Black Hat 2019 — A Value Added Reseller's Playground
By Brad Bussie, Trace3
What comes to mind when you see a mention of Black Hat? To some, a black hat still means a hacker that is skilled at breaking into systems, networks, and data. In the United States, the phrase has become synonymous with the annual hacker conference of the same name, which recently wrapped up in Vegas.
In the eyes of a value-added reseller (VAR), what benefit can the Black Hat security conference provide? Forget for a moment the chatter about Black Hat becoming commercialized or selling out to the security market and venture capitalists. Instead, let us take an inside view of the benefits that Black Hat provides for VARs that focus on security solutions.
Training
The trainings available at Black Hat this year were some of the show’s best offerings. There were numerous tracks and skill levels that offered a wide range of teaching from some of the industry’s best practitioners. The classes were well accompanied by resources and what exactly a student will know after participating in the training.
These training classes are a great way to keep any VAR up to date on cybersecurity by providing excellent real-world practical skills to benefit customers. Black Hat 2019 had many popular trainings, but some of the standouts focused on:
- Red Team
- Blue Team
- Purple Team
- Vulnerability Management
- DevSecOps
- Cloud Security
Briefings
Wednesday and Thursday at Black Hat are when the large briefings take place. The keynotes in 2019 lit up the stage by highlighting how every security team is now also a software team. The briefings provide a good way of getting a pulse on how others in the industry are solving cybersecurity problems. The presentations are designed to be thought-provoking as well as informative – with a nominal amount of “we are all doomed” sprinkled in for effect. With all the various options for briefings, attendees were given similar choices from the training topics like:
- Data Forensics
- Internet of Things
- Network Defense
Ultimately, the briefings shined a light on emerging threats that you should encourage your customers to protect themselves from – by best leveraging your unique services and up-to-date knowledge.
Arsenal
Arsenal at Black Hat is awesome. Arsenal provides live tool demonstrations in an open, conversational environment where presenters interact with attendees to provide a hands-on experience.
Imagine, cutting edge open source research into vulnerabilities, tools, and products – all in one place. The presentations are up close and personal with an open-air market feel where anyone can wander in and ask questions of some of the brightest minds at Black Hat. Arsenal is inside the show floor and the noise can be somewhat deafening, but the physical partitions in 2019 helped with the noise. A VAR can benefit greatly from the open source and crowdsourced feel of Arsenal to help measure how mainstream commercial security is stacking up against the masses. There was a great deal of discussion regarding:
- Bluekeep
- Intel Vulnerabilities
- Router Exploits
Black Hat 2019 Summary
The Black Hat Conference shined in 2019. The security talent gathered in one place was only rivaled by the RSA Conference. Getting to see some of the most notorious hackers from years past step into the light with real names instead of aliases was like a passing of the baton. Between the trainings, briefings, and Arsenal – there was an amazing amount of content to consume. The show floor appeared to go on as far as the eye could see.
As a VAR at Black Hat, taking advantage of seeing the products, services, and partners your organization resells is time well spent. Imagine the opportunity to influence founders, product managers, and engineers that are the ones shaping the product roadmap your customers benefit from. The Black Hat Conference is a unique and exciting event well worth the investment for any VAR in security.
About The Author
Brad Bussie is the Managing Director of Security at Trace3. He is an award winning 15-year veteran of the information security industry. He holds an undergraduate degree in information systems security and an MBA in technology management. Brad has spoken at industry events around the globe and has helped commercial, federal, intelligence, and DoD customers solve complex security issues.