Its a wrap! The 26th year of Black Hat USA (Aug 5-10, 2023), and Def Con 2023, was jam-packed with trainings, briefings, vendors sessions, and more. This blog post will take a look at some of the biggest discussions, issues, announcements, and happenings during the pair of events that occurred, as always, in Las Vegas, Nevada.
This year's event ended just a month before one of the largest ransomware attacks in history occurred at MGM Resort in Las Vegas - with more than $100m losses reported.
Watch the official Black Hat USA 2023 Highlights video to get a quick recap of the event
Highlights from Black Hat 2023
Large Language Models (LLM) seemed to permeate the event this year - not unlike Google Cloud Next 23, RSA Conference 2023, and the rest of the tech world during the past year since the widespread release of ChatGPT. Perhaps the best use of LLMs at Black Hat was IRonMAN: InterpRetable Incident Inspector Based ON Large-Scale Language Model and Association miNing from the team at CyCraft Technology. In this talk, the team showed how LLMs can help with events coming from the command-line which are particularly challenging because of obfuscation (such as with regular expressions), words having multiple meanings, multiple words having the same meaning, and other peculiarities of natural language - which LLMs are especially good at solving for.
This year's keynote, by Maria Markstedter, founder of Azeria Labs. was titled "Guardians of the AI Era: Navigating the Cybersecurity Landscape of Tomorrow". The talk was focused on the challenges and transformation happening in the security industry created by the rise of Generative AI.
Black Hat and DEF CON founder Jeff Moss, along with DARPA, announced the AI Cyber Challenge (AIxCC) - "a two-year competition aimed at driving innovation at the nexus of AI and cybersecurity to create a new generation of cybersecurity tools." The finals and semifinals for the competition will be held at Black Hat 2024 and 2025. The top 5 teams in the semifinal will be awarded $2 million each, while the top 3 winners in the final will be awarded $4 million, $3 million and $1.5 million.
The conflict in Ukraine, a hot topic at Black Hat 2022, was once again a center stage as CISA director Jen Easterly presented on the lessons learned from cyberwar. The presentation "Phoenix Soaring: What We Can Learn from Ukraine’s Cyber Defenders about Building a More Resilient Future" warned of the likelihood of cyberattacks occurring in America, similar to those happening against Ukraine.
Highlights from DEF CON 2023
For the first time ever, the Wall of Sheep included a live feed of the location of individuals who were leaking data. According to Politico, by Friday afternoon "there were at least 2,000 sheep at DEF CON, per the floor-to-ceiling projection." The ever-popular Wall of Sheep is a live interactive board of Def Con attendees who have had their username and password exposed while at the event.
Congratulations go to Carnegie Mellon’s Plaid Parliament of Pwning (PPP), the winningest hacking team in Def Con's Capture the Flag (CTF) competition as it took its 7th victory over the past 11 years.
The Generative Red Team (GRT) Challenge was at AI Village was the largest-ever public challenge to find bugs in LLMs like ChatGPT. This event was supported by the White House Office of Science, Technology, and Policy, the National Science Foundation’s Computer and Information Science and Engineering (CISE) Directorate, and the Congressional AI Caucus.
Watch this interview with Kellee Wicker, Director of the Science and Technology Innovation Program at the Wilson Center, to get a unique take on the event.
Don't miss Coffee Talk with SURGe, broadcast live from Las Vegas with Splunkers Ryan Kovar, Shannon Davis, and Audra Streetman
Photos from Black Hat
Check out some of our favorite photos from the event below. See more on Flickr.
Black Hat USA 2024
Black Hat USA is coming back to the Mandalay Bay Convention Center in Las Vegas on August 3-8, 2024. You can already sign up to get hotel information as soon as its available.
Def Con 33
Def Con 33 is set to take place August 7-10, 2024 in Las Vegas.
This posting does not necessarily represent Splunk's position, strategies or opinion.
Stephen Watts works in growth marketing at Splunk. Stephen holds a degree in Philosophy from Auburn University and is an MSIS candidate at UC Denver. He contributes to a variety of publications including CIO.com, Search Engine Journal, ITSM.Tools, IT Chronicles, DZone, and CompTIA.
Understand time series forecasting — a way to or predict behaviors based on historical, timestamped data — with anomaly detection to prevent IT problems.
Don’t be confused! Data science and data analytics are different concepts. Learn all about it here, so you’ll know exactly how they can work together.
About Splunk
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.