A computer security conference is a convention for individuals involved in computer security. They generally serve as meeting places for system and network administrators, hackers, and computer security experts.
Common activities at hacker conventions may include:
General security conferences might be heldl;mMDLio saDop3 12[]by non-profit/not-for-profit/for-profit professional associations, individuals or informal group of individuals, or by security product vendor companies.
A hacker conference, also known as a hacker con, is a convention for hackers. These serve as meeting places for phreakers, hackers, and security professionals.
The actual events, time-spans, and details of various themes of these conventions not only depends on the specific convention attended but also its perceived reputation. Typically the actual details of any given convention are couched in mild secrecy due to the legality of certain panels, as well as the willingness of attendees to explain themselves to law enforcement and less computer-savvy individuals (see hacker definition controversy).
Common topics include wardriving, lockpicking, corporate and network security, personal rights and freedoms, new technologies, as well as general 'geek' motifs. Some may also have contests and general collaborative events such as hackathons.
One facet of Hacker conferences that tends to differentiate many "HackerCons" from general computer security conferences, is the evolution of the conference badge. While many conferences use a fairly standard paper/plastic badge to identify attendees by name, many hacker con's have evolved to use more non-traditional badges, such as electronic PCB's with LED's, LCD screens, and can include wifi and advanced, often hidden functionality, to include games, that do not identify the individual, sometimes promoting a group identity or regional/local group affiliation. This has spurred the creation of so-called "badgelife" where different individuals and organizations (such as local hacker groups) may design, create, and sell or otherwise distribute a separate badge attendees wear in addition to their conference badge. These badges may be purchased, but some may have to be earned by completing a challenge at the conference. One of the rarest and most desirable badges is the DefCon Black Badge. [61] While the use of the badges are traditionally associated with DefCon, their use has spread to other conferences.
The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.
L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. The L0pht was one of the first viable hackerspaces in the US, and a pioneer of responsible disclosure. The group famously testified in front of Congress in 1998 on the topic of ‘Weak Computer Security in Government’.
DEF CON is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions. Contests held during the event are extremely varied and can range from creating the longest Wi-Fi connection to finding the most effective way to cool a beer in the Nevada heat.
Summercon is one of the oldest hacker conventions, and America's oldest and longest-running information security conference. It helped set a precedent for more modern "cons" such as H.O.P.E. and DEF CON, although it has remained smaller and more personal. Summercon has been hosted in cities such as Pittsburgh, St. Louis, Atlanta, Washington, D.C., New York City, Austin, Las Vegas, and Amsterdam. Originally run by Phrack, the underground ezine, and held annually in St. Louis, the organizational responsibilities of running Summercon were transferred to clovis in 1998 and the convention took place in Atlanta, dubbed 'Summercon X'.
Jeff Moss, also known as Dark Tangent, is an American hacker, computer and internet security expert who founded the Black Hat and DEF CON computer security conferences.
EC-Council is a cybersecurity certification, education, training, and services company based in Albuquerque, New Mexico.
Jeffrey Carr is a cybersecurity author, researcher, entrepreneur and consultant, who focuses on cyber warfare.
Access Now is a non-profit organization founded in 2009 and focused on digital civil rights. The organization issues reports on global Internet censorship, and hosts the annual RightsCon human rights conference.
In hacking, a wargame is a cyber-security challenge and mind sport in which the competitors must exploit or defend a vulnerability in a system or application, and/or gain or prevent access to a computer system.
Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference. It is a partner organization of the World Economic Forum.
Iftach Ian Amit is an Israeli Hacker/computer security researcher and practitioner. He is one of the co-founders of the Tel Aviv DEF CON Group DC9723, the Penetration Testing Execution Standard, and presented at hacker conventions such as DEF CON, Black Hat, BlueHat, RSA Conference. He has been named SC Magazine's top experts and featured at Narratively's cover piece on Attack of the Superhackers and is frequently quoted and interviewed
The 2016 Cyber Grand Challenge (CGC) was a challenge created by The Defense Advanced Research Projects Agency (DARPA) in order to develop automatic defense systems that can discover, prove, and correct software flaws in real-time.
Security BSides is a series of loosely affiliated information security conferences. It was co-founded by Mike Dahn, Jack Daniel, and Chris Nickerson in 2009. Due to an overwhelming number of presentation submissions to Black Hat USA in 2009, the rejected presentations were presented to a smaller group of individuals. The event was named after the "B-side" of a vinyl record.
Election cybersecurity or election security refers to the protection of elections and voting infrastructure from cyberattack or cyber threat – including the tampering with or infiltration of voting machines and equipment, election office networks and practices, and voter registration databases.
Alex Stamos is an American computer scientist and adjunct professor at Stanford University's Center for International Security and Cooperation. He is the former chief security officer (CSO) at Facebook. His planned departure from the company, following disagreement with other executives about how to address the Russian government's use of its platform to spread disinformation during the 2016 U.S. presidential election, was reported in March 2018.
Robert E. Joyce is an American cybersecurity official who served as special assistant to the President and Cybersecurity Coordinator on the U.S. National Security Council. He also began serving as White House Homeland Security Adviser to President Donald Trump on an acting basis after the resignation of Tom Bossert from April 10, 2018 to May 31, 2018. He completed his detail to the White House in May 2018 and returned to the National Security Agency. where he is now the Senior Advisor to the Director NSA for Cyber Security Strategy, Joyce previously performed as acting Deputy Homeland Security Advisor since October 13, 2017. On January 15, 2021 the NSA announced that Joyce would replace Anne Neuberger as its Director of Cybersecurity.
Jacob H. Braun is an American politician, cyber and national security expert. He was appointed by President Joseph Biden as the U.S. Department of Homeland Security (DHS) Secretary's Senior Advisor to the Management Directorate. Braun is also a lecturer at the University of Chicago’s Harris School of Public Policy Studies where he teaches courses on cyber policy and election security. He previously served as the Executive Director for the University of Chicago Harris Cyber Policy Initiative (CPI).
Ang Cui is an American cybersecurity researcher and entrepreneur. He is the founder and CEO of Red Balloon Security in New York City, a cybersecurity firm that develops new technologies to defend embedded systems against exploitation.
Capture the Flag (CTF) in computer security is an exercise in which participants attempt to find text strings, called "flags", which are secretly hidden in purposefully-vulnerable programs or websites. They can be used for both competitive or educational purposes. In two main variations of CTFs, participants either steal flags from other participants or from organizers. A mixed competition combines these two styles. Competitions can include hiding flags in hardware devices, they can be both online or in-person, and can be advanced or entry-level. The game is inspired by the traditional outdoor sport of the same name.
Black Hat Middle East and Africa formerly @HACK is a three-day cybersecurity and hacking convention that annually takes place in Riyadh, Saudi Arabia, during Riyadh Season. It is one of the largest conventions in its industry.