Keynotes
Wednesday, August 6, 2025 at 9:00 – 10:00 AM
Thursday, August 7, 2025 at 9:00 – 10:00 AM
Open to all pass types.
Keynote Speakers will be announced soon!
Main Stage
Main Stage: Proof, Not Promises: Redefining Cybersecurity for the Defense Industrial Base
Snehal Antani | CEO & Co-Founder, Horizon3.ai
Bailey Bickley | Chief of DIB Defense, NSA Cybersecurity Collaboration Center
Date: Wednesday, August 6 | 12:50-1:15 PM (Oceanside A, Level 2)
Presented by Snehal Antani (Horizon3.ai) with Special Guest Bailey Bickley (NSA Cybersecurity Collaboration Center)
The Defense Industrial Base (DIB) is the backbone of national security—and is a high-value target for advanced cyber adversaries exploiting weaknesses across the supply chain. In this joint keynote, Snehal Antani, CEO of Horizon3.ai and special guest Bailey Bickley, Chief of DIB Defense at the NSA Cybersecurity Collaboration Center reveal how the NSA's Continuous Autonomous Penetration Testing (CAPT) service—powered by the NodeZero® Platform—is transforming how DIB suppliers secure their environments.
By combining intelligence-driven proactive insights with scalable, autonomous testing, CAPT empowers organizations to find, fix, and verify their exploitable weaknesses—shifting cybersecurity from reactive defense to operation resilience.
Drawing from real-world operations across the DIB, Bailey and Snehal will share "war stories" that reveal:
- Example critical vulnerabilities that once put the DIB at risk
- Attack paths enabled by misconfigurations, weak credentials, and unpatched systems
- The operational impact of shifting from reactive defense to continuous validation
Attendees will leave with field-tested guidance on how to:
- Prioritize and validate remediations based on proof of exploitability
- Seamlessly integrate autonomous testing into compliance and assurance workflows
- Reduce dependence on expensive, infrequent manual assessments
This keynote is more than a technical session—it's a strategic look at how the NSA and private sector are partnering to secure the defense supply chain. If you're responsible for protecting the systems that protect the nation, this session is your blueprint for action.
Open to All Pass Types.
Main Stage: Unmasking Cyber Villains: How Microsoft Stays Ahead of the World's Most Dangerous Hackers
Aarti Borkar | Corporate Vice President, Security Customer Success, Microsoft
Andrew Rapp | Senior Director of Security Research, Microsoft
Simeon Kakpovi | Senior Threat Intelligence Analyst, Microsoft
Sherrod DeGrippo | Director of Threat Intelligence Strategy, Microsoft
Date: Thursday, August 7 | 12:15-12:40 PM (Oceanside A, Level 2)
What does it take to stay one step ahead of the world's most advanced cyber threats? At Microsoft, it means eliminating internal silos and turning intelligence into action, faster than ever before.
Go behind the scenes with Microsoft's threat intelligence, incident response, and threat hunting leaders. Learn how these functions operate as a unified force, creating a real-time feedback loop that enables Microsoft to detect, disrupt, and outpace sophisticated actors like Star Blizzard and Mint Sandstorm.
Attendees will learn:
- The techniques Microsoft's threat hunters use to uncover hidden malicious activity across global telemetry in near real-time
- Ways intelligence teams attribute nation-state groups and track shifting tactics, techniques, and procedures (TTPs)
- How the world's largest bug bounty program feeds Microsoft's detection capabilities and enhances threat intelligence shared across the global defender community
Attendees will walk away with a clear view of what it takes to track the most elusive actors, lessons from real intrusions, and how Microsoft translates threat signals into global protection.
Open to All Pass Types.
Locknote
Locknote: Conclusions & Key Takeaways from Black Hat USA 2025
Date: Thursday, August 7 | 4:20 - 5:00 PM
Join Black Hat USA Review Board Members as they conclude Black Hat USA 2025 with an insightful conversation on the most pressing issues facing the InfoSec community. This Locknote will feature a candid discussion on the conference's key takeaways and how these trends will impact future InfoSec strategies.