Black Hat USA 2024 Activities and Preview
Black Hat USA 2024 Activities and Preview
It’s that time of year again—the annual pilgrimage to Las Vegas for Black Hat USA and DEF CON. With this post, I’d like to point out a few of the events the research team will participate in and a few of the talks at Black Hat USA that I’m personally excited about. Several members of the Research team will be in Vegas for both Black Hat USA and DEF CON. We’d love to say hi and talk shop.
Note: If there are any last minute additions, they’ll be added to this post.
Kudelski Security Research at BHUSA
The following is a list of the talks and events that the Kudelski Security Research Team is participating in at Black Hat USA. This year threatens to be my busiest Black Hat ever, I guess I should wear comfortable shoes.
Day Zero
This year, Day Zero is a networking event and preview reception that will be held on Tuesday, August 6th, from 3 pm – 5 pm. I’ll be one of the Review Board representatives, answering questions, providing feedback and advice on submissions and presentations, and pretty much anything else you’d like to discuss.
AI Track Meetup
This year, I’ll be hosting the new AI Track Meetup. Black Hat is setting aside space for networking on specific content areas. This is a zero-stress environment where you can discuss AI challenges and topics with fellow attendees and speakers. I’m also happy to discuss AI track specifics, content, as well as feedback on submitting to the track. Chatham House rule will be in effect, so feel comfortable sharing and don’t worry if there are things you don’t know about, we are all learning together.
AI Safety and You: Perspectives on Evolving Risks and Impacts
The Forward Focus track is all about unsolved problems and emerging concerns. In this briefing, we tackle the topic of AI Safety and how it impacts organizations. Many think AI safety is only about existential risk, but that’s not the case AI safety is something every company needs to be concerned about. Join us for a discussion of the very real risks and impacts that organizations encounter today and what they can do about it.
- AI Safety and You: Perspectives on Evolving Risks and Impacts
Quantum Security: Myths, Facts, and Realities
Join us for a conversation on quantum security, where we dispell some myths and cover some facts about the impact of quantum computers on security. During this discussion we’ll cover the risks and concerns as well as provide some information on where organizations can start to address these risks.
- Quantum Security: Myths, Facts, and Realities
Locknote: Conclusions & Key Takeaways from Black Hat USA 2024
The Locknote is a look back on the content from Black Hat USA 2024 from review board members. I’ll be on stage participating, sharing my perspective, and answering questions. I’m sure there will be some discussions of AI, after all, how can their not be this year. Come join us for the last session of BHUSA. I’ll also be around to chat afterward. The Locknote is open to all pass types.
- Locknote: Conclusions & Key Takeaways from Black Hat USA 2024
Highlighted Talks
There are plenty of amazing talks at Black Hat USA this year, and there is not enough time to see them all. The good thing about the AI talks I’m highlighting is that they cross into different areas of cybersecurity. So, there’s something for everyone. It’s AI heavy, but that’s to be expected, especially this year.
Practical LLM Security
With so much hype and opinion spouting, it’s important to know where the rubber meets the road, especially with everyone trying to shove LLMs into absolutely everything. People are being confronted with challenges every day. This is why it’s important to have some practical takeaways that you can start using immediately after you return to work. This is why I’m excited about Rich’s talk.
- Practical LLM Security: Takeaways From a Year in the Trenches
Security Response and Threat Hunting
I’ve pulled no punches in my claims that generative AI is overhyped. However, overhyped doesn’t mean useless. A couple of areas where generative AI can provide value to organizations is in the areas of security response and threat hunting.
We have two talks that highlight this area. These two talks provide valuable food for thought on how to replicate these approaches to work in your environments.
- Predict, Prioritize, Patch: How Microsoft Harnesses LLMs for Security Response
- Threat Hunting with LLM: From Discovering APT SAAIWC to Tracking APTs with AI
Reinforcement Learning talks
I’m a fan of reinforcement learning. Before everyone lost their minds over generative AI, reinforcement learning paved the way for solving difficult problems. This year, there are two very interesting reinforcement learning talks from different perspectives, one offensive and one defensive. These are cutting-edge approaches, and as such, it’s important to highlight the risks as well as the applications of the technology.
- Deep Backdoors in Deep Reinforcement Learning Agents
- Reinforcement Learning for Autonomous Resilient Cyber Defense
LLMs and Malware Analysis
Using LLMs for malware analysis is nothing new. However, where these approaches have fallen on their face is when the context window isn’t big enough or when the malware is obfuscated. One way to address obfuscation is by taking a neural-symbolic approach. This approach may be a bit in the weeds for some, but it is pretty cool research.
- Attention Is All You Need for Semantics Detection: A Novel Transformer on Neural-Symbolic Approach
.webp)
