This post is a response to Alan Shimel's Topic of Interest #2 for the Security Bloggers Network. So what motivates me to attend BlackHat? The #1 reason for me is networking -- meeting new people and catching up with old friends and colleagues. Despite our best intentions, we are all busy and our networks are constantly expanding, making it increasingly difficult to stay in touch with old friends in the industry. Twitter and other forms of microblogging help you chip away at the communication gaps; you get a glimpse into peoples' lives but it's no replacement for a real conversation. Obviously, the briefings themselves are a major draw. Even though it's expanded to over 10 tracks now, the quality hasn't suffered much. This year's experiment with allowing paid delegates to vote on speakers seems to have produced a good lineup, though I'm sure there was still a selection committee that could and probably did overrule the votes in some cases. Either way, BlackHat presentations are a decent indicator of the overarching themes that will be prevalent in information security for the upcoming year or two. When I first started attending BlackHat, I was drawn to the talks discussing 0-day vulnerabilities, tool releases, shellcode tricks, and the like. These days, anything relating to static analysis, automation, and of course web security are most interesting to me. I also consider who's speaking, regardless of the topic (e.g. one of these guys presents, I'm there). In general, I'll try to gauge how much value the speaker will add to the presentation -- in other words, what do I gain by attending the talk vs. flipping through the slides later? I never attend every time slot; sometimes the hallway conversation is just more interesting. Some of my other reasons for attending, in no particular order, most of which fall under the "networking" umbrella:
- The parties (duh)
- The Pwnie Awards
- Meeting fellow security bloggers
- Recruiting speakers for SOURCE
- Finding future Veracode employees
- Trading war stories
- Picking up vendor schwag for my kids (RSA is much better for this one)
- Meeting current and former customers -- and future ones, hopefully
Things I could do without:
- The cigarette smoke
- The heat
- Quark's
I've stuck around for DEFCON a couple times in the past, but I don't anymore. I fly out Friday morning or early afternoon so I get home in time to spend the weekend with the family. Personally, three days in Vegas is plenty for me. When it gets closer to BlackHat time, I'll post my picks from the briefings schedule.
FREE Security Tutorials from Veracode
Mobile Security
CRLF Injection
SQL Injection Hack
Veracode Security Solutions
Software Security Testing
Application Analysis