Tag Archives: conference

Updated speaking schedule!

As noted before, for some reason beyond my understanding I am going to be speaking at both SOURCE Barcelona and Brucon in September, as well as in Excaliburcon in China (you guys must really like this whole crime meets state thing huh?).

So, down to business, SOURCE Barcelona is going to be awesome – It’s going to be my first SOURCE I’m really looking forward to getting back together with some of my friends (Chris, Wim, Jayson… the old Wuxi pwnage team en-scale), and meet people I wanted to pick their brains in person (Brian Honan – especially because I’ll miss his talk…).

Next up is Brucon. I’ve said enough about Brucon in the last conference schedule update, nevertheless, it’s shaping up to beat it’s last years’ reputation. Expecting great talks, great crowd, and awesome beer! As far as talks I’m looking forward to – will definitely catch up with Joe which I missed at DefCon, Craig who’s Skylab is of a personal/professional interest to me, Dale with the HeadHacking talk, and Fabian’s GSM one. Obviously there are many more, but as I’ve learned over the years – don’t be greedy (especially not at conferences)…

Last but definitely not least, Excaliburcon is going to happen after all! This year the location is going to be just outside of Beijing. We will all miss Wuxi a lot, but I’m really looking forward to checking out more of China. It was a great experience last year and I’m setting up my hopes pretty high for December as the speaker list is getting pretty hot!

The common threat across these three conferences is that unlike the “big ones”, they all allow the attendants a very close interaction with the talks. This really enables more information sharing and knowledge transfer, and I’ve really learned a lot more from smaller conferences such as these than from the big ones that sport a dozen tracks at the same time (think RSA… you are not going there for the content anymore…).

If you happen to be at one of those, feel free to ping me (or even better – buy me a beer 🙂 )!

Cloud Security Alliance Conference (Israel) – CFP

Just wanted to let you all know (as a member of the CSA-IL board) that we will be having a conference on September 2nd who’s title is “Cloud Security Technology and Innovations” in Tel-Aviv, Israel.

We expect to have great participation from all areas of the industry, are working on a great venue to host the conference, and are opening up the Call for Papers.

Please see the CSA-IL WiKi for additional information on how to submit for the CFP:


Looking forward to seeing you all there!


Funny thing how I got to go to Miami last week…

So, one time, at security camp, I figured that there isn’t a whole lot of infrastructure in my back yard to really call a decent CERT. I have experienced that multiple times (and again and again) when handling major incidents that prompted incident handling in dozens of countries around the world, and when trying to do the same back home (in Israel), I got “bobkes”.

The thing is, there are currently two “CERTs” operating in Israel – an academic one (ILAN-CERT) which only server a portion of the actual academic networks in Israel (surprise surprise…), and CERTGOV-IL (which seems to be mostly in maintenance mode, and only server the government sites). Bottom line – if you want to report an incident that does not fall into these CERTs constituency (about 90% of the cases), you are out of luck…

So, just like the ever-optimistic fool that I am, I decided to give it a try and start a normal IL-CERT. Back at the time when I started to dance the political/bureaucratical dance I figured that it would be a good idea to present at FIRST2010 as IL-CERT would be alive by then. Ahhh, the optimism…

Months went by, emails flew, and meeting were held, and I arrived at the FIRST conference with only a glimmer of hope for a decent CERT. I almost dropped all hope for it, but then had a great time running into the FIRST crowd. Every time I got into a conversation with a member, I usually got the same question: “so, can I send you information on incidents in Israel? Because there isn’t anyone to send data to for years”.

Embarrassing. Nothing less (and to think that there was another Israeli “CERT” member onsite…). Long story short – I’m currently willing to put my hiney on the line and at least be able to say that I tried.

So here goes – I’m publishing an open call to anyone local who would like to participate and contribute to the IL-CERT. Also – if you need/want to report on any incident related to the constituency of a decent IL-CERT, please feel free to pass it my way until we set up the basic infrastructure for IL-CERT.

Wish me (us?) luck and godspeed. And thanks again to everyone who I met at FIRST-2010 and have reinforced my crazy endeavor.

The community to the rescue again

I’ve had some hard time coming up with this post. I had the great opportunity to travel quite a bit lately – specifically to Berlin where basically EVERYBODY in security was at ph-neutral (have I thanked FX yet? I think so, but anyway – great con/party!).

It all started in Berlin when I realized what an amazing community we have. People from all over the world coming over for 3 days of sharing, networking and listening to talks (oh, and partying). I also have the great honor of calling a few of these guys friends. Friends that I know that I would be honored to help if they needed anything, and friends that I know I can “drop on” if I happen to get into a snag in their hometown. Friends that I only see in-person 2-4 times a year, but still consider them one of my closest.

I saw borders dissolve in an instant as politics, geography and history dropped in sight of a beer or a cool PoC demo on someone’s PC, and I had great conversations with people I just got to know and am sure will run into again in the future.

And then I got back home. I don’t need to mention the unfortunate events that took place a couple of days ago, and I’m not going to point fingers at anyone. Everyone had their agenda, some sides were more optimistic, some had better planning, some had better intent, but the end result is what it was. Sometimes as we say it’s better to be smart than to be right…

That was just a day before I flew over to Athens to talk at Athcon. People around me started freaking out, having the entire area feel like a barrel of gunpowder, and the media adding in some FUD to top it off. And then I recalled ph-neutral. A couple of hours later, a friendly cabbie and what looks to be a really cool con, everything is left behind. The community wins again, while politicians keep meddling with their agendas.

I just hope that more people could find such communities where borders are bridged, and religion/ethnicity/gender become irrelevant in light of a common cause/interest. I’m truly happy that I had a chance to debunk myths that I’ve had in my mind, and other people had in theirs, and really hope that this focus on a common interest could work elsewhere.
Now off to polish off my presentation for tomorrow. Stay safe out there!

Quick update [6/7/2010]: Athcon was fantastic! I’ve had a great time in Athens, had a chance to finally meet some really brilliant minds that I’ve been following for some time online, and was fortunate enough to experience the famous greek hospitality. I am reassured with my previous assumptions that all these politics are just the attempt of politicians to prove that they are worth their salaries (hint -they don’t). We just want to live our lives quietly – the only reason for some kind of army/politicians is to fend off anyone who wants to disturb this (terrorists).

Back to work now, as I need to start prepping for Miami next week…

Upcoming Conference Schedule

I have been fortunate enough to be picked up by several CFP of great conferences, which basically gave me the opportunity to participate at conferences I wanted to go to anyway, as well as to present some of the research in the CyberCrime/CyberWar field.

After BlackHat Europe (see related post), I will be speaking at:

ph-neutral – Basically the real deal… If you are FoFX (Friends of FX) expect to rub shoulders with some of the world’s best security experts

AthCon – A new regional conference in Greece, close to home, sponsored by some great guys from encode, and a very interesting lineup of speakers.

FIRST Conference – If you have ever dealt with incident handling, CSIRT, CERT, and alike, this is the conference to be at. A whole day workshop, and 5 full days packed with great talks in sunny Miami. Can’t go wrong…

BruCON – Brussel’s local security conference. Last year has been EPIC (so I’ve heard from authoritative sources 🙂 ) and this year is shaping up to exceed the expectations!

These are the confirmed ones for now…

Also check out the following conferences which I plan to attend (i.e – are cool and have great content):

DefCon, BlackHat US, BSidesLV – you better know these by now…

ExcaliburCon – THE security conference in China. Held at WuXi (not far from Shanghai), and offers a great mixture of local (Chinese) hackers and international ones. Spoke there last year, if you are looking to expand to the Chinese market this is the conference to be at (and sponsor!).