Black Hat USA 2017 | Mandalay Bay | Las Vegas, Nevada

Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days of technical Trainings (July 22-25) followed by the two-day main conference (July 26-27) featuring Briefings, Arsenal, Business Hall, and more. And ITSPmagazine was there!

The Black Hat USA 2017 ITSPmagazine News and Conference Coverage Is Brought to You By:

Ladies And Gentlemen, Live, From Black Hat USA 2017...

Black Hat USA 2017 is now in the past. It was a great event, and we are very excited to share with you all the fantastic conversations we had.

The live panels are now streaming the recorded version, in case you missed it. Click on each image to learn more about the topic, the moderator, the guests, and to watch the panel now.

Conversations from Black Hat 2017

Our Audio News and Podcasts Series are available on iTunes | Stitcher | Soundcloud | TuneIn

And... we are back! 

What a great event this was. We made new friends, met with old ones, and we discussed the status of cybersecurity, privacy, the Internet of Things, Artificial Intelligence, and much, much more.

We covered many topics, but, as you should know by now, we are mostly interested in what is happening at the intersection of IT security and society. We are pleased to report that everyone was more than happy to share their views with us, telling us their stories on the subject. Everyone agrees: we cannot ignore that we live in a cyber society, and we need to make the right decisions, NOW, for the sake of our lives, our businesses, our families, and our future.

More than 40 podcast interviews and expert conversations have been recorded from the event. We will be releasing them as they are ready. Check back often or, even better, sign up for our mailing list to get new content updates from our team. 



Brian Knopf from Neustar discusses security and privacy with the Internet of Things with Sean Martin

In this new episode of audio news coming to you from Black Hat USA 2017, Sean Martin connects with Brian Knopf, Senior Director of Security Research & IoT Architect at Neustar. Brian has been involved with the Internet of Things for quite some time and therefore has a ton of insight into how security and privacy are impacted - especially given the numbers and types of connected devices hitting the market each and every day.

Leading off of his work at I am the Cavalry, Brian remains a proponent for a security and privacy rating system, a system that would give consumers and businesses alike an easier means to understand the trade-offs they are making when using these devices. In short, Brian suggests that when we got security, we essentially lost privacy in certain ways… but both are equally important.

We catch a glimpse into Brian’s genius in this short podcast - I hope you enjoy it.

Shehzad Merchant from Gigamon says it's time for the defenders to take back their advantage

Bad actors are leveraging scalable frameworks and automation to attack their targets. On the other side, companies are still using human-based, manual processes to combat these attacks. The silos within the organization make this even more challenging for them, leaving them to fall behind and face the inevitable. Because of this, it seems the attackers hold the advantage against their targets. However, according to Shehzad Merchant, CTO for Gigamon, we have a chance to reverse the advantage back to the defender. The trick is to leverage the right technologies - such as machine learning + artificial intelligence + automation and orchestration. In order for this to work, however, we need to move from a prevention mindset to one of protection. Think his advice is to have your battles from the inside out using primarily human-driven means? If so, you might want to listen to Shehzad's interview during Black Hat USA 2017 with ITSPmagazine's editor-in-chief, Sean Martin. What he has to say here is short and sweet, but powerful. Enjoy!

Debra discusses privacy with the upcoming GDPR regulation, and Diversity, with RSA's CMO Holly Rollo

Travis Smith, Principle Security Researcher at TripWire, continues his work on My Bro the Elk

Travis Smith, Principle Security Researcher at TripWire, continues his work on My Bro the Elk - working on it in the context of the small and medium sized businesses. Sean Martin, ITSPmagazine's editor-in-chief, originally covered this topic with Travis presenting a session during Black Hat 2015. This ended up being ITSPmagazine’s first on-publication article.

Travis is now focusing on the SMB market as they are a targeted entity and are often underfunded and understaffed. Travis' work with the new My Bro the Elk combines technologies to create insights, and combines them as part of what he calls the "Sweet Security" offering, which monitors network traffic while providing protection as well.

During our conversation, during Black Hat 2017 in Las Vegas, Smith also offers some core best practices, including network segmentation, which is handles virtually with the Sweet Security device. Goodness all around from Travis, for sure.

Interested parties can find the application stack here - is absolutely free -

Those interested in the first article on ITSPmagazine covering this topic can find it here.

Craig Young from TripWire talks with Debra Farber about Android TV device security and privacy

A lot of the security and privacy settings we’ve come to know and expect on our Android phones doesn’t seem to be carrying over to Android TV devices available to buy today. In most cases, the device you buy online may never see an official update from its vendor. This doesn’t mean it won’t get updated - the team at TripWire found that these devices are vulnerable to compromise such that they could be maliciously updated with new firmware, turning on the camera and the microphone - essentially for surveillance purposes.

That cause you to pause a bit? It should. Listen to this conversation between The Privacy Pact's Debra Farber, during Black Hat 2017 in Las Vegas, as Craig Yound from TripWire's Vulnerability Research Team looks at these IoT security privacy challenges we face as a society.

What if you could analyze data while they are encrypted? [ Ellison Anne Williams, CEO and Founder at Enveil ]

Debra Farber, host of The Privacy Pact, met with Ellison Anne Williams, CEO and Founder at Enveil during Black Hat 2017 in Las Vegas. Enveil focuses on securing data while it is being used within business process and not on the data at rest.

Analyzing data without decrypting it is a technology developed for NSA, and it is called Homomorphic encryption; amongst the other things, how does this technology play with the upcoming GDPR?

Listen and find out.

Jeff Bohren describes the challenges with managing identity in today’s hyper-connected world

What are the challenges with managing identity in today’s hyper-connected world? What is the role of federated identity management? How does the General Data Protection Regulation (GDPR) impact how identities are managed? Jeff Bohren, senior software architect for Optimal IDM, spends some time with ITSPmagazine's editor-in-chief, Sean Martin at Black Hat 2017 in Las Vegas. The two explore these topics and more. Listen to find out how companies can leverage federated identities to reduce their exposure to non-compliance with GDPR and how 2FA and MFA needs to be considered as well, but in the context of each business scenario at hand.

Mounir Hahad from Cyphort Labs reminds us: the end goal is to protect our customers and users

Mounir Hahad, Sr. Director at Cyphort Labs connected with ITSPmagazine’s Sean Martin at Black Hat 2017 in Las Vegas

During their conversation, Hahad reminds us all that the end goal for the industry is to protect our customers and provide a safe environment for the end users to conduct their business. With this in mind, Hahad also puts a call out to the industry at large to work together, suggesting that business and technical partnerships should not be limited to the behemoths that want to control the market nor the startups that are looking for a creative, partnership-driven means to enter the market. In other words, it’s going to require all of us to work together if we are to successfully tackle the problem of cybercrime.

As Mounir described the threat landscape for me, he noted that, while accessing malicious content via the web is still a prevalent threat, email seems to be the most common vector for delivery of malicious code - such as that found in some of the recent ransomware attacks. As organizations look to address the threat of ransomware, Mounir offered some fundamental recommendations to help them prepare for a pending ransomware attack: 1) back up your data safely offline, 2) employ a defense in depth model while not relying on a single technology for protection, and 3) patch, patch, patch.

Will the GDPR be a forcing factor for how companies operate their websites? Chris Olson explains.

Aside from the scary penalties and the costs associated with achieving compliance, GDPR has a lot of positives.

GDPR will become a forcing factor for organizations to pay closer attention to how their data is collected, traded, and managed. During Black Hat USA 2017, Debra Farber, host of The Privacy Pact, talks with Chris Olson, CEO of The Media Trust. He suggests that ultimately, GDPR will drive consumer trust in the right direction. Companies can take better control over their data ecosystem, where up to 75% of their web environment is driven by 3rd party code and services.

What makes a business more susceptible to attack? Neill Feather from SiteLock explains.

Websites run the business - and you want yours to be available for good visitors, but how can you tell the good from the bad? To make matters worse, there are a variety of attacks and compromise to consider: it’s not just malware or a denial of service attack that could make or break the business. In fact, based on recent survey data from SiteLock, two-thirds of customers won’t go back to a company whose website had been breached. Feather also suggests that dealing with an attack against a website is very different - and requires very different tools - than an attack resulting in an endpoint compromise. What makes a business more susceptible to attack you ask? You’ll want to listen to this interview with Neill to find out. He shared his insights on these topics, and more, during his chat with ITSPmagazine's Sean Martin during Black Hat 2017 in Las Vegas.

Prof. Stefano Zanero (Politecnico di Milano) Tells ITSPmagazine Why Just NOT REJECTING Someone Isn’t Enough When It Comes to Inclusion

Stefano Zanero, Associate Professor in the Computer Engineering Department at Politecnico Milano, sat down with Selena Templeton, host of Diverse IT, to discuss Queercon at at Black Hat 2017 in Las Vegas.

Tune in to hear about the largest social network of LGBT hackers from around the world, the importance of having professional role models who “look” like you, the difference between European and American hacking conferences when it comes to minorities and women, and why just not rejecting someone isn’t enough when it comes to inclusion.

Selena Templeton, discusses DIVERSE IT with Rami Essaid - Co-founder & CEO - Distil Networks

Co-founder and CEO of Distil Networks Rami Essaid sat down with Selena Templeton, host of Diverse IT, at Black Hat 2017 in Las Vegas to discuss how it takes a village to tackle diversity.

Tune in to hear about Distil Network’s new Women Forward in Technology Scholarship Program, how the U.S. travel ban has impacted Rami personally, his company and the cyber industry, the importance of three white male leaders constantly challenging each other to create a diverse and inclusive organization, and how to tackle an unconscious bias that you aren’t aware of – in humans and AI.

Power To The People - Knowledge Is Power.
A podcast with Chris Roberts and Dr. Christopher Pierson.

This podcast is a post live panel conversation, following “Power To The People - Knowledge Is Power,” during Black Hat 2017 in Las Vegas.

Sean Martin and Marco Ciappelli invited Chris Roberts - Chief Security Architect at Acalvio Technologies - and Dr. Christopher Pierson - Chief Security Officer and General Counsel at Viewpost - to hang out with us and have a chat. 

It is an interesting conversation. We invite you to listen to it.

We started discussing the status of Artificial Intelligence and Machine Learning in today's cybersecurity solutions. What is possible, what is not, and what is “marketing” making appear today’s reality? I took the bullet for that. You are welcome, marketers! 

We also spoke about what is happening with all this big data collection executed by different kind of IoT devices, and what it takes to TRULY turn this into a positive thing for the final users. Privacy and security are concepts that cannot just be built in the products; they have to be built in the companies. It is TRUST. 

There is much more than just convenience in technology nowadays; there are inconveniences too and the only way for the users to be safe - for the time being - is to stay informed and empower themselves. At least enough to understand the basics.

Get ready; this is just the beginning of the Cyber Society. 
The best - or worst - has yet to come.

Episode 437 - Genetic Intelligence

HIPAA (the Health Insurance Portability and Accountability Act of 1996) is legislation that provides data privacy and security provisions for safeguarding your medical information but the act only within the U.S. This means that there's nothing to stop a U.S. genetic testing company from passing that data on to non-U.S. companies. Rusty Sailors, chairman and CEO of LP3-SecurIT, explains what's going on.

Niloo Howe of RSA Talks to Diverse IT About Why We Should Embrace Being Uncomfortable

Selena Templeton, host of Diverse IT, caught up with Niloo Howe, Chief Strategy Officer of RSA, at Black Hat USA 2017 to discuss why a diversity of perspectives is required for innovation. Tune in to hear how different perspectives and experiences drive better top- and bottom-line outcomes, why we should embrace being uncomfortable rather than making the safe choice, why the hell no one knows that Hedy Lamarr wrote the base patent for CDMA technology for secure communications, and steps you can take to bring more diversity to your company.

Debra Farber chats with Chad Holmes from EY about cybersecurity, privacy, and safety

From the halls of Black Hat USA 2017, Debra Farber, host of The Privacy Pact on ITSPmagazine, talks with Chad Holmes, Partner/Principal and Cyber Chief Technology, Strategy and Innovation Officer from EY about filling the cybersecurity talent gap. They also discuss trends in privacy and security that EY sees in the industry and Chad also describes innovation around cyber safety in society.

Paul Myer talks w/Sean Martin during Black Hat 2017, discussing securing OT, Operational Technology

As an industry, we often focus on information technology and information security. And, while the media as a whole covers stories of denial of service attacks and power grid shut-downs, as a general rule, the industry seems to be obsessed with protecting information - protecting the traditional IT systems that manage that data - IP, customer data, and the like. However, based on a conversation I (Sean Martin) had with Paul Myer, CEO of Veracity Industrial Networks, that needs to change - we need more attention paid to the operation technology - or “OT” space.

Listen in as I catch up with Paul during Black Hat USA 2017 - I suspect you’ll look at cybersecurity in a different way after hearing what he has to say.

Do companies have a responsibility to protect their employees? Byron Rashed suggests they do

In this podcast, Sean Martin, co-founder and editor-in-chief at ITSPmagazine, spent some time with Byron Rashed, VP of advanced threat intelligence at InfoArmor during Black Hat USA 2017.

One of the most intriguing parts of the conversation was the focus on moving beyond protecting the business information and customer information, but also protecting the privacy and security of the employees within a business. Organizations have a responsibility to their employees to make sure they are safe - and they also have risk associated with an employee being compromised. This is where threat intelligence comes into play - but not at the expense of human intelligence, warns Rashed.

Listen in to hear how Byron recommends CISOs approach this challenge.

Yuji Ukai & Pablo Garcia, from Tokyo-based endpoint security company, FFRI, from Black Hat USA 2017

Years after working with them at eEye Digital Security, Sean Martin connected with Yuji Ukai and Pablo Garcia, now working for Tokyo-based endpoint security company, FFRI. Yuji is the founder and CEO and Pablo is heading up all of the North American operations for FFRI. During their conversation. they discuss some of the challenges small and medium sized businesses face, with the pair offering some suggestions and tips for this massive group of organizations to consider.

Have you met the GRIMM? We did, in Las Vegas, during Black Hat 2017. This is a great story. Enjoy!

What you are about to listen to is a new episode of The Cyber Society Podcast Series with Marco Ciappelli, which, this time, also happens to be part of the Diverse IT Podcast Series with Selena Templeton.

While in Las Vegas, for Black Hat USA 2017 and DEFCON we had a great conversation with Bryson Bort, Founder and CEO of GRIMM.

We discussed how GRIMM approaches diversity and inclusion, and how companies can really walk the talk if they put their heart into it. We also covered more societal, psychological and philosophical topics around cybersecurity for large companies, small businesses, and most importantly... users.

In the end, it wasn't as scary as we thought; actually, we had a great time.

Listen to this podcast and hopefully, you will learn something while having a laugh or two.

Thank you GRIMM!

Gary Hayslip and Ted Harrington chat with ITSPmagazine after a live panel during Black Hat USA 2017.

Following the ITSPmagazine and BrightTALK live panel session at Black Hat USA 2017, two of the expert panelists - Gary Hayslip from Webroot and Ted Harrington from Independent Security Evaluators - chat with Sean Martin and Marco Ciappelli about the Internet of Things and their impact on businesses of all shapes and sizes.

Alex Horan [Onapsis] discusses the challenges with auditing and GDPR as it relates to ERP systems

Why is it important to audit and meet compliance for your ERP systems? Alex Horan chats with ITSPmagazine's Sean Martin - during Black Hat USA 2017 - as he describes some of the requirements for meeting compliance, using the Global Data Protection Regulation as a model for purposes of discussion. What data do you have, and whose data is it? What are the requirements to protect it from unauthorized access AND what are the requirements for removal of the data when the owner of the data requests.

Angela Messer Discusses the Importance of Putting Measureable Diversity Programs in Place

Following her live panel during Black Hat USA 2017, Booz Allen Hamilton EVP (plus talent champion and innovation officer!) Angela Messer, sat down with ITSPmagazine’s Selena Templeton, host of Diverse IT, to chat about how her company is tackling diversity and inclusion. Tune in to hear her thoughts and experience on being the “SheEO” speaker at a STEM high school, how their CEO walks the talk by being one of 200 members of CEO Action for Diversity & Inclusion, why diversity is about so much more than just building a diverse workforce, and the importance of putting concrete programs, with goals, metrics and outcomes, in place.

The Internet of Things status quo is a mess. We need trust and transparency, and we need it now.

Today's conversation is with Ashwin Krishnan, Senior Vice President of Products & Strategy at HyTrust.

After a great podcast about the Moral Compass for Autonomous Vehicles that Ashwin had with Sean Martin, Marco Ciappelli took over the torch and invited Ashwin to join the Cyber Society Podcast on ITSPmagazine.

The two met during Black Hat 2017 in Las Vegas, a day after we all learned that Rumba Vacuum Cleaners weren't just collecting dust, bread crumbs and pets hair; oh no, they were collecting map floors of people homes, and who knows what else.

Seriously, what is going on with all this big data harvesting? It is so cheap to do nowadays that companies do it anyway - either they need the data for their product or not. The commercial value may be huge for marketers shortly. But who is allowing companies to collect information about our homes, our cars, our lifestyle, and overall our privacy? How can a user opt-out or opt-in, and decide something that doesn’t even know about?

Listen to this conversation, and you will start getting the picture of the mess we are in with the Internet of Things right now. 

It is complicated, but we need to empower the user, we need knowledge, and we need a Moral Compass and strong ethics.

The Cyber Society needs trust and transparency, and it needs it right now.

Tim Jarrett from CA Veracode talks about application security during Black Hat USA 2017

Tim Jarrett, CA Veracode, talks about application security with Sean Martin during Black Hat USA 2017. What are the drivers behind organizations choosing to invest in application security and who should lead the application security program? How do companies get on top of the problem of insecure components being used in applications? Tim shares his thoughts with us, tying it all together with the Internet of Things and the impact connected devices have on society - due to the vulnerabilities introduced at the application layer.

Joseph Carson, from Thycotic, presents the results of the 2017 State of Cybersecurity Metrics Report

Marco Ciappelli met with Joseph Carson, Chief Security Scientist at Thycotic, to discuss the results of the company’s first annual 2017 State of Cybersecurity Metrics Report, 

The report analyzes key findings from a Security Measurement Index (SMI) benchmark Survey of more than 400 global business and security executives around the world.

According to the report, most companies worldwide are failing to measure cybersecurity effectiveness and performance.

More than half of the 400 respondents in the survey, 58 percent, scored an “F” or “D” grade when evaluating their efforts to measure their cybersecurity investments and performance against best practices.

While this sounds bad for big companies it gets even worst when we look at small business. For example: In 60% of the cases they cannot recover from a serious cyber attack.

Listen to this story recorded on the Expo Floor at Black Hat USA 2017 - pardon the background noise.

Mischel Kwon, Founder and CEO of MKA Cyber, talks about diversity scholarships with Selena Templeton

Cybersecurity Diversity Foundation and WGU (Western Governors University) co-hosted a lively reception at Black Hat USA 2017 on Tuesday evening to share an exciting announcement: they are partnering up to offer two full master’s degrees in cybersecurity. ITSPmagazine’s Selena Templeton, host of the Diverse IT podcast, managed to snag CDF Founder Mischel Kwon, who is also Founder and CEO of MKA Cyber, to expand upon this great news. CDF’s mission is to support educational and workplace diversity in the field of cybersecurity. Listen to this 4-minute podcast for more information and how to apply.

Chronicles from the road

News from the road to Black Hat USA 2017


CISO Summit Keynote & Agenda Announced

Michael Chertoff, Chairman and Co-Founder of the Chertoff Group and Former Secretary of Homeland Security, will Keynote the 2017 Black Hat USA CISO Summit. Chertoff's talk "Tomorrow's Computing Challenges" will illuminate proactive measures leaders can take to prepare for tomorrow's security landscape. 

Applications to attend CISO summit are still being accepted. Apply by June 28 for a chance to discuss the future of computing and business amongst leading Security Professionals, July 25 at Four Seasons in Las Vegas.

Black Hat USA 2017 Schedule

The full lineup of content for Black Hat USA has been announced! The first four days offer more than 80 Trainings, with practical, hands-on courses for everyone from the novice to the advanced security professional. Then, two days of Briefings will cover everything from the latest mobile hacks, to the impact of WannaCry ransomware, to an analysis of CrashOverride and much, much more. 

The robust schedule of events also includes Arsenal, with presenters showcasing leading open-source tools and solutions, and Day Zero, a guide to making the most out of Black Hat presented by members of our Review Board. We'll also host a panel on "Making Diversity a Priority in Security," and offer dynamic Career Track presentations for navigating your security employment landscape. Don't miss this unique opportunity to experience the world's premier Info Sec event. Pricing increases July 7 at 23:59 PT. Register today to join the us in Las Vegas, July 22-27, 2017. 

Making Diversity a Priority in Security

Once again, Black Hat USA brings Kelly Jackson Higgins, Executive Editor, to moderate a panel of professionals discussing diversity in Information Security industry.

The number of women in the security industry has plateaued at 11% for several years with minorities representing less than 12% of the workforce. These statistics are frequently cited and questioned. This years panelist will discuss actions employers have taken and can continue to implement to move the needle forward and recruit and retrain more women, minorities, and LGBTQIA security talent.

Join moderator Kelly Jackson Higgins and the expert panelists listed below at Black Hat USA on Wednesday, July 26 from 15:00-16:00. 


Aubrey Blanche
Global Head of Diversity & Inclusion, Atlassian

Juliet "Jules" Okafor
Co-Chair of the Strategic Advisory Board and Chair of the Strategic Initiatives Committee, International Consortium of Minority Cybersecurity Professionals and VP of Global Business Development, Fortress Information Security

Anthony Johnson
Managing Director and Business Information Security Officer for the Corporate & Investment Bank (CIB), J.P. Morgan Chase & Company

Rick Howard
Chief Security Officer (CSO), Palo Alto Networks

Spotlight: Internet of Things

Black Hat USA brings more than 100 Briefings to Mandalay Bay, July 26-27, 2017. Viewing Briefings by Track groups talks by theme or length of time to help you navigate the expansive array of content. This year's lineup is divided in to 17 Tracks, including trending topics such as Internet of Things. 

Predominance of Internet of Things (IoT) related breaches has heightened concern over the security of network connected devices and need for advanced expertise. Navigate the dynamic threat landscape with Black Hat USA Briefings. This year's lineup includes more than 100 talks, divided in to 17 Tracks. Viewing Briefings by Track groups talks by theme or length of time to help you navigate the expansive array of content. Check out the IoT Track to begin customizing your Black Hat USA experience.

Alex Stamos, Facebook CSO will Keynote Black Hat USA 2017

Known for his cybersecurity prowess and expertise in global scale infrastructure, trustworthy system design, and mobile security, Stamos will take the stage to present a critical analysis of the current state of the global security industry in his Keynote "Stepping up our game: Re-focusing the security community on defense and making security work for everyone."

Currently serving as CSO at Facebook and Black Hat Emeritus Review Board member, Alex Stamos is committed to bringing more openness and collaboration to the InfoSec community. Throughout his career Stamos has served as an advocate for privacy, making headlines in 2014 for speaking out against the NSA over its use of mass surveillance. Stamos will take the keynote stage to explore how the Information Security community can adapt to better confront the obstacles they face as security practitioners. Presenting a call to action, specifying the ways security practitioners can better protect the world. 

New BHUSA Briefing

Robert M. Lee, CEO and Founder of Dragos, will be presenting a Briefing entitled: CRASHOVERRIDE: Zero Things Cool About a Threat Group Targeting the Power Grid at Black Hat USA next month in Las Vegas.

Black Hat USA 2017 Arsenal Tools Lineup Announced

Independent researchers and the open source community will once again showcase their latest open-source tools and products at Black Hat USA! Presenters will provide attendees with live, interactive demonstrations in an open, conversational environment.

This year's lineup includes everything from automated security testing tools to payload generators and more. Check out a few of the highly-anticipated tools and view the complete list below to begin planning your time at Black Hat USA.

Fuzzapi – Fuzzing your RESTAPIs since yesterday

Gone In 59 Seconds – High Speed Backdoor Injection via Bootable USB

Objective-See's macOS Security Tools

PtIoT – An Automated Security Testing Framework For the Internet of Things

WSSIP – A Websocket Manipulation Proxy



Making Diversity a Priority in Security - Panel
Wednesday, July 26 | 15:00 - 16:00 | Level 3, Banyan ABC

You've probably seen the data: The number of women in the security industry has plateaued for several years now at about 11%, and minorities represent less than 12% of the workforce, in an industry that continues to struggle to fill empty positions. The good news is that there are now real-world programs and initiatives under way in the industry and by employers to recruit and retain more women, minorities, and LGBTQIA security talent. Learn what's being done and how you can help create a more diverse and well-rounded security industry – and what still needs to be done. A panel of security experts will share their efforts in helping achieve a diverse industry. More Information >>


Challenges and Opportunities for Women in Cybersecurity - Career Track Session
Wednesday, July 26 | 11:30 – 12:20

With an overall lack of women in Science, Technology, Engineering and Math (STEM), perhaps it's not surprising that women only make up 11 percent of the global information security workforce, according to the Center for Cyber Safety and Education and Executive Women's Forum on Information Security, Risk Management & Privacy's Global Information Security Workforce Study. What is surprising, however, is that women in this industry are more highly educated than men, yet few hold senior-level positions and earn less money. More Information >>



Black Hat partnered with The International Consortium of Minority Cybersecurity Professionals (ICMCP) to award twenty-five (25) Briefings packages to ICMCP students and practitioners. ICMCP works to achieve the consistent representation of women and minorities in the cybersecurity industry through programs designed to foster recruitment, inclusion and retention – one person at a time. Packages include a Black Hat USA 2017 Briefings pass, round-trip transportation to Las Vegas, and three nights hotel accommodations. Award recipients will receive a once-in-a-lifetime opportunity and introduction to a potential new or enhanced career path.


Future Female Leaders Scholarship

Black Hat and The Executive Women's Forum are pleased to announce the 3rd year of the Future Female Leaders Scholarship Program. We will be awarding 50 complimentary Academic Passes to female university students who demonstrate a passion for Information Security as well as a proven history of related experience and coursework. More Information >> 


Peer-to-Peer Mentoring and Networking Event
Thursday, July 27 | 14:30 – 15:30 | Banyan D, Level 3

Join Women in Security and Privacy at Black Hat to mingle and network with privacy and security professionals. Also, consider becoming part of the Women in Security and Privacy Tandems program. It's our peer-to-peer mentorship program, which connects you with a partner who has a different background, expertise, and a different network. Why? We believe that you bring unique value to your women peers, no matter which career stage you're at. Knowledge is fluent and leadership manifests at every career level. You can find your Tandem partner right here, and sign up to be matched in our next round of the program, starting in September!


Black Hat is pleased to announce the return of the Black Hat Student Scholarship Program. As a way to introduce the next generation of security professionals to the Black Hat community, we will be awarding complimentary Black Hat USA 2017 Academic Briefings Passes to a limited number of student applicants. Each Academic Pass allows full access to all Briefings on Wednesday, July 26 and Thursday, July 27.


July 26 | 10:00 - 19:00
July 27 | 10:00 - 17:00

The Business Hall features many of the industry's top solution providers and start-ups, showcasing the latest tools, technologies and services supporting the security community. The 2016 expansion brings more opportunities for vendor, attendee and community engagement, including:

  • Vendor Sessions – One-hour sponsored presentations in the Business Hall Theater, presented by leading researchers and security experts
  • Attendee Networking Lounge – The primary destination for attendees to network, conduct informal meetings and enjoy food and beverages


July 26 | 10:15 – 17:10 

The Black Hat Career Track is designed to help individuals identify options and make informed decisions about their careers in information security. This program will examine different facets of the industry – including current challenges and opportunities, security training and certifications, and how you can channel your skills to advance your career. 


July 25 | 07:00 - 18:00 | Four Seasons

Co-located with Black Hat USA, 150+ security-focused executives from Fortune 1000 corporations and federal agencies are invited to apply to attend a full-day, interactive program consisting of high-level discussions, practical application, and strategic insight on topics unique to Black Hat. 


Black Hat USA will once again provide the venue for the Pwnie Awards, InfoSec’s premier award show celebrating the achievements and failures of the security community over the past year.

For more information about the awards or to submit a nomination, please visit the official Pwnie Awards website.


July 27-30 | Caesar’s Palace, Las Vegas

Planning on attending DEF CON this year but don't want to head to Caesar’s Palace and potentially miss out at Black Hat? As a registered Black Hat USA 2017 Briefings or Training attendee, you can now pre-purchase your DEF CON pass for $260. Black Hat USA is the only place that you can pre-register for DEF CON and you can pick up your badge on-site. DEF CON tickets will not be sold on-site at Black Hat USA. DEFCON passes are non-refundable once purchased. The deadline to purchase a DEF CON voucher in conjunction with your Black Hat USA Briefings or Training pass is Friday, July 21, 2017 at 23:59 ET. 

Within our Black Hat USA Event News and Coverage page you will find a collection of articles from our team or journalists, along with additional word on the street and Black Hat related press. Be sure to follow us on Twitter and LinkedIn, and subscribe to our newsletter to stay connected with us, as we start talking about what is going to happen this year and what we are up to. We sure do have some interesting plans, including live streaming TV Expert Panels, Radio Interviews on the go, and Thought Leadership Articles. All about the Intersection of IT Security and Society, of course.

Sure, this is all great but, where are the Parties?

Here is the list. Take it easy!


Tuesday, July 25 / 17:30 - 20:00 / RX Boiler Room, the Shoppes at Mandalay Bay

Reserve your spot today! Join GuidePoint Security and sponsors for complimentary cocktails and hors d'oeuvres while having interactive discussions with your industry peers and security professionals.
Register at



Tuesday, July 25 / 17:30 - 19:30 / Libertine Social in Mandalay Bay

Join Proficio at an exclusive Whitelist party at Libertine Social in Mandalay Bay. 
Experience Vegas in style with Proficio's founders and executives for an evening of craft cocktails and tasty appetizers. Request an invitation today! This event will book up fast! 
Register at



Tuesday, July 25 / 21:00

Join DarkMatter leaders to learn how we're transforming cyber security and what that means for you and the future of the industry. Enjoy delicacies from the Middle East while you network with the most innovative minds in cyber security. Request an invitation today!
Register at:



Tuesday, July 25 / 21:00 - 1:00

Kick off Black Hat 2017 right! Don't miss the hottest party Black Hat has to offer. RSVP now to join Distil Networks for a night you won't forget! Party the night away with DJ Jazzy Jeff! 
Register at



Wednesday, July 26 | 16:00 – 18:00 | Palm Foyer, Level 3

Black Hat is excited to host Queercon, the largest social network of LGBTQ hackers from around the world, at Black Hat USA 2017. Queercon will host a reception on Wednesday, July 26 onsite at the Mandalay Bay Convention Center in Las Vegas. Queercon continues to grow and now focus on outreach to the LGBTQ community within the IT Security and Hacker Spaces. Learn More>>



Wednesday, July 26 / 17:00 / Border Grill, Mandalay Bay Hotel

Happy hour with Cybereason Wednesday night -- Cocktails, check. Food, check. No sales pitches. No presentations. 5pm, July 26 @ Border Grill
Register at



Wednesday, July 26 / 18:00 – 21:00 / Mandalay Bay Convention Center – Level 3 (Palm B)

IOActive IOAsis Las Vegas 2017 at Black Hat USA is Wednesday July 26th, 6:00 to 9:00 p.m. Join us for great entertainment, food, drinks and surprises with your security peers.
Register at


Wednesday, July 26 / 18:30-21:00 / Fleur, Mandalay Bay Hotel

Got Wednesday night plans? Now you do. Start your Wednesday night off with drinks and appetizers with Digital Shadows, ThreatQuotient, and Farsight Security at Fleur, 6:30-9pm. Register at 



Wednesday, July 26 / 18:30 

Join Digital Guardian, Wednesday, July 26th for our exclusive event. Come share your IT Security war stories and enjoy black car service, handcrafted cocktails and delectable gastronomy in a sophisticated but relaxed atmosphere! Space is limited, learn more. 
Register at 



Wednesday, July 26 / 18:30 

Mimecast Wine & Dine: Experience Vegas and get exclusive insights into new email-borne threats
Register at





Wednesday, July 26 / 18:30 – 21:00 / Libertine Social, Mandalay Bay Hotel

Description: Flashpoint and Anomali present Distilled. -- a night of classic bar food, craft beers, signature cocktails, infosec trivia, and a lockpick village. 

Register at



Wednesday, July 26 / 19:00 – 21:00 / Border Grill, Mandalay Bay

DRINKS AND APPS AT THE BORDER: Join F5 and FireEye threat researchers and security experts for drinks and apps (no download necessary). Get updates on threat research and security strategies. Grab your pass from our booths! 



Wednesday, July 26 / 19:30 – 22:30 / LIGHT Nightclub, Mandalay Bay

Join Optiv at LIGHT Nightclub in the Mandalay Bay Resort & Casino on Wednesday, July 26 from 7:30 p.m. - 10:30 p.m.! LIGHT Nightclub features world-class DJs, video mapping, lighting, exciting special effects and performers!
Register at



Wednesday, July 26 | 20:00-23:00 | Heat of Omnia, Caesars Palace

Don't miss Cisco's customer appreciation event, featuring drinks, food, and a cigar rolling station at the Heart of Omnia, Caesars Palace on Wednesday, July 26, from 8 to 11:00 p.m. Registration is required.
Register here.



Wednesday, July 26 / 20:30 – 24:00 / Skyfall Lounge, Mandalay Bay

Level Up Black Hat Party: Game on! RSVP for the Black Hat party you won't want to miss. Take Sin City's most breathtaking elevator ride to the top of the Delano hotel and Level Up against fellow attendees in our retro arcade featuring over 200 classic video games. Enjoy 180-degree views of the strip while sipping on custom cocktails – PacManhattan, anyone? Space is limited. Register here. Register at



Thursday, July 27 | 12:00-13:00pm | Banyan C

Join your ISSA friends and colleagues for a members' lunch courtesy of ISSA International. Lunch will take place Thursday, July 27 from 12:00pm - 1:00pm in Room Banyan C on Level 3.
Space is limited. Don't forget to stop by the ISSA booth #BB6 in the Business Hall, Level 2.



Thursday, July 27 | 13:00-14:30pm | Banyan B

The Executive Women's Forum on Information Security, Privacy & Risk Management invites all women attending Black Hat USA 2017 to our Meet & Greet on July 27, 2017 in Banyan B, Mandalay Bay from 1:00pm - 2:30pm.
Join us for a fun, relaxed, professional get together. Engage and connect with the most dynamic personalities - the women in Information Security who make it happen. Participate in discussions and get to know each over light refreshments. Don't forget to stop by the EWF Booth #BB2, Mandalay Bay, Business Hall, Level 2. More Information >>



Thursday, July 27 / 19:00 / 1923 Bourbon Bar, Mandalay Bay Hotel

Join Core Security for our Prohibition Party on July 27th at 7:00 p.m. taking place at the 1923 Bourbon Bar. Be sure to pre-register and bring your badge to the event!

Register at


We are currently seeking sponsors to both help drive and take part in the conversation.

By joining this conversation, you and your company will help define the Thought Leadership discussion points that we will make during our coverage, reinforcing your Brand Credibility and expanding your Brand Exposure by receiving all of the benefits offered by ITSPmagazine's platform both pre- and post-event.

Follow ITSPmagazine On LinkedIn

Jump in on the conversation to maximize your networking opportunities at the event!




News • Articles • Blogs • Press • Interviews • Podcast • Pictures • Videos • Recap

Thank you for visiting ITSPmagazine's Black Hat USA 2017 News & Event Coverage