Webinars

Security news doesn't always wait for conference season. That's the guiding principle behind Black Hat Webinars – a regular series of live web events focusing on what's hot in Information Security. Each month, we'll bring together Black Hat speakers, independent researchers and leading experts to discuss relevant topics in security and give you a chance to ask questions live.

If you have a subject you'd like to see addressed, or you've seen a presentation at one of our events that you think the wider public would benefit from, drop us a line at feedback (at) blackhat (dot) com.

Interested in the opportunity to sponsor an episode of Black Hat Webinars? Click here for details

Continuing Professional Education (CPEs)

ISC2-certified professionals can earn 1 CPE credit for each live webinar attended.

Black Hat will report your credit to ISC2 within 30 days following the live webinar.

To receive credit:

Provide your ISC2 member number during registration
Attend the live webinar

Please note that CPE credits are not available for on-demand viewing.

For questions about credits for webinar registrants, e-mail cfp@blackhat.com.

2026
2025
2024
- December 19 Splitting the Email Atom: Exploiting Parsers to Bypass Access Controls
- December 5 AI: Now Smarter Than Hackers, But Still Confused by Cats
- November 21 Microarchitecture Vulnerabilities: Past, Present, and Future
- November 14 Securing AI: A Practical Guide to AI Threats and Mitigation Strategies
- October 31 Unlock Cyber Mastery: Erase Vulnerabilities, Build Resilience
- October 24 Get the Low-Down on Trends in Application Security
- October 17 Elevate Your Security Analytics with LLMS
- September 12 Unsolved Problems in Application Security
- September 5 Defeating the Dangers of a Data Breach: Top Strategies to Get Your Organization Ahead of a Data Security Incident
- August 15 The AI-Powered SOC: Transforming Cybersecurity Defense
- July 18 Building Security from Within: Empowering Software Teams for Cyber Resilience
- July 11 EDR = Erase Data Remotely, By Cooking An Unforgettable (Byte) Signature Dish
- June 27 Top 5 Steps For Securing LLMs and Critical Data
- June 20 VoBERT: Unstable Log Sequence Anomaly Detection: Introducing Vocabulary-Free BERT
- June 6 Third-Party Risk and Strategies for its Mitigation: How Threat Intel Can Help
- May 23 A Modern Kill Chain Case Study: The CryptoChameleon Phishing Kit
- May 16 A Pain in the NAS: Exploiting Cloud Connectivity to PWN Your NAS
- May 9 Unveiling Security Risks in Public Large Language Models
- April 25 Protect Your Attack Vectors From Emerging Threats
- April 18 Navigating the Cloud: Mitigating Vulnerabilities, Misconfigurations, and Risks
- April 4 How I Learned to Stop Worrying and Build a Modern Detection & Response Program
- March 26 Why a G2000 Firm Implemented CDR for Its Next-Generation SOC
- March 21 Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations
- March 14 Perspectives on AI, Hype and Security
- March 7 Using AI in Cyber Defenses
- February 29 SIEM Migration: Breaking Up is Hard to Do
- February 27 Live Hack: Exploiting AI-Generated Code with Snyk
- February 22 How Top Cybersecurity Experts Predict Threats and Navigate Risk
- February 15 I Watched You Roll the Die: Unparalleled RDP Monitoring Reveal Attackers' Tradecraft
- February 8 The CISO Perspective: Proactive Security in 2024
- January 30 Protect Unstructured Data at Petabyte Scale with Rubrik and AWS
- January 18 The Evolution of AI, ML and Gen AI in Identity Products and Solutions
- January 11 How Top Cybersecurity Experts Predict Threats and Navigate Risk
2023
- December 12 Multi-Cloud Detection and Incident Response: Practical Lessons from a Fortune 500 Security Leader
- November 30 Outsmarting the Bots: Lessons Learned from reCAPTCHA Enterprise Customers
- November 16 AI Hallucinations and Manipulation: How to Use AI Coding Tools Securely
- November 9 State of Secure Identities 2023
- November 2 MaginotDNS: Attacking the Boundary of DNS Caching Protection
- October 19 AI to Enable AI – Step Up to the Growing Data Security Challenge with an Automated Approach
- October 12 Better Together: The Combined Power of CAASM and SSPM
- October 5 Least Privilege in the Multi Cloud: Innovating Without Giving Everyone Access
- September 28 A CISO’s Perspective on Improving SecOps Effectiveness
- September 21 Stories from the Front Line: New L7 DDoS Attacks
- September 14 LOLBAS Odyssey: Tracing the Path of Finding Hidden Gems in Executables
- September 7 Fight fraud and bots with reCAPTCHA Enterprise
- August 31 Certificates and Revocation in a Hybrid Environment
- August 24 Reducing Silos Between Developers and AppSec in Your Software Supply Chain
- August 17 Network Security Attacks: Dismantling DDoS - Lessons in Scaling
- July 27 BYOI (Bring your own Identity) the Hybrid Approach
- July 26 Level Up Your Cloud Incident Response Game
- July 13 Unpacking Supply Chain & Cloud Security Risks
- June 29 Scaling the Security Researcher to Eliminate OSS Vulnerabilities Once and For All
- June 15 Cloud Native Security Risk
- June 8 How Asurion Escaped the “Fix Every Vulnerability” Hamster Wheel
- June 1 Transform Enterprise Security with Enterprise-wide Collaboration and Visibility
- May 25 Proactive Application Security: Why Shifting Left and Developing Clean Code are Fundamental to Application Security
- May 18 Securing the Software Supply Chain: Discovering and Monitoring the Component Parts
- May 4 Top 5 2023 Challenges Keeping Senior IT Decision Makers up at Night
- April 27 No Pets Allowed - Mastering the Basics of Cloud Infrastructure
- April 20 Web3 Security for the Enterprise
- April 6 Insights From the 2023 State of Cloud Threat Detection and Response Report
- March 23 Mastering Pragmatic Cloud Governance
- March 16 Discovering Sensitive Data Flows in Applications: A Code Scanning Approach
- March 9 The Power of Prioritization. Prioritize Your Most Vulnerable Assets, Before Threats Find Them for You
- February 23 Syns of Omission
- February 9 Drive Cyber Resilience with Enterprise Case Management
- January 26 Better Privacy Through Offense: How to Build a Privacy Red Team
2022
- December 14 Exploiting Vulnerabilities in Your Container Workloads with AWS
- November 10 Backdooring and Hijacking Azure AD Accounts by Abusing External Identities
- October 27 SOC Modernization: Where Do We Go from Here?
- October 13 New Memory Forensics Techniques to Defeat Device Monitoring Malware
- September 15 Securing Public Data: A High Stakes Game
- September 1 How to Save Your Data from Ransomware
- August 18 An Inside Look at Defending the Black Hat Network
- July 14 InfoSec Lessons from the War in Ukraine
- June 30 Managing Cybersecurity as a Business Risk
- May 19 Crowdsourced Security and DevOps: A Few Things You Probably Didn't Know
- March 24 The Four Pillars of Your Cloud Defensive Foundation
- March 10 Identity is the New Perimeter
- February 24 Inside the Cyber Safety Review Board: A Fireside Chat with Jeff Moss, Chair Rob Silvers and Deputy Chair Heather Adkins
- January 27 SBOM, log4j, and the Future of Transparency in the Software Supply Chain
2021
2020
- December 17 What Got Us Here (May) Get Us There: 2021 Potential Trends From Over a Decade of DBIR Reporting
- December 3 Stopping Snake Oil with Smaller Healthcare Providers: Addressing Security with Actionable Plans and Maximum Value
- November 19 Practical Threat Hunting: Straight Facts and Substantial Impacts
- October 29 HTTP Request Smuggling in 2020
- October 15 Virtually Private Networks
- October 1 AbuseOps: Low Value Indicators for High Value Decisions
- September 17 Abusing Wi-Fi Beacons and Detecting & Preventing Attacks
- September 3 GCP Lateral Movement and Privileged Escalation Spill Over and Updates from Google
- August 20 First Contact - Vulnerabilities in Contactless Payments
- July 30 Understanding and Disrupting Offensive Innovations
- July 16 4 IoT Systems, 4 Threat Modelling Failures
- July 7 How Attackers Confuse Investigators with Cyber False Flag Attacks
- June 18 Pragmatic DevSecOps: Cloud Edition
- June 4 A Surprise Trip to Zero-Trust Land
- May 21 Attacking and Defending a Distributed Workforce
- May 7 Stalkerware: Solutions for Mitigating its Impact on Privacy and Security
- April 16 Hacking in the Public Interest
- March 19 Proactive Defense using Threat Hunting
- February 20 You May be Smarter than You Think: Thoughts on Applying Threat Intelligence in Practice
- January 23 Automated Threat Detection and Response
2019
- December 18 Instilling Cyber Hygiene Among Users and Creating a Culture of Cyber Safety
- November 21 MITRE ATT&CK: The Play at Home Edition
- October 15 Leveraging Red for Defense
- September 19 Ransomware Network Behavior and Defense
- August 22 Backdooring Hardware Devices by Injecting Malicious Payloads on Microcontrollers
- July 18 BLEEDINGBIT: Your APs Belong To Us
- June 20 Don't let your mainframe passwords be the weakest link in your enterprise
- May 16 The importance of logs: You won't see what you don't log^Waudit
- April 18 Securing Active Directory Administration
- March 21 Now is the Time for Cyber Deception
- February 21 How to Create Public Confidence in Election Systems
- January 24 Open Sesame: Picking Locks with Cortana
2018
- December 13 Cybersecurity 2018: Looking Back, Looking Ahead, or Just Looking Around?
- November 29 Two-Factor Authentication, Usable or Not? A Two-Phase Usability Study of the FIDO U2F Security Key
- October 25 Catch me, Yes we can! - Pwning Social Engineers Using Natural Language Processing Techniques in Email & Non-Email Attacks
- September 27 Dissecting Non-Malicious Artifacts: One IP at a Time
- August 23 Intelligent Security Automation
- July 19 & July 20 Cryptojacking Meets IoT
- June 21 Insider 35P10N463
- May 17 Active Directory Delegation Dissected
- April 26 Toxic Waste Removal for Active Directory: Quickly Identifying and Safely Removing Dangerous Legacy Permissions
- March 29 Incorporating Human Vulnerability Assessments into your Threat Assessment Model
- February 15 Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev
- January 18 Using Red Teams for So Much More
2017
- December 14 2017's Year of Infections, featuring The Grugq
- November 16 Abusing Chrome Extensions to Form a Bot Net
- October 19 Using SDN and NFV to Realize a Scalable and Resilient Omni-Present Firewall
- October 5 Scaling Security Operations: Securing DevOps and Automating SecOps
- September 21 Mobile Privacy in 2025
- August 24 Securely Implementing Network Protocols: Detecting and Preventing Logical Flaws
- July 20 Mitigating and Responding to Ransomware: From Initial Pwnage to BitCoin Shortage
- June 15 Continuous WebAppSec: Be Lean and Mean - to Your Code
- May 18 Every Cloud has a Silver Lining
- Apr 20 Getting Cyber Defensible | Breaches are Certain, Impact is Not
- Mar 16 What is That Email "Really" Telling Me
- Feb 16 On Attribution, An On-Going Discussion
- Jan 19 This Could Happen to You: Reasons for Clicking on Ransomware-Infected Links and Attachments
2016
2015
2014
2013
- Dec 19 2013: The InfoSec Year in Review
- Dec 5 Abusing Web APIs: The Mobile and Server Side Dilemma for the Enterprise
- Nov 21 Data Driven Web Application Security
- July 18 Hacking Appliances: Ironic exploits in security products
- June 20 Top Ten Web Defenses
- Apr 18 A Tale of Mobile Threats
- Feb 21 Accelerating the Analyst Workflow
- Jan 17 Hack.me : There's a Vulnerable Web App for That!
2012
- Dec 20 Another Year In Web Security—What Did 2012 Teach Us About Surviving 2013?
- Nov 15 Getting the Cyber Future We Want, Not the One We Deserve
- Oct 18 Defensive Tools Workshop
- Sept 20 Attack Tools Workshop
- Aug 16 Black Hat USA 2012 Wrap Up
- July 12 Black Hat USA 2012 Track Chair Preview
- June 14 Network Forensics: Uncovering Secrets of Mobile Applications
- May 17 Making Life Difficult for Malware
- April 19 A Journey into the Privacy and Security Risks of a Cloud Computing Service
- March 15 Showcase Showdown: Browser Security Edition
- February 23 Towards Classification of Polymorphic Malware
- January 19 Faces of Facebook: Privacy in the Age of Augmented Reality
2011
- December 8 The State of Security Vulnerabilities in 2011
- November 17 Abu Dhabi Preview: Force Multipliers on the Modern Battlefield
- October 27 Challenges and Results in Automatic Malware Analysis and Classification
- October 13 Workshop: A Taste of the Latest Samurai-WTF DVD
- September 28 Digital Forensics, "what is the meaning of this"
- September 21 Beyond files undeleting: OWADE
- August 25 Black Hat USA Wrap
- July 14 Black Hat USA 2011 Preview
- June 23 Android Security Overview, Threats, and Best Practices
- June 1 PlayStation Network Attack Vectors Expanded
- May HTTP Parameter Pollution Vulnerabilities in Web Applications
- April Privacy on the Internet
- February Gangsterware — Stealth Shield of the Malware
2010
- December Attacking with HTML5
- October Building the Best Free HUD
- September Expanding Compliance to Critical Infrastructure
- August Black Hat USA Wrap Up
- June Black Hat USA Preview
- May Cloud Security
- April Windows 7 Security
- March Auditing/Assessment
- February 25 Security Starts at the Beginning – Part 2
- February 18 Exploiting Lawful Intercept
- January Security Development Lifecycle
2009
- December Trends & Tactics in Malware
- October New Frontiers in Forensics
- September Privacy/Anonymity
- August Black Hat USA Wrap-Up
- June Black Hat USA Sneak Peek
- May Mobility + Security
- March Black Hat Europe '09 Sneak Preview
- February Rich Internet Application Security
- January OS X Security
2008

Upcoming Events

Blog

View all Blog posts

Stay Connected

Sign up to receive information about upcoming Black Hat events including Briefings, Trainings, speakers, and important event updates.

Webinars

Continuing Professional Education (CPEs)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

Upcoming Events

Blog

Stay Connected

Review Board

Training Review Board