Bugcrowd Blog

2016 Black Hat, DEFCON, BSides Wrap Up

Posted by Sam Houston on Aug 9, 2016 4:41:24 PM

Now that we've rested our feet, drank some water, and adjusted from the Las Vegas time warp, we thought we'd give a brief recap of our week. In the six days we spent boots down in Vegas, we caught some great talks with some of our favorite people, threw, sponsored and attended awesome events, and as always, met amazing folks from the InfoSec community. 

Content and Presentations

We'd like to congratulate everyone who presented at the conferences, including two Bugcrowders. Here are a few highlights from last week's talks: 

  • The keynote given by Dan Kaminsky was an excellent way to start out Black Hat, providing ‘a model for comprehending the Internet as it stands’ and what needs to change ASAP.
  • Our Director of Technical Operations, Jason Haddix, and Sr. Security Engineer, Leif Dreizler, unveiled the functionality of their new subdomain discovery tool, Enumall in the Black Hat Arsenal. Read more about the functionality here on our blog.
  • Kymberlee Price, our Sr. Director of Researcher Operations spoke on some best practices for security teams building and/or improving their product incident response programs, providing templates and more. Kymberlee will be giving her talk in a live webcast Friday at 9AM PT. Register here.
  • Jake Kouns of Risk Based Security and Christine Gadsby of Blackberry provided a look at the real risk of using open source software and the best way to manage its use within your organization and the product development lifecycle.
  • The talented security researcher and rockstar Keren Elazari examined how hackers can take the impact of their security research to the next level.
  • Wendy Everette of George Mason University explored the background of product liability law and discussed how and why IoT might bring about a change in expanding coverage of software flaws.
  • Josh Corman of I Am The Cavalry gave 'The State of Automotive Cybersecurity,' outlining the lasting effects of car hacking on the automakers and the minds of the public, what’s still needed, what’s next, and how security researchers can continue to be a part of the solution. 
  • Bugcrowd community member Luke "Bored Engineer" Young presented his research that explores vulnerabilities that can take advantage of network infrastructure for massive DDoS capabilities.

For a complete list of what we had looked forward to seeing, download our 'Guide to Black Hat / DEFCON.'

Get the Guide

Events 

We'd also like to thank everyone who joined us at our events, stopped by our first booth at Black Hat and the tabletop in the DEFCON Car Hacking Village, and participated in our sponsored CTF in the Car Hacking Village. In addition to those events, during the week we had...

Why so many events? Yes, we love to party, and we enjoy providing a good time for our friends and colleagues. But more than that, it is so important for us to spend time with the community, both the security researcher community and the security professional community, which more often than not overlap big time. Every time we have an event like the ones we had this past week, we have an opportunity to connect with and learn from the people that make our business successful and worthwhile. Coolio kicking things off on Wednesday night was just the icing on the cake. 

2016-08-03_00.02.10.jpg

See additional pictures here

DEFCON Car Hacking Village and CTF 

We closed out the week with the awards ceremony for the Car Hacking Village CTF that we were able to run and sponsor with the help of CTFd's open source platform. It ran Friday and Saturday from 10am to 6pm, and we had great participation from twelve separate teams. In the end, three teams were recognized with some awesome prizes:
 
 
All-in-all we had a fantastic time that will be hard to top. Once again, thank you for the unending support, great feedback and memorable times. If you didn't catch us in Vegas this year, we look forward to seeing you at our upcoming events this year and next. You can also catch Kymberlee's talk as a live webcast on Friday.
Kymberlee_Price.png
 
Register for the Webcast
 
Conferences
Sam Houston

Written by Sam Houston

Senior Community Manager at Bugcrowd. Sam's passionate about working to foster the best researcher community on the web. Prior to joining the security industry Sam worked for Couchsurfing, Electronic Arts, Playfish, and gamerDNA.