I’m the kind of person who wears shorts and t-shirts down to about 50 degrees…. and I wilt at about 75. So a week in June in Puerto Rico for the 29th FIRST conference sounded like my kind of trip. Despite the heat and humidity, this was a fantastic conference in a fantastic place. I attended along with three other colleagues from DomainTools. Our very own Sr. Security Researcher, Kyle Wilhoit, gave a fantastic talk on Cyberterrorism, and had groupies… er… security researchers… all over him for the rest of the conference asking for more details.
Some interesting trends noted:
- Tremendous attendance by national CERT teams. We had many interesting discussions with these teams about the attacks they face and ways that security vendors can work with them to help. Many of these teams also face special challenges ranging from financial, legal, and political that take time and effort to navigate. But it’s worth our effort to help them out – they’re on the frontlines and the right side of the fight.
- Active SIG work. I participated in the pDNS SIG meeting and it was a very fruitful discussion to help advance standardization of pDNS data formats. Other SIGs such as Information Exchange, Information Sharing, and Malware Analysis also had meetings. I really encourage anyone with interest in a SIG topic to become involved. This is one way to give back to the security community and help add your expertise to these efforts.
- Cybersecurity continues to be a broad and evolving field. Talks were presented that ranged from the tried and true (“Windows Credentials, Attacks, and Mitigation Techniques”) to recent hot topics (“WannaCry: What can we do better?”). There was even a talk reflecting on how change is the only constant. A lot of great information was presented – we’re all working hard to stay informed and ahead of the bad guys.
- You can learn from everyone around you. Senior security leaders from Facebook and Google both gave keynotes. And while DomainTools is nowhere near their scale, I was able to take away some valuable lessons from their experience that I can apply to our own security posture.
Finally, somewhere along the line I have angered the hotel room gods.
This is not my first time at a hotel with gorgeous views of HVAC systems.
Seriously, aside from the view, the only downside to this conference for me is I really should go again next year. And it’s in…. wait for it….. one of the most moderate and dry climates in the world, perfect Bruce weather: Kuala Lumpur, Malaysia. No really, look it up.