Black Hat 2023, a prominent annual cybersecurity conference, recently concluded, bringing together experts and professionals to delve into the ever-evolving landscape of digital security. This year’s event took on a special significance as it returned to an in-person format after having been conducted in a hybrid manner for the past couple of years. The conference provided a platform for attendees to engage in collaborative discussions and share insights crucial for safeguarding our digital world.
What happened at Black Hat 2023?
A key highlight of Black Hat 2023 was the prominent role that artificial intelligence (AI) played in discussions and demonstrations. Speakers and presenters showcased how AI-driven cybersecurity products and operations are becoming increasingly vital in the ongoing battle against cyber threats. The integration of AI into the realm of cybersecurity has opened up new avenues for defending against sophisticated attacks, predicting vulnerabilities, and enhancing incident response.
The conference also shed light on the U.S. government’s proactive efforts to counter emerging cyber threats, especially those with the potential to impact national security. A recent example of such a threat is the cyberespionage campaign that has raised concerns on the global stage. Black Hat 2023 served as a platform for sharing insights and strategies to mitigate such threats effectively.
In line with the broader industry trend, the discussions at Black Hat 2023 closely examined the growing influence of AI tools across various sectors. AI is no longer confined to the realm of science fiction; it is rapidly permeating diverse industries, from healthcare and finance to manufacturing and entertainment. This widespread adoption of AI underscores its transformative potential and the need to ensure that its implementation is both secure and beneficial.
The MOVEit vulnerability, a recent discovery impacting numerous organizations and individuals, was also a significant point of focus. This incident serves as a stark reminder of the vulnerabilities that exist within our digital infrastructure and the pressing need for robust cybersecurity measures.
The conference spanned six days, with the initial four days dedicated to a series of comprehensive training sessions. These workshops covered a wide spectrum of topics, including Advanced Persistent Threats (APTs), vulnerability research, cloud and network security, threat modeling, and security automation. These hands-on sessions provided attendees, ranging from cybersecurity novices to seasoned professionals, with practical insights and skills essential for combating modern cyber threats effectively.
The final two days of the event combined informative sessions with engaging activities, creating a unique learning and networking experience. Attendees had the opportunity to interact with leading experts, explore cutting-edge technologies, and gain actionable takeaways that can be applied to their respective cybersecurity strategies.
What did we miss?
Several specific workshops and discussions stood out during the conference:
- Keynotes by Industry Experts: The conference featured insightful keynote addresses by industry thought leaders. Maria Markstedter, the founder of Azeria Labs, delivered a keynote that focused on the rapid rise of generative AI and its implications for organizations. She highlighted the potential of AI agents to become integral components of corporate operations, emphasizing the need to adapt identity access management practices in response.
- Government Perspectives: Kemba Walden, the acting national cyber director at the U.S. Office of the National Cyber Director, delivered a keynote that highlighted the government’s efforts to address cybersecurity challenges. Notably, Walden emphasized the importance of secure-by-design principles and underscored the vulnerabilities posed by open-source software.
- AI Cyber Challenge by DARPA: A notable feature of the conference was the launch of the AI Cyber Challenge (AIxCC) by the Defense Advanced Research Projects Agency (DARPA). This competition aims to harness AI expertise to develop innovative cybersecurity tools. It includes both an open track and a funded track, providing opportunities for individuals and small businesses to contribute to enhancing cybersecurity.
- Product Announcements: Black Hat 2023 also served as a platform for companies to unveil new cybersecurity products. These included Fortinet’s FortiGate 90G, a next-generation firewall with advanced security processing capabilities, and Tenable’s ExposureAI, which leverages generative AI to enhance exposure management.
Can I catch up on what happened at Black Hat 2023?
Don’t worry, there is plenty of stuff to still access relating to the conference. Here are some of the highlights that we particularly enjoyed…
Email security firm Abnormal Security has launched CheckGPT, a new tool designed to detect AI-generated email attacks. CheckGPT determines the likelihood of a BEC or other social engineering attack being created using generative AI.
Adaptive Shield has launched Identity Threat Detection and Response (ITDR) capabilities to help organizations mitigate identity-related threats. The capabilities can be paired with the company’s SaaS Security Posture Management (SSPM) solution.
Application security posture management (ASPM) firm Bionic has launched a new ServiceNow Service Graph Connector that provides security teams with a real-time configuration management database (CMDB) of their cloud applications, microservices, and dependencies in production. It also unveiled Bionic Events, a feature that correlates application changes to overall security risk.
Forensics and incident response platform Cado Security has unveiled new capabilities of its open-source volatile artifact collection (VARC) tool. The latest features enable proactive scanning for malicious activity powered by YARA rules.
Cycode presented new capabilities of its Application Security Posture Management (ASPM) platform at the Black Hat conference. This includes hardcoded secrets detection in cloud-based workplaces, a collaboration with Azure DevOps pipelines to ensure supply chain integrity, and a new IDE plug-in for VS Code integration.
CrowdStrike has announced a new Counter Adversary Operations offering, which brings together Falcon Intelligence, Falcon OverWatch managed threat hunting teams, and telemetry events from the Falcon platform to detect, disrupt and stop adversaries. The first Counter Adversary Operations offering is Identity Threat Hunting.
MDR firm eSentire has enhanced its SMB-focused XDR platform with a new MDR Agent, which provides full-scale threat prevention, detection, response and investigation capabilities.
OPSWAT has published the results of its 2023 threat intelligence survey, which shows that only 22% or organizations have a fully mature threat intelligence program and 62% recognize the need for additional investments. Only 11% of respondents currently use AI for threat detection, but 56% are optimistic about its use in the future.
Radiant Security has emerged from stealth mode with an AI-powered SOC co-pilot designed to boost SOC effectiveness and productivity by streamlining and automating alert triage, incident investigation, incident containment and remediation, escalation and approval workflows, and resiliency improvements.
Cloud exposure management firm XM Cyber has enhanced its continuous exposure management capabilities, extending customers’ ability to address hybrid cloud AD attacks and prioritize and remediate threats.
Black Hat 2023 provided a comprehensive exploration of the evolving cybersecurity landscape, with a focus on the pivotal role of AI and the pressing need for collaboration and innovation in addressing emerging threats. The conference underscored the interconnected nature of our digital world and the collective responsibility to ensure its security. As AI continues to shape the future, events like Black Hat serve as crucial platforms for knowledge exchange and skill development to safeguard the digital realm for years to come.