Black Hat USA: Five Highlights from the Top InfoSec Summit of the Year


The yearly event for the security industry offers top security professionals a platform to share innovative ideas and works, as well as a chance to network with thousands of InfoSec experts. Besides, the convention also makes a number of fresh announcements and product debuts each year. At Spiceworks, we are going through this year’s top highlights.

The Black Hat USA InfoSec conference is back at the Mandalay Bay Convention Center in Las Vegas, Nevada, after a successful hybrid event in 2021 that drew more than 6,000 in-person and more than 14,500 online participants. The venerable hacker conference’s 25th anniversary boasts a strong roster, covering themes such as firmware and hardware hacking, zero-day malware discoveries, the most recent APT research, and more.

For a prestigious event like Black Hat that hosts so many industry inventions, announcements, and insights from the who’s who, picking the top highlights is certainly a challenge. Nevertheless, Spiceworks News & Insights kept a close eye on what transpired at the two-day conference and picked this year’s top five Black Hat moments. Let’s take a look.

Top Five Highlights From Black Hat 2022

OPSWAT’s new malware analysis capabilities

OPSWAT introduced innovative malware analysis tools for IT and OT at the conference. These improvements include support for third-party open-source tools in its MetaDefender Malware Analyzer product and OPSWAT Sandbox for OT to detect harmful communications on OT network protocols.

“There is no better time and place than Black Hat to launch these new enhancements for OPSWAT MetaDefender Malware Analyzer.”

– Yiyi Miao, senior vice president, products, OPSWAT

“Not only are we showcasing our heavy investment in R&D for our products, but through better malware analysis for OT, we are furthering our mission of protecting critical infrastructure. We’re excited about thousands of industry-leading InfoSec professionals being the first to see these new capabilities and understand how we can help protect their critical environments.”

The OPSWAT MetaDefender Malware Analyzer gives malware analysis teams the power to quickly comprehend malware tactics, techniques, and procedures (TTP) primarily targeting OT environments by mapping malware found via OPSWAT Sandbox to the MITRE ATT&CK industrial control systems (ICS) framework.

This adherence to a standard security vocabulary about cyberattacks directed at ICS/OT settings also aids in bridging the communication gaps between OT and IT security teams.

See More: Black Hat USA: Supply Chain Security Remains a Key Puzzle That’s Tough to Crack

Nozomi discovers flaws in UWB radio systems

Nozomi Network Labs’ cybersecurity experts have revealed zero-day vulnerabilities and other flaws in Ultra-wideband (UWB) radio systems. If abused, the flaw might provide a hacker complete access to any confidential location data sent over the air.

In a recent analysis, Nozomi evaluated two well-known UWB Real Time Locating Systems (RTLS) that are currently on the market and showed how an attacker could use RTLS to locate and target people and objects, launch a Man-in-the-Middle (MitM) attack, impeded safety geofencing rules, and hindered COVID-19 contact tracing.

The experts at Nozomi also provided crucial stepsOpens a new window that businesses might take to help reduce these risks and put in place a secure wireless network architecture in a comparative study.

Checkmarx’s new API security solution

Checkmarx, a provider of developer-focused application security testing (AST) solutions, announced the availability of Checkmarx API Security, a “shift-left” API security solution. Checkmarx API Security is delivered as part of the application security platform Checkmarx One. The developer workflow-oriented solution inventories even shadow and zombie APIs as part of the most comprehensive inventory and remediation solution available to secure the entire API lifecycle.

Checkmarx API Security tackles security concerns early in the software development lifecycle (SDLC), whereas other API security products can only find APIs deployed in production.

“Modern application development is increasingly dependent on APIs, which are notoriously difficult to document. Often the only place that a given API’s documentation exists is on the developer’s laptop,” said Checkmarx CEO Emmanuel Benzaquen. 

“Our global enterprise customers are focusing on the transition to cloud-native application development, yet their tools have only been able to address part of the API challenge that cloud-native development imposes. The Checkmarx goal is to secure every component of every application in a way that keeps developers productive and simplifies processes for AppSec leaders, thereby keeping their organizations agile, secure and competitive.”

See More: Advanced XDR: Lifting Security Operations to the Next Level

SentinelOne partners with Armis for asset intelligence & unveils XDR Ingest

Intending to deliver unified asset intelligence, SentinelOne has announcedOpens a new window a new cooperation with Armis. With this partnership, the firm hopes to safeguard organizations against contemporary threats while providing unrivaled visibility and risk mitigation across endpoints, the cloud, mobile, IoT, OT devices, and more.

“When it comes to security operations, context, visibility, and coverage are absolutely vital in reducing your attack surface, even as networks become more complex. We’re proud to say that this partnership will help mitigate the unique challenges of asset visibility and control, particularly in the healthcare, manufacturing, and critical infrastructure verticals,” the company said.

To further democratize XDR, SentinelOne has introduced XDR Ingest. Customers may ingest, retain, correlate, search, and act on any business security data from any source using the infinite data platform XDR Ingest offered in real-time and historical search.

XDR Ingest balances the expense of log storage and eliminates pointless data duplication when used in conjunction with Singularity XDR. XDR Ingest will assist enterprises in overcoming the expenses and restrictions of conventional SIEM and log management technologies as they continue to advance their XDR initiatives.

Cybereason launches MDR Mobile App

Cybereason, the XDR company, launched the Cybereason managed detection and response (MDR) mobile app that enables defenders with the power of a security operations center (SOC) at their fingertips. Defenders may further decrease the mean time to remediation by stopping the lateral movement of an attack using the Cybereason MDR Mobile App, which they can access from their mobile device.

Customers using the app will be able to see specific information about ongoing MalOps, how those operations translate to the MITRE ATT&CK framework, and the threat level’s criticality.

The app’s features include:

  • Visibility into detections and active MalOps to better understand the scope of an attack and how they align to the MITRE ATT&CK Framework.
  • Anytime access to dashboards and the ability to initiate responses from any mobile device.
  • Quickly identify and isolate compromised machines in order to remediate and minimize downtime and workflow disruptions.
  • Constant contact with the Cybereason Global SOC to immediately address potential threats.
  • Remotely initiate response actions with confidence.
  • Access reports and industry news to stay abreast of the latest tactics, techniques and procedures used by nation-state threat actors and cybercriminal ransomware gangs.

Cybereason MDR Mobile App will be available later this month in the Google Play and Apple App Store, supporting both Android and iOS devices.

Which announcement from Black Hat USA did you find the most interesting? Let us know on LinkedInOpens a new window , Facebook,Opens a new window and TwitterOpens a new window . We would love to hear from you!