We’ll be at Black Hat! If you’d like to meet the CounterCraft team in Las Vegas, please send us an email.

After an all-virtual 2020 conference, Black Hat USA 2021 will be held from July 31 to August 5 in a hybrid format, with a mixture of virtual and its usual live, in-person event in Las Vegas. The conference is made up of two parts: it opens with Virtual Training sessions and concludes with the two-day main conference.

The Virtual Training sessions, July 31- August 3, are a collection of two- and four-day classes with experts in the field. Subjects range from Reverse Engineering with Ghidra to Container Security. Some of the sessions are already full, so check out the complete list here to see available trainings.

Read on to find out what our team is most excited to see at Black Hat 2021:

Ransomware. Duh!

Ransomware, ransomware everywhere!

Both security firms and researchers will be focused on ransomware as 2021 has only proven that it isn’t going anywhere. Recorded Future just reported that the BlackMatter group is now targeting companies with over 100M in revenue.

We’ll see more research on effective controls in infrastructure all the way to MFA in regards to ransomware. And, unfortunately, we’ll see too many security vendors that will be explaining how their new product line/feature will protect your organization with a silver bullet. There’s even a Ransomware Response Boot Camp on offer!

Zero trust solutions

From the pits of the exhibit hall this year, you’ll see newer Zero Trust companies and solutions. This is a bit exciting—though zero trust has been a buzzword for several years now, sustainable solutions are coming to market that are eliminating transitive trust and actively verifying devices. There will be excitement around operationalizing and adopting zero-trust long term.

Cloud security

So you were promised that moving to the cloud will solve all your problems, right? Well, looks like cloud attacks have only increased. Look for more research topics on how cloud services are being manipulated, identity access vulnerabilities, and flaws with multi-tenancy, like this briefing on cross account AWS vulnerabilities or this one on bridging security infrastructure between the data center and the cloud.

Interesting events

Next-Gen DFIR: Mass Exploits & Supplier Compromise: We’re excited about this fast-paced talkthrough of recent mass exploits by Sherri Davidoff and Matt Durrin, which will shed light on the recent news and offer practical strategies for adapting your DFIR response best practices to reflect today’s increasingly interconnected threat landscape. Wednesday, August 4 | 1:30pm-2:10pm

Military Strategy and Tactics for Cyber Security: This course for security professionals applies military concepts to defending private enterprise. Principles such as Active Defense and Defend Forward have value across all industries. August 2-3

Adversary Tactics – Detection: Security analysts and blue teamers that want to effectively hunt in enterprise networks should take a look at this course. It starts from the assumption that breaches will happen and then focuses on understanding what comes next, which allows high-quality alerts to be produced and lateral movement and privilege escalation to be detected using attacker TTPs and open source data collection and analysis tools. July 31 – August 3

And, of course, DEF CON

DEF CON, the world’s longest-running and largest underground hacking conference, is where the fun really begins. Started in 1992, it always comes right after Black Hat and is geared to a more operational and technical audience. This year, DEF CON runs from August 5-8, and will be a fascinating gathering of the most edgy, forward-thinking minds in hacking and cybersecurity.

Other Notable Events

Along with these events, be sure to take note of the following:

You can find the complete list of Black Hat briefings here.

We’ll be at Black Hat! If you’d like to meet the CounterCraft team in Las Vegas, please send us an email.