Every year in early August, conferences in Las Vegas, Nevada, serve as a gathering of security professionals in a single place. This time of the year is colloquially referred to as Hacker Summer Camp. In this post, we’ll share some tips if you're attending—or if you're interested in the content being shared but prefer not to or can't make it to Las Vegas.
The schedule
Several conferences are taking place throughout the week, each with different audiences, stories, sizes, vibes and goals:
- The Diana Initiative (August 4), a conference committed to helping all those underrepresented in Information Security.
- BSides Las Vegas (August 4–6), the original BSides event. It’s a volunteer-organized and community-driven conference.
- Black Hat USA (August 6–7), a large conference that includes Black Hat Briefings (talks), Black Hat Arsenal (demos of open source projects), and training.
- DEF CON (August 7–10), a large hacker convention that takes place immediately after Black Hat USA in Las Vegas every year. It has a main stage and numerous sub-conferences (known as villages) that are based around diverse topics ranging from cloud security to car hacking and adversary emulation.
This year's themes
These conferences cover a wide-ranging set of topics, particularly in the areas of:
- Application security: Attacking and defending applications
- Cloud security: Securing public cloud environments and Kubernetes clusters, as well as attacking or backdooring them, and analyzing real-world threats
- Red teaming: Simulating advanced attack tactics to emulate real-world attackers
- Applied research: Examining applied academic research in security, typically from individuals who have extensively studied specific security topics
- Supply-chain security: Securing or attacking the application supply chain or cloud supply chain
- Threat intelligence: Gathering and analyzing information about real-world attackers, with findings usually presented by people who are involved in tracking and discovering the attackers
AI security at Hacker Summer Camp
As one can expect, this year's conferences are emphasizing AI security, a loosely defined term that typically refers to one of the following concepts:
- Methods of attacking and abusing AI models and AI-powered applications, such as exploiting prompt injection vulnerabilities or backdooring models
- Threat actors that use AI to be more efficient in their operations, such as generating phishing campaigns, delivering malicious payloads, or bypassing security mechanisms
- Protection of AI-powered applications and associated models, such as by using threat-modeling AI applications, analyzing the output of a code-generating LLM for security issues, or securing MCP servers
- Use of AI for defense, such as being more efficient at finding evil or streamlining security operations
- AI ethics and the impact of AI on society and technology
Talks from Datadog researchers
As in previous years, Datadog researchers will attend these conferences and will deliver talks and open source tooling to the community.
50 talks we're excited to see
Whether you're attending on-site or watching from a distance, we compiled the top 50 Hacker Summer Camp talks we're excited about (grouped by theme and with a direct link to the conferences where they're being delivered).
You can access a full size view with sorting and filtering capabilities here.
We'll update this list of talks with links to the slides and recordings as those links become available.
Conclusion
We're looking forward to engaging with the community. Thanks for reading and stay tuned for upcoming posts! You can subscribe to our monthly newsletter to receive our latest research in your inbox, or use our RSS feed.
