Black Hat Briefings (commonly referred to as Black Hat) is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world. Black Hat brings together a variety of people interested in information security ranging from non-technical individuals, executives, hackers, and security professionals. The conference takes place regularly in Las Vegas, Barcelona, London and Riyadh. The conference has also been hosted in Amsterdam, Tokyo, and Washington, D.C. in the past.
The first Black Hat was held July 7-10, 1997 in Las Vegas, immediately prior to DEF CON 5. The conference was aimed at the computer industry, promising to give them privileged insight into the minds and motivations of their hacker adversaries. Its organizers stated: "While many conferences focus on information and network security, only the Black Hat Briefings will put your engineers and software programmers face-to-face with today's cutting edge computer security experts and 'hackers.'" It was presented by DEF CON Communications and Cambridge Technology Partners. It was founded by Jeff Moss, who also founded DEF CON, and is currently the Conference Chair of the Black Hat Review Board. These are considered[by whom?] the premier information security conferences in the world. Black Hat started as a single annual conference in Las Vegas, Nevada and is now held in multiple locations around the world. Black Hat was acquired by CMP Media, a subsidiary of U.K.-based United Business Media (UBM) in 2005.
Black Hat is typically scheduled prior to DEF CON with many attendees going to both conferences. It has been perceived by the security industry as a more corporate security conference whereas DEF CON is more informal.
The conference is composed of three major sections: the Black Hat Briefings, Black Hat Trainings, and Black Hat Arsenal.
The Briefings are composed of tracks, covering various topics including reverse engineering, identity and privacy, and hacking. The briefings also contain keynote speeches from leading voices in the information security field, including Robert Lentz, Chief Security Officer, United States Department of Defense; Michael Lynn; Amit Yoran, former Director of the National Cyber Security Division of the Department of Homeland Security; and General Keith B. Alexander, former Director of the National Security Agency and former commander of the United States Cyber Command.
Training is offered by various computer security vendors and individual security professionals. The conference has hosted the National Security Agency's information assurance manager course, and various courses by Cisco Systems, Offensive Security, and others.
Arsenal is a portion of the conference dedicated to giving researchers and the open source community a place to showcase their latest open-source information security tools. Arsenal primarily consists of live tool demonstrations in a setting where attendees can ask questions about the tools and sometimes use them. It was added in 2010. ToolsWatch maintains an archive of all Black Hat Briefings Arsenals.
Antics and disclosuresEdit
Black Hat is known for the antics of its hacker contingent, and the disclosures brought in its talks. Conference attendees have been known to hijack wireless connections of the hotels, hack hotel television billing systems, and in one instance, deploy a fake automated teller machine in a hotel lobby. In 2009, web sites belonging to a handful of security researchers and groups were hacked and passwords, private e-mails, IM chats, and sensitive documents were exposed on the vandalized site of Dan Kaminsky, days before the conference. During Black Hat USA in 2009, a USB thumb drive that was passed around among attendees was found to be infected with the Conficker virus, and in 2008, three men were expelled for packet sniffing the press room local area network.
In the past, companies have attempted to ban researchers from disclosing vital information about their products. At Black Hat USA in 2005, Cisco Systems tried to stop Michael Lynn from speaking about a vulnerability that he said could let hackers virtually shut down the Internet. However, in recent years, researchers have worked with vendors to resolve issues, and some vendors have challenged hackers to attack their products.
- "Black Hat". blackhat.com.
- "Computer Security Conferences Attract Both Hackers, Anti-Hackers". Fox News. 4 August 2006. Archived from the original on 30 July 2013. Retrieved 15 August 2009.
- "The Black Hat Briefings USA 1997 Information".
- "Black Hat". blackhat.com.
- "Black Hat ® About Black Hat". blackhat.com.
- "UBM news releases". Media. Retrieved 2016-11-03.
- "CMP Media Buys Black Hat". Retrieved 2016-11-03.
- "Error". Archived from the original on 2009-02-11. Retrieved 2009-08-15.
- "Commander of U.S. Cyber Command and National Security Agency Director, General Keith Alexander, To Keynote Day One of Black Hat USA 2013" (Press release). WWBT-TV NBC 12, WorldNow (Gannaway). May 14, 2013. Archived from the original on June 15, 2013. Retrieved June 13, 2013.
- "Announcing the Kali Linux Dojo". Offensive Security. May 28, 2014. Retrieved April 15, 2019.
- "Black Hat ® DC 2009 Training Index". blackhat.com.
- "Black Hat ® Europe 2009 Training Index". blackhat.com.
- "Black Hat Technical Security Conference: USA 2010 // Black Hat Arsenal: Call for Tools". blackhat.com.
- "ToolsWatch.org – The Hackers Arsenal Tools Portal » Arsenal". www.toolswatch.org. Retrieved 2016-11-03.
- "Hanging with hackers can make you paranoid". CNN. 4 August 2009. Archived from the original on January 22, 2015.
- "Security Expert: PC Media Players Full of Holes". Fox News. 3 August 2007. Archived from the original on 6 December 2010. Retrieved 15 August 2009.
- "Microsoft Dares Security Experts to Find Holes in Windows Vista". Fox News. 4 August 2006. Archived from the original on 30 July 2013. Retrieved 15 August 2009.
- "Microsoft Challenges Hackers On Vista". CBS News. 3 August 2006.
- "Hackers expose weakness in trusted sites - Technology & science - Security". NBC News. Associated Press. 2 August 2009. Retrieved 2014-10-09.
- Adi Nae Gamliel (July 31, 2017). "Black Hat 2017: Reflection of $82B innovative industry and security professionals protecting the evolution of digital transformation". LinkedIn.