Register Now
August 3-8, 2019
Mandalay Bay / Las Vegas

On This Page

Micro Summits

This year Black Hat is introducing Micro Summits. Black Hat Micro Summits are designed to foster education and collaboration on focused topics that have wide applicability to the Information Security industry. Leading experts will share their insights on key topics and enable attendees to connect with fellow attendees, speakers, and industry leaders to better understand critical issues and solutions.

Each Micro Summit is a half day program combining subject matter expertise and networking opportunities. All day attendance is not required. Micro Summits take place during Briefings. Attendees can easily participate in both programs. No pre-registration required.

A Black Hat Briefings pass is required to attend

Cyber Insurance

Wednesday, August 7, 1:30 - 5:00 PM

Mandalay Bay CD, Level 2

Cyber liability insurance, like it or not, already has and will continue to have a profound impact on the entire Information Security industry. Everyone in the industry will be affected because no matter how many resources an organization invests in various security controls, there will always be latent risk of breach and financial loss. That’s one of the main reasons why organizations find it attractive to transfer their risk to an insurance carrier. As these business decisions are made it becomes vital for InfoSec pros to become familiar with cyber-insurance policies in what they cover and don’t cover; how claims are made, which are paid vs denied, how the incident response process may be altered; and how carriers influence what security controls their clients implement.

Jeremiah Grossman

Summit Chair

Bug Bounty

Thursday, August 8, 9:45 AM - 1:00 PM

Mandalay Bay CD, Level 2

Thinking about launching a bug bounty program? Already have a bug bounty program and interested in best practices to make it more effective? Drop into the Bug Bounty micro-summit to learn strategies, best practices and lessons learned for setting up and running an effective bounty program that protects your customers and improves your product quality! Engage with industry experts on topics including:

  • Why to host a private bounty instead of a public bounty
  • How to write a great bounty brief
  • Common Pitfalls and how to avoid them
  • Keeping it legal - disclosure policies and safe harbor
  • Beyond WebApps - bounty programs for IoT, Hardware, Mobile, etc
  • How do you measure and report on program success?
  • Gamification and incentive models that lead to high value vulnerability reports
  • Crisis management
  • What to expect: 1 week, 1 month, 1 year

Kymberlee Price

Summit Chair