03 February 2017

Join Synack at RSA Conference 2017!

Derek Athy

The 2017 RSA Conference in San Francisco is less than two weeks away and the Synack team will be out in full force. Last year, over 40,000 attendees met at the Moscone Center and surrounding area to exchange ideas, expose the latest trends, and present solutions to the growing complexity of cybersecurity issues. We’re excited to return to RSA this year to share some insights that we’ve learned along the way in utilizing Crowd Security Intelligence to keep the world’s leading organizations more secure.

With 5 speaking sessions from 3 different Synack speakers – CEO Jay Kaplan, Director of R&D Patrick Wardle, and Head of Product Tony Gambacorta – as well as a multitude of hosted parties and events surrounding the event, there are plenty of opportunities to hear from and catch up with your favorite hackers.


Tony Gambacorta, Synack Head of Product

IoT Ecosystems: An Adversary’s Perspective
Tuesday, February 14
2:30 PM – 3:15 PM | Moscone West | Room 2002

While IoT manufacturers and security vendors are focused on IoT device security, hackers are targeting the entire IoT ecosystem—the cloud servers, mobile applications and more- that make up the entire solution. This session will take an adversarial perspective on the IoT, with specific examples of successful approaches and tactics.

IoT is everywhere, with organizations connecting products to the Internet that don’t have the robust security protections to handle it. Mass-scale DDoS attacks caused by enslaved IoT device botnets stole the headlines late in 2016; here Tony will demonstrate more of the real-world risks that poorly-secured IoT devices pose in the grander scheme of things. For a more in-depth and interactive discussion with Tony, don’t miss the Focus-On session that follows:

IoT Ecosystems: An Adversary’s Perspective (Focus-On)
Tuesday February 14
3:45 PM – 4:30 PM | Moscone West | Room 2011

Continuation of IoT Ecosystems: An Adversary’s Perspective. This session will focus on small group discussions and a Q&A with Tony. This will be a great opportunity to discuss “Search and Rescue” plans for the Internet in 2017, how to clean up the damage left from security mistakes, and how to look at security risk in a more comprehensive and dynamic way.

Jay Kaplan, Synack CEO and Cofounder

Crowdsourced Security at the Government Level: It Takes a Nation (of Hackers)
Wednesday, February 15
2:45-3:30 PM | Moscone West | Room 2005

This session will discuss the US Federal Government embracing various crowdsourced initiatives and the progression of such models into the most sensitive areas of government operations such as cyber- and national security. Crowdsourcing hackers to help secure, not compromise, our nation? What has led to this previously unimaginable adoption of crowdsourced security testing by the government, and what’s next?

In 2016, Jay and the Synack team secured the largest-ever government-awarded crowdsourced security contract with the Department of Defense (DoD), as well as a sole-sourced contract with the Internal Revenue Service (IRS). With all of the hype and speculation surrounding the nation’s cybersecurity strategy under the new administration, this will undoubtedly be a timely talk.

Patrick Wardle, Synack Director of Research

Meet and Greet with the macOS Malware Class of 2016
Tuesday, February 14
3:45 PM – 4:30 PM | Moscone South | Room 308
Thursday, February 16
8:00 AM – 8:45 AM | Moscone West | Room 2001

Say hello to KeRanger, Eleanor, Keydnap and more! 2016 was a busy year for Mac malware authors who released a variety of new macOS malware creations. The talk will provide a technical overview of this malware, by discussing their infection vectors, persistence mechanisms and features. He will conclude by discussing various generic detections and best security practices to secure Macs. 

Patrick’s OS X  malware research will once again be front-and-center at RSA, this time presenting a comprehensive breakdown of the “Mac Malware Class of ’16”. Whether it’s at RSA, DefCon, RuxCon, etc., Patrick always puts on a show (often standing room only), so make sure to reserve a seat and get there early.
As a preview and teaser to Patrick’s talk, check out his recent blog post: Mac Malware of 2016.

Synack-Hosted Events During RSAC 2017

Government-Only Conversation on Crowdsourced Security
Invitation Only
Closed-door session on the future of crowdsourced penetration testing in the US Government. Presented by Synack and the Defense Digital Service.

Women in Security: Pioneers & Power Brokers
Invitation Only
Michelle Dennedy, Chief Privacy Officer at Cisco and Lisa Wiswell, the U.S. Defense Department’s Digital Security and Hack the Pentagon Lead, will be leading an exclusive executive-level discussion on women security executive’s role in driving change in the security industry.

Networking Event with Synack Researcher and Platform Experts
Open Invitation, Attendance is Limited.
Tuesday, February 14th
5-7 PM | The Grove Yerba Buena | San Francisco

Synack is hosting an informal social event for the cybersecurity researcher community. Our special guests in attendance include Tony Gambacorta, Head of Product, Patrick Wardle, Director of Research, and select Synack Red Team members.

We look forward to seeing you at RSA 2017! Be sure to enroll in particular sessions before the conference begins and claim your spot early, such as Tony’s Focus-On session, as spots will be limited to ensure a small group setting. If you are unable to attend this year, stay tuned for recorded webinars from the sessions led by Jay, Tony, and Patrick; we’ll be posting our RSA highlights here in the coming weeks!