Now that we’ve rested our feet, drank some water, and adjusted from the Las Vegas time warp, we thought we’d give a brief recap of our week. In the six days we spent boots down in Vegas, we caught some great talks with some of our favorite people, threw, sponsored and attended awesome events, and as always, met amazing folks from the InfoSec community.
Content and Presentations
We’d like to congratulate everyone who presented at the conferences, including two Bugcrowders. Here are a few highlights from last week’s talks:
- The keynote given by Dan Kaminsky was an excellent way to start out Black Hat, providing ‘a model for comprehending the Internet as it stands’ and what needs to change ASAP.
- Our Director of Technical Operations, Jason Haddix, and Sr. Security Engineer, Leif Dreizler, unveiled the functionality of their new subdomain discovery tool, Enumall in the Black Hat Arsenal. Read more about the functionality here on our blog.
- Kymberlee Price, our Sr. Director of Researcher Operations spoke on some best practices for security teams building and/or improving their product incident response programs, providing templates and more. Kymberlee will be giving her talk in a live webcast Friday at 9AM PT. Register here.
- Jake Kouns of Risk Based Security and Christine Gadsby of Blackberry provided a look at the real risk of using open source software and the best way to manage its use within your organization and the product development lifecycle.
- The talented security researcher and rockstar Keren Elazari examined how hackers can take the impact of their security research to the next level.
- Wendy Everette of George Mason University explored the background of product liability law and discussed how and why IoT might bring about a change in expanding coverage of software flaws.
- Josh Corman of I Am The Cavalry gave ‘The State of Automotive Cybersecurity,’ outlining the lasting effects of car hacking on the automakers and the minds of the public, what’s still needed, what’s next, and how security researchers can continue to be a part of the solution.
- Bugcrowd community member Luke “Bored Engineer” Young presented his research that explores vulnerabilities that can take advantage of network infrastructure for massive DDoS capabilities.
For a complete list of what we had looked forward to seeing, download our ‘Guide to Black Hat / DEFCON.’
We’d also like to thank everyone who joined us at our events, stopped by our first booth at Black Hat and the tabletop in the DEFCON Car Hacking Village, and participated in our sponsored CTF in the Car Hacking Village. In addition to those events, during the week we had…
- Four happy hours, with help from our sponsor Fastly
- Three sponsored parties with some excellent organizations – Distil Networks, (ISC)2 and Netsuite
- Two days of open suite networking with a meet and greet with Fitbit
- One kick-ass experiential event with our sponsors Okta and Distil Networks
Why so many events? Yes, we love to party, and we enjoy providing a good time for our friends and colleagues. But more than that, it is so important for us to spend time with the community, both the security researcher community and the security professional community, which more often than not overlap big time. Every time we have an event like the ones we had this past week, we have an opportunity to connect with and learn from the people that make our business successful and worthwhile. Coolio kicking things off on Wednesday night was just the icing on the cake.
See additional pictures here.
DEFCON Car Hacking Village and CTF
— Jason Haddix (@Jhaddix) August 7, 2016