Black Hat USA 2026 runs August 1–6 at the Mandalay Bay Convention Center in Las Vegas, and this year’s program has been rebuilt around a six-day structure: four days of Trainings, a Summit Day on Tuesday, and two main conference days of Briefings, Arsenal, and the Business Hall. DEF CON 34 starts the moment Black Hat ends — August 6–9 at the Las Vegas Convention Center — making the first full week of August the densest concentration of security research, recruiting, and recovery anywhere on the calendar.
This is the field guide for people deciding which days to be in Vegas, which pass to buy, which Summits are worth the badge fee, and how to actually work a conference where 20,000 people are competing for the same lunch lines. It’s written for the attendee, not the sponsor.
What Black Hat USA Actually Is in 2026
Black Hat began in 1997 as Jeff Moss’s corporate counterpart to DEF CON. Today it’s the industry’s flagship research disclosure venue, where vendors, federal agencies, and independent researchers drop zero-days, publish frameworks, and scout talent in the same week. The Briefings are the core product — roughly 100 selected, peer-reviewed technical talks — but the economic center of gravity has shifted over the last decade toward the Business Hall and the executive Summits.
The 2026 edition introduces a structural change worth noting: Summit Day and the Business Hall’s opening now overlap on Tuesday, August 4. Previously, Summit attendees spent their Tuesday in closed executive sessions with no floor access. This year the Business Hall opens Tuesday afternoon, giving Summit passholders an extra half-day on the floor before the Wednesday surge.
The Briefings themselves run Wednesday August 5 and Thursday August 6 on the Mandalay Bay Level 2 concourse. Recorded sessions become available to Briefings, Briefings + Training, and Briefings + Summit passholders in the Black Hat Events App from August 14 through September 14, with extended one-year access available as a Streamly add-on.
The Six-Day Program, Mapped
The six-day shape only makes sense once you see how the tracks overlap. Trainings, Summits, Briefings, and the Business Hall run in staggered windows, and the pass you buy determines which windows you can walk through.
Aug 1
Aug 2
Aug 3
Aug 4
Aug 5
Aug 6
The Trainings are the most expensive piece of the event and also the most valuable if you pick the right course — they’re multi-day, small-cohort, hands-on, and taught by working practitioners. Courses cover offensive operations, malware analysis, cloud security, ICS, mobile, and (increasingly) AI red-teaming. They qualify for CPE credits and sell out early. If you’re paying for Trainings, commit by May; the marquee courses fill fast.
Passes and What They Actually Get You
Black Hat’s pass structure is the biggest single source of confusion for first-time attendees. Per the Black Hat USA 2026 pass comparison, the relevant tiers are Briefings, Briefings + Summit, Briefings + Training, and standalone Summit passes (CISO, AI, etc.). New for 2026, bundle pricing is positioned as the default path for most attendees.
List pricing per third-party partner reporting runs roughly $2,195–$3,595 for Briefings and $5,800 and up for Trainings, depending on course length and how early you register. These are ceiling prices; community partners and vendor codes frequently discount.
A note on the CISO Summit: applications are reviewed, space is limited, and vendor/media attendance is restricted to approved sponsors. The Summit advisory board is chaired by working CISOs including practitioners like Saša Zdjelar, and sessions follow Chatham House Rule. If you’re a working security executive, this is genuinely the highest-signal day of the week. If you sell to CISOs, apply as a sponsor or don’t bother.
The Summits in Detail
Five Summits run on Tuesday, August 4:
The AI Summit is the gravitational center of the Tuesday program. Pitched at 500+ senior executives and researchers, it covers AI’s dual role — defensive automation alongside adversarial tradecraft — with the AI, ML, and Data Science track chaired by Nathan Hamiel of Kudelski Security. A Business Hall “AI Zone” runs in parallel. This Summit is where vendor messaging and real research most visibly collide; budget skepticism accordingly.
The Financial Services Security Summit and Healthcare Security Summit are vertical-specific, with sector-aligned talks on threat intelligence, regulatory pressure, and incident response. Both are worth the badge fee if you’re in-sector; skippable otherwise.
The Innovators & Investors Summit exists to connect founders with VCs, and it’s the best single day of the year for that conversation if you’re building something in security. It pairs with the Startup Spotlight competition held during Briefings — finalists pitch live, a US champion is named, and for 2026 a new Global Startup Spotlight runs the US winner against regional champions from other Black Hat events.
The CISO Summit, as noted, is the invitation-only peer forum.
What’s New for 2026
A few structural changes worth knowing before you build your schedule.
The Business Hall opens Tuesday afternoon, extending floor access by half a day. For vendors this matters because it adds a lower-density window to have real conversations before Wednesday’s crush. For attendees it’s useful only if you’re already on-site for a Summit or Training.
Black Hat is hosting the world premiere of Midnight in the War Room, a cyberwar documentary, on Wednesday, August 5 at Mandalay Bay. It’s open to all passholders. This is unusual — Black Hat rarely hosts film premieres — and it suggests the organizers are leaning further into industry storytelling as conference programming.
Dark Reading’s News Desk returns on-site with live broadcasts and interviews across both conference days. If you want to watch journalists work the story in real time, it’s parked in the Briefings area.
Bundle Pass Options are new and deliberately cheaper than buying pieces separately. If you’re doing anything beyond Briefings alone, run the numbers on a bundle before registering.
The DEF CON 34 Overlap
The practical reality of “Hacker Summer Camp” is that Black Hat ends and DEF CON starts in the same 24-hour window. DEF CON 34 runs August 6–9 at the Las Vegas Convention Center (not Mandalay Bay), with villages, CTF, badge life, and a radically different culture.
Most serious attendees do some version of both. The calculus:
If you’re at Black Hat for business reasons — buying, selling, recruiting, reporting — DEF CON is optional and exhausting. Stay for Friday if you have the stamina; fly out Saturday.
If you’re at Black Hat for research, both are worth the full run. DEF CON’s villages (AppSec, Aerospace, IoT, Adversary, Car Hacking) are where the same research that got a 40-minute Briefings slot gets stress-tested in workshop form, and DEF CON 34’s Badgelife Museum is a first-year experiment worth seeing.
Book hotels accordingly. Mandalay Bay sells out for Black Hat week; the LVCC-adjacent blocks (Fontainebleau, Wynn/Encore, Circus Circus for DEF CON 34) need to be booked months in advance. By late April most primary blocks are already tight.
How to Actually Work the Briefings
The Briefings schedule publishes by mid-June 2026. Until then, a few heuristics for deciding what to attend:
Prioritize original research disclosures over survey talks. A Black Hat talk presenting a new CVE, new attack class, or new tool will usually have a companion white paper and tool release posted the evening of the talk. Survey talks (“the state of X in 2026”) tend to recap work you could have read elsewhere.
Use the track system. The Briefings are grouped into tracks (AI/ML/Data Science, Cryptography, Enterprise Security, Exploit Development, Hardware/IoT, Malware, Mobile, Network Security, Platform Security, Policy/Human Factors, and others). Pick two tracks and hit them deeply rather than grazing across all of them.
Arsenal is not a sideshow. Arsenal is the tool demo track — independent researchers presenting open-source tools at stations in the Business Hall. This is where future industry-standard tools get their first audience. Give it an afternoon.
Download materials the night of. Briefings presentation materials and white papers are posted to the Black Hat site by 6 PM Pacific on the day of each talk. Slides disappear from circulation over time; pull them while they’re fresh.
Logistics That Actually Matter
A few notes from people who’ve worked the conference:
Mandalay Bay’s convention center is enormous and the walk from the hotel tower to the Level 2 Briefings rooms takes longer than you think. Budget 15 minutes between sessions in different halls, not five.
August in Las Vegas averages 104°F. The conference is indoors, but movement between hotels is not. Hydrate more than you think you need to, and don’t plan back-to-back cross-property meetings unless you enjoy sweating through a polo.
Cell service at peak hours is unreliable across both Mandalay Bay and LVCC. Pre-download the Black Hat Events App (Swapcard-powered) and schedule meetings in advance. Treat Signal and Matrix as your fallback messaging.
Assume the network is hostile. Black Hat’s public Wi-Fi is one of the most actively monitored networks in the world during conference week — the Network Operations Center publishes stats on what it catches. Use a VPN. Don’t log into anything sensitive from conference Wi-Fi. This is not paranoia; it’s annual reality.
FAQ
Is a Black Hat pass worth it if I already have a DEF CON ticket?
They cover different ground. DEF CON is villages, CTF, and deep practitioner culture at a fraction of the cost. Black Hat is peer-reviewed research disclosures, vendor and investor access, and executive programming. If your work involves procurement, hiring, fundraising, or speaking with federal agencies, Black Hat pays for itself. If your work is purely technical and you’re not selling anything, DEF CON alone may be enough.
Can I attend virtually?
Briefings passholders get 30 days of on-demand recordings starting August 14 via the Black Hat Events App. The Streamly add-on extends access to a full year. Summits, Trainings, and the Business Hall are in-person only.
How do I get a discounted pass?
Three legitimate paths: register during the early-bird window (deepest discount), use a vendor or community partner code (many security vendors distribute allocations to customers), or apply to speak. Accepted Briefings speakers receive complimentary passes, $1,000 honoraria, and travel reimbursement.
What’s the dress code?
Business casual for the Briefings and Summits; hoodies and T-shirts are equally common on the floor. The CISO Summit skews more formal. Nobody cares what you wear at DEF CON.
The Bottom Line
Black Hat USA 2026 is a different event depending on who you are. For working researchers it’s the highest-signal disclosure venue of the year. For CISOs it’s a week of concentrated peer conversations under Chatham House Rule. For vendors it’s the single most important sales and partner-relations week on the calendar. For students and early-career practitioners it’s expensive but career-defining if you pick the right course and work the floor hard.
Buy the bundle that matches your actual goal, book Mandalay Bay before May, and decide now whether you’re doing DEF CON 34 or flying out Friday. The answer to that second question determines how much of August you’ll be recovering from.
