Apple To Make First Official Appearance At Black Hat Next Month

Dallas De Atley, manager of the platform security team at Apple, will lead a session on "key security technologies in iOS," according to a recently updated description on the Black Hat 2012 Web site.

The tersely worded session description offers no additional detail on what De Atley will discuss, and Apple did not respond to a request for additional information.

[Related: Unisys Rolls Out Suite Of Mobile Security Services ]

Last month, Apple published a 20-page document outlining the security architecture of iOS, in what amounted to its first public disclosure of the operating system's security mechanisms. Security experts hailed the move as a positive for the legendarily secretive company.

Sponsored post

Though it is possible De Atley will be covering the information already laid out in the iOS security document, security researchers are nonetheless encouraged by Apple's official participation at Black Hat.

"This is definitely a step in the right direction," Richard Bejtlich, chief security officer at Mandiant, told CRN. "Hopefully Apple will allow him to take questions and make him available during the week of the event."

Apple has never officially participated at Black Hat, but it has come close. In 2008, Apple at the last minute canceled a scheduled panel discussion involving three of its security engineers, titled "Meet the Apple Security Experts."

The same year, a talk by independent security researcher Charles Edge, who was slated to discuss how to break the Mac's FileVault encryption, was pulled from the Black Hat lineup without explanation.

In 2010, Apple patched a hole in its Safari web browser a day before Jeremiah Grossman, CTO of WhiteHat Security, was scheduled to discuss the flaw in a public briefing at Black Hat 2010.

David Sockol, president and chief executive of Emagined Security, San Carlos, Calif., sees Apple's newfound openness on security as part of major push into the enterprise. "Executives want to support mobile devices in the enterprise, but they need proof that devices will be secure and that data won't leak," he said.