Conferences (Cons) and training events where people from the same industry have become a great resource for people in the industry to networks, share research and give back. I submitted my call for papers and got picked up to participate in TakeDownCON by the EC Council foundation in Huntsville, AL. The conference was a two-day conference that featured vendors, a capture the flag competition and loads of great opportunity to network. The first day was the red team track and the second was the blue team track. This was my first information security presentation at a conference and I definitely had a blast. I have been to about half a dozen conferences, but participating as a speaker is a slightly different experience. I would say that is the best of both worlds. I attended all of the talks and placed 2nd in the Booz Allen Hamilton capture the flag competition.
My talk was on " Defending against 1,000,000 Cyber Attacks ." The basic overview of the talk was covering the notion that every time you look around some company or government organization is spouting out some huge number of “cyber-attacks” to their network every day. By no means is defending networks easy, but could it be that there is a little exaggeration of the actuality of the encounters with intruders on the net? One thing that is apparent is that there is surely a misconception in reporting and the understanding of the attack itself in how organizations account for them. There are “attacks” like port scanning and brute force attempting all across the internet at all hours of the day. Spreading awareness about them will inform the public on just how “intense” these attacks are. To demonstrate this, I bought a nice attractive domain and coupled it with a honey-pot and let the fun begin.
Here are the slides from my presentation: Download