Cyber Security Articles & News

RSAC 2017 – a View from the Floor

The 2017 RSA Conference showcased almost 500 security companies proposing elegant solutions to solve a plethora of problems across different domains of security, including web application security, network attacks, data forensics, malware and APTs, encryption key management, risk and crisis management, and biometrics.

The entire conference was massive, taking place over 5 days with venues spread across 3 buildings. I was only able to attend the conference on Wednesday, and it didn’t take long for me to understand that even with an exhibitor or an expo pass there are so many opportunities for learning that one day is simply not enough. First, there were the keynotes presented by renowned security experts. Then, there were multiple sponsored talks given on more than a dozen security topics. There was also the “Sandbox” that offered hands-on challenges focusing on IoT vulnerabilities, the impact of an attack on Industrial Control Systems, and even cyber-competitions like CTF (Capture The Flag). This was my first capture the flag competition and I thought I was doing pretty well until the winner was announced. He was just 18 years old and had captured 9 out of 11 flags in just 40 minutes!

The highlight of the conference was definitely the huge number of booths setup by the 500+ security companies in the North and South halls. The variety of the booths was mind-boggling, as were the themes on which they were based. Many companies even had the exhibitors don special outfits to match their booth’s theme. Given the large number of booths, there were lots of freebies and giveaways to take advantage of. While most freebies were smaller ‘swag’ given to anyone who had a conversation with the exhibitors, there were also the superior, out-of-sight gifts that could be won via raffle.

RSA provided everyone with lots of networking opportunities and a chance to interact with world-renowned security professionals. Kevin Mitnick was there on Tuesday to sign copies of his latest book “The Art of Invisibility”. I regret missing the book signing, but I did manage to get my hands on a copy of the book from the Knowbe4 booth. Ed Skoudis, a SANS instructor and author of the popular ‘Counter Hack’ series of books, was present at the CTF competition, and Troy Hunt, the creator of the breach notification service HaveIBeenPwned, was at the Varonis booth giving a presentation on how easily web application attacks such as SQL injection can be performed. Happily, I did manage to have a brief conversation with Troy before he left the booth.

This year’s RSA theme was the “Power of Opportunity”. This phrase aptly describes the large extent to which the security industry can advance, if the growing number of security startups, each with their own distinctive ideas, are given an opportunity to prove themselves and grow.

Read this review blog and other great articles at the source.

Source: Breacher Report

Topics: The Art of Invisibility, Varonis, encryption key management, Industrial Control Systems, data forensics, Counter Hack, Ed Skoudis, HaveIBeenPwned, IoT vulnerabilities, keynote speaker, risk and crisis management, SANS, security companies, RSAC 2017, web application security, Troy Hunt, CTF, biometrics, network attacks, Kevin Mitnick, malware & APTs

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

Breach and Attack Simulation vs Red Team Pentesting

Cyberattacks have posed a significant threat to organizations across the world, creating an urgency to take the necessary measures to shore up your ne..

Read more ›

What To Expect When You Get a Vulnerability Assessment From Mitnick Security

Since threat actors are constantly developing new tools and techniques for infiltrating an organization’s defenses, effective cybersecurity can never ..

Read more ›

What's Included in a Penetration Test Report?

Penetration tests are an extremely useful exercise to mitigate risks and patch your security gaps. If you’ve been asking yourself why do penetration t..

Read more ›