The World’s Largest Capture The Flag Contest Unfolds At Black Hat MEA 2025
The second day of Black Hat MEA saw hands-on simulations, talks by leading cybersecurity executives, and featured the world’s largest Capture the Flag competition.
Thousands of cybersecurity specialists have converged in Saudi Arabia's capital city of Riyadh for the world’s largest Capture the Flag competition that's being hosted at this year's edition of Black Hat MEA, running from December 2-4, 2025.
The three-day tournament, which sees ethical hackers testing their skills across web, PWN, forensics, reverse engineering, and cryptography, is set to have its finale on the last day of the event. Capture the Flag is a key highlight of this fourth edition of Black Hat MEA, which is being organized by KSA-based events organizer Tahaluf in partnership with the Saudi Federation for Cybersecurity, Programming, and Drones (SAFCSP).
Besides the Capture The Flag contest, the event is also hosting the Bug Bounty Cup, a competition that's seeing "hunters" drill into "live" targets on the Bug Bounty platform, surfacing critical vulnerabilities, and pushing each other to stay ahead by minutes, not hours. Its finals will also happen on the third day of Black Hat MEA 2025.
This year's edition of Black Hat MEA has seen the who’s who of the global cybersecurity community discussing questions that will shape the sector in the future, with thousands of specialists, founders, chief information security officers (CISOs), and researchers converging in Riyadh to discuss some of the most prominent themes in the field today. The event's second day saw conversations revolve around shifting attack surfaces, artificial intelligence (AI) systems and how they affect decision cycles, the hidden dependencies of supply chains, and how identity layers are being pushed to a breaking point.
In a statement, Steve Durning, Portfolio Director of Black Hat MEA at Tahaluf, said, “Day two showed how powerful the activity-led experiences have become at Black Hat MEA. The simulations, competitions and hands-on environments are where theory gets pressure-tested and where teams discover what actually holds up against real attacks. Riyadh is proving that when you put this level of capability in one place, progress accelerates fast.”
Annabelle Mander, Executive Vice President of Tahaluf, added, “Day two showed how quickly this community moves when the pressure is real. The conversations here are not theory. They are decisions that shape national resilience and global security. Riyadh has become a place where IT leaders compare notes, challenge assumptions and build capability with clarity and intent.”
Attendees at a session at Black Hat MEA 2025, the world's largest cybersecurity gathering.
One of the highlights of Black Hat MEA's second day was a session delivered by Anne Marie Zettlemoyer of the National Security Institute at Black Hat MEA 2025, which delved into the role of AI in the cybersecurity domain. “The systems we defend and the speed at which we defend them have changed more in the past couple of years than in the previous twenty,” she said, while adding, “Black Hat is not just a conference, it is a gathering of the most capable, strategic, and powerful minds anywhere in the world. If anyone can define responsible AI security, it is this community.”
In another session, Charles Forte, Director General and Chief Information Officer at the UK Ministry of Defence, discussed what effective leadership looks like when attack surfaces expand faster than defenders can map them using a ‘surfing the digital tsunami’ analogy. He explained that “being good at digital defines winning and losing,” outlining three priorities for organized responses, including discipline in process, new investment in AI-era defense, and applying scrutiny equally to supply chains and to internal systems.
Derek Cheng, CISO of Deliveroo, delivered a talk about career impact in a session titled “Mastering the CISO Maturity Model,” where he mapped out the benchmarks for modern security leadership and discussed how CISOs can measure influence, scale governance, and become high-impact decision-makers shaping risk agendas at the board level.
Another highlight at Black Hat MEA this year was the Ship Spoofing simulation, where attendees saw how navigation systems on modern vessels can be manipulated through a live demonstration that allowed them to witness ships veering off-course in real time, even as spoofed coordinates rewrote their route logic. The simulation made it evident why maritime transport is a high-value target, and why it’s key to protect it against attacks.
More than 14,000 people have visited this year's edition of Black Hat MEA staged at the Riyadh Exhibition and Convention Center in Malham. Across three days of briefings, technical sessions, and research updates, it has been declared the largest cybersecurity gathering in the world.
All images courtesy of Tahaluf.
