ShmooCon 2013
This past weekend I went to my first ShmooCon in Washington D.C. I have to say this was an experience that I was not expecting. I’ve been to many security conferences in the past, included RECon, BlackHat, GFIRST, and some SANS and OWASP conferences. ShmooCon ranks up there in the top 2 spots, if not one of the best that I’ve been to.
The best thing about ShmooCon is that it has a small con feel to it, while having everything the big cons have (e.g. big name speakers, contests, prizes, lots of smart people). It also has a small con price – if you can get a ticket, its only going to cost you around $150.
I was also lucky enough to be selected as a speaker this year, presenting a talk on my newly open-sourced tool MASTIFF. As a speaker, they one of the best run CFP processes I have ever used. After selection, they are constantly available for questions, have excellent moderators and are great in making sure you have what you need.
The talks at the conference were amazing. They are of the highest quality and even the ones I didn’t like were full of good information. Since I was releasing MASTIFF the first day I was there, and I was freaking out about my talk (I was in the last speaking slot of the tracks), I didn’t get to see all that I would have liked. However, these stood out:
- NSM and more with Bro Network Monitor by Liam Randall – This was the best talk of the conference IMO. Liam gave an excellent talk about what Bro is, how it works, and even how easy it is to extend it. His presentation was how all presentations should be – easy to follow and good at explaining a relatively complicated concept.
- Crypto: You’re doing it wrong by Ron Bowes – Ron gave an excellent talk about some crypto attacks, how they can be performed, and even did 3 live demos (that didn’t fail) that performed these attacks. I’m not a crypto guy, but Ron’s explanations of everything were easy to follow and entertaining. Plus he used The Call of Cthulhu as some of his encrypted text.
There were alot more that I saw that were excellent, and some that I unfortunately missed. Luckily, ShmooCon makes all their recordings available online for free and should be up in a couple of weeks. I look forward to next year!
*** This is a Security Bloggers Network syndicated blog from The Security Shoggoth authored by Tyler. Read the original post at: