The conference was very well organized and attendee focused, which could be seen by the many little details found on the conference. For example you never ran out of coffee or beverages, there was a new Hallway Track where you could meet people from all disciplines, discuss about your favorite topics and there was always a place to sit and take a break between all those interesting presentations. I had the chance to speak to very nice people from different industries, most importantly in my case on the topic security. It was nice to see how the Docker community is growing and the adoption rate is increasing, especially in companies. The main focus of the conference (especially seen in talks held by people from Docker Inc.) was the Docker Enterprise Edition.
We are super excited for TROOPERS18 (March 12-16th, 2018) as are many of you! We even have this great saying that “after TROOPERS is before TROOPERS”, which means we spend a lot of time looking through feedback from attendees, speakers/trainers, and our own Crew for ways to not only top what we’ve done in the years before, but also how to simply make it better for everyone involved. Looking around at our Crew we realized how many have either attended TROOPERS or other conferences as students. We heard from them, as well as other students, how life changing it was to be able, as a student, to attend an IT-Security conference. How they got to meet a speaker whose work they’d read about in class. How people felt even more a part of the community they were studying hard to belong to. Continue reading “TROOPERS for Students!”
This is my short write up on Daycon X1, 2017. The summit was held at Dayton, the land where Wright brothers were born. Apart from being my first US trip, I also gave my first training on Hacking 101 also called the Bootcamp.
Last week I had the pleasure to participate at the first RIPE IoT Roundtable Meeting in Leeds (thanks! to Marco Hogewoning for organising it). It was a day with many fruitful discussions. I particularly enjoyed Robert Kisteleki‘s talk on RIPE NCC’s own design & (security) process considerations in the context of RIPE Atlas (at TR17 NGI there was an intro to Atlas, too).
In this post I’d like to quickly lay out the main points of my own contribution on “Balanced Security for IPv6 CPE Revisited” (the slides can be found here).
Some of our Troopers had the chance to visit HITCON conference in Taiwan this year. There are two main events: HITCON Pacific, which is aimed more at corporate attendees and HITCON CMT, the community edition, which aims at students and the general Infosec community. HITCON is the biggest security conference in Taiwan.
As mentioned in my last blogpost, I had the pleasure to participate in this years DFRWS USA and present our paper. The paper and presentation can be freely viewed and downloaded here or here. Note that there is also an extended version of the paper, which can be downloaded here.
The 11th USENIX Workshop on Offensive Technologies (WOOT17) took place the last two days in Vancouver. Some colleagues and I had the chance to attend and enjoy the presentations of all accepted papers of this rather small, single-track co-located USENIX event. Unfortunately, the talks have not been recorded. However, all the papers should be available on the website. It’s worth taking a look at all of the papers, but these are some presentations that we’ve enjoyed: Continue reading “11th USENIX Workshop on Offensive Technologies (WOOT17)”
Over one of the recent long weekends I attended the 17th “Gulaschprogrammiernacht”, or “GPN17” for short, in Karlsruhe, the largest CCC Event after the Chaos Communication Congress with roughly a thousand attendees. The name literally translates to “goulash programming night”, which makes about as much sense as the German version. Despite the name it lasted from Thursday to Sunday, had a much wider scope than just coding and offered various other (incl. vegan) dishes besides goulash. As an active member of the CCC community I planned on attending it anyway, but submitted my talk about Automated Binary Analysis in case there was interest. I didn’t anticipate that much interest given that it was a fairly theoretical IT-Security topic at an event that was not focused on IT-Security, but nonetheless the hall was filled with people from various backgrounds like math, formal verification and software optimization. The talk was an improved version of the one I gave at Bsides Ljubljana, incorporating feedback I received and new things I had learned since then. The English slides are available here, the recording of the talk in German can be found here.
Inspiriert durch die erfolgreichen Round Table Session der TROOPERS freuen wir uns Ihnen heute mit dem AgileSecurity Insight Summit 2017 eine weitere Veranstaltung in einer Reihe zu Trend-Themen im Bereich der IT-Sicherheit vorzustellen.
Die Veranstaltung beginnt am Morgen mit einer Keynote, gefolgt von Fallstudien und Vorträgen durch interne und externe Referenten aus der Industrie. Im Anschluss werden alle Teilnehmer in zwei Gruppen aufgeteilt, die nacheinander an beiden Round-Table Sessions teilnehmen. In den Round-Table Sessions werden unter Expertenmoderation typische Problemstellungen und Lösungsansätze diskutiert. Continue reading “DevOps, Continuous Deployment & Agile Security September 7, 2017”