Whitepaper: Observing Application Behavior via API Interception
Strengths and weaknesses of the 5 most common API interception techniques
Download Now >Share: 
Another August, another Hacker Summer Camp. The annual gathering of 25,000 like-minded hackers and security enthusiasts descended on Vegas for a week of get togethers, talks, and parties. This year was a bit different for Deepfactor, however. In previous years, we were attendees. This year, Deepfactor was present at BSidesLV with a booth, and at DEF CON as a sponsor of AppSec Village. While this presented me with the opportunity to meet new and existing customers and partners, it did limit my time to see several of the talks I wanted to see. I’m sure I’ll be able to catch up by watching the talk recordings when they make their way online, though, so not a huge loss not being able to see them live.
The Buzz at BSidesLV
At BSides, the Deepfactor booth seemed to be very popular. For both days of the show, we barely had any down time. We probably gave over a hundred demos and talked to many times more people. BSides seemed to be much more well-attended than last year (last year seemed sort of empty, but this year was packed). I enjoyed meeting potential customers, and catching up with my team in person (Deepfactor is a 100% remote company, so the ability to meet face to face from time to time is great).
A Deepfactor POD in AppSec Village
At DEF CON, we were accepted by AppSec Village to present a POD (practical on demand) session, which is like a mini workshop where you learn something new. The POD proposal that got accepted was “How to Hide Behavior From Security Tools,” a discussion of various API interception techniques—how they work and how to evade them. The POD areas were small 6ft/2m diameter tables with 6-8 chairs around them. I thought that if we had three or four people attend each POD session, that we’d be doing great, but for all of the sessions, we had 30+ people, three rows deep! It was standing room only.
I demonstrated the POD content about 10-12 times throughout the three days of DEF CON; the feedback was very positive. I was concerned that the material might be too basic, but creating the POD discussion as a beginner talk made it more accessible to all. I did have a few experts attend the POD sessions, and I was sure to ask them to give feedback/live commentary (I wanted the sessions to be interactive and fun). All things considered, I think everyone had a fun time and hopefully learned a lot.
I’d like to thank my team for backing me up during the POD sessions, handling Q&A and logistics. I’d also like to thank the AppSec Village team for putting on a great DEF CON village.
I have a few great ideas for future BSides and DEF CON/AppSec Village talks, so make sure you follow Deepfactor on social media to be notified as soon as myself or my team are giving a talk somewhere! Who knows, we may be coming to your neck of the woods soon.
Hide Behavior from Security Tools: Test Your Skills
P.S. My POD content is available at: https://github.com/deepfactor-io/appsec-village-pod-dc31. It is fully open source, so feel free to take it and learn from it, and/or use it as you like. I am open to pull requests and feedback, too. Let’s make the content better together! Just reach out here if you would like to connect.