Event Schedule

Event Starts On: May 7, 2024 9:25,AM
Event Ends On: May 8, 2024 2:00,PM
Briefing Details
Dark Arts Village Opening
May 8, 2024

Opening and welcome to the Dark Arts Village

Enhancing Security Event Correlation through Comprehensive Identity Analysis
May 8, 2024

Charles Boulware presents "Enhancing Security Event Correlation through Comprehensive Identity Analysis"

Analyzing I-SOON with Data Science & Magic
May 8, 2024

Joe Hall, Dave Mitchell & Jeff Sims present "Analyzing I-SOON with Data Science & Magic" Lockbit is done. The criminal hackers got hacked back by a global effort of law enforcement. (Reminder to patch php on your web servers lol) For years our hacker community has warned of the growing threat of affiliates. Criminal groups that run like businesses offering things like Penetration as a Service even having a tech support team for you to call if their malware malfunctions.

Bridging the Divide: Collaboration between Security & Data Science for Secure AI Development
May 8, 2024

Zach Rayburn & Jackie McGuire present "Bridging the Divide: Collaboration between Security & Data Science for Secure AI Development" The rapid adoption of AI has introduced novel security challenges. Machine learning models are vulnerable to various attacks, such as poisoning, adversarial inputs, and model extraction. This workshop addresses this critical issue by promoting collaboration between security and data science teams throughout the AI development process. To pursue this goal the workshop will define current challenges, equip participants with techniques to tackle these challenges, and provide example case studies for guidance. Beginning with a definition of current challenges will allow participants from both sides of the development process to have common understanding. Overcoming these challenges will be addressed in the workshop by providing tools and techniques which can be used in the participant’s joint strategy. To wrap up the workshop we will explore case studies to provide some example strategies for participants to modify and implement in their own development teams.

Blutetooth Impersonation Attacks with MacOS
May 8, 2024

Ivan Fonseca from Threatlocker presents "Blutetooth Impersonation Attacks with MacOS" We will demonstrate how to take over a MAC by abusing bluetooth and a flipper0

Purple Teaming with Detection-as-Code for Modern SIEM Hands-On Workshop
May 8, 2024

Ken Westin presents "Purple Teaming with Detection-as-Code for Modern SIEM Hands-On Workshop " One of the challenges for security teams is writing and deploying detections that generate actionable alerts with rich context while also reducing noisy alerts. This hands-on workshop will teach the fundamentals of Purple Teaming and detection-as-code to help build new detections. This session will show how to leverage Purple team techniques to develop hypotheses for new detections and strengthen their defenses against future attacks. The session will show how to use open-source offensive security tools to simulate attacks against lab infrastructure and use an investigative approach to learn and build new detections & manage them using detection-as-code principles to eliminate noise and false positives.

Become Stealth Online
May 8, 2024

Sandra & Lee present "Become Stealth Online " All companies, agencies and individuals utilize the internet for research & open source investigations when preparing for EP details, conducting risk / threat assessments, due diligence, and for auditing your business or employees. The highest priority is to secure your identity, maintain privacy, keep your system safe, and protect your information. Prior to maneuvering in and out of websites and databases, be sure you're not giving up details about you and your business by providing vulnerabilities that could compromise your information. This session will offer resources, tools, and downloads to help secure your digital footprint. In addition, this course will teach you how to maneuver covertly and stay anonymous. Attendees are encouraged to bring their laptops for a hands-on experience.

Want to Play a Game? Threat Modeling Weaponized AI with Red Teaming
May 8, 2024

Maril Vernon presents "Want to Play a Game? Threat Modeling Weaponized AI with Red Teaming" This talk explores the weaponization of AI, highlighting the ethical and security challenges of AI manipulation methods, including language and semantic tricks, contextual misdirection, and exploiting model limitations. Using a simulated exercise of an AI-powered drone contemplating eliminating its human operator to bypass imposed restrictions and other human-driven bypass strategies, it underscores the critical role of red teaming and the application of ethical guidelines and cyber threat intelligence to preemptively counter AI threats. The presentation delves into the broader implications of AI capabilities being turned against their intended ethical boundaries, and ability to be weaponized, emphasizing the role of red teaming in identifying and mitigating potential misuses of AI technologies in cybersecurity and defense."

How Not To Write a Security Disclosure
May 9, 2024

Max VonBlankenburg presents "How Not To Write a Security Disclosure" Every day, roughly 50 new vulnerabilities are added to Github's advisory database. That's a lot for a security team to keep track of. How many of those advisories contain actionable information, allowing for the remediation of the vulnerability? It may be less than you think. In this talk, I'll be showing you how to write a vulnerability disclosure that actually helps the people reading it, by digging through the absolute worst, bottom of the barrel disclosures I have ever had the misfortune of laying eyes upon."

Chat GPT for Ethical Hacking
May 9, 2024

Kavitha Venkataswamy & Srini Vuggumudi, Ph.D present "Chat GPT for Ethical Hacking " Applications of Chat GPT for ethical hacking with a demo of one or two use cases and hands on lab

How to Secure AI Systems
May 9, 2024

Sam Bowne presents "How to Secure AI Systems" An overview of the currently known risks of AI systems, from OWASP, CISA, NIST, and other authorities, and controls to limit them. At present, both the risks and controls are in an early-stage state, but it's important to implement them now, because many organizations are rushing to deploy AI systems.

How Monitoring Works at a Low Level
May 9, 2024

Sam Greenfeld presents "How Monitoring Works at a Low Level (Presentation)" Many information security monitoring and detection solutions utilize the same resources when determining if something is a threat or not. For example: Antivirus, Data Loss Prevention, and other solutions may all look at file information in the course of their usage. This talk is an introductory, vendor-agnostic look at some of the lower-level hooks available to be used by information security software, and what both Blue and Red teams need to be aware of with monitoring solutions.

Offensive security operations: Kickstarting adversary emulation engagements
May 9, 2024

Abhijith presents "Offensive security operations: Kickstarting adversary emulation engagements" The hands-on workshop has been created to provide the participants with a better understanding of offensive security operations, breach and adversary simulation engagements. The participants will be able to emulate various threat-actors/ransomware safely in a controlled, enterprise level environment, safely. The session is intended to help the attendees to assess the defenses and evaluate the security controls deployed in their organization against motivated adversaries.

Dark Arts Village Closing
May 9, 2024

Village Closing

RSA Conference is where the cybersecurity world comes together. For four days, you’ll gain insights, join conversations and experience solutions that could make a huge impact on your organization and your career. With so much change happening in our industry, we’re here to help you stay ahead of it all. We’re excited to be back in San Francisco, but a Digital Pass is also available for those who cannot attend live.

However you experience RSAC 2024, you’ll come away with knowledge and insights that will spark ideas and help you make the game-changing decisions that will transform the way you protect the world from threats.

The Dark Arts Village will be live in-person at the RSA Conference May 6th – May 8th hosting Workshops, Labs, Hands-on Training, CTF’s and a whole lot of Knowledge Transfer.

Schedule of Events Onsite

Schedule for Virtual