Join Us At Hacker Summer Camp

See Rob King at DEF CON ICS Village!

We'll be at Summer Camp all week long, shaking things out at DEF CON 33.

lanyard-rope
lanyard-clip

DEF CON ICS Village

There and Back Again: Detecting OT Devices Across Protocol Gateways

August 9 @ 3pm PDT

Presented by:
Rob King

Join Rob King, Director of Applied Research, for a discussion on legacy protocols that are still widely used in the OT world and how devices that speak them are often hidden behind protocol gateways.

Rob will also share creative methodologies for discovering devices on the other side of these gateways safely and effectively. Come jump down the OT rabbit hole with us!
Add to Calendar

More Great Things From Rob

Webcasts
Safeguarding OT/ICS Assets: Insights from the U.S. Department of Energy
Security experts from the National Renewable Energy Lab’s (NREL) Clean Energy Cybersecurity Accelerator™ (CECA) program join runZero to discuss...
runZero Research
Attack Surface Challenges with OT/ICS and Cloud Environments
Learn why successfully navigating changes to operational technology and cloud attack surfaces is critical for successful asset security.
Podcasts
Risky Biz Interview: Breaking apart OT protocols
runZero's Rob King on the how and why of reverse engineering for active discovery
runZero Research
Active Asset Discovery in OT networks: runZero and the NREL/CECA Report
The Cohort 2 report describes how runZero safely discovers devices in a large, complex OT/ICS environment. Learn more about runZero's discovery...

More Summer Camp Talks!

BSides • August 4 @ 11am PDT
Turbo Tactical Exploitation: 22 Tips for Tricky Targets
Join HD Moore as he delivers rapid-fire, practical tips to help you spot valuable targets faster, pivot smarter, and skip the noise. From recon to lateral movement (and everything in between), these techniques are built for speed and getting the most out of every packet, port, and pivot.

Whether you’re on a red team or just want to better understand your exposure, you’ll leave with new ways to spot weak links fast — and exploit them even faster.
Learn More
Diana Initiative • August 4 @ 3pm PDT
Forging Strong Cyber Communities in Uncertain Times
HD Moore and Nicole Schwartz explore what it takes to create and foster robust cybersecurity communities and why we should all get involved in these important initiatives — now more than ever. HD will share insights from developing the open-source Metasploit Project, drawing parallels with the enduring principles of in-person community building that Nicole and her fellow board members rely upon to grow and sustain The Diana Initiative.

Learn strategies for initiating and scaling these networks, discover ways to contribute regardless of skillset, and see why participation is crucial to building collective resilience against evolving cyber threats.
Learn More
Black Hat • Date & Time TBA
Vulnerability Haruspicy: Picking Out Risk Signals from Scoring System Entrails
Join Tod Beardsley, runZero VP of Security Research, as he digs into the strengths, weaknesses, and absurdities of CVSS, EPSS, and SSVC, comparing them to the reality of how security teams actually handle vulnerabilities.

Tod will explore where these models help, where they mislead, and whether any of them are meaningfully better than rolling a D20 saving throw vs exploitation. Plus, we'll be unveiling a new tool to help you stay on top of the dynamic and sometimes surprising nature of these scoring systems!
Learn More
Black Hat Arsenal • August 6 @ 11am PDT
Akheron Proxy - Interchip Communication Serial Proxy
Matthew Kienow and Deral Heiland will be at Black Hat Arsenal Station 9 diving into Akheron Proxy, a serial communication proxy application tool designed to connect and proxy serial communication between microprocessors on a hardware circuit board.

See how to capture, decode, replay, and fuzz serial communications flowing between microprocessors on an embedded device circuit board in real time.
Learn More
DEF CON Main Stage • August 9 @ 5pm PDT
Shaking Out Shells with SSHamble
Secure Shell (SSH) is finally fun again! After a wild two years, including a near-miss backdoor, clever cryptographic failures, unauthenticated remote code execution in OpenSSH, and piles of state machine bugs and authentication bypass issues, the security of SSH implementations has never been more relevant.

This session is an extension of our 2024 work (Unexpected Exposures in the Secure Shell) and includes new research as well as significant updates to our open source research and assessment tool, SSHamble.
Learn More
August 4-10, 2025
Join us at Summer Camp 2025!
Join us for a whole week of action at BSides, Black Hat, DEF CON, and more.

We've got six talks to take in and crews in every venue you'll want to visit during a fun-filled Hacker Summer Camp.

Hop aboard a helicopter ride over the Strip, enjoy a rooftop omakase dinner, join us at the House of Blues, or see if you can help us save our Yeti's arctic hacker lair from complete meltdown.

It's going to be an epic week with lots of great adventures!
See All Summer Camp Events

Book some 1:1 time

Meet with us during Summer Camp