Hacking isn’t just reindeer games any more. The ones and zeros are turning into real-world, kinetic consequences, and lives are at stake. How do we get the world to take security seriously — on both sides?
For one thing, by having a grownup conversation about it. “Errata Rob” Graham, CEO of Errata Security and creator of BlackICE, the first IPS, will take on “WendyLady” Nather, former CISO/analyst and now research director of the Retail Cyber Intelligence Sharing Center (R-CISC). To make sure things stay civil, security patriarch and Infosec Hall of Famer Jack Daniel will referee.
Join us for what is sure to be an epic conversation about research, critical infrastructure and stunt hacking.
This event is an opportunity for average users (Joes) to try their hand at both the offensive and defensive side of computer security. For the Pros, it’s a chance to hone and show off their skills, helping others to learn and better themselves. It’s also a lot of fun.
Joes are split up into teams, each with a Pro captain, and given their own network to defend against the other Pros in our Red Cell. Each team’s network is full of servers and desktops running Windows, Linux, your standard services like DNS, Web, Mail, and others. Of course, there will be more than a few surprises…
Pros V Joes is linking up with SE CTF!This year, the Pros V Joes CTF will be working together with the Social Engineering CTF at BSides LV. This will add a new and exciting dimension to the classical bits and bytes hacking of PvJ. Now, Pros and Joes alike will have to also handle their physical security and their OPSEC. Social Engineering players will have the challenge of trying to deal with a live organization of defenders that are trying to protect their information. Red Cell players of PvJ will have to choose a side (or not…
For more info, see their website.
On Tuesday night, around 7:45, we’ll be commandeering part of the Tuscany parking lot, for a good old-fashioned water balloon fight! We’ve purchased 1000 water balloons from Bunch O’ Balloons, but feel free to bring more! (Bunch O’ Balloons will be the only balloons allowed, for quality control purposes and must be filled from the BSidesLV Security Operations controlled water spigot.)
For just a $20 buy-in per person, you can participate in the water balloon fight until we run out of balloons! Buy-in will be Tuesday evening, at the fight site, cash only. We’re also allowing super soakers, water pistols and other water fight toys, for an extra $10 buy-in cost, since you’ll have an obvious advantage. (Must bring your own toys.) There are no losers in this fight, as everyone will end up being a Super Soaked Hacker!
There will be a designated Soak Zone and observers outside of that zone are off-limits. You will receive one warning, if you deviate from the rules. On a second infraction, you will be removed from the fight – NO REFUNDS!
Come join us for a much needed cool down after a long day in Vegas, before we get ready for The New Hacker Pyramid at 9:30!
All monies collected from this event will go to benefit Hak4Kidz . Much thanks to @healwhans for helping us with the logistics and planning of this event.
Want to help us promote? Use the hashtag #SSH along with #BSidesLV and #H4K, to help spread the word.
That’s right, The New Hacker Pyramid is coming back to Security Summer Camp in Las Vegas for 2015.
And as we mourn the passing of the 10,000¢ Hacker Pyramid, we’re certain that you’re going to find some serious joy at BSides Las Vegas.
Be in the audience for your chance to join a Security Celebrity for a chance to win FABULOUS PRIZES including the GRAND PRIZE of ????? (we don’t know yet, but it’ll be awesome dammit).
This event is an opportunity for average users (Joes) to try their hand at both the offensive and defensive side of computer security. For the Pros, it’s a chance to hone and show off their skills, helping others to learn and better themselves. It’s also a lot of fun.
Joes are split up into teams, each with a Pro captain, and given their own network to defend against the other Pros in our Red Cell. Each team’s network is full of servers and desktops running Windows, Linux, your standard services like DNS, Web, Mail, and others. Of course, there will be more than a few surprises…
Pros V Joes is linking up with SE CTF!This year, the Pros V Joes CTF will be working together with the Social Engineering CTF at BSides LV. This will add a new and exciting dimension to the classical bits and bytes hacking of PvJ. Now, Pros and Joes alike will have to also handle their physical security and their OPSEC. Social Engineering players will have the challenge of trying to deal with a live organization of defenders that are trying to protect their information. Red Cell players of PvJ will have to choose a side (or not…
Presentation on “bad interviews” lessons learned/what not to do/humorous horror stories;
One recruiter and one hiring manager play off each other in a Mock Interview, breaking the 4th wall intermittently to talk directly to the audience about mistakes made, how to best answer certain questions, etc.
Be sure to stay productive
e.g., when to discuss Salary ranges
“Know your Hiring audience” tips
Open Mic - anyone with good points can step up to Emcee
Audience with good stories can step up to Emcee
You don’t need to be a walking search engine to win at security tech interviews. Many candidates that go through a tech interview make some key mistakes that have nothing to do with what they actually know. Learn how to hack the infosec tech interview process for your best chance of success from a tech interviewer that does over 50 tech interviews per year.
Many people say that they want careers in information security, often latching onto the stories of penetration testers or other security rockstars for the promise of a job with better pay and more cool factor. While looking to this as an escape from their current reality, most people don't realize the work or challenges involved in the realities of these other jobs. This talk will help to arm people with the insight needed to uncover the truth about careers in information security and to perform the self-reflection to determine what it means to find the right fit.
You know it’s important to ask questions to your interviewers, but you need to make them count. Candidates need to assess a company that they think they want to work for. We’ll share tips on how to best get the inside information about what it’s really like (beyond Glassdoor, beyond the general “how many people are on the team?”) to work there so you can determine if it’s up to par with what you want in your next job.
Whether your transitioning from another industry sector or one akin to InfoSec (like IT) or starting on the first stepping stone to InfoSec, this talk will cover the key ingredients for (1) appreciating yourself and knowing how to be mentored (2) transferring passion into professionalism amidst a multitude of distractions and defeats over a career-span and (3) establishing the aides that will help you focus on your goals, both in the short and long term, and being able to re-align those goals based upon key changes in technology trends and emerging threats.
What not to say, but if you do - how to change it into a positive
• I'm looking because I want more money
* just shopping
• I want to learn
• I haven't done any research on your company
• I don't care what the product is - doesn't matter