There are a notable number of conferences each year that one attends in this business. I am lucky enough to have been a participant and speaker at many of them. This year I carried a press pass to Black Hat, to report on what happened there and what was shown and what was said. This is a very involved process, because Black Hat and DEFCON are just damned BIG. I will tell you what I saw, and what I thought.

Black Hat and DEFCON are two sides of the same coin. Black Hat is expensive (consisting of very pricey training and also pricey briefings) the basic briefing ticket is a couple of thousand dollars, add in training and you could get as high as eight thousand. Black Hat is attended by industry professionals, and also has an exhibit floor, complete with booths from companies, universities and government agencies. The Briefings are two days long and eight tracks wide. That means that in any one hour you can only get to one eighth of the briefings.  Add to this some time on the exhibit floor (moderate to huge, couple of hundred booths) and some shared meals and maybe even a party or two (dozens to choose from each night) and Black Hat can be a very interesting experience.

The briefings range over a wide variety of infosec (information security) topics. Here are a couple from this year’s schedule:

This is a photo of General Alexander of the NSA, keynote speaker. He opened the conference with a very sincere explanation of PRISM, what it actually meant, what it was used for, what was it’s actual scale and how the metadata was used under strict oversight and control of all three branches of the government. (NB–he has left that job and is now in private practice)

Every year I attend Black Hat and DEFCON and every year there is more than one big story. I found this unfinished draft from last year and decided to publish it now.

Persevere,

David Perry — Threat Strategist, Huntington Beach, California

November 9, 2014the