Awake Security Demonstrates the Power of the Network for Stopping Non-Malware Attacks at Black Hat and DEF CON 26

Security today announced details regarding its upcoming presence at
Black Hat 2018. Rahul Kashyap, President & CEO, along with threat
researchers Troy Kent and David Pearson, will be presenting and hosting
workshops demonstrating how the most damaging, non-malware attacks can
be detected and remediated using the power of Network Traffic Analysis
(NTA). A sponsor of Black Hat 2018, Awake be demonstrating its Network
Detection and Response Platform in the Business Hall, booth #IC2529.

The recent
indictment of 12 Russian military intelligence officials for
attacking the DNC emphasizes the importance of NTA solutions in
identifying behaviors indicative of malicious intent. These activities
include attack techniques such as remote access, privileged escalation
and lateral movement, data exfiltration and more. According to Gartner,
“Enterprises looking for a network-based approach to identify advanced
attacks that have bypassed perimeter security should consider NTA as a
way to help identify, manage and triage these events.”1
Through their presentations, Awake will demonstrate how the power of the
network can be used to detect and respond to today’s advanced attacks.

Awake will be participating in the following sessions at the AGC
Partner’s 2018 Disrupt!on Conference, Black Hat and DEF CON 26:

Presenter: Rahul Kashyap, President & CEO

Session Title: Cyber Data DistillationIn this panel,
Kashyap will discuss the tremendous volume of data that cybersecurity
teams are being asked to work with and how artificial intelligence and
machine learning can help democratize capabilities such as network
traffic analysis for organizations that struggle to find human talent to
fill those needs.

This session will be held at the AGC Partners 2018 Disrupt!on
Conference, August 7, 2018, from 4:50 – 5:25 p.m. PDT, at the Luxor
Hotel & Casino.

Presenter: Troy Kent, Threat Researcher

Session Title: Unknown Knowns: Missing the Attacker Hiding in Plain
SightThis session will explore attack scenarios designed to
confuse and trick security analysts to bypass detection. Kent will dive
into specific examples of the protocols and techniques attackers use and
how network traffic analysis can identify these patterns to dramatically
reduce attacker dwell time.

This session will be held on Wednesday, August 8, 2018 from 2:25
– 2:45 pm PDT at the Innovation Theater, Oceanside, Mandalay Bay.

Presenters: Rahul Kashyap, President & CEO; Baibhav Singh,
Security Researcher, Samsung Research America

Session Title: Back to the Future: A Radical Insecure Design of KVM
on ARMThe KVM Hypervisor is part of the Linux kernel and by
default it is enabled on all supported ARM system. In ARM architecture
KVM is implemented through split-mode virtualization and runs across
different privileged CPU modes. This talk will discuss about the design
and a security issue in a way Linux kernel initializes the KVM
Hypervisor. An attacker having access to host EL1 can execute code in
EL2. This security issue can be exploited by an attacker to install a
Hypervisor root kit on ARM system.

This session will be held Wednesday, August 8, 2018 from 5:05 – 5:30
p.m. PDT, at Lagoon JKL, Mandalay Bay.

Presenter: David Pearson, Principal Threat Researcher

Workshop Title: The Truth is in the Network: Reverse
Engineering Application-Layer Protocols Via PCAPReverse
engineering has become an increasingly important element of network
security. The ability to break a system down in order to understand its
base components and how they interact is critical to understanding not
just how the system works, but the ways it can leave your network
vulnerable. This training will provide a deep technical dive into the
network traffic of a common remote access application.

This training will be held at DEF CON 26 on Thursday, August 9,
2018 from 2:30 – 6:30 pm PDT, in Icon F, The LINQ Hotel & Casino.

For full details on Awake at Black Hat, please visit

About Awake SecurityAwake’s Network Detection and Response
Platform helps organizations detect and hunt for threats missed by
traditional security solutions. The company’s innovations in artificial
intelligence and advanced network traffic analysis transform security
operations by automatically detecting attackers’ evolving tactics,
techniques and procedures, including non-malware activity. The platform
continuously discovers and scores entities based on risk by profiling
network traffic to learn and analyze the behaviors of managed and
unmanaged users, devices and applications as well as the external
destinations they interact with. All of this is done without relying on
agents, integrations, training periods or continuous model updates.

Recognized as one of the top
10 security innovators at the RSA Conference 2018, Awake is
headquartered in Sunnyvale, CA and backed by Greylock Partners and Bain
Capital Ventures. Learn more at and
follow Awake on Twitter (,
LinkedIn (
and Facebook (

1 “Gartner
Top Technologies for Security in 2017,” July 5, 2017

View source version on

Leave a Comment

Your email address will not be published. Required fields are marked *