Powered by unrivaled open-source initiatives, our solutions are built by practitioners for practitioners, and designed to help security teams eliminate risks and threats everywhere. Visit our experts at Booth 2140 to learn how you can level up security operations with Rapid7 cloud security.
We’re also celebrating 20 years of Metasploit. Don’t miss your chance to take home some limited edition anniversary swag. See you in Vegas!
VISIT BOOTH #2140 IN THE BUSINESS HALL AUG 9-10 FOR:
See firsthand how we help you manage risk and eliminate threats across any environment. Sign up in advance so we know you’re coming!
Pre-register for a meeting or demoVisit our booth to join in our Metasploit Framework Hands-On Lab. Or learn how Rapid7 can help you at one of our theater presentations and to discuss your specific security challenges with Rapid7 experts in the booth.
In honor of The Metasploit Project’s 20th anniversary, Rapid7 is launching a special edition t-shirt and we invited members of the community to have a hand in its creation. You’re definitely going to want one of these!
Sat, Aug 05, 2023
10:00 AM
-
7:00 PM
Sat, Aug 05, 2023
10:00 AM - 7:00 PM
Speakers: Mike Cohen, Digital Paleontologist, Rapid7
Velociraptor is the most advanced, open source, endpoint visibility tool that everyone is talking about! Have you ever needed to respond to an incident in a large enterprise network? Have you wondered how many of your 10,000 endpoints are compromised? You know you should be hunting for common forensic artifacts but how do you do it in a scalable way, in a reasonable time? Well… now you can! This updated training course will teach you how to make the most of Velociraptor - taught by the developers of Velociraptor themselves!
Room: Potomac D (Session purchase required)
Sessions on August 5th (10am - 7pm) and August 6th - 8th (9am - 6pm)
Tue, Aug 08, 2023
5:00 PM
-
5:45 PM
Tue, Aug 08, 2023
5:00 PM - 5:45 PM
Speakers: Erick Galinkin, Principal Artificial Intelligence Researcher, Rapid7
Ground Truth
As more of security becomes driven by data, a menagerie of job titles have cropped up across the industry. Data Scientist, ML Engineer, Data Engineer, AI Researcher, and more have become de rigeur job titles – but the lines between each role remain blurry, especially for early career and non-data folks.
In this talk, we talk about where the skills of these roles overlap, how to pursue a security data career, and crucially, offer some hot takes on why maybe we need some clearer lines.
Wed, Aug 09, 2023
11:30 AM
-
12:30 PM
Wed, Aug 09, 2023
11:30 AM - 12:30 PM
Speakers: Jeffrey Gardner, Practice Advisor - Detection & Response, Rapid7, and Devin Krugly, Practice Advisor - Vulnerability Risk Management, Rapid7
Attackers taking advantage of your environment and living off the land? Check. Vulnerabilities and zero days moving beyond the on-prem environment and into the cloud? Check. Isolated teams, non-aligned initiatives, and no shared mission? Check.
Yes, hybrid is where it's at — but it also gives you the makings of a perfect storm. In this session, we will put your mind at ease as they demystify the complexities of hybrid environments, sharing strategies for evolving cyber risk management across digitally complex ecosystems and forging a shared, cross-functional cyber defense.
Room: Mandalay Bay K
Thu, Aug 10, 2023
1:00 PM
-
2:30 PM
Thu, Aug 10, 2023
1:00 PM - 2:30 PM
Speakers: Spencer McIntyre, Manager, Security Research, Rapid7
Active Directory is the foundation of the infrastructure for many organizations. As of 2023, Metasploit has added a wide range of new capabilities and attack workflows to support Active Directory exploitation. This Arsenal demonstration will cover new ways to enumerate information from LDAP, attacking Active Directory Certificate Services (AD CS), leveraging Role Based Constrained Delegation, and using Kerberos authentication.
The Kerberos features added in Metasploit 6.3 will be a focal point. The audience will learn how to execute multiple attack techniques, including Pass-The-Ticket (PTT), forging Golden/Silver Tickets, and authenticating with AD CS certificates. Finally, users will see how these attack primitives can be combined within Metasploit to streamline attack workflows with integrated ticket management. The demonstration will also highlight inspection capabilities that are useful for decrypting traffic and tickets for debugging and research purposes.
Room: Business Hall - Arsenal Station 4
Fri, Aug 11, 2023
10:00 AM
-
12:00 PM
Fri, Aug 11, 2023
10:00 AM - 12:00 PM
Speakers: Spencer McIntyre, Manager, Security Research, Rapid7
Come by the Committee Boardroom for a demo labs presentation on Metasploit framework.
Room: Committee Boardroom
Sat, Aug 12, 2023
11:00 AM
-
12:00 PM
Sat, Aug 12, 2023
11:00 AM - 12:00 PM
Moderator: Austin Carson, Founder & President, SeedAI
Panelists: Erick Galinkin, Principal Artificial Intelligence Researcher, Rapid7 with Dr. Rumman Chowdhury, CEO, Humane Intelligence and former director of Twitter ML Ethics, Transparency, and Accountability; Kellee Wicker, Director of S&T, Wilson Center; and Tim Ryer, Legislative Assistant to U.S. Senate Majority Leader Chuck Schumer
This session will explore how we can combine the expertise of DEF CON attendees with the political will and specialized knowledge networks in the Administration and around DC to create wise policy for AI. Topics covered will include how the two communities can support each other and create a virtuous cycle of information conveyance and policy progress? What should the next steps of this work be - how do we move beyond the Biden EO? In this session we'll have top experts in policy and the hacker community come together to discuss what that can look like and how to be mutually conscientious of what our experiences and priorities may be.
Location: Policy Village
Would you like to add this event to your calendar?
Thu, Aug 10th - Sun, Aug 13th, 2023
In addition to Spencer McIntyre's session on Metasploit framework (see above) come on by to these villages to meet our experienced researchers and see them in action.
AI Village
Erick Galinkin, Principal Artificial Intelligence Researcher, will be in the AI Village supporting talks and events, including a White House supported public evaluation of AI tools from Google, Microsoft, OpenAI and Anthropic. (Learn more)
AI Village at DEF CON 31
IoT Village
Deral Heiland, Principal Security Researcher, IoT, is back in the IoT Village with more hands-on hardware hacking exercises not to be missed.
IoT Village at DEF CON 31