/jun 26, 2008

Why Do I Attend BlackHat?

By Chris Eng

This post is a response to Alan Shimel's Topic of Interest #2 for the Security Bloggers Network. So what motivates me to attend BlackHat? The #1 reason for me is networking -- meeting new people and catching up with old friends and colleagues. Despite our best intentions, we are all busy and our networks are constantly expanding, making it increasingly difficult to stay in touch with old friends in the industry. Twitter and other forms of microblogging help you chip away at the communication gaps; you get a glimpse into peoples' lives but it's no replacement for a real conversation. Obviously, the briefings themselves are a major draw. Even though it's expanded to over 10 tracks now, the quality hasn't suffered much. This year's experiment with allowing paid delegates to vote on speakers seems to have produced a good lineup, though I'm sure there was still a selection committee that could and probably did overrule the votes in some cases. Either way, BlackHat presentations are a decent indicator of the overarching themes that will be prevalent in information security for the upcoming year or two. When I first started attending BlackHat, I was drawn to the talks discussing 0-day vulnerabilities, tool releases, shellcode tricks, and the like. These days, anything relating to static analysis, automation, and of course web security are most interesting to me. I also consider who's speaking, regardless of the topic (e.g. one of these guys presents, I'm there). In general, I'll try to gauge how much value the speaker will add to the presentation -- in other words, what do I gain by attending the talk vs. flipping through the slides later? I never attend every time slot; sometimes the hallway conversation is just more interesting. Some of my other reasons for attending, in no particular order, most of which fall under the "networking" umbrella:

  • The parties (duh)
  • The Pwnie Awards
  • Meeting fellow security bloggers
  • Recruiting speakers for SOURCE
  • Finding future Veracode employees
  • Trading war stories
  • Picking up vendor schwag for my kids (RSA is much better for this one)
  • Meeting current and former customers -- and future ones, hopefully

  Things I could do without:

  • The cigarette smoke
  • The heat
  • Quark's

  I've stuck around for DEFCON a couple times in the past, but I don't anymore. I fly out Friday morning or early afternoon so I get home in time to spend the weekend with the family. Personally, three days in Vegas is plenty for me. When it gets closer to BlackHat time, I'll post my picks from the briefings schedule.  

FREE Security Tutorials from Veracode

Mobile Security
CRLF Injection
SQL Injection Hack

Veracode Security Solutions

Software Security Testing
Application Analysis

Veracode Data Security Resources

Data Security Issues
Data Breaches

Related Posts

By Chris Eng

Chris Eng is Chief Research Officer at Veracode. A founding member of the Veracode team, he is responsible for all research initiatives including applied research and product security, as well as advising on product strategy and M&A. Chris is a frequent speaker at industry conferences and serves on the review board for Black Hat USA. He is also a charter member of MITRE's CWE/CAPEC Board. Bloomberg, Fox Business, CBS, and other prominent media outlets have featured Chris in their coverage. Previously, Chris was technical director at Symantec (formerly @stake) and an engineer at the National Security Agency. Chris holds a B.S. in Electrical Engineering and Computer Science from the University of California.