Black Hat Guide for Conference Veterans

Hannah Young
Hannah Young
.
August 4, 2023
10 min
 read

Black Hat is back at the Mandalay Bay in Las Vegas this August 5th-10th! With four days of specialized trainings (Aug. 5th-8th) and two days of the main conference (Aug. 9th-10th), long-time attendees may be familiar with Black Hat’s 100+ briefings, open-source tool demos in Arsenal, and networking/social events. As such, Crosswire is focusing on the “new” this year, writing about new programs/features, talks, and non-conference activities in Vegas you may not have tried (brought to you by this Las Vegas native ◡̈).

New program: Pentester Certification (August 5th-8th)

This year Black Hat has launched its own certification program: the Black Hat Certified Pentester (BCPen). Partnered with The SecOps Group, the “Certified Pentester” program is a full-day practical exam that covers pentesting topics (namely web and infrastructure hacking) in a Capture The Flag (CTF) style Hackathon. Coming out at $2000, you can take this exam anytime August 5th-8th, 9 am-5 pm (a complete exam syllabus can be found here).

New features: Business Hall (August 9th-10th)

Photograph of the Mandalay Bay Resort Hotel Beach and Pool with the Delano Hotel in the background
Image by MGM Resorts

Community Lounge

One of 2023's latest additions, the Community Lounge, will center on diverse sessions, covering topics pertaining to women and other underrepresented groups within cybersecurity. The lounge aims to address the challenges underrepresented groups encounter in infosec and discuss solutions on how the industry can foster a more diverse and inclusive community.

Autonomous Arcade

The Autonomous Arcade will offer interactive hacking challenges for participants interested in learning about hacking and controlling autonomous systems—featuring a drone hacking challenge workshop. Challenges will be run throughout the day on a first-come, first-serve basis with hardware provided and prizes awarded to top challengers.

Bricks & Picks

Image of BrickinNick winning the LEGO Masters show featuring Will Arnett
Image from BrickinNick

Bricks & Picks will serve as an activity space where attendees can indulge in their playful, creative, and curious sides with plastic building bricks and physical locks to pick. Experts in these domains (like the winner of LEGO Masters, BrickinNick) will lead this area, showcasing competitions, hands-on demonstrations, a Black Hat Gallery for attendee creations, and more.

Meet & Greet Sessions

This year, attendees will have the opportunity to engage with industry experts through new Meet & Greet Sessions. Attendees will be able to ask questions to speakers from the sessions, introduce themselves to a Review Board member, or capture a photo with a new connection (a full schedule for the Meet & Greets can be found here).

New talks/briefings: Resilience and Identity Security (August 9th-10th)

💡**A Q&A with a16z's Zane Lackey: Unlocking the Secrets of Cybersecurity Entrepreneurship**

Thursday, August 10 | 2:30 pm-3:00 pm (Oceanside D, Level 2)

In this interactive discussion, Zane Lackey (former CISO of Etsy and General Partner at Andreessen Horowitz—who led Crosswire’s $6 million seed round) will share his experiences and answer questions about transitioning from a security engineer/CISO to a founder to ultimately a venture capitalist in the cybersecurity industry. The discussion takes place at the inaugural Black Hat Entrepreneur Micro Summit, where attendees can inquire about raising capital, founding a cybersecurity startup, building a successful team, and overcoming challenges as entrepreneurs in a rapidly changing industry.

Fast, Ever-Evolving Defenders: The Resilience Revolution

Image of Kelly Shortridge speaking at Black Hat 2019 (Image by Trish Tunney)

Wednesday, August 9 | 11:20 am-12 pm (Oceanside A, Level 2)

Kelly Shortridge (Senior Principal at Fastly) returns to Black Hat to give a talk on how to outmaneuver attackers by becoming more like them: “nimble, empirical, and curious.” This talk will cover a new paradigm for systems defense rooted in resilience as well as “the principles, practices, patterns, and other opportunities that help us accelerate our operational tempo, pursue design-based solutions, seep ourselves in systems thinking, and identify tangible success outcomes.”

Cookie Crumbles: Unveiling Web Session Integrity Vulnerabilities

Wednesday, August 9 | 2:30 pm-3:00 pm (Islander FG, Level 0)

In this talk, Marco Squarcina (Senior Scientist, TU Wien) and Pedro Adão (Associate Professor, Instituto Superior Técnico, Universidade de Lisboa) will focus on the real-world security implications of cookie integrity issues and show how seemingly robust security mechanisms can be bypassed, leaving web applications vulnerable to session integrity attacks (e.g., session fixation, CORS, etc.). They’ll conclude with a deep dive into how to mitigate these attacks, with coordinated disclosure by the affected vendors. Watch the two talk more about their plans for the talk in the podcast video above.

Diversity Microtalks: Perspectives on Creating Change

Wednesday, August 9 | 3:20 pm-4:00 pm (South Seas AB, Level 3)

This session will consist of three “microtalks” moderated by Sherri Davidoff (CEO, LMG Security):

Reducing Your Team’s Energy Costs: An Inclusion Microtalk by Andy Ellis (Author, Advisory CISO & Operating Partner, Orca Security & YL Ventures) discusses how inclusion reduces the energy cost people pay just to exist in a space, making it critical for building a good culture and turning more energy into more value.

Breaking Barriers: a Data-Centric Approach by Meghan Jacquot (Security Engineer, Inspectiv) and Aastha Sahni (Azure Technical Trainer, Microsoft) explores diversity in cybersecurity and how its measured, particularly the barriers that exist around mindsets/unconscious bias and how to break down those barriers with new ways to measure and validate changes in diversity.

Microaggressions and Turnover: Three Ways to Reduce Quiet Quitting by Olivia Rose (CISO and Owner, Rose CISO Group) details three actionable and realistic recommendations you can start implementing today at your organization to begin to address the retention problem of diverse employees due to microaggressions.

What Does an LLM-Powered Threat Intelligence Program Look Like?

Thursday, August 10 | 10:20 am-11:00 am (South Pacific F, Level 0)

Model of expanding circles: starting with "Large Language Models", the next ring says "Text Generation", "Classification", "Knowledge Answering", "Translation", and "Dialogue Generation"
Image by Cobus Greyling

John Miller (Head of Mandiant Intelligence Analysis, Google Cloud) and Ron Graf (Data Scientist, Google Cloud) collaborate on this talk to demonstrate how LLMs can enhance security operations, quickening and enhancing cybersecurity analysis. The emphasis will be on integrating the impacts of LLM into security leadership's decisions regarding the development and advancement of CTI programs.

Lessons Learned from the KA-SAT Cyberattack: Response, Mitigation and Information Sharing

Thursday, August 10 | 11:20 am-12:00 pm (Mandalay Bay H, Level 2)

This presentation will provide the most detailed public presentation ever of the February 2022 “KA-SAT event” wherein Viasat's KA-SAT network was attacked, causing partial outages for thousands of users in Ukraine and tens of thousands of users elsewhere in Europe. The presentation will detail the attack as well as the National Security Agency's Cybersecurity Collaboration Center (NSA CCC)’s response. Viasat and the NSA will share lessons learned and advise on collaborative responses by commercial and government entities to future attacks.

Forward Focus: Perspectives on AI, Hype, and Security

Thursday, August 10 | 1:30 pm-2:10 pm (Oceanside A, Level 2)

Image by Kudelski Security

Join Rich Harang (Principal Security Architect, Nvidia), Ariel Herbert-Voss (CEO and Founder, RunSybil), Ram Shankar Siva Kumar (Data Cowboy, Microsoft; Harvard), and Nathan Hamiel (Senior Director of Research, Kudelski Security) for a candid discussion on the real-world effects of AI on security professionals.  They'll explore the influence of generative AI on the security industry and its associated risks, the realities, and essential insights for navigating the path forward.

New non-conference activities: What To Do In Vegas

Sneak into Barbershop Cuts & Cocktails speakeasy at the Cosmopolitan

Image of the Barbershop Cuts & Cocktails speakeasy: velvet and leather couches, multiple chandeliers, marble tables, a wood bar
Images by Barbershop Cuts & Cocktails

If you’re into nightlife but aren’t looking to get your ears blown out by bass on a weekday evening, in the Cosmo, there’s an unassuming “Barbershop Cuts & Cocktails” that opens to a 1920s-themed speakeasy when you walk through the janitor’s closet door (pictured below). This Prohibition lounge, bar, and music venue hosts a variety of events (Tuesday Karaoke, Wild West Wednesdays, All Request Sundays, and live music nightly) and provides craft cocktails and beers in addition to its extensive whiskey collection. You can make reservations for the saloon here (and remember to mind their business casual Appearance Code!).

Hike (before sunrise/after sunset or in an air-conditioned car, please—for your health) the trails at Red Rock Canyon

Image of Red Rock Canyon at sunrise
Image by Musement

A 20-minute drive west of The Strip is Red Rock Canyon, a 195,819-acre National Conservation Area within the Mojave Desert. There are 31 main hiking trails, with the 2.3-mile Calico Tanks Trail being the favored moderate hike. For experienced hikers, the 4.6-mile Turtlehead Peak Trail is the top choice, while beginners often prefer the 2.4-mile Pine Creek Canyon Trail. For those looking to enjoy the views while beating the heat, there’s a 13-mile Scenic Drive that allows visitors to explore the canyon from their vehicle or bicycle, with multiple scenic stops and trailheads throughout. The variety of trails, views, flora, and fossils/petroglyphs makes Red Rock one of the most unique places in Vegas.

Image of the Red Rock Petroglyph Wall by GJ Hikes
💡: The highs are looking to be about 105-110°F this week (peaking in the afternoon), please be mindful of the heat (and visit early or late in the day if you can). If you’re hiking, make sure you’re carrying plenty of water, snacks, and sunscreen/sun protection; if you’re driving, make sure your tank is full before you leave!

Catch the WNBA 2022 Champion Las Vegas Aces play at Michelob ULTRA Arena (attached to Mandalay Bay)

Image of the 2022 Las Vegas Aces women's basketball team with the WNBA Championship Trophy
Image by 8 News Now

The Grand-Champion Aces play the Washington Mystics at 7 pm on Friday (8/11) and the Atlanta Dream at 6 pm on Sunday (8/13) after the conference ends. With tickets as low as $12 and their stadium being attached to the Convention Center where Black Hat’s taking place, catching a game is one of the most convenient and fun post-conference activities this week.

💡Alternative: If sports are your thing but you’re heading out right when the conference ends, check out Circa for the largest sportsbook in the world with a three story screened wall and 1000-person viewing capacity.

Visit Area 15: Vegas’s “multiverse of attractions and events”

Area 15 is an experiential entertainment complex that blends immersive art installations, physical activities, and interactive exhibits with a traditional food/drink/shopping venue (that’s also ages 21+ after 9 pm). From Meow Wolf’s “Omega Mart” to axe throwing and indoor golfing to an immersive tour of a working distillery, this hub of attractions and exhibitions is free to visit (just book a timed entry pass) with a variety of “Experience Passes” for purchase here.

Image of metal/neon room with a black and white skull in the middle above a sign that says "Area 15"
Image by Area 15

Observe “The Sphere” (at The Venetian Resort)

"The Sphere" in Las Vegas reflecting the image of a giant eyeball
Image by Roger Scoble

I would be remiss not to mention Vegas’s newest (and possibly most peculiar) addition: The Sphere. The spherical entertainment arena attached to The Venetian Resort is set to open on September 29th (with U2 performing a 25-show residency), but in the meantime, they’ve been using their 581,000 square feet of LEDs to project… interesting visuals. With its distinction of having the largest LED wall and being the largest spherical building in the world, just being able to say you witnessed this attraction makes it worthwhile.

Get off The Strip to go out in Downtown Vegas/Fremont Street

Image of the “Viva Vision Light Show” Fremont Street Experience by Lynsey Thompson

The Strip can be great, but it can also be… a lot. In fact, a survey conducted by the Las Vegas Convention and Visitors Authority indicates that over half of locals tend to skip The Strip altogether because of cost and crowds (for New Yorkers’ reference: it’s our equivalent of Times Square).

Image of Downtown Las Vegas by Sunset Magazine

Instead, they head to Downtown Las Vegas: the birthplace of neon lights and vintage casinos in Vegas (including the oldest, the Golden Gate Hotel and Casino, from 1906). The Arts District (complete with the Mob and Neon Museum) and Container Park (an open-air shopping center constructed out of recycled shipping containers—with a 40-foot-tall fire-throwing mantis outside) are also here, and at its heart lies the “Fremont Street Experience.” This five-block area house a 12-story slot-machine-Godzilla-inspired zipline and is covered by a lighted canopy. From 6 pm until midnight, the street is enveloped in the “Viva Vision Light Show” containing 24 million LED lights and 550,000 watts of sound in addition to live music. Notably, Fremont Street is brimming with bars and restaurants, and most are significantly cheaper and less crowded than those on The Strip.

Image of “The Mantis” by the Downtown Container Park
💡: For an even deeper look at which bars would suit your night out, check out this guide to the “Best Bars in Downtown Vegas.”
Pink/purple/blue gradient that reads "black hat Aug 9 & 10, 2023" and "Crosswire Booth #SC521"

Whether this is your 1st or 21st time at Black Hat, we hope these tips help you weather what can be a jam-packed and intense week (that will probably leave you exhausted until those Black Hat 2024 parties). If you’re interested in the future of identity security, particularly Identity Threat Detection and Response (ITDR), visit Crosswire at Booth #SC521 in Startup City to chat with our founders and team 1:1 to learn the latest. We hope to see you there (reach out and schedule some time with us at [email protected])!

Want to learn more afterward? Enter our raffle (located at our booth) for a signed copy of Start-Up Secure by Chris Castaldo to learn how to start and continue an identity security dialogue at your company post-conference. Packed with actionable insights from Chris’s decades of experience in the field, it’s a must-have for any security practitioner! To hear more from Chris, check out our interview with him and Applied Systems CISO Tanner Randolph: "CISOs on Identity Security Maturity in the Enterprise."

To stay up to date with Crosswire and learn how to secure your org against identity threats, take our quiz to understand your security maturity level/how Crosswire can help you level up your security stack and subscribe to our blog below!

More from our blog

Identity Governance Best Practices for Security Leaders

Explore essential identity governance best practices for security leaders, ensuring robust security frameworks and compliance adherence. Learn more today.

Johnny Wang
.
4 min
 read
UPDATE: Customer Impact in the Okta Salesforce Breach

An update on Crosswire and the September 2023 breach of Okta’s Salesforce instance.

Crosswire Security Team
.
1 min
 read
Breaking Down the October 2023 Okta Breach

A comprehensive timeline and breakdown of the October 2023 Okta Support Case Management System breach.

Hannah Young
.
7 min
 read
October 2023 Okta Compromise Guidance

In light of October 2023 Okta support compromise, Crosswire sent the following message to its customers.

Crosswire Security Team
.
5 min
 read
What is ITDR?

The term Identity Threat Detection and Response (ITDR) has gained significant popularity this year, but what is ITDR, actually?

Hannah Young
.
5 min
 read
CISOs on Identity Security Maturity in the Enterprise

CISOs Chris Castaldo and Tanner Randolph share insights on security maturity and identity in the enterprise.

Hannah Young
.
5 min
 read
You Should Feel ‘Positively’ About Your Security Tools: How We’re Mitigating False Positives in Identity Security

False positives are a huge problem in security: see what Crosswire is doing to prevent them and mitigate their effects.

Hannah Young
.
5 min
 read
Decoding the (Broken) Modern Identity Stack

We've made the modern identity stack entirely too convoluted and broken, but not for the reasons you think.

Hannah Young
.
10 min
 read
The Secret Third Step to Threat Detection and Response: Protection

How are you protecting your accounts before an incident can occur (or slowing an incident down before it really ramps up)?

Hannah Young
.
6 min
 read
How to Detect and Remediate Identity Threats; Solution 2: Remediate

This is Solution 2: Remediate of a two-part series on how to detect and remediate evolving identity threats.

Hannah Young
.
5 min
 read
How to Detect and Remediate Identity Threats; Solution 1: Detect

This is Solution 1: Detect of a two-part series on how to detect and remediate evolving identity threats.

Hannah Young
.
5 min
 read
AI D&R: AI (in Security) is Dead; Long Live AI (in Security)

Explore the historical use, modern approaches, and future applications of AI in detection and response (D&R).

Hannah Young
.
8 min
 read
Quick RSAC 2023 Recap: We’re Back (and Stronger Together)

From Armisen to AI/ML, catch up on what you missed from RSA Conference 2023 with Crosswire!

Hannah Young
.
4 min
 read
Defending Against Threats in Identity Security; Part 2: Remediate

This is Part 2: Remediate of a two-part series setting up emerging problems in identity security.

Hannah Young
.
6 min
 read
Why Now’s the Perfect Time to Join an Early-Stage Startup

If you’re looking for the right time to join a high-risk, high-reward venture, we’d argue that there’s never been a better opportunity.

Hannah Young
.
3 min
 read
It’s Not Just You: IT Security Audits are Stressful

IT security audits can be a pain for everyone involved: check out our solutions to make this auditing season just a little bit easier.

Hannah Young
.
5 min
 read
Why RBAC is obsolete

RBAC lacks sophistication and flexibility, failing to address the access needs of the modern company.

Hannah Young
.
3 min
 read
Defending Against Threats in Identity Security; Part 1: Detect

This is Part 1: Detect of a two-part series setting up emerging problems in identity security.

Hannah Young
.
5 min
 read
Identity Is a Co-owned Problem Between Security and IT

Who owns identity at your org? Identity is (and should be treated as) a co-owned problem between security and IT.

Hannah Young
.
5 min
 read
Your Okta Groups Should Be (Mostly) Empty

Yep, you heard that right; we at Crosswire believe that your Okta groups should be as empty as possible.

Hannah Young
.
2 min
 read
The Founding of Crosswire as Told by Its Values

Crosswire, and its co-founders Johnny and Nick, are building the future of enterprise identity in new and exciting ways.

Hannah Young
.
7 min
 read
RSA Conference™ 2023: Stronger Together

The theme for 2023’s RSA Conference™ is “Stronger Together.” When info security is more important than ever, so is collaboration.

Hannah Young
.
6 min
 read
6 Early Warning Signs of an Under-Resourced IT Organization

It’s no secret that your IT organization is crucial to your company. But are they getting all of the resources they need?

Hannah Young
.
5 min
 read
Cybersecurity Is More Critical Than Ever, and You (Yes, You) Can Do Something About It Now

Why cybersecurity is more crucial than ever and what you can do to make your organization more secure, no matter your role.

Hannah Young
.
7 min
 read
Understanding Automation: How To Do More Than You Have the Resources For

Five significant ways to improve your workflows with automation and get more results than your resources permit.

Hannah Young
.
5 min
 read
Google Workplace Organizational Units (OUs) according to Parks and Rec

What are Google Workplace Organizational Units, and how do they work (according to Parks and Rec)?

Hannah Young
.
5 min
 read
Practical Survival Guide to Okta Lifecycle Management

Crosswire’s technical usability guide to Okta Lifecycle Management (LCM), from onboarding to offboarding.

Hannah Young
.
6 min
 read
Authorization (AuthZ) and Authentication (AuthN): A Brief History

Authentication is who you are, and authorization is what you can do. Here, we dive into the history of these terms.

Hannah Young
.
5 min
 read