Skip to content
Get a Demo
    curve design on left cloud image

    Cado Security Experts Introducing New Varc Capability and Cloud-Focused Malware Campaigns at Black Hat USA and BSides Las Vegas 2023

    Cado Security Labs Debuting Updated Volatile Artifact Collector at Black Hat Arsenal and Presenting Cloud Security Evolution, Growing Use of Cloud Services in Malware Attacks at BSides 

    London, England, August 7, 2023 – Cado Security, provider of the first cloud forensics and incident response platform, today announced its experts will present new and advanced capabilities to its open-source volatile artifact collection tool and research on the evolution of cloud security at the upcoming Black Hat and BSides Las Vegas conferences. 

    Chris Doman, CTO and Co-founder, and Matt Muir, Threat Intelligence Researcher, are presenting at two of cybersecurity’s most prestigious events this August in Las Vegas. Among the premier cybersecurity events in the world, Black Hat and BSides Las Vegas convene the most innovative and creative researchers and hackers to present new exploits, discuss trends and findings, and collaborate on pressing cybersecurity policy issues. 

    Cado Security will present Introducing varc: Volatile Artifact Collector at Black Hat on Wednesday, August 9 at, 10:00-11:30 am PT in the Business Hall, Arsenal Station 2, to showcase Cado Security’s open-source volatile artifact collection tool. At the Arsenal session, Chris Doman will introduce attendees to varc and its latest features that enable proactive scanning for malicious activity powered by YARA rules, empowering analysts to take a precise approach to threat hunting of systems using varc. For example, varc users can now scan volatile data of a system for a known bad IP, see if there is a hit, and then decide to perform further analysis using the Cado Community Edition. 

    Driven by a philosophy of simplicity and reliability, varc was developed to aid in investigating security incidents by automating volatile data collection. With varc, security analysts can conduct faster, more efficient incident investigations. Doman will discuss the motivation for developing varc and cover the technical challenges inherent to volatile artifact collection in serverless environments and across operating systems. 

    This session will provide a live demonstration of varc and highlight artifacts of interest, presenting the tool’s extraction on a system where malicious activity has occurred to aid incident response. 

    Cado Security Labs Threat Intelligence Researcher Matt Muir will present The Ever-shifting Habits of Cloud-focused Malware Campaigns on the Breaking Ground track on Wednesday, August 9, at 5:00-5:45 pm PT at BSides Las Vegas.

    The talk will analyze recent cloud-focused malware campaigns, including those which have diversified from the common objective of cryptojacking. Matt will discuss TTPs, including persistence mechanisms and defense evasion techniques specific to cloud environments. He will also provide an overview of recent trends in proprietary telemetry of cloud attacks, including increased cloud services’ use to support malware attacks.


    • To access Cado varc, please visit Cado’s GitHub repository.
    • To see a product demonstration of the Cado platform, visit the Cado team at Black Hat in the Start-Up City, Booth # SC120
    • For more information about Cado’s presence at Black Hat, visit here
    • For more information about Cado’s Arsenal session, visit the Arsenal Schedule
    • To learn more about Cado Security at BSides, check out Talks

    About Cado Security

    Cado Security provides the first cloud forensics and incident response platform. By leveraging the scale and speed of the cloud, the Cado platform automates forensic-level data capture and processing across cloud, container, and serverless environments. Only Cado empowers security teams to respond at cloud speed. Backed by Eurazeo, Blossom Capital, and Ten Eleven Ventures, Cado Security has offices in the United States and the United Kingdom. For more information, please visit and follow us on Twitter @CadoSecurity.

    Tag(s): Press Releases

    More from the blog

    View All Posts