” settings that should not be altered.
• Another speaker talked about manipulating the inner processes of Androids to alter banking transactions.
• One gent from South Africa spoke about the advanced mobile banking apps being developed there both for smartphones and for simple SMS (non-Internet). South Africa seems to be far ahead of many other countries on banking security. The challenges faced by banks in South Africa are different, since “exporting” money from South Africa is not as simple as many other countries around the world. So fraud is often perpetrated locally, and mules are used to move the money out