“So, what did you think of Black Hat this year?” and “Is Black Hat worth going to?” have been FAQs from colleagues and clients alike this week. So I thought I’d put a very brief summary together.
IMO Black Hat USA continues to grow into a better version of the RSA Conference. Less vendor marketing nonsense. Fewer suited, disconnected executive types. Actual practitioners and ‘real’ people to talk to, both in terms of attendees and vendors. I spoke to a ton of people who almost unanimously said that ransomware is still their top worry. A lot of those people have started to realise the importance of ‘Operational IT” in their security strategies, and are thinking about how to automate or orchestrate some of the repeatable processes that are getting forgotten or overlooked.
The top 5 things I can still remember two weeks later:
- A cool exploit testing tool from Sophos. (SophosTester.zip – bottom of the page)
- “Threat hunting” through Alexa with Endgame. (Skip past the fluff to 00:53)
- Many examples, demos, and sessions using MS Office doc exploits on Windows 7 to gain access. (too easy)
- CrowdStrike opened up their malware database for malware researchers/incident responders. (gotta pay, though)
- A questionable Ozzy Osbourne impersonator.
For practitioners, engineers, or anyone with a serious interest in information/cyber-security, the combination of Black Hat and Def Con in the same week and location makes for a very compelling trip where I guarantee you’ll learn something useful.
(Although don’t forget about Gartner security conferences, obviously they’re good too. There’s one in London next month, FYI )