Blackhat/Defcon/B-Sides 2011

Blackhat: Already kicked off and there are a number of good talks this year. I recommend the picks from Veracode for those going to Blackhat. As usual its unlikely that I will be attending any talks at Blackhat because I have so many meetings throughout the day.

B-Sides: Last year I kept hearing about all the great discussions going on at the mansion, and was very bummed that I didnt get time over there.
This year I decided that NTO needed to help out in any way it could, so we are sponsoring breakfast and co-sponsoring lunch on Thursday. If your there, please say hi and toss your card in to win a cool prize. Given the size of the audience, everyone has reasonable odds of winning.
I am also planning to sit in on as many talks at B-Sides as possible. For Wednesday track 3 looks the most interesting and fun to me, with two exception, the first at 1:30 Davi’s talk looks a bit more interesting than the DDoS talk in Track 3, and then again at 2:30 when Rafal Los does his talk. On Thursday its more of a mix,

  • 10:30 – Track 1 – How to Get Fired After a Security Incident
  • 11:30 – Track 1 – Cyber Fast Track (how can you pass on Mudge?!)
  • 12:30 – Track 1 – Long Beard’s Guide to Exploit Dev (Track 2 close 2nd place)
  • 1:30 – Track 3 – Cultural Cues from High Risk Professions (curious title, possibly very interesting)
  • 2:30 – Track 2 – Hacking webapps is more fun when the end result is a shell! (of course Im going to pick a web app talk)
  • 3:30 – Track 2 – Better to burn out than to fade away? (have to pick the panel, but HD Moore in track 1 is close 2nd)
  • 4:30 – Track 1 – How to pass audits with non-compliant systems (Track 3 a close 2nd)

Defcon: As usual Defcon always has an interesting collection of talks, and there are plenty to look forward to. However, due to scheduling issues I have to leave on Friday night, so I wont be able to catch much of anything this year. The ones I would look for are:

  • Malware Freak Show 3: They’re pwning er’body out there! (Nicholas Percoco is always interesting)
  • Cellular Privacy: A Forensic Analysis of Android Network Traffic
  • Gone in 60 Minutes: Stealing Sensitive Data from Thousands of Systems Simultaneously with OpenDLP
  • Bulletproofing The Cloud: Are We Any Closer To Security?
  • Tracking the Trackers: How Our Browsing History Is Leaking into the Cloud
  • Don’t Fix It In Software
  • Hacking Google Chrome OS
  • “Whoever Fights Monsters…” Confronting Aaron Barr, Anonymous, and Ourselves
  • Are You In Yet? The CISO’s View of Pentesting
  • Web Application Analysis With Owasp Hatkit

If your in town, ping me on my cell (if you have it) or send me a msg on Twittier @mightyseek

About Dan Kuykendall
Dan Kuykendall is the founder and co-CEO at the premier application security solutions provider NT OBJECTives, Inc. Throughout his career, Dan has helped develop advanced dynamic application security testing software, a fundamental aspect to NT OBJECTives’ reputation as a leader in comprehensive web application scanning. Dan has also worked for McAfee’s Foundstone and Fortis, where he founded the U.S. Information Security team. Connect with Dan on Google+

Leave a comment

Your email address will not be published.

*