Black Hat has a certain charge the moment you walk through the doors. This year in Las Vegas, Files.com came ready with a clear message, a robot dog named Filo, and a team that wasn’t there to sell buzzwords. We were there to have real conversations.

There is always a lot happening at Black Hat, and the atmosphere makes it easy to get swept up in finding the next hot thing. But the moments that mattered most were the ones where security leaders leaned in and said what everyone’s been thinking: legacy MFT is creaking under the weight of modern business.

The Real Talk on MFT

In our speaking session, “MFT: Managed File Transfer or Hackers’ Most-Favored Target?”, we pulled back the curtain on why these systems, once the backbone of enterprise data exchange, are now a prime target for attackers.

Here’s the paradox:

• MFT was built on strength. Centralized control, comprehensive visibility, and deep integration made it indispensable. At one point, 90% of enterprises relied on it.
• But those strengths became weaknesses. A trusted, centralized server is now a single point of failure. Once compromised, attackers can quietly move laterally, exfiltrate sensitive data, and even access counterparties’ information, often without detection for six months or more.

The numbers are sobering. There were 154 MFT-related incidents in Q1 of 2025 alone, with average ransomware costs reaching $4.4 million. Legacy designs, some dating back 30 to 40 years, were not built for today’s zero-trust world. Instead, they allow scripting and outdated connections that keep the attack surface wide open.

And with nation-state actors exploiting vulnerabilities that can sit unpatched for months, combined with the rise of AI-driven attacks, the risks are only climbing.

What MFT Vulnerabilities Mean for Security Leaders

The message from the stage was simple: stop assuming MFT is secure just because it is “managed.” It is time to rethink its role entirely.

That begins with auditing the systems already in place and identifying where gaps exist, especially in outbound connections. From there, organizations need to embed Zero Trust principles at the core, treating every connection and every script as a potential risk. Monitoring becomes just as important, with anomaly detection and behavioral analysis playing a critical role in surfacing irregular activity before it has a chance to escalate.

Most importantly, this is not a one time project. The security landscape is constantly shifting, and organizations must evolve their defenses as quickly as attackers advance theirs. The very features that once made MFT powerful cannot define its future.

The Bigger Conversations on File Orchestration

Outside of the speaking session, the booth discussions mirrored the same concerns. Compliance complexity. Workflows held together by duct tape. AI that feels more like hype than help.

But there was also recognition of a better way forward. That patching and praying does not have to be the default. That file transfer does not have to remain the weakest link in a security strategy.

That is exactly the space Files.com is owning. From file movement to file intelligence, AI assists the workflow. You govern it.

Looking Ahead

Black Hat was a reminder that the security community is hungry for clarity, not just another tool. The laughter, the winces, and the candid “yeah… we know” reactions were not signs of defeat. They were signs of acknowledgment. And acknowledgment is where change begins.

What we took away is that the industry is ready to move past patching and praying. People want file security that feels modern, practical, and resilient — not something cobbled together with decades-old systems. That’s the conversation we’re having at Files.com, and it’s why these events matter. They push us to listen first, share honestly, and rethink how we architect for the future.

For us, it was encouraging to see that recognition click in real time. The “aha” moments weren’t about flashy demos, they were about realizing there’s a better way forward.

As for Filo the robot dog… Let’s just say he left Black Hat with more selfies than anyone on our team.