THE CU
  • Home
  • Blogs
  • Offense
    • Pen Tester Training Program
    • Offensive Cheat Sheets >
      • Bash Commands
      • Network Enumeration
      • Web Enumeration
      • Windows Post Ex
      • Metasploit
      • Shells
      • PowerShell
    • Offensive Links
  • Defense
    • Junior SOC Analyst Roadmap
    • Intermediate SOC Analyst Training Program
    • Defense Links
  • Land A Job
    • Improve Resume
    • Find a Job
    • Interview Prep
    • Grow as a Practitioner
    • Get Experience
  • FAQS
  • Other
    • Finance Resources
    • CTFs and Cons
    • Training
    • Twitter People to Follow
    • Podcasts
    • Books
    • Twitch Streamers

 

Vendor Cons vs. security cons

6/12/2019

0 Comments

 
​In the ecosystem of cyber security conferences, there are many types ranging from industry to subject matter within a specific industry. In the cyber security world, two main types exist, vendor specific and vendor agnostic. Before recently, I only attended general security conferences to be exposed to a broader range of material. However, since my trip to the Carbon Black  conference I wanted to discuss which are better to attend for new folks in the industry.

What's Carbon Black?

First stop is a brief overview of Carbon Black (CB). This is considered an Endpoint Detection/Response tool(EDR) capable of providing insight in to host based behaviors. Most businesses who have an EDR, will use it in conjunction with their other suite of tools. I have used the tool in the past and it truly is a magnificence animal but this also happens to be the only EDR tool I have experience with. These tools are great for incident response, allowing the analyst to not only isolate the host but to continue to do forensics and analysis remotely after the host has been isolated. CB provides an in depth look of activity on hosts, primarily anything that changes, such as process, registries, connections, etc.​

​Vendor Conferences

Alright, now to the good stuff. Let's start our discussion with Carbon Black(CB). I am going to generalize here some because I don't have other vendor conferences to rely on. CB was fun all around: they had socials, multiple tracks of talks, a handful of non-CB people leading the talks, and a genius bar to take their product for a spin. For the most part, the CB employee talks were informative however very shallow on the details; they provided product updates and road maps of where they were going. In my conversations with other attendees, I gained more insight into how to deploy CB in creative ways and issues I may face using CB. Non-employee talks were by far the most informative. Some walk through analysis case studies using the tool and exposed on increased detection capabilities. Others discussed the EDR tool from an engineering perspective, detailing code and steps of how they integrated CB into their other existing tool sets such as SIEM, SOAR, and Ticketing Systems. I found these fascinating and they most certainly got my creative juices flowing.

Security Conferences

Unlike vendor specific conferences, general security conferences are all over the place with topics. From how to find a job to picking locks to stories of cyber crime and everything in between. No offense to Carbon Black but the attendees are also a little less stuffy. You can probably tell I am a little biased with vendor agnostic conferences. They are a great time and typically have something for everyone. Even the smaller ones. My first conference was Grrcon over in Michigan and after the two days, I left and my head just hurt. My mind was literally blown. I sat in on talks about malware reverse engineering, hardware hacking, linux forensics, social engineering, wireless hacking and even picked my first lock. I had a blast.

Recommendation

My suggestion to new comers is to go enjoy the vendor agnostic conferences like BSides, Grrcon, Circle City Con, and Derby Con. These are fun and low key. As you get more mature in the space and need to support some specific product, go check out their cons. But only if you work is paying ... lol. But the good news is, you don't have to wait for the next conference to roll around. Look on YouTube for the talks. Just about every major con posts their videos for free!!!

Here are some conferences and links to talks. Enjoy.

Bsides Vegas
GrrCon
Circle City Con
Derby Con
Def Con
Black Hat

If you have any questions or have other conferences in mind that you think others should check out, comment them below and I will update this blog. 

Tell us about your con experiences and let everyone know what they have been missing!!!

Last but not least check out the accompanying YouTube video.

Author

Micheal Small
Cyber security enthusiast. Sharer of opinions. Conference goer. Kayaker. Star Wars lover.

0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Author

    Silverbits
    - Infosec Enthusiast
    - Traveler
    - Future AT Thru-Hiker
    - CTFer
    - Red and Blue Teamer

      signup!

    Subscribe to Newsletter

    Categories

    All
    Book Review
    Certifications
    Coding
    Conferences
    Course Review
    Cracking
    Defense
    Finance
    Fire
    Forensics
    Hacking
    Hashes
    Incident Response
    Job Hunting
    Malware
    Mindset
    OSCP
    Pen Testing
    Tools
    Travel
    Updates
    Web Hacking

    Archives

    January 2023
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    May 2018
    April 2018

    RSS Feed

Home      Blogs    Disclaimers    Copyright Notice   Cookie Policy ​
  • Home
  • Blogs
  • Offense
    • Pen Tester Training Program
    • Offensive Cheat Sheets >
      • Bash Commands
      • Network Enumeration
      • Web Enumeration
      • Windows Post Ex
      • Metasploit
      • Shells
      • PowerShell
    • Offensive Links
  • Defense
    • Junior SOC Analyst Roadmap
    • Intermediate SOC Analyst Training Program
    • Defense Links
  • Land A Job
    • Improve Resume
    • Find a Job
    • Interview Prep
    • Grow as a Practitioner
    • Get Experience
  • FAQS
  • Other
    • Finance Resources
    • CTFs and Cons
    • Training
    • Twitter People to Follow
    • Podcasts
    • Books
    • Twitch Streamers