FINAL POST FROM THE FLOOR: #BlackHatUSA 2025 Coverage!

Access Roulette: How to Stop Betting Your Security on Standing Privileges

This wraps up our on-location content from Las Vegas!

Next week we'll reconnect with our main event sponsors— BLACKCLOAK, Dropzone AI, Stellar Cyber, and Akamai Technologies—to bring you their post-event insights and feedback. Of course ThreatLocker's recap was already captured on the floor and published earlier today. Plus, watch for our closing reflection articles from me Marco Ciappelli and Sean Martin, CISSP!

Our final floor conversation comes thanks to our friends at Apono

Modern enterprises are gambling with security every day. Static permissions, manual approvals, and periodic audits create "privilege creep" that turns every over-privileged account into a potential breach waiting to happen.

At #BlackHat USA 2025, Ofir Stein from #Apono reveals how to break this dangerous cycle.

The stakes keep rising:
• Non-human identities (service accounts, #APIs, #AIagents) retain high-level privileges long after tasks complete
• Organizations discover risks during audits but lack scalable remediation
• #Business teams need rapid access while security teams battle expanding #attacksurfaces

Apono's Zero Standing Privilege model:
• Removes ALL permanent access by default
• Grants access dynamically based on business context
• Automatically revokes permissions when tasks complete
• Works for both human AND non-human identities
• Integrates with existing #identity providers—no rip and replace

Key capabilities:
• Context-based policy management aligned with business objectives
• Continuous discovery of identities, privileges
• Automated remediation of unnecessary privileges
• Real-time anomaly detection feeding #SOC workflows
• Scalable across centralized and decentralized environments

The result?
Engineers gain control over their access (building trust), security teams maintain tight governance, and organizations can finally stop betting their security on standing privileges.

Watch the video: https://youtu.be/ciBsH84PVQU

Listen to the podcast: https://brand-stories-podcast.simplecast.com/episodes/access-roulette-how-to-stop-betting-your-security-on-standing-privileges-a-brand-story-with-ofir-stein-cto-and-co-founder-of-apono-a-black-hat-usa-2025-conference-on-location-brand-story-HD5Uq_kf

Read the blog: https://www.itspmagazine.com/their-stories/access-roulette-how-to-stop-betting-your-security-on-standing-privileges-a-brand-story-with-ofir-stein-cto-and-co-founder-of-apono-a-black-hat-usa-2025-conference-on-location-brand-story

➤ Learn more about Apono: https://itspm.ag/apono-1034

✦ Catch more stories from Apono: https://www.itspmagazine.com/directory/apono

Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25

NOW PUBLISHING: On-Location Coverage from Black Hat USA 2025!

We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!

Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!

We're proud to share this game-changing Brand Story conversation thanks to our friends at Stellar Cyber

#StellarCyber Revolutionizes #SOC Operations with Human-Augmented Autonomous Platform

Security operations centers are drowning in thousands of daily alerts while sophisticated threats demand immediate response. At Black Hat USA 2025, Subo Guha from Stellar Cyber shows how their revolutionary platform transforms this chaos into clarity.

Unlike traditional approaches that pile on more automation, Stellar Cyber recognizes that effective security requires intelligent collaboration between AI and human expertise. Their autonomous SOC concept dramatically reduces alert volume from hundreds of thousands to manageable numbers within days—not weeks.

Key innovations include:

• AI-driven auto-triage that identifies true positives among thousands of false alarms

• Natural language queries

• Advanced #identity threat detection catching physical impossibilities like logins from Portland and Moscow 30 minutes apart

• Vendor-neutral architecture supporting CrowdStrike, SentinelOne, Sophos, and more

The result?

#MSSPs report dramatic efficiency gains, analysts focus on strategic decisions instead of alert fatigue, and organizations achieve faster threat detection with smaller, more focused teams.

Watch the video: https://youtu.be/N3M1fxhMryM

Listen to the podcast: https://brand-stories-podcast.simplecast.com/episodes/stellar-cyber-revolutionizes-soc-cybersecurity-operations-with-human-augmented-autonomous-platform-at-black-hat-2025-a-stellar-cyber-event-coverage-of-black-hat-usa-2025-las-vegas-brand-story-with-subo-guha

Read the blog: https://www.itspmagazine.com/their-stories/stellar-cyber-revolutionizes-soc-cybersecurity-operations-with-human-augmented-autonomous-platform-at-black-hat-2025a-stellar-cyber-event-coverage-of-black-hat-usa-2025-las-vegas

➤ Learn more about Stellar Cyber: https://itspm.ag/stellar-cyber--inc--357947

✦ Catch more stories from Stellar Cyber: https://www.itspmagazine.com/directory/stellarcyber

Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25