NetSPI Security Experts Triple Threat:
BSides LV, Black Hat USA, DEF CON 33
BSides LV, Black Hat USA, DEF CON 33
NetSPI was in Full Force in Vegas for 3 Cybersecurity Conferences! This year NetSPI was in the spotlight at BSides Las Vegas, Black Hat USA, and DEF CON 33. We showcased our pentesting expertise and cybersecurity leadership with several talks and contests.
Black Hat USA 2025 Recap
Date: August 6-7, 2025 | Location: Las Vegas, NV
At Black Hat USA 2025, we turned up the heat with our modern proactive security approach. At Mandalay Bay Convention Center, the NetSPI booth brought together cybersecurity professionals looking for help with their security posture… and of course, a free t-shirt!
Showcasing our proactive security solutions
The NetSPI booth offered live demos of NetSPI’s Platform which included innovative penetration testing techniques and vulnerability management solutions tailored for 2025’s evolving threat landscape.
Engaging with the cybersecurity community
We connected with industry leaders, security professionals, and peers.
Thought leadership in action
Team NetSPI delivered valuable presentations about AI, leadership in cybersecurity, the evolving threat landscape, and mainframe penetration testing.
Team NetSPI Presentation Highlights
This year, our security experts hit a record-breaking number of presentations at BSides Las Vegas, Black Hat USA, and DEF CON 33.
If you missed hearing from us, check out the content included below.
Laser Beam & Light Streams: Letting Hackers Go Pew Pew, Building Affordable Light-Based Hardware Security Tooling
Speakers: Sam Beaumont and Larry “Patch” Trowell
Stored memory in hardware has had a long history of being influenced by light, by design. Naturally, whilst useful, this has proven to be an avenue of opportunity to be leveraged by attackers, allowing them to selectively influence memory via a host of optical/light-based techniques. As chips became more advanced, the usage of opaque resin was used as a “temporary” measure to combat this flaw, by coating chips in a material that would reflect UV. Present day opinions are that laser (or light) based hardware attacks, are something that only nation state actors are capable of doing.
Currently, sophisticated hardware labs use expensive, high frequency IR beams to penetrate the resin. This project demonstrates that with a limited budget and hacker-and-maker mentality and by leveraging more inexpensive technology alternatives, we implement a tool that does laser fault injection, can detect hardware malware, detect supply chain chip replacements, and delve into the realm of laser logic state imaging.
Hunt or Be Hunted: Moving from Reactive Defense to Proactive Threat & Exposure Management
Speakers: Scott Sutherland and Jake Karnes
Today’s defenders are in a race where the attackers set the pace. While you’re managing alerts and patch cycles, adversaries are continuously looking for openings and leveraging automation and AI to move faster than ever. Threat actors and ransomware groups exploit known vulnerabilities within hours of them appearing on your attack surface. Without a proactive approach to attack surface and vulnerability management, organizations face growing risk.
Reactive models can’t keep up with an expanding digital footprint and increasingly sophisticated threats. It’s time for a proactive approach that provides continuous visibility into your networks, systems, applications, AI deployments, and supply chain providers so that you can address exposures as they occur.
This talk explores how to shift from passive defense to Continuous Threat & Exposure Management (CTEM), blending deep-dive pentesting with continuous coverage to uncover, assess, and prioritize remediation of exposures before attackers do.
Key takeaways:
- Why traditional security approaches are failing
- How threat actors exploit common vulnerabilities at scale
- Why we need deep testing and continuous attack surface coverage
Beyond the Command Line: Transitioning from Individual Contributor to Leader
Speakers: Leo Pate III
The leap from technical expert to leader is one of the most challenging transitions in cybersecurity. Many high-performing engineers, penetration testers, and analysts find themselves in leadership roles without clear guidance on how to succeed. The skills that make a great individual contributor—deep technical expertise, problem-solving, and hands-on execution—aren’t always the same ones that make a great leader.
This session will explore the challenges and rewards of moving into leadership, including how to develop managerial skills, communicate effectively, and lead teams successfully. Attendees will leave this discussion with a clear understanding of what it takes to transition from an individual contributor to a successful cybersecurity leader. They will learn how to shift their mindset from personal technical execution to team success, develop critical leadership skills like communication and delegation, and navigate the challenges of managing former peers. The discussion will also tackle imposter syndrome, common leadership pitfalls, and how to build an authentic leadership style that aligns with your strengths. Whether you’re considering a leadership role or already in one, this session will provide actionable insights to help you grow, lead, and thrive in your cybersecurity career.
Unix Underworld:
Tales from the Dark Side of z/OS
Speakers: Philip Young & Chad Rikansrud
Those stories often focused on the MVS/ISPF side of the IBM z/OS. But did you know that all those same tricks (and more!) can be pulled off in z/OS Unix System Services (OMVS) as well? I bet you didn’t even know z/OS had a UNIX side! Over the years, we’ve discovered multiple unique attack paths when it comes to Unix on the mainframe. In this talk, we’ll present live demos of real-world scenarios we’ve encountered during mainframe penetration tests. These examples will showcase what can happen with poor file hygiene leading to database compromises, inadequate file permissions enabling privilege escalation, a lack of ESM resource understanding allowing for privileged command execution, and how dataset protection won’t save you from these attacks.
Attendees will learn how to test these controls themselves using freely available open-source tools and how to (partially) detect these attacks. While privesc in UNIX isn’t game over for your mainframe, it’s pretty close. By the end, it will be clear that simply granting superuser access to Unix can be just as dangerous, if not more so, than giving access to TSO on the mainframe.
So You Want to Give A Talk:
How to Write a CFP
Speakers: Philip Young
The one thing I love about our community is the passion to give back. And if you’re reading this and thinking “I would love to give back, but I don’t know where to start” than this talk is for you. Almost every month it seems like there’s a cybersecurity conference happening, and each of those conferences have what is called a Call for Papers (CFP). It sounds scary and daunting, but submitting a CFP isn’t very hard once you know what you’re doing.
The purpose of this talk is to walk you through what makes a good CFP, what’s in it for you, how to properly fill out the various sections, what a CFP review board is and what they want to see. We’ll use examples of the BSidesLV CFP as well as DEFCON and BlackHat (since they ask for extra special stuff). By the end of this talk you’ll have the confidence to submit your first CFP and start giving talks!
Want More?
Stay Up To Date With The Latest NetSPI Events
Black Hat USA
Connect with NetSPI at Black Hat USA, August 6-7 in Las Vegas. Learn how our platform transforms vulnerability management.
BSides Las Vegas
Join Michelle Eggers for her talk “The Immortal Retrofuturism of Mainframe Computers and How to Keep Them Safe” at BSides Las Vegas.
4 Key Themes from Black Hat USA 2024
See NetSPI’s key takeaways from Black Hat USA 2024, including AI hype, pentesting automation, and the importance of third-party risk management.