Register Now
August 3 - 8, 2019
Mandalay Bay / Las Vegas

On This Page

Micro Summits

This year Black Hat is introducing Micro Summits. Black Hat Micro Summits are designed to foster education and collaboration on focused topics that have wide applicability to the Information Security industry. Leading experts will share their insights on key topics and enable attendees to connect with fellow attendees, speakers, and industry leaders to better understand critical issues and solutions.

Each Micro Summit is a half day program combining subject matter expertise and networking opportunities. All day attendance is not required. Micro Summits take place during Briefings. Attendees can easily participate in both programs. No pre-registration required.

A Black Hat Briefings pass is required to attend

Cyber Insurance

Wednesday, August 7, 1:30 - 5:00 PM

Mandalay Bay CD, Level 2

Cyber liability insurance, like it or not, already has and will continue to have a profound impact on the entire Information Security industry. Everyone in the industry will be affected because no matter how many resources an organization invests in various security controls, there will always be latent risk of breach and financial loss. That’s one of the main reasons why organizations find it attractive to transfer their risk to an insurance carrier. As these business decisions are made it becomes vital for InfoSec pros to become familiar with cyber-insurance policies in what they cover and don’t cover; how claims are made, which are paid vs denied, how the incident response process may be altered; and how carriers influence what security controls their clients implement.

Learn More

Jeremiah Grossman

Summit Chair

Jeremiah Grossman

×

Black Hat Review Board; Founder & CEO of Bit Discovery, Chief of Security Strategy (SentinelOne), Professional Hacker, Black Belt in Brazilian Jiu-Jitsu, and Founder of WhiteHat Security

Jeremiah Grossman's career spans nearly 20 years and has lived a literal lifetime in computer security to become one of the industry's biggest names. He has received a number of industry awards, been publicly thanked by Microsoft, Mozilla, Google, Facebook, and many others for his security research. Jeremiah has written hundreds of articles and white papers. As an industry veteran, he has been featured in hundreds of media outlets around the world. Jeremiah has been a guest speaker on six continents at hundreds of events including and many top universities. All of this was after Jeremiah served as an information security officer at Yahoo!

Bug Bounty

Thursday, August 8, 9:45 AM - 1:00 PM

Mandalay Bay CD, Level 2

Thinking about launching a bug bounty program? Already have a bug bounty program and interested in best practices to make it more effective? Drop into the Bug Bounty micro-summit to learn strategies, best practices and lessons learned for setting up and running an effective bounty program that protects your customers and improves your product quality! Engage with industry experts on topics including:

  • Why to host a private bounty instead of a public bounty
  • How to write a great bounty brief
  • Common Pitfalls and how to avoid them
  • Keeping it legal - disclosure policies and safe harbor
  • Beyond WebApps - bounty programs for IoT, Hardware, Mobile, etc
  • How do you measure and report on program success?
  • Gamification and incentive models that lead to high value vulnerability reports
  • Crisis management
  • What to expect: 1 week, 1 month, 1 year
Learn More

Kymberlee Price

Summit Chair

Kymberlee Price

×

Engineering Response

Security Response + Outreach

Grounded in the belief that security can be a healthy collaboration with engineers and not just a hostile demand for their compliance, Kymberlee Price builds highly effective end-to-end application security teams.

A recognized expert in the information security industry, Kymberlee's 20 years of experience includes product security incident response and investigations, coordinated vulnerability disclosure, Open Source Security strategy, and secure development culture and community engagement programs. Kymberlee founded the first Security Community Engagement program at Microsoft in 2003 to influence better outcomes for customers through coordinated vulnerability disclosure. She speaks regularly at conferences around the world and is currently on the content review board for Black Hat USA and Black Hat Europe.