Black Hat, BSides, and DEFCON Wrap Up: Hacker Summer Camp 2023


Sweltering 100+ degree heat of the desert.

Horrid traffic on the Strip.

Long days stretching from the early morning to well past midnight.

Heart full from seeing old friends and making new ones.

There really isn’t anything else like Hacker Summer Camp! 

Three things I observed and took to heart:

  1. The security community is way friendlier now than when I started 7 years ago.
  2. Relationships and empathy matter - security can’t happen in a vacuum.
  3. Business context matters - separating real, material threats from theoretical is more important than ever.

This year was particularly special to me for three reasons - I got to experience The Data Heist up close and personal, I gave a talk at BSides, and I attended DEFCON for the first time!

The Data Heist

J1 Data Heist in Las Vegas

JupiterOne kicked off the week with a cybersecurity whodunnit dinner hosted at Superfrico. I am a sucker for murder mystery dinners, and this one takes the cake! Months leading up to the event, guests were encouraged to crack a cipher to get the location details, and once you were in the space, it felt like you were transported somewhere else entirely. 

We enjoyed a night of detective work, delicious food, beverages, and entertainment, featuring Sounil Yu, author of The Cyber Defense Matrix, and a supporting cast of actors.

Friendships were forged and memories were made, and if you’re feeling FOMO, don’t worry. This event could be coming to a city near you! We’ll be hosting this event in Seattle, Washington D.C., San Diego, and New York City, so if you’re close to any of these cities, sign up here!

Sounil Yu

BSides Las Vegas

BSidesLV usually has a lot of technical talks, so imagine my excitement when my talk, “How to communicate with non-security specialists to drive action” got accepted!

BSides - Ashleigh Lee

So much of the work in security today is persuading people to act - to fix, to change, to update, to communicate. Technical prowess is often the starting point for many careers, but the ability to communicate and persuade people to act is what will fuel career growth and influence change within an organization.

In this talk, I dug into three key things practitioners need in their communication to drive action:

  • Value - Provide value to the audience. This will be different when security folks are communicating with  finance, HR, engineering, legal, sales, executives, etc. The more specific you are to your audience, the greater success you’ll find in driving action.
  • Clarity - While technical words make sense in the world of engineering and security, other departments have their own areas of expertise as well, so we need to use simple, common language to appeal to a wider audience. 
  • Connection - Human beings build trust and relationships based on emotional connection. Find ways through stories and analogies to connect on the human level and tie back to the action you are trying to drive.

JupiterOne also had two other speakers at the event - Kenneth Kaye and Sounil Yu!

Kenneth’s talk, “Big SIEM energy at micro-SIEM cost,” covered how to manage security events and incidents in your AWS infrastructure using other AWS services when GuardDuty might be too much for your use cases or budget.

BSides - Kenneth Kaye

Sounil had two different BSides talks:

“Double Entry Accounting for Security” - This talk explored how double entry accounting practices could revolutionize your security program.

BSides - Sounil Yu

“From LLM Obstacles to Open Doors: A Tale of Three CISOs” - This talk explored three concerns and three corresponding opportunities for generative AI and LLMs. Sounil provided specific frameworks and models that allow us to understand the necessary guardrails for each concern.

BSides - Sounil Yu talks AI

BSides is currently chopping up the video, so we’ll update this blog with the links to each of these talks when they’re ready!

Black Hat

JupiterOne showed up “new and improved” after announcing the latest capabilities for hybrid infrastructures and AI-driven usability enhancements!

Black Hat J1 collage

We had an incredible turnout for Sounil Yu’s book signing. We also had friends from our Stellar Partner Program speak at our booth, including e360, Cisco, Intelliguard, and AWS.

The J1 booth at Black Hat

On the back of our booth, we had an art installation that turned into a nice data visualization at the end of the show. Not surprisingly, this show had way more incident responders participate than RSAC. The pineapple-on-pizza debate was emphatically YES until the final hours of the show, and narrowly managed to edge out the anti-pineapple-on-pizza with a final tally of 22-19.

Our string diagram

Last, but not least, Pickles joined us for some fun too! They made time on the show floor memorable, taking photos with attendees and playing games at neighboring booths.

Hey Pickles!


As a first time attendee to DEFCON, I finally understand when people say it can be overwhelming as a newbie. This event is spread over a number of hotels, and there were so many villages and talk tracks to choose from. But even in the chaos, I found that people were super kind and helpful.

I started with the Lockpick Village to learn the basics of lockpicking and also how lockpicking enthusiasts use the hobby as a means to teach others about defense in depth. 

“Locks aren’t meant to stop an intruder. They’re meant to deter and slow down the intruder.”

Later that afternoon, I went over to the Blue Team Village and sat through “Monroeville Live: An IR Tabletop for the Rest of Us.” It was super cool to hear how others thought through how to find devices on a network they weren’t familiar with, how to differentiate between a technical issue versus a security threat, and how to escalate communication through the chain of command during a crisis. I’m pretty sure I’d still be a goner during a zombie apocalypse, but at least there are people smarter than me out there who would do their best to triage the incident!

On Saturday, I made my way to the AppSec Village to listen to AppSec experts from Datadog, eBay, and Paylocity as they shared how they prioritize security alerts at their organizations. This panel got me pumped for the next generation of security because AppSec leaders are recognizing the need to put vulnerabilities in the context of the business in order to drive change. AppSec leaders know that empathy and understanding the world of developers is key to driving remediation. Low severity alerts still have reason to be escalated if they are related to business critical assets.

This was a great note to segue into my last stop for Hacker Summer Camp - the workshop, “Starbase: open source graph security analysis” presented by Guillaume Ross and Adam Pierson! This four-hour workshop walked through the basics of setting up Starbase and analyzing the relationships between assets in a demo set of data, with each question building on the skills of the previous step. Great job gents!

J1 DEFCON workshop

Hacker Summer Camp 2023 - thank you for a great time. The future’s gonna be ok.

Ashleigh Lee
Ashleigh Lee

As Senior Product Marketing Manager at JupiterOne, I love getting to the heart of what problems our customers are solving and how that ties in with the cybersecurity mission at their organizations. With over a decade of experience in B2B tech marketing, and the last 7 years in cybersecurity, I have honed my digital swiss army knife background into sharing customer stories that resonate and drive action.

Keep Reading

Why Your Business Needs Cloud Asset Management
April 10, 2024
Why Your Business Needs Cloud Asset Management

Organizations are transitioning to the cloud faster than ever to keep up with the changing consumer and business climate. According to Gartner, by 2023, 40% of all

‘Type and go’ - New JupiterOne search bar enhancements
October 30, 2023
‘Type and go’ - New JupiterOne search bar enhancements

JupiterOne aggregates and normalizes data from hundreds of different sources so you can identify and triage security risks easily.

Identify and eliminate endpoint device security gaps using the new JupiterOne Unified Device Matrix
October 6, 2023
Identify and eliminate endpoint device security gaps using the new JupiterOne Unified Device Matrix

It seems like a simple question. “Are any of our deployed user endpoint devices missing an endpoint detection and response agent?”

15 Mar 2022
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.