IT Security Conferences? [Archive] - Beyond.ca - Car Forums

View Full Version : IT Security Conferences?

Toms-SC

01-26-2009, 11:57 AM

For the IT security crew out there.

Is there any other really 'good' events besides Black Hat and Defcon? I've been given a blank cheque to attend an event as long as it has a good speaker line up. I am interested in the topic of web application security and traditional network penetration testing.

Anything? :dunno:

sputnik

01-26-2009, 01:07 PM

RSA San Fran

Toms-SC

01-26-2009, 01:16 PM

HMmm, slightly less tech but valid non the less.

sputnik

01-26-2009, 01:26 PM

Originally posted by Toms-SC
HMmm, slightly less tech but valid non the less.

Depends on what you call "tech".

Blackhat and Defcon are geek tech for people doing some CRAZY stuff. It is VERY interesting and entertaining. However in the real business world it isn't that applicable. You typically wont be hacking magnetic strips, installing Linux on an XBOX or cloning RFIDs at work. Nor will you be building a wireless AP that can be seen 22 miles away.

RSA is more along the lines of the corporate security. Learn about emergent technologies and updates to your current hardware and software. It is the best opportunity to talk to the industry leaders and learn more about their technology roadmaps going into the following year. I would contact vendors in advance and let them know you will be there, because there are often sessions for clients where NDAs are signed and more information on the product and its development are revealed.

RSA is also good for the forums as well. Attend a crypto, VPN or a NAC forum and you will have a representative from each vendor answering questions about their product and how it relates to the other guys.

googe

01-26-2009, 03:44 PM

cansecwest. its right in your backyard. last year was sorta weak compared to previous, but its a close second to blackhat in terms of meat.

dont go to rsa unless you want a nap. product demos and sales reps isn't a fun time. CxOs and execs dont know anything about security. they know about management and selling security.

edit: right from the RSA website:

Who Attends

The 17,000-plus attendees at RSA® Conference 2008 included virtually every profession involved in information security — 27% were C-level, senior executive or VP/director, 30% were team leaders/project managers, a full 57% had IT/IS management responsibility and 19% were engineers/developers.

that should tell you something...