A computer security conference is a convention for individuals involved in computer security. They generally serve as meeting places for system and network administrators, hackers, and computer security experts. Common activities at hacker conventions may include:
General security conferences might be held by non-profit/not-for-profit/for-profit professional associations, individuals or informal group of individuals, or by security product vendor companies.
A hacker conference, also known as a hacker con, is a convention for hackers. These serve as meeting places for phreakers, hackers, and security professionals.
The actual events, time-spans, and details of various themes of these conventions not only depends on the specific convention attended but also its perceived reputation. Typically the actual details of any given convention are couched in mild secrecy due to the legality of certain panels, as well as the willingness of attendees to explain themselves to law enforcement and less computer-savvy individuals (see hacker definition controversy).
Common topics include wardriving, lockpicking, corporate and network security, personal rights and freedoms, new technologies, as well as general 'geek' motifs. Some may also have contests and general collaborative events such as hackathons.
One facet of Hacker conferences that tends to differentiate many "HackerCons" from general computer security conferences, is the evolution of the conference badge. While many conferences use a fairly standard paper/plastic badge to identify attendees by name, many hacker con's have evolved to use more non-traditional badges, such as electronic PCB's with LED's, LCD screens, and can include wifi and advanced, often hidden functionality, to include games, that do not identify the individual, sometimes promoting a group identity or regional/local group affiliation. This has spurred the creation of so-called "badgelife" where different individuals and organizations (such as local hacker groups) may design, create, and sell or otherwise distribute a separate badge attendees wear in addition to their conference badge. These badges may be purchased, but some may have to be earned by completing a challenge at the conference. One of the rarest and most desirable badges is the DefCon Black Badge. [62] While the use of the badges are traditionally associated with DefCon, their use has spread to other conferences.
Pixelflut is a common activity at hacker events. It is a protocol for software to draw a canvas. Usually this is done in a client-server architecture with multiple clients who send individual pixels and the server displays. The clients then overwrite each others images on the same server. [63] [64] There are various variants of the protocol and different implementations for both the server and the client.
The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.
L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. The L0pht was one of the first viable hackerspaces in the US, and a pioneer of responsible disclosure. The group famously testified in front of Congress in 1998 on the topic of ‘Weak Computer Security in Government’.
DEF CON is a hacker convention held annually in at least Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer and hacking-related subjects, as well as cyber-security challenges and competitions. Contests held during the event are extremely varied and can range from creating the longest Wi-Fi connection to finding the most effective way to cool a beer in the Nevada heat.
Jeff Moss, also known as Dark Tangent, is an American hacker, computer and internet security expert who founded the Black Hat and DEF CON computer security conferences.
EC-Council is a cybersecurity certification, education, training, and services company based in Albuquerque, New Mexico.
Jeffrey Carr is a cybersecurity author, researcher, entrepreneur and consultant, who focuses on cyber warfare.
There is no commonly agreed single definition of “cybercrime”. It refers to illegal internet-mediated activities that often take place in global electronic networks. Cybercrime is "international" or "transnational" – there are ‘no cyber-borders between countries'. International cybercrimes often challenge the effectiveness of domestic and international law, and law enforcement. Because existing laws in many countries are not tailored to deal with cybercrime, criminals increasingly conduct crimes on the Internet in order to take advantages of the less severe punishments or difficulties of being traced.
Access Now is a non-profit organization headquartered in Brooklyn, New York City, in the United States. It was founded in California in July 2009 and focuses on digital civil rights. The organization issues reports on global Internet censorship, and hosts the annual RightsCon human rights conference. It is a registered 501(c)(3) nonprofit organization. Its headquarters moved to New York at the beginning of 2022.
The International Information System Security Certification Consortium, or ISC2, is a non-profit organization which specializes in training and certifications for cybersecurity professionals. It has been described as the "world's largest IT security organization". The most widely known certification offered by ISC2 is the Certified Information Systems Security Professional (CISSP) certification.
In hacking, a wargame is a cyber-security challenge and mind sport in which the competitors must exploit or defend a vulnerability in a system or application, and/or gain or prevent access to a computer system.
Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference. It is a partner organization of the World Economic Forum.
Matthieu Suiche, also known as Matt and under the username msuiche, is a French hacker and entrepreneur. He is widely known as the founder of MoonSols and co-founder of CloudVolumes, which was acquired by VMWare in 2014. In March 2014, Suiche was highlighted as one of the 100 key French developers in a report for French minister Fleur Pellerin.
Iftach Ian Amit is an Israeli Hacker/computer security researcher and practitioner. He is one of the co-founders of the Tel Aviv DEF CON Group DC9723, the Penetration Testing Execution Standard, and presented at hacker conventions such as DEF CON, Black Hat, BlueHat, RSA Conference. He has been named SC Magazine's top experts and featured at Narratively's cover piece on Attack of the Superhackers and is frequently quoted and interviewed
Security BSides is a series of loosely affiliated information security conferences. It was co-founded by Mike Dahn, Jack Daniel, and Chris Nickerson in 2009. Due to an overwhelming number of presentation submissions to Black Hat USA in 2009, the rejected presentations were presented to a smaller group of individuals. The event was named after the "B-side" of a vinyl record.
Election cybersecurity or election security refers to the protection of elections and voting infrastructure from cyberattack or cyber threat – including the tampering with or infiltration of voting machines and equipment, election office networks and practices, and voter registration databases.
Robert E. Joyce is an American cybersecurity official who served as special assistant to the President and Cybersecurity Coordinator on the U.S. National Security Council. He also began serving as White House Homeland Security Adviser to President Donald Trump on an acting basis after the resignation of Tom Bossert from April 10, 2018, to May 31, 2018. He completed his detail to the White House in May 2018 and returned to the National Security Agency, where he served as the Senior Advisor to the Director NSA for Cyber Security Strategy, until July 2019 when he went to London and served in the US Embassy as the NSA's senior cryptologic representative to the UK. Joyce previously performed as acting Deputy Homeland Security Advisor since October 13, 2017. On January 15, 2021, the NSA announced that Joyce would replace Anne Neuberger as its Director of Cybersecurity.
Ang Cui is an American cybersecurity researcher and entrepreneur. He is the founder and CEO of Red Balloon Security in New York City, a cybersecurity firm that develops new technologies to defend embedded systems against exploitation.
Chris Kubecka is an American computer security researcher and cyberwarfare specialist. In 2012, Kubecka was responsible for getting the Saudi Aramco network running again after it was hit by one of the world's most devastating Shamoon cyberattacks. Kubecka also helped halt a second wave of July 2009 cyberattacks against South Korea. Kubecka has worked for the US Air Force as a Loadmaster, the United States Space Command and is now CEO of HypaSec, a security firm she founded in 2015. She lives and works in the Netherlands.
Capture the Flag (CTF) in computer security is an exercise in which participants attempt to find text strings, called "flags", which are secretly hidden in purposefully-vulnerable programs or websites. They can be used for both competitive or educational purposes. In two main variations of CTFs, participants either steal flags from other participants or from organizers. A mixed competition combines these two styles. Competitions can include hiding flags in hardware devices, they can be both online or in-person, and can be advanced or entry-level. The game is inspired by the traditional outdoor sport of the same name. CTFs are used as a tool for developing and refining cybersecurity skills, making them popular in both professional and academic settings.
Marc Rogers is a British information security expert and ethical hacker. He received media attention for uncovering vulnerabilities in modern technologies such as Google Glass and Tesla’s Model S. He was also involved in the protection of medical facilities against hackers seeking to exploit health organizations during the COVID-19 pandemic.