First, a big thanks to the folks setting up and running Derbycon. Big group, relik, purehate, so many others. Thanks to IronGeek to recording so much and posting it. A lot of work went it to and it was well executed. Greatly appreciate all that the team does to put on a great convention!
I wanted to post the things I took away from the event. First and foremost, we have some people doing really interesting stuff that could have some lasting impact on our industry.
HD Moore’s work on analyzing mass scans across the internet can provide some really interesting metrics to understand large scale risks on the internet. Understanding vulnerabilities en masse, awareness to the proper (or improper) session management, and availability to query massive data structures on things like all DNS entries at a point in time will allow for all kinds of untold research.
Ed Skoudis’s CyberCity (despite the horrible use of ‘Cyber’) is a really interesting use of bridging the electronic and kinetic world to make for some amazing CTF and training opportunities. Anything that can provide lasting impact and better define the value and practical needs of an infosec environment to an organization is (IMHO) the greatest need in our community.
And Chris Nickerson’s usual red team rant was great (like it was the past 2 years) in how it gives some very practical assessment understandings of effective security. Particularly, the realization that converging physical and electronic security is necessary to truly understand security posture. You can find all of these talks here.
These three talks give me hope that we can make some positive impact in our industry. I’m not sure my hope is well founded. There were many more talks that I’m sure are powerful and compelling. I think much of what we’re doing is so much of the same. I won’t dwell on the gripes but the essence is simple: the same content, context, or lack of solutions that seem to permeate the infosec world keep being repeated. We focus on new attack vectors that exploit the same underlying root causes or repeat defensive tactics that haven’t been effective. This isn’t new but something I think we need to be more vigilant on when we accept content in the arena of ‘thought leadership’.
On an entirely different front, I learned that I enjoy cons much more for the social aspect than the professional learning. I think the greatest strength in our community are our combined experiences and the fact that we have such a broad expanse of skills and talents. Connecting with likeminded individuals is a blast and a life-long fulfilling goal. On a selfish note, the @rvofdoom is a great way to accomplish that… filled with unlimited drinks and a large number of rotating folks to make for great conversations. The biggest thanks goes to all those that showed this year and I can’t wait until next!