Careers & People

Dark Reading Launches Second INsecurity Conference

To be held in Chicago Oct. 23-25, defense-focused conference will feature closed-door discussions, co-resident Black Hat Training sessions

Late last year, Dark Reading launched a new, different sort of cybersecurity conference: INsecurity, a live event devoted to practical online defense, and presented by the security practitioners themselves.

This year, we’re doing it again – only better.

INsecurity 2018, https://insecurity.com/, which will take place Oct. 23-25 at the Sheraton Grand Chicago, promises to be an even more useful, comprehensive, and fun event than our inaugural conference in November. Our goal: to make your cyber defenses more effective by enabling you to meet and learn from your peers.

Our INsecurity 2018 event will return with many of the activities and features that made last year’s conference so well received. We will offer two full days of sessions focused exclusively on the practice of cyber defense – the tasks and processes that you do every day – and how to improve on them. We will present three keynote sessions led by security practitioners from companies you know. We will open up a Business Hall that gives technology vendors a chance to show you the latest developments in defensive tools. Best of all, we will provide a full slate of group discussions – what we call Hot Topics and Roundtables – that allow security pros to safely talk to each other about real problems and solutions anonymously, under the Chatham House Rule.

But this year, we aren’t stopping there. On the two days preceding INsecurity, Oct. 21-22, we will feature two days of security training courses from our sister organization, Black Hat. The Black Hat Training sessions https://www.blackhat.com/tr-18/, which are among the most comprehensive and hands-on courses in the industry, will offer half-day and full-day technical instruction on some of the latest security issues and challenges, taught by some of the smartest experts in security.

At INsecurity, our goal is to get beyond the everyday cyber conference - and those dark rooms lit only by the glow of PowerPoint slides. In fact, more than half of the sessions at INsecurity are either expert-moderated group discussions that let peers exchange ideas or live demonstrations of common threats and practices such as ransomware attacks or breach response. Even in INsecurity’s general sessions taught by a single speaker, we encourage the audience to interact with the speaker and with each other to improve the learning experience.

The concept behind INsecurity is that security professionals need to talk more to each other. To that end, we offer food and drink all day, with areas for casual discussion among small groups of attendees. We offer moderated Roundtables that focus on specific topics, and larger Hot Topics discussions that enable attendees to ask specific questions and interact with colleagues as well as with an expert moderator. And of course, we provide opportunities for social interaction (enhanced, as needed, with proper lubricants).

If you check out the INsecurity website today, you’ll see that we’ve already selected some excellent topics and speakers from our call for speakers that closed in May. In the coming weeks, we’ll be adding more names and more topics to the site, and even asking attendees what they’d like to talk about in our Roundtable sessions. We’ll be adding the names of keynoters from enterprises that you know, and the logos of technology vendors who will be speaking and demonstrating real-life solutions in the Business Hall.

Our first INsecurity conference closed with rave reviews, and we plan to build on that momentum this fall in Chicago. We hope you’ll be among those who join us for a different kind of security conference – and the opportunity to really make a difference in your enterprise’s cyber defense.

Related links

 

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
No SOPA
50%
50%
No SOPA,
User Rank: Ninja
7/9/2018 | 7:42:55 PM
Non-Lethal Active Defense for Enterprises
Shlomo Hershkop's Non-Lethal Active Defense for Enterprises: A Better Alternative to "Hacking Back" is going to be great.  I've read loads of his pubs stretching back the early 00's.  This is a great topic considering some in the industry want to be able to attack back with strength, but most laws currently forbid such tactics.  Shlomo's defense and decoy tactics are legit.
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Well, at least it isn't Mobby Dick!
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-10743
PUBLISHED: 2019-03-23
hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
CVE-2019-9947
PUBLISHED: 2019-03-23
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string or PATH_INFO) follo...
CVE-2019-9948
PUBLISHED: 2019-03-23
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.
CVE-2019-9945
PUBLISHED: 2019-03-23
SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution. The NGINX default configuration file has a check to verify the status of a user cookie. If not set, a user is redirected to the login page. An arbitrary value can be provided for this cookie to access the web interface without valid user...
CVE-2019-9942
PUBLISHED: 2019-03-23
A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed by the security policy in place.