Semperis to Hold 2 Cybersecurity Educational Sessions at Black Hat USA 2025

HOBOKEN, N.J.—On Thursday August 7 at the Mandalay Bay Convention Center, Business Hall, Arsenal Station, Semperis chief identity Architect Eric Woodruff, and security researchers Tomer Nahum and Jonathan Elkabas, will present a pair of informational seminars during Black Hat USA 2025.

The first seminar is entitled, “EntraGoat: A deliberately Vulnerable Entra ID Environment,” and it takes place at 11 a.m. in Arsenal Station 8.

Semperis explains EntraGoat is a deliberately vulnerable environment designed to simulate real-world security misconfigurations and attack scenarios in Microsoft Entra ID.  The company asserts that security professionals, researchers, and red teamers can leverage EntraGoat to gain hands-on experience identifying and exploiting identity and access management (IAM) vulnerabilities, privilege escalation paths, and other security flaws specific to cloud-based Entra ID environments.

The other Semperis presentation takes place at 2 p.m. in Arsenal Station 1, and it will cover SAML applications. The title of the seminar is called, “SAMLSmith.”

According to the company, SAMLSmith is a go-to tool for penetrating SAML applications with response forging. Semperis notes that while SAML response forging is far from new, enterprises still lack understanding of how SaaS applications integrate or best practices for securing them. The company suggests that with many factors at play, SAML response forging can range from extremely difficult to near impossible for a SOC to detect. The Semperis demonstration will explore using SAMLSmith to perform a Golden SAML attack against Active Directory Federation Service and show how the use of SAMLSmith ties into new research around response forging, penetrating certain types of SaaS applications with even more stealth.

More news from Security Sales: Michael Hanlon, Vice President, Allied Universal: Best Advice

 

 

The post Semperis to Hold 2 Cybersecurity Educational Sessions at Black Hat USA 2025 appeared first on Security Sales & Integration.



from Security Sales & Integration https://www.securitysales.com/news/semperis-to-hold-2-cybersecurity-educational-sessions-at-black-hat-usa-2025/613456/
via CCTV

Comments

Post a Comment

Popular posts from this blog

Future of Dental and Medical Practices CCTV in 2026 - UK trends and technology

Image
Welcome to Gary Pearce Home Services' authoritative guide on Future of Dental and Medical Practices CCTV in 2026 - UK trends and technology . 1. The Regulatory Landscape for Clinical CCTV in 2026 As we move through 2026, medical and dental practices across the UK face unprecedented scrutiny regarding patient privacy and physical security. Clinical environments require a delicate balance: maintaining absolute patient confidentiality while ensuring robust protection against theft, vandalism, and false liability claims. The Information Commissioner’s Office (ICO) has updated its strict codes of practice to reflect advances in AI-driven edge surveillance. For dental and medical practices to remain compliant, any newly deployed CCTV system must strictly adhere to the ICO CCTV Code , UK GDPR , and the industry-recognised BS EN 62676 standard for video surveillance systems. To achieve SSAIB Grade 2 or Grade 3 certification, practice owners must ensure that security data i...
Read more

The 8K Resolution Era: Why Forensic CCTV is Now the Residential Standard

# The 8K Resolution Era: Why Forensic CCTV is Now the Residential Standard For years, 4K (8-Megapixel) resolution was considered the "ceiling" for residential security. But as we move into 2026, the demand for **Forensic Clarity** has pushed 8K (32-Megapixel) sensors into the mainstream. At **CCTV Systems**, we are seeing a massive shift towards 8K installations for homeowners who require more than just "vague shapes"
Read more

Why Weapons Detection Systems Fail Without Proper Planning

The weapons detection market has exploded over the past three years, driven by heightened security concerns across every vertical market. Healthcare facilities, educational institutions, corporate campuses, and entertainment venues are all investing in advanced weapons screening technology. For security integrators, this represents significant opportunity – and significant risk. Unlike traditional security systems that can be “set and forget,” weapons detection implementations succeed or fail based on factors that extend far beyond technical installation. The difference between a profitable, referral-generating project and a costly support nightmare often comes down to understanding challenges that don’t appear in any technical manual. The False Promise of “Plug and Play” Vendors market their systems as simple to deploy and operate. The reality is more complex. Advanced detection technology may be sophisticated, but successful implementation requires integrators to think beyond netw...
Read more