December 8, 2017

Forcepoint Security Labs at Black Hat Europe 2017

Carl Leonard Principal Security Analyst

Forcepoint Security Labs researchers have just returned from a successful Black Hat Europe 2017 hosted in London, UK.  We had an enjoyable time presenting, networking and expanding our own knowledge.
Thank you to all those who attended our Briefings Talk on Wednesday and who met us on our booth in the Business Hall.


Forcepoint Briefing - and Evader

Forcepoint researchers, Antti Levomäki & Olli-Pekka Niemi, delivered a briefing in the Network Defense track entitled “Automatic Discovery of Evasion Vulnerabilities using Targeted Protocol Fuzzing” on Wednesday 6 December at 11:45am.  Their research demonstrated that many security devices still have basic evasion vulnerabilities that allow an attacker to evade detection and thus bypass the security device.  Unfortunately this is still the case even many years after their original research was made public at an earlier Black Hat conference.

Olli-Pekka and Antti’s slides and whitepaper are now available from the official Black Hat website.

Slides: https://www.blackhat.com/docs/eu-17/materials/eu-17-Levomaki-Automatic-Discovery-Of-Evasion-Vulnerabilities-Using-Targeted-Protocol-Fuzzing.pdf

Whitepaper: https://www.blackhat.com/docs/eu-17/materials/eu-17-Levomaki-Automatic-Discovery-Of-Evasion-Vulnerabilities-Using-Targeted-Protocol-Fuzzing-wp.pdf

For a video of Evader in action please see: https://www.forcepoint.com/evader

To get access to the Evader tool please email evader@forcepoint.com

Black Hat and other security conferences like it provide a plethora of reading material available immediately after the conference.  The full list of Black Hat Europe 2017 Briefings abstracts, including slides and whitepapers, can be found on the official conference website: https://www.blackhat.com/eu-17/briefings.html


Booth Presentations

Our team of Security Labs researchers and Consulting Engineers delivered presentations throughout the 2 days of the Business Hall show.  We described the Cyber Continuum of Intent that explains user behavior and intent (of accidental, compromised and malicious users), we mapped the NIST framework core to suitable solutions and offered customised guidance and advice to our audience.  Thank you to all those who attended and engaged with our experts.  We hope that we answered all of your questions and to support the content delivered on the booth you may consult the following resources:

Forcepoint 2018 Security Predictions: /blog/security-labs/forcepoint-2018-security-predictions

Getting ready for the General Data Protection Regulations (GDPR)

Gaining visibility and control over cloud applications

We look forward to meeting you at a security conference in the near future.

Carl Leonard

Principal Security Analyst

Carl Leonard is a Principal Security Analyst within Forcepoint X-Labs. He is responsible for enhancing threat protection and threat monitoring technologies at Forcepoint, in collaboration with the company’s global Labs teams. Focusing on protecting companies against the latest cyberattacks that...

Read more articles by Carl Leonard

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.