Light Dark
July 23, 2015 By Martin McKeay 5 min read
Intelligence & Analytics

It’s almost time for the annual pilgrimage of security professionals, self-professed hackers, geeks, marketing teams and everyone with an interest in the wide world of security to Las Vegas. A week of security talks, glowing neon lights and losing track of what time of day — or even what day — it is. That’s right, it’s time to pick the security conference of your choice!

The ‘Hallway Track’

In just a few weeks, we’ll be gathering for Black Hat 2015, DEF CON 23 and BSides Las Vegas to see research from some of the brightest minds in security. What you get out of the events depends heavily on what you put in, and sometimes it’s not even the talks you should be there for — it’s the hallway track. People wandering, meeting and mingling while the talks are happening offer the real value of the week. But it’s up to you to decide how to spend your time at the security conference.

Black Hat is the corporate security conference with official training tracks and, as the largest of the three, has the most to offer many attendees. DEF CON is only a little smaller, but it is the root from which Black Hat sprung and retains the original hacker ethos and sense of fun. BSides is the young, grassroots upstart, created five years ago when a number of people saw a void and moved to fill it. Each has a unique draw, though there are many people who attend two if not all three of the events every year.

Making the Most of Your Security Conference

So how do you get the most out of the week in Las Vegas? The talks are important, and you should go to the ones that directly feed your role and your interests. But it’s also important to make a conscious effort to spend time outside of the conference halls and the vendor area to meet the people who have the same security interests as you. Talks are a way of gathering specific pieces of information, but the conversations in the hallway hold the most unique insights. The people you can meet during your time in Las Vegas could have a lasting effect on your career as a security professional.

Think of some of the talks you hope to see. What is more valuable to you, seeing the presentation or being able to talk to the person giving it to try to understand some of the finer points? For me, it’s the latter every time, and you can often find the speakers in the hallways when they’re not on stage. Don’t mob them right after their session, but keep an eye out for them during the conference and approach them with some brief feedback or a question about the talk.

While there are always exceptions, most speakers love to get well-thought-out feedback and are perfectly willing to answer a question or two. Don’t monopolize anyone’s time, but do make an introduction and tell the speaker how much you enjoyed his or her presentation. You can often learn more during a five-minute conversation than you did in a whole session.

Seeing Is Not Believing

Be aware that looks can be very deceiving, and there are few places where this is more true than Vegas. The guy in the ratty jeans and T-shirt probably isn’t the CEO of any of the companies on the vendor floor, but he might be a CTO or the lead of the penetration testing team. If there’s no definite need to be seen in corporate camouflage, many of the people who attend these conferences aim for comfort and try to blend in with the crowd.

One of the open secrets of this time spent in the desert is that it’s when many people meet to discuss their next career moves or announce changes that have been planned for months. It definitely pays to make and keep these contacts, even if you don’t wind up changing positions or pursuing these opportunities. The old adage, “It’s not what you know, but who you know” is just as valid in the security community as it is anywhere else.

Security Gets Social

Security people generally tend to be introverted, and if this describes you, this is the time when you should make a conscious effort to fight your inclination to avoid the crowds. Make the most of your time, meet as many people as possible and learn from them. Do you read the writing of particular professionals, follow them on Twitter or listen to their podcast? Reach out to them prior to the event and ask if you can get 15 minutes of their time to share opinions and a drink.

Social media has a huge influence at any event, so use it to find out where the events are going to be and where the people you want to see are. Be social for a week and consider it part of the learning process. If you can’t handle the crowds, find a quiet place with a few people you don’t know yet and exchange your thoughts. There are some people who never attend any of the talks and don’t have tickets to the events; they spend their time in a bar or restaurant near a high-traffic area, calling out to friends and contacts to join them for a few minutes. But that’s a strategy for your fourth or fifth time at these conferences — probably not the first.

Work Hard, Play Hard

Another way to meet people is to volunteer to work at one of the events. Black Hat and DEF CON both make extensive use of volunteers, while BSides is an entirely volunteer organization. You’re guaranteed to meet some of the speakers and be able to attend a few talks, plus you’ll probably get a free or reduced-price ticket. Additionally, you’ll establish yourself as someone who’s interested in helping the community.

The parties at Black Hat and DEF CON are the stuff of legends, and often for good reason, but they’re something to be treated with a bit of caution. The same rules of meeting people apply. And while there’s no harm in using some social lubricant, it’s important to avoid doing anything in excess.

Try to make time to have dinner with some of the people you’ve met in a smaller group at least once during the week. Find someplace quiet where you can actually hear the person next to you rather than the DJ or band. What started as a casual meeting can be made into a friendship that may have a significant impact on your long-term career, but it means taking time away from the crowds.

The Final Word

Those who’ve never been to these famed security conferences speak of them with awe; those who’ve gone think of them with fondness, loathing or a bit of both. It’s a week that often tests your endurance, with long hours and constant movement. Ultimately, your time there will be what you make of it. While presentations and talks are valuable, it’s a value that fades quickly. There’s plenty of time to catch up on the latest trends in application security; there aren’t as many opportunities to rub elbows with the brightest minds in this field.

However, if you make an effort to meet people, experience the hallway track and try to make yourself known, there’s a value that you can carry with you, potentially for years to come. Then all you need to figure out is how to make it back again to build on what you created in previous years.

 |  |  | 
Martin McKeay
Security Advocate

More from Intelligence & Analytics
October 30, 2023

Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxing

12 min read - For the last year and a half, IBM X-Force has actively monitored the evolution of Hive0051’s malware capabilities. This Russian threat actor has accelerated its development efforts to support expanding operations since the onset of the Ukraine conflict. Recent analysis identified three key changes to capabilities: an improved multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and the use of fileless PowerShell variants of the Gamma malware. As of October 2023, IBM X-Force has also observed a significant increase in…

September 12, 2023

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

September 7, 2023

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature