Looking Back at Black Hat 2023

Coalfire Cyber Security Team

August 30, 2023
Blog Images 2023 Coalfire Main Image Blog Looking Back At Black Hat 800x420 FINAL

From AI to the evolving threat landscape, Black Hat 2023 spotlighted the security industry’s latest and greatest innovations.

Key takeaways:

  • Generative AI was at the forefront of Black Hat conversations.
  • Given the speed and scale at which the threat landscape is evolving, shifting to a continuous pen testing mindset is paramount for successfully preventing and countering cyberattacks.
  • Coalfire launched Hexeon, a comprehensive offensive security SaaS solution designed to bring together the best of human intelligence and automation for a successful, threat-informed defense.

Black Hat, the most established and in-depth cybersecurity event in the industry, concluded its 2023 in-person event in Las Vegas, NV, earlier this month. Bringing together nearly 20,000 professionals and over 440 of the industry’s top organizations, the event showcased the latest approaches and innovations to help address the most pressing cybersecurity threats facing our world today. Some of the themes that stood out were:

Generative AI

Similar to RSA earlier this year, artificial intelligence took center stage at Black Hat – not only for its promise of enabling improved outcomes, intelligence, and efficiencies, but also for the countless unknowns in terms of how it could be used by threat actors to develop increasingly sophisticated and scalable attacks.

In the event’s keynote speech, Maria Markstedter, founder of Azeria Labs, noted that “AI systems and their use cases and capabilities are becoming more powerful … we need to take the possibility of autonomous AI agents becoming a reality within our enterprise seriously.” She continued, “We need to rethink our concepts of identity access management in a world of truly autonomous systems having access to our apps.”

Disruptive technologies like AI can bring a sense of possibility, however, it’s often mixed with a healthy dash of uncertainty. The industry is still in the early stages of understanding how to navigate this uncharted territory, and it’s imperative for organizations to safely architect AI in their cybersecurity programs.

Paradigm shift: From one-time to all the time

The prevalent mindset in today’s organizations is to rely on point-in-time penetration testing to identify and address vulnerabilities. As you can imagine, this only provides a single snapshot of the area tested, which can be misleading given the speed and scale at which the threat landscape is evolving given emerging technologies.

As such, a fundamental shift in mindset is needed by organizations to truly be effective – from a single point in time to a continuous model for identifying and tracking risks throughout the vulnerability management lifecycle.

Enter: Hexeon, Coalfire’s groundbreaking offensive security platform.

Announced at Black Hat, Hexeon is a comprehensive offensive security SaaS solution designed to bring together the best of human intelligence and automation to provide actionable insights into these ever-evolving threats and vulnerabilities, allowing cyber leaders to prioritize remediation and fortify operational resilience.

Offensive security experts ran live Hexeon demos

Based on Coalfire analysis of more than 800 penetration tests, the shift away from point-in-time testing looks to be growing roots across some organizations – security leaders are treating penetration testing less and less as an ancillary validation tool supporting annual compliance audits, and more as a critical activity to improve an organization’s ability to defend, detect, and respond to relevant, real-world threats.

You can read more about these trends and more in our upcoming 5th Annual Penetration Risk Report, set to release in mid-September (or, if you can’t wait, here is a sneak peek at the top findings).

Coalfire'S booth at Black Hat 2023

We were thrilled to be at Black Hat for the 12th year in a row! In addition to the Hexeon launch and live demos, large crowds stopped by the Coalfire booth to try their hand at our annual lock picking challenge. Coalfire pen test experts were onsite to teach eager attendees how to break into padlocks and bypass door latches.

I used a lock demo device to visually show attendees the components of a padlock

The booth was packed from the opening hour to the closing announcement. It was amazing to meet so many people excited about Pen Testing and Physical Red Teaming!

Attendees learning and practicing lock picking

From presenting our unique portfolio of offensive security services and demoing Hexeon, to training future hackers and sharing new pen test research, we had an absolute blast spending time with the hacking community at Black Hat. See you next year!

Members of the Coalfire team posing at the booth