BSides DC came and went. It was a great time. The training was great, the talks were great, everything was just great.To me, it seemed like the theme of the talks this year, if there was one, was risk management. Although I don’t think that was intentional.
I volunteered this year, and it was gratifying. I got to help out, meet people,and get some insight into exactly what it takes to put one of these conventions on. There were a couple of talks that I thought were just terrific, but volunteering was probably the highlight.
Liam Randall’s Bro class is pretty well known, so I knew that going to that would be a great opportunity. And it was, it served as an excellent primer on what Bro is, what it can do, and how your can implement it in your environment. My takeaway was definitely that we need Bro and this is something I want to learn. There’s a huge community surrounding Bro, being open source that seems to happen, and a lot of material to dig into.
The vulnerability management talks, specifically, were inspirational to me. Gordon McKay’s talk about missing context in vulnerability management platforms was great, and the guys from Breakpoint Labs did a talk about how to take the next step after you do automated testing (not posted to Youtube yet). The first talk, to me, was great because it was something I hadn’t thought of but made sense immediately. The second because it validates everything I’m doing right now.
BSidesNoVA is coming up, already registered for that and a malware analysis class there as well. But it is only a two hour class so I volunteered for that as well. I’ll definitely volunteer for BSides Charm. And tickets to Shmoocon go up in about a couple of days. Lots of stuff going on. I’ve given myself until December 1st to complete the book I’m working through and move on to the next phase. Which is plenty of time, really, but I am behind. If it weren’t for school I would be much further along, but oh well, all pays off in the end.