Security Summer Camp 2014 – Preview

Two weeks until Security Summer Camp 2014!

This should be an interesting year.  Last year, I stayed at the Tuscany for BSides and then moved to the Rio for DEF CON.  This year, I will be staying at the Tuscany the entire time.  It is cheaper and I don’t really think staying at the Rio offered much more convenience.

This will be my first year to attend theSummit.  I missed out on the event last year.

At BSidesLV, I am excited for the education security talk by Jessy Irwin.  I’m not familiar with the constraints of security in education.  It will be very new to me.

At both BSidesLV and DEF CON, this will be a talk on ‘Measuring the IQ of your Security Feeds.”  I’ve got security feeds.  How useful are they?  Meh.  Maybe this will help?

BSIdesLV has a talk on fixing IDS technology by Tony Robinson.  Once again, another technology I’ve got that is a mess.  Extra tips and tricks for managing alerts is always helpful.

BSidesPGH presenter Grecs will be giving a demonstration on Malware Analysis at BSidesLV.  Malware analysis isn’t something I do, so I’d like to get a better understanding of it.

There are some interesting looking talks at DEF CON this year, but my must see talks all appear to be at BSidesLV.  Hopefully I stumble in to some sleeper hits at DEF CON this year like I did last year.

Black Hat Professionalism, AntiVirus Ineffectiveness

In brief, why is Black Hat sending me an email about “Parties, Schedule, and Swag?”  “It wouldn’t be Black Hat without the parties.”  C’mon now?  DEF CON Parties is entirely separate from the DEF CON conference.  I guess this is one more step closer for Black Hat’s migration to RSA type status.

Another client support person asked why our corporate end point AntiVirus solution isn’t working.  I would have thought by now that everyone in IT knows that AV is broken.  I’ve been reading articles about the ineffectiveness of AV for years.