Careers & People
7/10/2015
11:00 AM
Kerstyn Clover
Kerstyn Clover
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Black Hat For Beginners: 4 Tips

What happens in Vegas stays in Vegas. But for newbies, these helpful hints will make sure you get the most out of the Black Hat USA experience.

When I went to Black Hat USA for the first time last year, not only had I not ever been to any big conferences but I also had never been to Las Vegas. Black Hat veterans can probably imagine my culture shock as I tried to quickly acclimate to the information overload. If you haven’t been, hopefully you can learn from my experience.

Tip 1: Know where the restroom is before you need it. Not only is this a good rule in general, but I think it applies heavily to Black Hat. The conference area turns into a labyrinth when you only have a few minutes until your next talk and huge crowds of people are milling around. Last year I seemed to find all of the women’s rooms that were temporarily men’s rooms -- after I’d had four cups of coffee and had to wander the halls looking for other locations. Maps are your friends.

Tip 2: “Get yourself invited to as many parties as possible.” That’s quoted because those were specific directions from my manager. I initially laughed out loud. I didn’t realize it at the time, but the social events really are a great place to meet people and find interesting conversation. You might also find unique arrays of food and drink used by the hosts to attract attendees. Some vendors will give out tokens or passes to their events at the expo hall, but for others you’ll want to watch the Black Hat webcasts and emails for information!

Kerstyn (bottom right) and her newfound friends from Black Hat & DefCon last year.
Kerstyn (bottom right) and her newfound friends from Black Hat & DefCon last year.

Tip 3: Conversely, skip events if it’s what is best for you. I’m pretty extraverted, so my initial goal was to be out as much as possible to see all of the people, displays, and demonstrations. If you’re more introverted this may come naturally, but I realized I occasionally had to push myself to go back to my room and rest. The dry air, long days, and late nights can take a serious toll. One night I opted to make it an early evening with a hearty dinner, which helped a lot on the next day when I could forgo the headache medicine and actually stay awake through talks.

Tip 4: Take notes. If you’re picking up business cards or vendor documents, keep a pen handy and write down a summary of who you talked to and what you discussed. You may think you’ll remember those topics (I did, too), but I’m here to tell you from experience that you will not. Those memories will stay in Vegas, but when you want to follow up with that one person about that neat product you talked about at that fun party, your notes will be very helpful. It’s also a good idea to keep track of what talks you attended and any stand-out information to read more about later.

Black Hat USA is next month. Register here.

As a staff consultant on the SecureState Attack and Defense Team, Kerstyn works with a broad range of organizations across a variety of industries on security assessments including incident response, forensic analysis, and social engineering. View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
To Be Ready for the Security Future, Pay Attention to the Security Past
Liz Maida, Co-founder, CEO & CTO, Uplevel Security,  9/18/2017
1.9 Billion Data Records Exposed in First Half of 2017
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/20/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Jan, check this out! I found an unhackable PC.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.