Black Hat has been an intriguing occasion for me. You get the call from malicious hackers who prey on “white hat” moral defenders, but the audience is full of (figurative) white hats from the corporate IT world. It was held on a particularly smaller scale than the RSA conference, with a focus on education and deepening the technical facets of coverage suites and architectures for cybersecurity professionals. The origin of this compilation dates back to 1997, the same year Steve Jobs returned to Apple, and long before our modern IT landscape took shape.
This year I attended Black Hat in Las Vegas for the first time. I came away appreciating what the convention aims to accomplish, especially given the industry’s need for well-trained cyber professionals. Let’s take a look at some of the key topics, security infrastructure announcements, and conversations that came out of the event.
Unsurprisingly, the Black Hat USA 2024 keynote focused on the recent CrowdStrike computer outage and the upcoming U. S. presidential election. In November. Voter fraud has existed for centuries in the form of voter suppression and poll manipulation, however, technological advances have further increased its scale and subtlety. Modern schemes aim to harness voter misinformation and influence the effects of elections by spreading disinformation and risk campaigns. This is a serious fear that deserves careful consideration. The Center for Internet Security is a valuable resource in this regard, providing equipment and resources to fight back. attacks through malicious actors sponsored by a geographic region.
As I also expected, the educational sessions and breakout sessions on Black Hat focused on identity access management, knowledge protection, risk detection and response, cybersecurity shared duty, endpoint security, and cloud security. From my point of view, identity has become the trick of the day. GenAI enables new sophistication in the creation of deepfakes and social engineering breaches that drive ransomware attacks, denial-of-service attacks, and knowledge theft. With all this in mind, it’s worth highlighting several security infrastructure announcements just ahead of Black Hat USA 2024.
Cisco: Cisco recently celebrated the 10th anniversary of its Talos risk intelligence platform. Launched in Black Hat in 2014, Talos provides malware detection and prevention capabilities for many of Cisco’s security solutions. What I like about Talos is that it’s an open platform that encompasses some two hundred associations contribute to the stance of the cybersecurity industry as a whole.
Fortinet: Fortinet recently announced a knowledge loss prevention acquisition: Next DLP. Fortinet believes it can evolve its anomaly detection and classification capabilities by leveraging Next DLP’s device learning and AI intellectual property. At first glance, this seems to be a compelling capability that enables threat control across a wide variety of secure network deployments.
Hewlett Packard Enterprise – Network Detection and Reaction can be an effective tool for tracking and detecting suspicious activity. HPE Aruba Networking recently announced its offering that applies AI to behavioral analysis. To be effective, infrastructure providers will need to have gigantic lakes of knowledge to exercise and refine models. HPE is one of the few vendors that can leverage its own insights capabilities to deliver intelligent NDR effects to its customers.
IBM: IBM has announced a new GenAI cybersecurity assistant for its risk detection and reaction system. The company knows that security operations professionals are not only facing a wave of cyberattacks (including AI-based attacks), but they also want to manage alert fatigue while remaining alert. To help solve this problem, IBM believes the new agent can prioritize critical alerts and speed up incident investigation and resolution. On the occasion, I met with the company’s product control and security leadership team and left the discussions inspired by IBM’s functions and breadth. platform, which also integrates with its consulting arm.
Infoblox: Infoblox has introduced a new ecosystem program designed to foster deeper collaboration with Cisco Splunk, HashiCorp, Microsoft and many others. The company simplifies the entire procedure by offering a portal that facilitates the immediate implementation of more than 20 validated integrations. Like this approach, which is a direct reaction to the proliferation of security teams that many organizations face today. It has the prospect of increasing visibility, reducing complexity, and in doing so, driving better security outcomes.
NTT: NTT Security Holdings attended Black Hat USA 2024 and shared their code injection-like transformations. Code injection is a strategy used by malicious actors to hide the malware habit by using the memory of valid processes. This is the definitive form of a Trojan, hard to find (unlike the popular API call monitoring). NTT is studying an automated strategy capable of identifying the injection of malicious code and protecting it against a wide variety of scenarios. On that occasion I met with two members of the NTT team to find out more and it was an eye-opening conversation. This article by NTT researchers is a technical deep dive, but it’s worth a read to become more informed.
Wiz: I also met Wiz for the first time at the event. I was inspired by what the company achieves in cloud security with a comprehensive portfolio and an easy-to-navigate user interface that consolidates multiple features. The company is someone to watch, especially since it recently forfeited a $23 billion payday from Google Cloud in lieu of a future initial public offering (IPO). It’s worth noting that, aside from a few acquisitions, Wiz has developed most of its cybersecurity functions through the development of a biological roadmap. From my point of view, this says a lot about their technical and engineering prowess.
From my perspective, Black Hat USA 2024 touched on all the right topics and, in doing so, did a real service to the cybersecurity industry with deeply technical sessions and education for defenders. Malicious actors will continue to leverage new technologies like GenAI to sophisticate attacks, but this convention has helped mitigate and neutralize cyber threats for approximately three decades. I look to the future, towards long-term Black Hat events, which will take place not only in the United States, but also in Europe, Asia, the Middle East and Africa. Its global presence and focus on security professionals make Black Hat incredibly useful in helping defenders fight smart.
Moorish perspectives
A community. Many voices. Create a free account to share your thoughts.
Our network aims to connect other people through open and thoughtful conversations. We need our readers to share their perspectives and exchange ideas and facts in one space.
To do this, please comply with the posting regulations in our site’s terms of use. We summarize some of those key regulations below. In short, civilized.
Your message will be rejected if we realize that it seems to contain:
User accounts will be blocked if we become aware that users are participating in:
So, how can you be a user?
Thank you for reading our Community Standards. Read the full list of posting regulations discovered in our site’s Terms of Use.