Attivo Networks Blogs

What to See and Do at Black Hat 2019


Authored by: Carolyn Crandall, CMO & Chief Deception Officer – It’s that time of year, and Black Hat is back in town. Cybersecurity professionals (and from what I hear, clouds of grasshoppers) will soon be gathering in the Las Vegas desert. Whether drawn by the bright light of the Luxor or the desire to network, learn, and discuss cyber issues, Black Hat 2019 is the place to be. For the past several years I have enjoyed sharing a few of my most anticipated trainings, briefings, speakers, and other events with our blog readers in the runup to the event, and this year is no exception. Black Hat 2019 promises to be an exciting event, with topics of conversation including election hacking, innovations in detection and response, and artificial intelligence.

Before we even dig into the event itself, though, I recommend taking a look at what Black Hat USA has been up to lately. Earlier this month, the organization published a study indicating that many peoples’ private information is already available to criminals, putting U.S. elections and critical infrastructure at serious risk. This research will surely inform many critical discussions at the conference, including many of the events listed below.

Now, on to a look at some of the interesting happenings planned for next week!

– On Wednesday, August 7, Dino Dai Zovi will deliver the conference’s keynote address, titled “Every Security Team is a Software Team Now.” The speech will discuss the fact that services and products in every field are becoming more and more driven by software, as well as its implications for the cybersecurity field.

– Attivo Networks CTO Tony Cole will be emceeing Wicked 6 Cyber Games event, a fundraiser by the Women’s Society of Cyberjutsu to benefit women and girl hacker camps.

– Attivo Networks Chief Security Strategist Chris Roberts will also be speaking at BSidesLV, where he will give a presentation titled “Now that you hacked the plane, what are you going to do about your career?” He will share some insights on his own career, as well as thoughts on how others can maximize their career development opportunities at the event.

– On August 3-4, Pentester Academy will run a training titledActive Directory Attacks for Red and Blue Teams.” I recently wrote an article on the evolution of red and blue team exercises, and I look forward to hearing what experienced red and blue teamers have to say on the topic. Attivo also announced new technology for detecting live AD attacks.

– On a similar note, Pentester Academy will also host a training titledAdvanced Wifi Exploitation for Red Teams and Blue Teams.” This training will include a discussion of how deception technology applies to the topic.

– Gregory Conti and David Raymond will run a training titledInformation Operations – Influence, Exploit, and Counter,” which will include information on deception and counter-deception techniques in both theory and practice.

– Social engineering attacks continue to plague many organizations, as phishing scams and other people-focused attacks persist. The “Achieving Security Awareness through Social Engineering Attackstraining will help attendees think like an attacker and find new ways to train employees to detect such attacks effectively.

– Coalfire Systems will run a session titledAdaptive Penetration Testing” on August 3-4. It should be an interesting session on tools and techniques for successful pen-testing. I am sure that there will be a lot of great ideas, though I would definitely encourage that deception technology be a part of every Blue Team’s tool kit.

– John Strand will host a training session titled “A Guide to Active Defense, Cyber Deception, and Hacking Back” on August 3-6. The topic is a popular one, and these trainings have already sold out, but keep an eye on the conversations that come out of this session.

– Emerging attack surfaces have been a major focus of mine recently, and the team will be running a training session on “Applied Hardware Attacks on Embedded and IoT Systems.” For those interested in protecting IoT and other emerging attack surfaces, this session promises to be informative.

Live Streams Worth Watching
– BrightTALK will be live streaming a number of their events at Black Hat, including “Earning a Place at the Table, Bringing Security to the Board Room,” “Security Without Borders in the Multi-Cloud,” and “Ask the IoT Security Expert: Identifying Risks and Addressing Challenges.” You can catch these and other discussion live streams here.

– The experts at Security Weekly will also be broadcasting live from Black Hat, and you can tune in to hear them talk about a number of topics via their website. Carolyn Crandall, Chief Deception Officer, will be one of the speakers interviewing with Security Weekly. To learn more about deception technology and hear about the latest innovations to the ThreatDefend platform, tune in at 10:15 PDT on Thursday, August 8.

Interesting Booth Happenings
– You’ll naturally want to stop and say hello at the Attivo Networks booth and snag a cool wolf in sheep’s clothing plush! You can find us in Booth #1300, where we’ll be showcasing the ThreatDefend portfolio and be providing information on how Attivo can now effectively lock down the endpoint so that attackers cannot advance their attacks. These innovations have the ability to detect live attacks on AD and to turn every endpoint into a network decoy. You will also have a chance at winning one of three Ekster Smart Wallets if you tweet at or about us during the event.

– Pay a visit to Cybrary (Booth # 1265) and learn more about their training programs. You can also snag yourself a free t-shirt by registering on their website. Sharing your Cybrary story will provide you a shot at being featured on their YouTube channel. Cybrary will also host a VIP party for security leaders in the Eyecandy Lounge on August 7, which you won’t want to miss.

– Want a chance to win something cool? Stop by the Thales Security booth (Booth #1200) to take their underwater virtual reality challenge. You’ll learn about protecting your data and might even win an Oculus Go VR headset!

– On a similar note, Booz Allen Hamilton will have a Capture the Flag challenge ready for attendees at Booth #500. You could win prizes of up to $1,000!

– Many of Attivo’s integration partners will also be taking part in the event, including:
o Carbon Black will also offer a chance to win Oculus VR glasses—you can visit them in Booth #522 for on-site demos and an opportunity to learn about Carbon Black’s cloud-native endpoint protection platform.

o Naturally, Cisco will have a sizable Black Hat presence, and you can visit them in a number of places: Booths #604, #675, and #CZ100. They’ll be offering theater sessions every 20 minutes, as well as demos and glow-in-the-dark shirts!

o Those interested in recapturing their childhood should visit Demisto in Booth #1138. Not only will you get to learn more about Security Orchestration, Incident Management, and Interactive Investigation, but you’ll also have a chance to play around in their ball pit.

o Visit our friends at FireEye in Booth #504. They’ll be debuting FireEye Expertise Unplugged, a speaking session bringing real security experts right to the show floor.

o Check out McAfee in Booth #914 or register for the McAfee/IBM Security/Citigroup Executive Customer Dinner for an opportunity to get to know your McAfee and IBM executive account team.

o Visit the Palo Alto Networks Booth #814, where you might have a chance to build your very own light-up Cyb0rG dUck(y). They’ll also feature technical demos, in-booth presentations, and giveaways.

o Finally, you can find Splunk in Booth #1022 to learn about the Splunk Security Operations Suite and hear from leading information security experts on how to modernize your security operations.

Evening Events
There are always plenty of opportunities to network at Black Hat—or even just to grab a drink with fellow security experts. What can I say? Black Hat attendees like to have a good time, too. Below are a few of the after-hours events that should be worth attending.

Tuesday, August 6
– 5:30 p.m. – 7:30 p.m. Is golf or gaming your thing? Then SentinelOne’s party might be just your speed.

– 6:00 p.m. – 8:00 p.m. Netskope, TITUS, and VERA will be throwing an exclusive Cloud Security Lounge Mixer, so if cloud security is your thing this is where you’ll want to be.

– 8:00 p.m. Cofense will be kicking off the Black Hat party by taking over the House of Blues with Crowd Theory, one of the most popular party bands on the strip.

– 5:00 p.m. – 10:00 p.m. Synopsys will be hosting codenomi-con, an exclusive networking event at the Skyfall Lounge in the Delano Hotel, featuring networking, entertainment, and thought leadership from industry leaders—not to mention a great view of the Las Vegas strip.

Wednesday, August 7
– 7:00 p.m. – 9:00 p.m. Nisos & Ninja Jobs are hosting a cocktail party and panel discussion on maximizing career potential for cybersecurity experts. Get the most out of your expertise!

– 7:00 p.m. – 10:00 p.m. Join AT&T Cybersecurity and Digital Shadows for the 2019 Security Leaders VIP party at the Eye Candy Lounge. Don’t forget to register.

– 8:00 p.m. – 12:00 a.m. Like surprises? Then check out the Cisco Security party at Jewel nightclub, which promises delicious food, drinks, and a “mesmerizing” light show…as well as “special surprise entertainment.”

– 9:00 p.m. Billing itself as Black Hat’s “premiere party,” ZeroFOX will throw its annual LEVEL UP event, featuring a retro arcade and a 180-degree view of the strip.

Thursday, August 8
– 5:30 p.m. – 10:00 p.m. Black Hat’s final party is Cloudflare’s gathering at the Libertine Social Lounge, featuring hor’s d’ oeuvres and cocktails. If you aren’t ready to say goodbye to the conference just yet, this is the place for you.

Whatever you choose to see and do at Black Hat 2019, I look forward to seeing you there!

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

14 + 3 =

Ready to find out what’s lurking in your network?

Scroll to Top