Swinburne Vietnam Alumni Achieve Major Milestone at the World’s Leading Cybersecurity Conference Black Hat 2025

The SkyEye research project, together with its accompanying security scanning toolkit, was presented and showcased at Black Hat Europe 2025 in London, United Kingdom, and Black Hat MEA 2025 in Riyadh, Saudi Arabia.

 

The authors of SkyEye—a research initiative marking a significant breakthrough in cloud security scanning—are a research group founded by alumni of the Smart Information Technology program at Swinburne Vietnam, who are currently living and working across multiple countries worldwide: Nguyen Minh Hoang (Paris, France), Ho Anh Minh (Darmstadt, Germany), and To Bao Son (Singapore).

 

 

Black Hat Europe 2025 Conference. Photo: BlackHat.com

 

The Black Hat Conference has long been regarded as one of the most prestigious and influential cybersecurity conferences globally. With more than 20,000 attendees annually, it serves as a premier gathering for leading security researchers and experts from major technology corporations and global security organizations. Each year, Black Hat is held in key regions including the United States, Europe, Asia, and the Middle East, providing an international forum where cutting-edge discoveries and the most advanced offensive and defensive techniques are unveiled for the first time.

 

What sets Black Hat apart is not only its scale but also its extremely rigorous content selection process. The acceptance rate for research papers, tools, and frameworks is consistently very low. Only contributions that demonstrate strong novelty, high practical value, and meaningful impact on the global cybersecurity community are selected for presentation. As a result, being accepted at Black Hat represents not only academic recognition but also validation of real-world influence and applicability. Research presented at Black Hat often goes on to shape emerging trends, methodologies, and global standards in cybersecurity and information security.

 

 

MSc. Nguyen Minh Hoang – Lead Researcher, presenting the SkyEye project and security scanning toolkit at Black Hat MEA 2025, Riyadh, Saudi Arabia.

 

According to Lead Researcher MSc. Nguyen Minh Hoang, currently pursuing advanced research at the Université libre de Bruxelles (ULB), Belgium, as cloud computing increasingly becomes the backbone of enterprise infrastructure, existing approaches to cloud security assessment must evolve toward more advanced methodologies. The primary objective is to significantly reduce false negatives, which can expose organizations to security risks originating from so-called “dark areas”—hidden privileges, concealed attack vectors, and latent privilege escalation chains that remain undetected during conventional security scanning and testing processes.

 

He noted that these shortcomings largely stem from inherent limitations in current scanning methodologies when applied to Identity and Access Management (IAM) systems in cloud environments.

 

From the research team’s perspective, in real-world cloud environments, privileges should not be viewed as isolated entities during security assessments. Privileges are often distributed across multiple entities and can be exploited either directly or indirectly. In cloud security scanning and testing, risks frequently arise not from individual entities but from the relationships and privilege interdependencies among them. When scanning visibility is constrained to isolated privilege scopes, even the most advanced existing tools and assessment models can easily miss hidden attack paths and long, complex—but entirely feasible—privilege escalation chains.

 

As a result, many current cloud security assessment reports continue to overlook critical vulnerabilities, weakening organizations’ defensive capabilities against cyber threats.

 

 

MSc. Nguyen Minh Hoang and To Bao Son presenting the SkyEye research and tool at Black Hat Europe 2025, London, United Kingdom.

 

To address these challenges, the research team spent more than one year developing and refining the SkyEye project, from theoretical research to practical application and extensive testing. Paired with an innovative scanning toolkit, SkyEye enables multi-entity collaborative scanning in cloud environments, representing a major advancement in detecting “dark areas,” including hidden privileges, concealed attack vectors, and latent privilege escalation chains that are commonly missed by existing scanning models.

 

SkyEye is further enhanced by an extended dataset that maps AWS cloud privileges to the MITRE ATT&CK framework, a globally recognized knowledge base describing adversarial tactics and techniques used in real-world cyberattacks. The dataset provides insights into severity levels, abuse methods, and common attacker behavior patterns, allowing scan results to be rapidly transformed into actionable intelligence for security testing and attack simulation.

 

 

Ho Anh Minh – Research Team Member, presenting the SkyEye research concept at Black Hat Europe 2025, London, United Kingdom.

 

According to Ho Anh Minh, a research team member currently conducting research in cybersecurity and artificial intelligence at Darmstadt University of Technology (Germany), SkyEye represents a significant step forward in the cybersecurity field. The project establishes a new benchmark for cloud security scanning and assessment, enabling the global cybersecurity community to detect hidden risks earlier and address long-overlooked “dark areas” in cloud security evaluations and penetration testing.

 

Minh added that building on SkyEye’s success, the team plans to pursue further research focused on leveraging advances in artificial intelligence to strengthen cloud security in the future.

 

 

The research team at Black Hat Europe 2025, London, United Kingdom.

 

Speaking to VnExpress, research team member To Bao Son, Head of DevSecOps at KrisShop (a subsidiary of Singapore Airlines), shared that SkyEye has also been accepted for presentation at Black Hat Asia 2026, scheduled to take place in Singapore in late April 2026. Through this opportunity, the team aims to further share SkyEye’s research findings with the Asian cybersecurity community in the coming period.

 

Swinburne Vietnam is an international education program jointly delivered by FPT University and Swinburne University of Technology (Australia). Swinburne University is a globally recognized institution, ranked 294th worldwide and within the Top 300 universities globally (QS & THE 2025). In Viet Nam, Swinburne is also widely known as the long-term sponsor of champions of the national academic competition “Road to Olympia” for the past 25 years.