Calendar

Thursday, August 1, 2013

The BSides that started it all

This year I was fortunate enough to attend Security BSides Las Vegas. Security BSides spawned from the inability of Black Hat USA to include all of the worthy presentations in their lineup in 2009. This shortcoming resulted in one of the best InfoSec conferences in the nation.

     The first thing that I noticed was that the venue changed from the Artisan to the Tuscany Suites and Casino. I liked the unique atmosphere of the Artisan but felt cramped (this from a former Navy submariner). The Tuscany suites were nice and spacious, cheap, and clean. In addition, the hotel staff were friendly.
     Because I arrived the morning before the conference, I decided to take a stroll around the facilities. This is something that I learned in the military. Always know where you need to go, how to get there, and develop a sense of situational awareness. While doing so, I stumbled across the main meeting room for the con. There were many volunteers rushing around putting the finishing touches on the meeting rooms. Because I like to meet new people and felt the need to pitch in, I asked where I could help. Over 2 hours later, after folding what seemed like thousands of t-shirts, I managed to meet many new friends. Exhausted from the days travels, I turned in.

     The morning of July 31st, I woke early and returned to the conference area to check in and badge up. The abilities of the volunteer staff was evident as the line constantly flowed and I got my volunteer badge and complimentary sling bag in no time. In addition, a random staff member handed me a social engineering badge and explained that I was now part of the Social Engineering Capture the Flag. Fun! I quickly found Irongeek since I was volunteering to be one of his video monkeys (he used a different name for me).
   
      What I experienced next was pure joy and
excitement. I was witness to 2 full days of information security, computer hacking, and life enrichment/self help. I only attended 2 presentations out of 16 that I didn't absolutely enjoy. These 2 just weren't to my liking (personally, not professionally). The con staff did an excellent job at selecting presentations/presenters. Every presenter was personable and stayed to ask questions after their talks (something that doesn't always happen at other cons).
     Some of the presentations I attended were:

  • Christien Rioux: "The Security Industry - How to Survice Becoming Management" (KEYNOTE)
  • Jimmy Shah, David Shaw, and Matt Dewitt: "Discovering Dark Matter: Towards Better Android Malware Heuristics"
  • Jay "Rad" Radcliffe: "Mom! I Broke My Insulin Pump...Again!"
  • Evan Davidson and Noah Schiffman: "Dungeons & Dragons, Siege Warfare, and Fantasy Defense in Depth"
  • Jack Daniel: "The Erudite Inebriate's Guide to Life, Liberty, and the Pursuit of Happiness"
  • Nicholas J. Percoco and Joshua Corman: "The Calvary Isn't Coming: Starting the Revolution to FSCK it All!"
  • Steve Werby: "Crunching the Top 10,000 Websites' Password Policies and Controls"

     So, I have rambled on as usual. I will now cut to the chase. Here are the takeaways from my BSides Las Vegas 2013 trip:

Pros
  1. The new venue (Tuscany) was open and airy with plenty of space
  2. There were 6 distinct tracks (double last year): breaking ground, common ground, proving ground, underground, lightning talks, and training ground
  3. The staff were approachable, helpful, and cared about their product
  4. The volunteers did a great job
  5. The price was right - FREE!
  6. The talks were informative and high quality (new presenters were assigned mentors)
  7. There were free shuttles to the other cons (Black Hat and DEFCON)
Cons
  1. I didn't get my free drink coupons upon checkin (remedied quickly when I notified the staff)
  2. There are not many budget restaurants within walking distance (the midnight Steak and Egg special in the hotel was only $5.99)
More information on BSides Las Vegas can be found at www.bsideslv.org and www.securitybsides.com.


***BSides Las Vegas presentations (and many others) can be watched for free on the website irongeek.com.

No comments:

Post a Comment