Web Application Security

July is Security Practitioner’s Christma-Hannu-Kwan-zika

With the Pwnie Award nominations being all a’tweet among Twitters, and the proliferation of businesses being hacked every day for the past two weeks, it can only mean one thing: Black Hat 2012 is upon us. So if you’ve been too pre-occupied with incident response this month, now’s the time to notice that there are three security events in Vegas this week:

July 21-26: Black Hat 2012

Easily one of the leading security professional conferences in our industry, Black Hat provides the most cutting-edge material you’ll see − every year. Nearly every major security vendor will be on the showroom floor, which should make for some good, friendly ribbing among well-known rivals. It’s also always fun to go and see what the new buzzwords are, especially when the more buzzwords you hear & see, the more shots you take.

But the biggest takeaway from Black Hat is being able to rub shoulders with some of the industry’s elites and sponge knowledge from them.

July 25-26: BSidesLV 2012

Unique Boutique Hotel? ✔

Sweet pool & bar half a stumble away from the talks? ✔

Being able to talk to THE smartest people in the industry? ✔✔

BSidesLasVegas is easily my personal favorite of the three conferences held this week. Typically there’s a much smaller crowd than at Black Hat / DEF CON (think 500 to 1000 attendees, rather than 14K+) and that makes it much easier to strike up conversations without being bombarded by sales guys. BSides is also where people go to loosen their ties and talk about the real problems that are facing our industry, without fearing some sort of corporate reprisal. In fact, a new track has been introduced this year in “The Underground”: Here, speakers will be able to talk about anything they want without fearing that journalists or others like them will discuss what they’ve heard outside the talks. As per a speaker’s request, NDAs will be provided for attendees to sign prior to talks, and attendance is contingent upon signing the form.

July 26-29: DEF CON

This is easily “The Be All and End All” of hacker conferences. With DEF CON now celebrating its 20th anniversary, the only U.S. hacker conference (that I know of) that’s older is SummerCon. Held at the Rio, DEF CON has changed significantly from its days as a casual gathering for a small group of hackers. This year, more than 75 speakers will give talks on a wide range of topics during the four-day event. Oh, and be sure you see the Social Engineering competition and visit the CTF rooms. These activities will give you a true feeling of the DEF CON culture and what it’s all about. Also, expect another “Brain Bleacher” of a Mystery Challenge this year.

All in all, I’m sure the events of this July 21-29 will include enough booze, bytes, and breaches to make all three of these conferences historic ones. Do NOT miss even one of them!

The PURE Party*!

Every year, WhiteHat and its partners put together one of the most exclusive events during Black Hat Week. This year, WhiteHat Security, Accuvant, and Palo Alto Networks will host the PURE Party*, at the PURE Nightclub in Caesars Palace. International DJ Paul Oakenfold will be at the turntables, so this party is going to be INTENSE!

Not going to our Black Hat Party?

You can always follow us on Twitter @WhiteHatSec

*Use the hashtag #PUREBlackHat to see what we’re up to at the PURE Party.