Sunday, March 6, 2016

Debrief: BSidesSF 2016

As I’ve been back and forth from home to San Francisco the past few weeks/months, I managed to make my way to BSidesSF on February 28th which I was super excited about. Having only attended BSidesLV just last August, I was looking forward to seeing what the other BSides cons were like.For those of you unaware, BSides are community driven, (typically) small security conventions that are located from Chicago to Seattle to all over the world where infosec pros can get on stage and speak about a topic of their choice without a staggeringly large audience like those at DEFCON or Blackhat. This seems to bring the community tighter and give an opportunity to new-pros to speak in a comfortable environment. 

BSidesSF was located at the DNA Lounge, a dance club that I was told had a history of being a hacker hang out. Upon arrival, you can immediately get the underground, industrial vibe which melded well with the infosec culture. Badge pick-up was in the “DNA Pizza” restaurant right next door which, likely due to being a little late, made it easy to grab the not-badge wristband that gave me access to the rest of the con (after a quick coffee grab, damn those 5am flights).

Inside the venue, the keynote speaker (legendary EFF founder John Perry Barlow) was already on the main stage and taking questions from the packed would-be dance floor. Even with two speaking tracks, two levels, multiple bars, and a lounge, I was happy to see the venue was relatively full with a range of attendees who didn’t seem too intent on staying within their own circles (for the most part) which allowed me to strike up a conversation with a couple of individuals with relative ease.

The content that ranged from Bug-Bounty hunting to career/hiring advice. The speakers were fairly well wrangled though there were some serious technical issues (ironically) which delayed/cut short a great talk on Social Engineering (darn you, presentation gods) and required the testing of several laptops for compatibility and slideshows to be converted to PDFs to get them on the presentation screen. Hopefully, a backup process will be created for future cons to avoid situations like this. Otherwise, everything seemed to go off smoothly and fairly professionally. Security/volunteers were all friendly and polite which, no matter what kind of con you go to, is important (least in my opinion).

Visual Boards were created during talks and put on display.
I don’t claim to be the biggest know-how on the deep technical stuffs that is infosec, so I was pleased that all the talks I attended managed to be easy to follow and not go way over my head. I really enjoyed a talk about “Hackers hiring Hackers” by IrishMASMS (I stepped in late and missed his actual name), which had some great content for those looking to join the infosec workforce and for those looking to hire/grow a hiring pool of infosec pros. He even called out the ladies in infosec to not “sell your self short” which, having recently read Sheryl Sandberg’s book Lean In, resonated very well with me.

On that note, however, there was something that I noticed to be distinctly lacking, that being the void of women speakers. Granted, I was only able to attend on Sunday, but for that entire day I only witnessed one lady on stage (the passionate Eva Galperin from the EFF), even though a good chunk of the observable attendees were also ladies. Given the environment I experienced (outside of a few cracks at the ‘marketing lady’), I would implore the women in infosec to take the stage at future BSidesSF cons and talk about whatever it is they want in a comfortable and acceptable manner. 

Overall, the $30 bucks spent to attend one day of the two-day con that is BSidesSF was completely worth it. I’d love to see some more ladies out on the stage, some preemptive technical testing to ward off the bad Juju from the presentation gods, and an actual attendee badge vs. the wristband (which I required to be cut off once used, making me a sad panda). But the talks were great, the environment was inviting, and I made some great connections while learning a lot. So, huge shout out to everyone who helped to put it together and I definitely hope to attend next year. 

No comments:

Post a Comment