Friday, July 18, 2008

The Last HOPE, day 1

Today was the first day of the Last HOPE convention. Being married with children, I no longer spend full days at events like this, but the time I was there was well spent. Not only did I get to meet some people face to face, I also attended some talks.

More specifically, I went to the first talk on botnet research, the death star risk modeling talk/earth intelligence network and to the talk on the Attendee Metadata project. After that, I took a small break, before sitting in on Myrcurial's talk about climbing the corporate ladder. Then I browsed the projects area, picked up a lock picking set at the Toool table and spoke with some other person who I wanted to meet up with.



Botnet research, Mitigation and the Law
The talk on botnet research was interesting in that it presented a perspective on cases that many of the attendees never had. I found the references to Operation Botnet interesting because I had just heard the other side of that same story. The discussion of all the possibly applicable laws and regulations was thorough, but not new to me. For most of the people in the room, it was a very good introduction.

Death Star Risk Modeling
Death Star Risk Modeling was a CISSP 101 introduction to risk modeling. Interestingly explained, and nicely illustrated with Star Wars analogies. The observation that I took home from this was "If it is worth putting up, it is worth protecting".

Earth Intelligence Network: World Brain as Earth Game
Freaky.

The Attendee Meta-Data Project
Poorly prepared and presented even worse. The idea is very interesting, but the implementation sucked. These guys were very lucky that they are no students of mine.

From a Black Hat to a Black Suit
Highly entertaining and informative and for me definitely the best talk of the day. A number of good lessons for those of us who are planning to make their carreer in corporate information security and who are not afraid of the word "Suit".

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.