Black Hat USA is the world’s leading information security event, providing attendees with the very latest in research, development, and trends.
In the sea of 19,000 attendees and a packed schedule full of new features, trainings, briefings, sponsored sessions, exhibitors, and more, what should you expect during this week-long conference bookended by BSides and DefCon?
Review and take solace in knowing the 5 notorious things Black Hat is known for that you can expect again this year.
1. Hackers will try to outdo themselves again
Black Hat anchors the event trinity, which includes BSides and DefCon. These three conferences bring out the “who’s who” of infosec. Add to their prestige, a host city with the greatest density of surveillance cameras per square mile except for the Pentagon and you’ve got the perfect storm for hackers to try and prove (or test) their elite hacking skills. Therefore, we anticipate with much certainty that cell phones, ATM machines, internet connections, and online accounts will be crawling with “guests”. It’s advised to everyone – conference attendees, resort workers, taxi drivers, and other visitors on the strip during these events to avoid online transactions, as well as avoid turning on your Bluetooth.
2. Parties will fill the evenings and the Strip
The nightlife at this conference is just as important as the stellar sessions it hosts. So much so, the conference even advertises non-conference-official events on their site. Annual events, such as ZeroFox’s Level-Up party on Wednesday night at Skyfall Lounge, where they transform this bar in the sky into a pixel-perfect party is a perfect way to unwind after a day of sessions! It’s always a toss up as to which was better, the view out the windows or the people. All events are free to attend but, some do have business qualifications for attendance (sorry folks, vendors don’t shell out money for a party without a goal in mind. And don’t be offended if you’re not their target audience – neither am I). Check out the full list of events here.
3. Great speakers giving great presentations
One thing you can count on year after year is Black Hat’s quality conference session line up. From Barnaby Jack’s 2010 on-stage ATM hack (may he rest in peace) to a Security Nostrodamus, Dr. Dan Geer, talking about the future of cybersecurity risk. This event has a reputation of bringing out the best of the best to share crazy insights into this expanding industry. This year, some sessions that caught our eye:
Every Security Team is a Software Team Now
Dino Dai Zovi – Wednesday 9 am
In this session, Dino will explain two big shifts as security teams begin to own their end-to-end impact: software teams need to own their own security now, and security teams need to become full-stack software teams. Typical – a mind-blowing concept to be broken down for the general population to comprehend.
Look, No Hands! — The Remote, Interaction-less Attack Surface of the iPhone
Natalie Silvanovich – Wednesday 2:40 pm
There have been rumors of remote vulnerabilities requiring no user interaction being used to attack the iPhone, but limited information is available about the technical aspects of these attacks on modern devices. This presentation explores the remote, interaction-less attack surface of iOS. It discusses the potential for vulnerabilities in SMS, MMS, Visual Voicemail, iMessage and Mail, and explains how to set up tooling to test these components. It also includes two examples of vulnerabilities discovered using these methods.
And of course, we could be biased, however, our very own Jasson Casey, CTO of SecurityScorecard will be speaking not once but twice at Black Hat! His session:
The Human Component: Qualifying the Efficacy of Corporate Security Teams Against the BlueKeep Vulnerability
Wednesday, August 7, from 1:50 PM – 2:40 PM and 3:00 PM – 3:50 PM.
Attendees will learn how team performance impacts security outcomes, as well as which factors can more accurately predict poor security results, including the measure/quality of a team or vulnerability data gathered on systems.
4. Vendors have cool tech and swag
Each year, the business hall grows bigger and bigger, and with it, so does the tech and swag offerings. Bring an extra suitcase if you’d like! Did you vote on your favorite t-shirt design during our Black Hat 2019 t-shirt contest? If so, you can pick up the winning design! Also, stop by and hear a presentation about our platform and be entered to win one of the three giveaways (Gift Card, Ring, and Sony headphones) below each hour!
5. Excitement is guaranteed with interactive labs and competitions!
Attendees can check out the all-new Arsenal Lab, a unique opportunity to play with hardware, ICS gear, and IoT devices in a controlled environment. Black Hat also added Micro Summits, designed to foster education and collaboration, these sessions focus on topics in the information security industry.
Booz Allen Hamilton’s Virtual Capture the Flag
This virtual capture the flag will be held online and can even be done remotely so if unfortunately you can not make it to BlackHat this year you can still partake in the activities! The interactive event is aimed at security enthusiasts to build on their skills through these hands on, entertaining challenges. This CTF starts at 12:01 AM on Wednesday, August 7 and finishes at 11:59 PM on Thursday August 8. More challenges and competitions can be found at the booth, #500.
Prizes:
- 1st: $1,000
- 2nd:$600
- 3rd: $400
THALES Virtual Reality Contest
If you are looking for a break from the presentations, visit the THALES Booth #1200 to learn about data encryption and take part in their VR underwater escape room challenge for a chance to win an Oculus Go Headset! The VR challenge will take place from Wednesday, August 7th 10:00 AM – 5:00 PM and Thursday August 8th 10:00 AM – 5:00 PM. After competing treat yourself to a complimentary beer and THALES bottle opener between 5:30-7 PM.