CactusCon is one of our favorite security conferences of the year, and we’re excited to be sponsoring it once again. Whether you’re a red teamer, defender, researcher, or rising practitioner, we’d love to spend time with you in Mesa, Arizona.

Stop by our booth, catch the talks, and meet the security consultants behind our offensive security research and services. Our team will be on hand to talk shop, share insights, and connect with anyone interested in red teaming, penetration testing, Cosmos, AI/LLM security, or breaking into the field.

Why stop by?

• Talk directly with Bishop Fox researchers, recruiters, and operators

• Get real-world offensive security insight

• See what we’re building next

• Meet the humans behind the hacks

• Grab exclusive Bishop Fox swag (while it lasts)

If you’d like dedicated time with our team, you can book a meeting ahead of the conference. We look forward to seeing you at CactusCon.

For more details, visit: www.cactuscon.com.

"Evading EDR with the Wasm Blindspot"

Speakers: Dan Petro, Sr. Security Engineer, Bishop Fox

Abstract: Endpoint Detection and Response (EDR) solutions and malware have been in a cat-and-mouse game for years. Malware authors come up with some new clever technique to hide their activities, then EDR makers find and handle that technique.

In this presentation, Dan will demonstrate a quantum leap outside of this endless loop. It works by running all of our malicious code inside of WebAssembly. Since the EDR doesn't have the ability to introspect the Wasm runtime, you can run whatever you want in there with total impunity.

Oh, and it's all open source and Sliver-compatible as a stager. So there's no need for a brand-new Red Team C2 infrastructure. I'll even demonstrate the payloads working against a slate of modern EDR tools. If you want your Red Team to stop getting caught by EDR, come check out how.

"Sipping From the CVE Firehose: How We Prioritize Emerging Threats for Real-World Impact"

Speakers: Nate Robb, Sr. Operator, Bishop Fox

Abstract: Nate's team at Bishop Fox is tasked with monitoring newly disclosed CVEs for high impact vulnerabilities, or Emerging Threats, to determine their impact to numerous customer's attack surfaces. Given the thousands of newly disclosed CVEs every year (40,000 in 2024), his team has developed a methodology to sort these down to an actionable list in an effort to filter out the noise and distill the signal.

Nate will walk through the accelerated pace of Emerging Threat investigations which requires this prioritization process, explain why CVSS alone is insufficient, outline which disqualifying attributes are used to rule out CVEs, and which key attributes elevate priority based on real-world impact.

He will cover notable examples of over-hyped CVEs with little to no impact, high-profile CVEs with critical impact, then illustrate how security teams can map the attributes for each to focus on the threats that really matter.