Rapid7 Labs Security Researchers to Speak at Black Hat USA 2025 and DEF CON 33

BOSTON, July 23, 2025 (GLOBE NEWSWIRE) -- Today,  (NASDAQ: RPD), a leader in threat detection and exposure management, announced its dynamic speaker lineup from Rapid7 Labs for Black Hat USA 2025 and DEF CON 33, taking place in Las Vegas this August. Conference organizers selected these speakers’ abstracts from among hundreds of submissions to showcase their groundbreaking research on emerging threats and vulnerabilities, complete with live demos of attack techniques and tools.

Rapid7 Labs stands at the forefront of cybersecurity innovation, providing teams with a community-driven approach to security with open-source tools and research-informed, curated intelligence so they can more effectively identify, assess, and mitigate threats. Earlier this year, Rapid introduced , which unifies global threat intelligence expertly curated by Rapid7 Labs researchers.

Rapid7 Labs Session Lineup

The knowledge Rapid7 Labs speakers will share at this year’s Black Hat and DEF CON represents the company’s 25 years of security program expertise, enabling session attendees to proactively address today’s most pressing cybersecurity challenges.

Date & Time: Wednesday, August 6 | 11:00 AM - 11:55 AM PDT

Location: Business Hall, Arsenal Station 6

Conference: Black Hat 2025

Track: Exploitation and Ethical Hacking

Presented by Rapid7’s Spencer McIntyre, Senior Security Research Manager, and Jack Heysel, Senior Security Researcher, this Arsenal session showcases Metasploit's latest capabilities, including SMB-to-LDAP and SMB-to-HTTP relaying, expanded support for Active Directory Certificate Services (AD CS) attacks, and new process injection techniques like "PoolParty." Attendees will see demonstrations of how to detect and exploit ESC vulnerabilities, retrieve privileged credentials, and execute lateral movements in complex domain environments.

Date & Time: Wednesday, August 6 | 11:00 AM - 11:55 AM PDT

Location: Business Hall, Arsenal Station 9

Conference: Black Hat 2025

Track: Hardware/Embedded

In this Black Hat Arsenal Session, Deral Heiland, Principal Security Researcher (IoT) at Rapid7, and Matthew Kienow, Vulnerability Researcher at runZero, will discuss security testing methods via Akheron proxy, a serial communication proxy application tool designed to connect and proxy serial communication between microprocessors on a hardware circuit board. In this live demonstration, Heiland and Kienow will walk through how Akheron proxy allows embedded device testers to capture, decode, replay, and fuzz serial communications flowing between microprocessors on an embedded device circuit board in real time.

Date & Time: Thursday, August 7 | 3:20 PM - 4:00 PM PDT

Location: Oceanside C, Level 2

Conference: Black Hat 2025

Tracks: Hardware/Embedded, Network Security

In this 40-minute briefing, Rapid7’s Deral Heiland, Principal Security Researcher (IoT), and Carlota Bindner, Lead Product Security Researcher at Thermo Fisher Scientific, will provide an analysis of how adversaries exploit IoT devices with built-in cellular technology. The session will include live demonstrations as well as discussions on mitigation techniques for manufacturers to address the risks and impacts associated with the demonstrated attacks.

Date & Time: Friday, August 8 | 2:00 PM PDT

Location: Las Vegas Convention Center, Level 1

Conference: DEF CON 33

Ryan Emmons, Security Researcher at Rapid7, will present his findings on a critical vulnerability in Synology NAS devices, revealing how unauthenticated attackers could achieve root-level remote code execution on millions of devices. The presentation will also feature a novel Linux exploitation technique that earned recognition and awards in Pwn2Own 2024.

“Between Black Hat and DEF CON, we are thrilled to have four extremely talented security researchers presenting this year,” said Raj Samani, chief scientist at Rapid7. “But even beyond that, these two annual conferences are an important time for the Rapid7 Labs team to connect with the community, exchange actionable insights, and address shared challenges together. These face-to-face interactions are critical for fostering the collaboration we all need to enable more secure customers and a safer society.”

Rapid7 at Black Hat USA and DEF CON

will take place from August 2 to August 7, featuring cutting-edge research and expert-led discussions. , running from August 7 to August 10, continues its legacy of fostering hands-on technical exploration and community collaboration in information security.

Attendees at Black Hat and DEF CON are invited to join sessions featuring Rapid7 speakers to gain exclusive insights into the latest threats. For other ways to interact with Rapid7 August 6-7 in Las Vegas, visit the .

About Rapid7

Rapid7, Inc. (NASDAQ: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 11,000 global customers unite cloud risk management with threat detection and response to reduce attack surfaces and eliminate threats with speed and precision. For more information, visit our , check out our , or follow us on or .

Rapid7 Media Relations

Stacey Holleran

Sr. Manager, Global Communications



(857) 216-7804

Rapid7 Investor Contact

Elizabeth Chwalk

Vice President, Investor Relations



(617) 865-4277