All Vendors
platform

Summit

Event management platform with comprehensive session recording and cross-domain tracking. Maximum CAC subsidization from cross-event behavioral intelligence sharing.

117 IOCs1 detections1 sites
80
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Summit discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

1 detection across 1 site
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Unknown

Observed Behavior

Requires claims extraction via CDT

Customer Impact

What This Means For You

Your most engaged attendees and highest-performing session formats train Summit analytics used by competitors. If you achieve 60% attendee engagement rate, competitors access same content strategy insights through platform benchmarks. Meanwhile, cross-event tracking means your prospects are profiled across competitor events, enabling targeted poaching. Perfect CAC subsidization score reflects your attendee intelligence directly optimizing competitor event strategies.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Summit

  • Legal review of wiretap compliance - session recording requires two-party consent in 12 states
  • Audit cross-event tracking - verify attendee profiles are not shared across organizers
  • Implement explicit recording disclosure at event registration and session entry
  • Request engagement model training opt-out - your attendee data should not optimize competitor events

If You're Evaluating Summit

  • Self-hosted virtual event platforms with complete data isolation
  • Event platforms with contractual cross-event tracking exclusion
  • Webinar tools with session-specific consent (no persistent attendee profiling)

Negotiation Leverage

  • Perfect CAC subsidization (100) means your attendee engagement trains all competitor event strategies - demand complete data segregation
  • Session recording creates wiretap liability in 12 states - DPA must address criminal statute compliance
  • Cross-event tracking enables competitor attendee profiling - verify no cross-organizer data sharing
  • Persistence mechanisms enable multi-event tracking without consent renewal - confirm retention limits
  • Platform value derives from cross-event intelligence - pricing should reflect your attendee data contribution
Runtime Detections

Runtime Detections

6 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C01Defeat Device

Evasion infrastructure, auditor bypass

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

BTI-C07Session Recording

Full session replay

Impact: Virtual event recording without explicit disclosure violates wiretap statutes in CA/FL/PA and 9 other two-party consent states. Creates criminal liability beyond civil GDPR fines.

BTI-C08Cross-Domain Sync

Identity stitching

Impact: Attendee tracking across multiple events creates behavioral profiles without user knowledge, triggering GDPR Article 35 DPIA requirement and DPO notification.

BTI-C10Fingerprinting

Device identification

BTI-C15Tag Manager

Container/loader (neutral)

Impact: Long-lived attendee identifiers enable multi-event tracking without consent renewal, violating ePrivacy Directive retention limits.

IOC Manifest

IOC Manifest

105 INDICATORS

Indicators of compromise across 3 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*summit.com/core/assets/vendor/modernizr/modernizr.js*
Tracking script
TRACK
*summit.com/sites/default/files/js/js_g0bgqBqA8Y7SJbA1O_vG_yp1McMXDf5-JuwdBhMPz7Y.js*
Tracking script
TRACK
*summit.com/sites/default/files/js/js_5FqtyLBuOBZTWQ-sZQSseHQ5_qpSQ0DPFbulq9Y_uS8.js*
Tracking script
TRACK
*summit.com/sites/default/files/js/js_HfwtDyoZWdcQULwAddOucV6W-KK5SDB4NODKAnwkX_8.js*
Tracking script
TRACK
*summit.com/libraries/lazysizes/lazysizes.js*
Tracking script
TRACK
summit.com/core/assets/vendor/modernizr/modernizr.min.js
Auto-extracted from scan
TRACK
summit.com/sites/default/files/js/js_5FqtyLBuOBZTWQ-sZQSseHQ5_qpSQ0DPFbulq9Y_uS8.js
Auto-extracted from scan
TRACK
summit.com/sites/default/files/js/js_g0bgqBqA8Y7SJbA1O_vG_yp1McMXDf5-JuwdBhMPz7Y.js
Auto-extracted from scan
TRACK
summit.com/sites/default/files/js/js_HfwtDyoZWdcQULwAddOucV6W-KK5SDB4NODKAnwkX_8.js
Auto-extracted from scan
TRACK
summit.com/libraries/lazysizes/lazysizes.min.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Integrates with marketing automation (Marketo, HubSpot), CRM systems. Shares attendee engagement data across event organizer network.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

117 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details