For those attending Blackhat and DEFCON this year, make sure to swing by the Microsoft booth. I’ll be hanging around the AI Security section from time to time as well as spending a good portion of my time within the Wall of Sheep DEFCON village.
There is a lot happening within the Microsoft booth. To get a full overview of what demos, talks, and events will be happening, check out THIS POST. Ask the scheduling people for Joey from the AI Security team to grab a minute with me.
There are also these sessions happening at Blackhat worth checking out.
| DATE & TIME | SESSION TITLE | INFORMATION | SPEAKER(S) |
| Saturday, August 3, to Tuesday, August 6, 2024 | AI Red Teaming in Practice | Hands-on training on how to red team AI systems and strategies to find and fix failures in state-of-the-art AI systems. | Dr. Amanda Minnich, Senior Researcher, Microsoft; Gary Lopez, Researcher, Microsoft; Martin Pouliot, Researcher, Microsoft |
| Wednesday, August 7, 2024, 10:20 AM PT-11:00 AM PT | Breaching AWS Accounts Through Shared Resources | Presenting six critical vulnerabilities that we found in AWS, along with the stories and methodologies behind them. | Yakir Kadkoda, Lead Security Researcher, Aqua Security; Michael Katchinskiy, Security Researcher, Microsoft; Ofek Itach, Senior Security Researcher, Aqua Security |
| Wednesday, August 7, 2024, 12:40 PM PT-1:50 PM PT | Hacking generative AI with PyRIT | Understand the presence of security and safety risks within generative AI systems with PyRIT. | Raja Sekhar Rao Dheekonda, Senior Software Engineer, Microsoft |
| Wednesday, August 7, 2024 | AI Safety and You: Perspectives on Evolving Risks and Impacts | Panel on the nuts and bolts of AI Safety and operationalizing it in practice. | Ram Shankar Siva Kumar, Data Cowboy Microsoft; Nathan Hamiel, Senior Director of Research, Kudelski Security; Rumman Chowdhury; Mikel Rodriguez, Research Scientist, Google Deepmind |
| Wednesday, August 7, 2024, 1:30 PM PT-2:10 PM PT | Predict, Prioritize, Patch: How Microsoft Harnesses LLMs for Security Response | A crash course into leveraging Large Language Models (LLMs) to reduce the impact of tedious security response workflows. | Bill Demirkapi, Security Engineer, Microsoft Security Response Center |
| Wednesday, August 7, 2024, 3:20 PM PT-4:00 PM PT | Compromising Confidential Compute, One Bug at a Time | Review of methodology and the emulation tooling developed for security testing purposes, and how it influenced our understanding and review strategy. | Ben Hania, Senior Security Researcher, Microsoft; Maxime Villard, Security Researcher, Microsoft; Yair Netzer, Principal Security Researcher, Microsoft |
| Thursday, August 8, 2024, 10:20 AM PT-11:00 AM PT | OVPNX: 4 Zero-Days Leading to RCE, LPE and KCE (via BYOVD) Affecting Millions of OpenVPN Endpoints Across the Globe | Microsoft identified vulnerabilities in OpenVPN that attackers could chain and remotely exploit to gain control over endpoints. | Vladimir Tokarev, Senior Security Researcher, Microsoft |
| Thursday, August 8, 2024, 1:30 PM PT-2:10 PM PT | Secure Boot, Insecure Reality: Peeling Back Layers of False Security | A deep dive into the systemic weaknesses which undermine the security of your boot environment. | Bill Demirkapi, Security Engineer, Microsoft Security Response Center |