[Dailydave] The Value of Offensive Conferences

dave aitel dave at immunityinc.com
Mon Mar 6 10:48:22 EST 2017


It's no secret that in order to get ahead, you cannot send your
technical people to BlackHat and Defcon. That's where you send your
sales engineers, which is a sad thing, since I really enjoyed the
earlier days of BH and DefCon, but the smaller conferences are a world
ahead when it comes to the technical innovations in information security
that are going affect you, if you're doing any kind of decent job at
security already.

The real questions is why. And part of it, as I ruminate on this while
we work hard to bring you INFILTRATE 2017, is exactly what makes small
conferences so painful: There's no incentive for anyone to come to do
MARKETING. If you have some sort of brand name bug and you want to
release it for maximum media attention and profit, then BH is the way to
go. All the talks at BH are about building reputation. Talks at the
smaller conferences are about sharing information with your peers, which
BY DEFAULT is going to get you further ahead on the situational
awareness curve. (F.E. Are we about to see a resurgence in Wifi hacking?
Andres Blanco's talk is of particular importance in that area...)

In other words: If you have a bug, go to BH or Defcon, and if you have a
bugclass/attack surface you're exploring, you go give a talk at
INFILTRATE or Syscan or ReCon or any of the smaller regional cons.

-dave




More information about the Dailydave mailing list