The speakers made themselves pretty accessible, you did not need to wait in long lines to get seat for a talk, and you didn't need to leave a talk early to get to another talk. Speaking of talks... well they had such a large volume of CFP entries, that they had 4 main tracks, they were separated into: Break Me, Fix Me, Teach Me, and The 3-way (a mix of the other 3) and opened a 5th track called "Stable Talks." There were so many great topics, it was very difficult to determine which ones to attend. Luckily they captured the 4 main tracks on video and most of them are posted to YouTube. You can get to the full list at IronGeek's (Adrian Crenshaw) page: DerbyCon Videos. Although the Stable Talks were shorter, that didn't affect the quality. I think some of these talks will move into the main tracks next year.
So I arrived Thursday afternoon. Unfortunately, I was not there early for the training, which was going on Thursday and Friday morning. They had a number of quality training opportunities which covered everything from Social Engineering to Reverse Engineering. Thursday evening I was able to grab some dinner with a fellow EH netter (ethicalhacker.net member). We discussed some of the finer points of working in a large organization and trying to push proper security procedures. We were later joined by two more members and continued the discussion over Ethiopian food (which was mighty tasty). Later that evening I was able to experience my first SlideShare Roulette at "Whose Slide Is It?". For those that don't know, this is basically a test of one's presentation skills. The moderator will pick a random slide deck from the slideshare.net site based on topic suggestions from the audience. The presenter then must use his/her skills and work with the given slides. It got interesting when the hotel staff arrived with 100 shots of bourbon courtesy of HD Moore (CSO/Chief Architect @ Rapid7).
Friday morning was pretty much just hanging out and waiting for the opening ceremonies. There were some great discussions going on in the hallways and main lobby of the Hyatt. Some of the best talks can be found in these "hallway cons" so I highly recommend getting involved in these sorts of discussions. You will learn something and you may even have a different point of view to add that could benefit the group. Eventually 1:00 pm rolled around and the talks began! They kicked it off with keynotes from HD Moore's The Wild West, Dan Kaminsky's Black Ops, and Mudge's talk about the Cyber Fast Track program from DARPA. After dinner the 5 tracks began and continued through the weekend. I will not do a review of the talks I attended since I was pretty much in absorption mode and I am still catching up on the ones I missed as well as re-watching those I attended.
As I touched upon earlier, there were a number of events going on during and after the talks. The big one was the CTF (Capture The Flag) competition. Your mission is to use your skills in hacking to find all the flags on the CTF network. I attempted but never got on long enough to even find the "beginner" flags. This was in part due to the WiFi network for the event being unavailable and the bouncing in and out of talks. These competitions are best handled by teams since the expertise needed to find the flags will vary. You may have to write an exploit or use some forensic skills to find the various flags. Hackers For Charity (HFC) held both a silent and regular auction throughout the weekend. They raised over $33,000 thanks to the very generous community. If you wanted to just wind down you can head over to the theater for the Hacker Movie Marathon. Maybe you want to know if you should get your CISSP, but you aren't sure if you have the right knowledge, then you could have headed over to "Are You Smarter Than a CISSP?" held on Friday night. You were given questions from each of the 10 CISSP domains, you can choose to answer them yourself or discuss it with the panel of actual CISSPs. They were also available to save you if you got a question wrong.
Sadly Sunday morning came and it was time for me to leave the land of bourbon and horses. Unfortunately there were still a slew of talks and the closing ceremonies to attend but I will catch them on video. Next year I will plan on taking the training and staying until the closing ceremonies! One more thing specific to the conference, a big THANKS! to the organizers and volunteers. They made this such a great experience that I am still missing it a week later.
Friday morning was pretty much just hanging out and waiting for the opening ceremonies. There were some great discussions going on in the hallways and main lobby of the Hyatt. Some of the best talks can be found in these "hallway cons" so I highly recommend getting involved in these sorts of discussions. You will learn something and you may even have a different point of view to add that could benefit the group. Eventually 1:00 pm rolled around and the talks began! They kicked it off with keynotes from HD Moore's The Wild West, Dan Kaminsky's Black Ops, and Mudge's talk about the Cyber Fast Track program from DARPA. After dinner the 5 tracks began and continued through the weekend. I will not do a review of the talks I attended since I was pretty much in absorption mode and I am still catching up on the ones I missed as well as re-watching those I attended.
As I touched upon earlier, there were a number of events going on during and after the talks. The big one was the CTF (Capture The Flag) competition. Your mission is to use your skills in hacking to find all the flags on the CTF network. I attempted but never got on long enough to even find the "beginner" flags. This was in part due to the WiFi network for the event being unavailable and the bouncing in and out of talks. These competitions are best handled by teams since the expertise needed to find the flags will vary. You may have to write an exploit or use some forensic skills to find the various flags. Hackers For Charity (HFC) held both a silent and regular auction throughout the weekend. They raised over $33,000 thanks to the very generous community. If you wanted to just wind down you can head over to the theater for the Hacker Movie Marathon. Maybe you want to know if you should get your CISSP, but you aren't sure if you have the right knowledge, then you could have headed over to "Are You Smarter Than a CISSP?" held on Friday night. You were given questions from each of the 10 CISSP domains, you can choose to answer them yourself or discuss it with the panel of actual CISSPs. They were also available to save you if you got a question wrong.
Sadly Sunday morning came and it was time for me to leave the land of bourbon and horses. Unfortunately there were still a slew of talks and the closing ceremonies to attend but I will catch them on video. Next year I will plan on taking the training and staying until the closing ceremonies! One more thing specific to the conference, a big THANKS! to the organizers and volunteers. They made this such a great experience that I am still missing it a week later.
