While this week was not insanely packed like last week was, I was able to attend the 2015 Detroit Converge and B-sides conference Thursday, Friday and Saturday
Thursday and Friday were dedicated to Detroit's Converge conference. Not knowing exactly what to expect, I planned out all the talks I wanted to sit in. Little did I know, instead of a real plan, that was more like a guideline on what I would want to do. The keynote speaker on Thursday was amazing. Raphael Mudge, the creator of Armitage and Cobalt Strike, spoke of Hacking to get caught In this talk, he detailed how we can evolve our security protection programs. It was fantastic listening to him and gaining a great opinion by someone who is in the field. Friday the key note speaker was Jason Street, a very talented Social Engineer who presented Breaking in Bad , a great point of view that shows us just how we train our users (or don't) to react to different social engineering situations.
There were so many talks afterward that were great it will be hard to detail them all. Different talks introduced me to what managing a SIEM is about, how DNS can be used to attack your system, what Burp Suite is and how to use it, and how to work within the social parameters of a company. Every talk was worth so much. However, I found another way to enjoy the conference, something I've heard referred to as "HallCon". HallCon is where you forgo some talks, and instead interact with everyone in the main hallway. This is where you really can make your contacts and get the most value out of the conference. I was able to meet quite a few people this way, including some of my followers on twitter. That in and of itself was an interesting experience. You talk to these people and read what they have to say all the time, yet never putting a face to the name. Getting to meet that at a convention is really cool because it actuals makes them a real person. I was also able to meet other people who had worked on projects I was interested in, and I was able to learn just that much more from their experiences.
While Converge had a more "managerial" feel to it, B-sides had a more organic, grassroots, technical feel. Converge seemed to cover topics in slightly more technical depth. Sometimes over my head, but still it was great seeing the work actually done, versus just talking about it. I loved the live demo examples.
In going with the grassroots theme, the key note was Mark Stanislav presenting Information Security Reconciliation speaking of how we as a community need to stop complaining about how wrong everything is, and work together to make it right. I was greatly inspired by this speech. After hearing his passion, I wanted to jump up and fix the issue NOW. It is an ideal I greatly resonate with. Far too often do I wonder, is my education really preparing me for working in the real world? How is my outside demeanor, or even this blog, reflecting on the Information Security community as a whole? How can I stand up and make a real difference for the next generation? What Mark proposed is truly feasible. I look forward to volunteering what I can to help accomplish these goals.
After going to this conference, I look forward to going to as many conferences as possible. It was a greatly rewarding experience. I cannot wait for my trip to Vegas for B-sides LV, Black Hat 2015, and DefCon 23. This was a great way to prepare me for that experience, and a phenomenal way to meet people who are in the industry and doing what I want to do.