Posted on Jul 24, 2019
Black Hat USA is the world’s leading information security event, providing attendees with the very latest in research, development, and trends.
In the sea of 19,000 attendees and a packed schedule full of new features, trainings, briefings, sponsored sessions, exhibitors, and more, what should you expect during this week-long conference bookended by BSides and DefCon?
Review and take solace in knowing the 5 notorious things Black Hat is known for that you can expect again this year.
Black Hat anchors the event trinity, which includes BSides and DefCon. These three conferences bring out the “who’s who” of infosec. Add to their prestige, a host city with the greatest density of surveillance cameras per square mile except for the Pentagon and you’ve got the perfect storm for hackers to try and prove (or test) their elite hacking skills. Therefore, we anticipate with much certainty that cell phones, ATM machines, internet connections, and online accounts will be crawling with “guests”. It’s advised to everyone - conference attendees, resort workers, taxi drivers, and other visitors on the strip during these events to avoid online transactions, as well as avoid turning on your Bluetooth.
The nightlife at this conference is just as important as the stellar sessions it hosts. So much so, the conference even advertises non-conference-official events on their site. Annual events, such as ZeroFox’s Level-Up party on Wednesday night at Skyfall Lounge, where they transform this bar in the sky into a pixel-perfect party is a perfect way to unwind after a day of sessions! It’s always a toss up as to which was better, the view out the windows or the people. All events are free to attend but, some do have business qualifications for attendance (sorry folks, vendors don’t shell out money for a party without a goal in mind. And don’t be offended if you’re not their target audience - neither am I). Check out the full list of events here.
One thing you can count on year after year is Black Hat’s quality conference session line up. From Barnaby Jack’s 2010 on-stage ATM hack (may he rest in peace) to a Security Nostrodamus, Dr. Dan Geer, talking about the future of cybersecurity risk. This event has a reputation of bringing out the best of the best to share crazy insights into this expanding industry. This year, some sessions that caught our eye:
Dino Dai Zovi - Wednesday 9 am
In this session, Dino will explain two big shifts as security teams begin to own their end-to-end impact: software teams need to own their own security now, and security teams need to become full-stack software teams. Typical - a mind-blowing concept to be broken down for the general population to comprehend.
Natalie Silvanovich - Wednesday 2:40 pm
There have been rumors of remote vulnerabilities requiring no user interaction being used to attack the iPhone, but limited information is available about the technical aspects of these attacks on modern devices. This presentation explores the remote, interaction-less attack surface of iOS. It discusses the potential for vulnerabilities in SMS, MMS, Visual Voicemail, iMessage and Mail, and explains how to set up tooling to test these components. It also includes two examples of vulnerabilities discovered using these methods.
And of course, we could be biased, however, our very own Jasson Casey, CTO of SecurityScorecard will be speaking not once but twice at Black Hat! His session:
Wednesday, August 7, from 1:50 PM - 2:40 PM and 3:00 PM - 3:50 PM.
Attendees will learn how team performance impacts security outcomes, as well as which factors can more accurately predict poor security results, including the measure/quality of a team or vulnerability data gathered on systems.
Each year, the business hall grows bigger and bigger, and with it, so does the tech and swag offerings. Bring an extra suitcase if you’d like! Did you vote on your favorite t-shirt design during our Black Hat 2019 t-shirt contest? If so, you can pick up the winning design! Also, stop by and hear a presentation about our platform and be entered to win one of the three giveaways (Gift Card, Ring, and Sony headphones) below each hour!
Attendees can check out the all-new Arsenal Lab, a unique opportunity to play with hardware, ICS gear, and IoT devices in a controlled environment. Black Hat also added Micro Summits, designed to foster education and collaboration, these sessions focus on topics in the information security industry.
This virtual capture the flag will be held online and can even be done remotely so if unfortunately you can not make it to BlackHat this year you can still partake in the activities! The interactive event is aimed at security enthusiasts to build on their skills through these hands on, entertaining challenges. This CTF starts at 12:01 AM on Wednesday, August 7 and finishes at 11:59 PM on Thursday August 8. More challenges and competitions can be found at the booth, #500.
If you are looking for a break from the presentations, visit the THALES Booth #1200 to learn about data encryption and take part in their VR underwater escape room challenge for a chance to win an Oculus Go Headset! The VR challenge will take place from Wednesday, August 7th 10:00 AM - 5:00 PM and Thursday August 8th 10:00 AM - 5:00 PM. After competing treat yourself to a complimentary beer and THALES bottle opener between 5:30-7 PM.
Check out our list of 3 top third party risk management (TPRM) challenges, and the actions you can take to bolster your program. Learn more.
Performing cybersecurity risk assessments is a key part of any organization’s information security management program. Read our guide.
Templates and vendor evaluations are needed to level that playing field, in a time efficient and fair way, so that the best vendors are chosen.
Co-founder and CEO, Alex Yampolskiy, speaks about the importance of measuring and acting on key indicators of cybersecurity risk.
You’ve invested in cybersecurity, but are you tracking your efforts? Check out our list of 20 cybersecurity KPIs you should track. Read more.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.