Careers & People

7/10/2015
11:00 AM
Kerstyn Clover
Kerstyn Clover
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Black Hat For Beginners: 4 Tips

What happens in Vegas stays in Vegas. But for newbies, these helpful hints will make sure you get the most out of the Black Hat USA experience.

When I went to Black Hat USA for the first time last year, not only had I not ever been to any big conferences but I also had never been to Las Vegas. Black Hat veterans can probably imagine my culture shock as I tried to quickly acclimate to the information overload. If you haven’t been, hopefully you can learn from my experience.

Tip 1: Know where the restroom is before you need it. Not only is this a good rule in general, but I think it applies heavily to Black Hat. The conference area turns into a labyrinth when you only have a few minutes until your next talk and huge crowds of people are milling around. Last year I seemed to find all of the women’s rooms that were temporarily men’s rooms -- after I’d had four cups of coffee and had to wander the halls looking for other locations. Maps are your friends.

Tip 2: “Get yourself invited to as many parties as possible.” That’s quoted because those were specific directions from my manager. I initially laughed out loud. I didn’t realize it at the time, but the social events really are a great place to meet people and find interesting conversation. You might also find unique arrays of food and drink used by the hosts to attract attendees. Some vendors will give out tokens or passes to their events at the expo hall, but for others you’ll want to watch the Black Hat webcasts and emails for information!

Kerstyn (bottom right) and her newfound friends from Black Hat & DefCon last year.
Kerstyn (bottom right) and her newfound friends from Black Hat & DefCon last year.

Tip 3: Conversely, skip events if it’s what is best for you. I’m pretty extraverted, so my initial goal was to be out as much as possible to see all of the people, displays, and demonstrations. If you’re more introverted this may come naturally, but I realized I occasionally had to push myself to go back to my room and rest. The dry air, long days, and late nights can take a serious toll. One night I opted to make it an early evening with a hearty dinner, which helped a lot on the next day when I could forgo the headache medicine and actually stay awake through talks.

Tip 4: Take notes. If you’re picking up business cards or vendor documents, keep a pen handy and write down a summary of who you talked to and what you discussed. You may think you’ll remember those topics (I did, too), but I’m here to tell you from experience that you will not. Those memories will stay in Vegas, but when you want to follow up with that one person about that neat product you talked about at that fun party, your notes will be very helpful. It’s also a good idea to keep track of what talks you attended and any stand-out information to read more about later.

Black Hat USA is next month. Register here.

As a staff consultant on the SecureState Attack and Defense Team, Kerstyn works with a broad range of organizations across a variety of industries on security assessments including incident response, forensic analysis, and social engineering. View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Yahoo Class-Action Suits Set for Settlement
Dark Reading Staff 9/17/2018
RDP Ports Prove Hot Commodities on the Dark Web
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: In Russia, application hangs YOU!
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-3912
PUBLISHED: 2018-09-18
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.
CVE-2018-6690
PUBLISHED: 2018-09-18
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.
CVE-2018-6693
PUBLISHED: 2018-09-18
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escal...
CVE-2018-16515
PUBLISHED: 2018-09-18
Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.
CVE-2018-16794
PUBLISHED: 2018-09-18
Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls.