/
Zero Trust Segmentation

How Will You Get the Most Out of Black Hat USA 2015 and DEF CON 23?

Black Hat and DEF CON have definitely grown from the early years, and even from when I last attended, seven years ago. The events are still an eclectic annual gathering of many security tribes, but the expo floor at Black Hat is now packed with vendor booths as well. You can still try your hand at capture the flag or lock-picking and bump keys. And you definitely still get blockbuster demonstrations of mind-blowing exploits—can we say update my car please, Jeep/Chrysler?!

DEF CON 1

I’ve been really excited about the recent focus on expanding our future pool of security experts by reaching out to different parts of our population. For example, this year will be the fifth annual r00tz DEFCON Kids. See the r00tz site for more on its non-profit mission to “teach kids around the world how to love being white-hat hackers.”

The community is making efforts to expand our pool of current security practitioners as well. I’d like to applaud Black Hat and the Executive Women’s Forum (EWF) for creating the new Future Female Leaders scholarship. It’s too late for applications this year, but see more details here.

My plan for Black Hat / DEF CON this year

This year I’m planning on attending the ISSA CISO Forum, going to the sessions and expo floor for the Black Hat Briefings, and catching some of DEF CON 23. If I can find some time to get over there, I’d like to check out BSides LV for the first time. The SF BSides events have always been great in past and I’ve heard good things about BSides LV.

Like many, I’ll be taking a limited tech profile for my BH/DC trip. This means I’ll be back to notepad and pen for those wireless hacking sessions and donor/burner laptops for any capture-the-flag activities. I can’t dictate your personal or corporate risk profile, but… At the very least, I’d advise you to stay away from open access points—“Free Wifi” or even “Conference Wifi” is often a free service that you’d be advised to skip.

What’s your plan? What tips can you share?

I’d like to hear your tips for getting the most out of these overlapping gatherings of the security tribes in the deserts of Nevada and bright lights of Vegas.  

  • If you are heading to Las Vegas next week, which conference(s) are you going to? Black Hat and DEF CON? Just DEF CON? Only BSides? A private gathering of another group that you’re willing to disclose?
  • Which was your first Black Hat or DEF CON? What memories are you willing to share? Did you ever “spot the Fed”?
  • Do you take special precautions when traveling to conferences like Black Hat / DEF CON? Anything that you’re willing to share?

Send your direct feedback by emailing [email protected] or help us get the conversation started on Twitter by tagging @illumio and using the hashtag #DefConTips.  

If you would like to connect with me, send me a direct message on Twitter @idjohn or LinkedIn. I’m especially interested if you have a match for one of the InfoSec positions we’re recruiting for at Illumio.

Related topics

No items found.

Related articles

10 Reasons Why Small and Midsize Businesses Need Zero Trust Segmentation
Zero Trust Segmentation

10 Reasons Why Small and Midsize Businesses Need Zero Trust Segmentation

Learn why small and midsize businesses (SMBs) are a top target for bad actors and how they can contain attacks with Zero Trust Segmentation.

How Zero Trust Segmentation Stops Ransomware 4X Faster Than Detection and Response Alone
Zero Trust Segmentation

How Zero Trust Segmentation Stops Ransomware 4X Faster Than Detection and Response Alone

A recent ransomware attack emulation conducted by Bishop Fox showed that Zero Trust Segmentation stops ransomware spread in under 10 minutes.

What You Need for Zero Trust Policy Discovery
Zero Trust Segmentation

What You Need for Zero Trust Policy Discovery

To write a Zero Trust policy, discovery is required to understand an application and its context in order to implement a micro segmentation solution.

No items found.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?