Artificial Intelligence (AI) is changing how we think about cybersecurity. It has become a central focus in the cybersecurity landscape, dominating discussions at major industry events. The BlackHat USA 2024, held from August 3rd – 8th at the Mandalay Bay Convention Center in Las Vegas, was no exception. The six-day program featured over 100 talks, many tool demonstrations, a busy exhibition hall, and lots of networking opportunities.
BlackHat, started in 1997, is a big international cybersecurity conference that happens in Europe, Asia, and the USA. The conference offers cutting-edge information security research through briefings and training. The 2024 USA event placed significant emphasis on AI’s potential to enhance overall security postures, with experts sharing practical AI integration methods for addressing real-world challenges. Sessions covered a wide range of AI-related topics, from practical large language model (LLM) security to generative AI safety.
Since 2024 is an important election year worldwide, the keynote address was about how leaders are dealing with election security risks including cyber threats, foreign influence operations, and the impact of generative AI. CISA Director Jen Easterly stressed at the event that election stakeholders must remain vigilant because the threats are more complicated than ever before.
The conference also addressed recent industry developments, such as the CrowdStrike global incident. While the company faced some criticism regarding its update processes, the broader security community generally commended CrowdStrike’s swift response to the outage. BlackHat USA 2024 served as a platform for companies and startups to showcase their latest AI-powered security innovations. Some Innovative products include:
- Cybersixgill’s IQ: An AI-driven threat intelligence solution designed to simplify complex threat data analysis. It delivers AI-generated analysis, high quality finished reporting and 24/7 assistance, transforming cyber security for every industry and every individual, at every level.
- Apiiro’s Risk Detection at Design Phase: A feature that shifts risk detection earlier in the software development lifecycle. It enables application security (AppSec) practitioners to mitigate security and compliance concerns before a line of code is written. Risk Detection at Design Phase leverages cutting-edge AI technology, including a native Phi LLM, to automatically analyze feature designs.
- Legit Security’s AI Security Command Center: An industry-first solution to protect AI-native software factories. This security center provides security teams with the necessary tools to efficiently integrate AI- and LLM-based capabilities in a controlled and secure manner. Legit Security also announced today that it is joining the Coalition for Secure AI (CoSAI).
- Varonis’ AI-Powered Data Classification: A tool to prevent sensitive data exposure by AI copilots such as Microsoft 365 copilot and secure AI workloads in large data stores like AWS, Azure, Snowflake. It controls the AI blast radius, monitors AI-created data and keeps sensitive data out of LLMs.
- Orca Research’s AI Goat: Orca Research Pod has launched the first open source AI security hands-on learning environment based on the OWASP top 10 ML risks. The learning environment was created to help security professionals and pentesters understand how AI-specific vulnerabilities based on the OWASP top 10 ML risks can be exploited, and how organizations can best defend against these types of attacks.
- HPE’s AI-Powered Network Detection and Response: This is an expansion of HPE’s networking portfolio, introducing behavioral analytics-based network detection and response capabilities (NDR). This new NDR solution uses behavioral analytics to identify anomalies in network activities and then helps to identify and respond to security incidents faster.
- RAD Security’s AI-Powered Incident Investigation: This is a platform using LLMs to analyze behavioral detections and determine the nature of security incidents. RAD Security is one of four finalists for the BlackHat Startup Spotlight Competition in recognition of its work in empowering security teams with a signature-less, behavioral approach to cloud detection and response.
These new tools show how AI is becoming a big part of cybersecurity, helping to find threats and make software safer. It also shows that a lot of efforts are being put by cybersecurity companies and professionals to ensure that they can protect data and assets from attacks and AI-powered threats.