Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OK, of all the security conferences out there....

From: "Marcus J. Ranum" <mjr () nfr com>
Date: Thu, 27 Dec 2001 09:54:02 -0500
Darren Reed wrote:

Usenix Security Symposium


I figure that as usual the answer is: "it depends" ;)

There are 6 conferences I think I've attended fairly regularly:
SANS
USENIX
Interop
CSI
TISC
Black Hat/DEFCON

Each has its own unique character and tone, and, depending on what
you want to come away with, will have different value for the attendee.
At the risk of p*ssing off the conference organizers, most of whom are
friends of mine, I'd break it down as:


SANS -
        Atmosphere:
                Busy and crowded. Lots of attendees are new to security.
                A good chance to network with system administrators and
                network administrators. Has a focus on a certification
                program and tutorial program. Most of the attendees will
                be going to some classes and boning up on something or
                other.
        Level of sophistication:
                Low. Since there are a lot of beginning security folks, you
                won't find a lot of discussions of bleeding edge stuff.
        Types of attendees:
                More on the "beginner" end of the spectrum. That being said,
                the attendees are nice and easy to network with, if you fit
                that mould as well. Most of the folks at SANS are real people
                with real problems to solve and are easy to get along with on
                that basis.
        Quality of tutorials:
                Very good. SANS is extremely aggressive about pruning
                tutorials that get poor ratings and promoting instructors
                that get good ratings. Tutorials have a lot of "back fill"
                material for introductory students.
        Other:
                If I were sending a member of my staff to one conference
                to get a backgrounder on security, it would be SANS.


USENIX -
        Atmosphere:
                Researchy, academic, quirky. USENIX is the conference
                where the big dogs who built the Internet hang out. As a
                consequence, it may be somewhat clique-ish unless you're
                a good mixer.
        Level of sophistication:
                Very high.
        Types of attendees:
                USENIX usually brings the widest mix of nerdy-types, ranging
                from white tower to operational folks. The white tower researchers
                tend to dominate the agenda.
        Quality of tutorials:
                Excellent.
        Other:
                I think USENIX is a very valuable organization and I know I
                personally owe a lot of my professional development to that
                conference.  If I were sending an employee who already was
                knowledgeable and wanted to give them a chance to hang
                with the real gurus I'd send them to USENIX.
*               Because of USENIX's UNIX roots, it's understandably focused
                towards UNIX. If you're into NT/Windows expect to hear lots
                of Microsoft bashing. At USENIX if you ask how to solve a
                security problem in a Windows system, folks will answer
                "install BSD" without thinking they're cracking wise on you.


Interop - 
        Atmosphere:
                Harried, huge, corporate. If you like to get lost in a crowd
                this is a good conference for you. Being one of the nameless
                mass is easy.
        Level of sophistication:
                Low. Focused on networking and products, mostly.
        Types of attendees:
                Various; mostly networkers and folks there to see what kind of
                new products are out. Very little research focus. Mostly
                operational.
        Quality of tutorials:
                Surprisingly good. They cater to such a large audience, though,
                that you'll find you're lost in the noise and there are few tutorials
                all at a given level.
        Other:
                This is a good conference to send sales reps to, to get training.


CSI -
        Atmosphere:
                Corporate mainstream I/S department types. Lots of mainframers,
                big systems types, auditors, CISSP types. A lot of the attendees
                will come from a more formal security background. I.e.: they tend
                towards the wearing of neckties rather than labrets.
        Level of sophistication:
                High.
        Types of attendees:
                Mostly fairly technical, a smattering of law-enforcement and
                auditors represented. Not a hacker friendly crowd. Most of
                the attendees don't represent the state of the art.
        Quality of tutorials:
                Good.
        Other:
                This is an excellent conference but not research oriented at all.
                If I had someone who wanted to be a CISSP I'd send them to CSI.


TISC -
        Atmosphere:
                West coast security/operational. Kind of like a mini SANS but
                more intimate.
        Level of sophistication:
                Good.
        Types of attendees:
                 Lots of west coast system/network admins.
        Quality of tutorials:
                Good.
        Other:
                This is a good small conference if you're in the San Jose area
                and can't travel or don't want to travel.


Black Hat/DEFCON -
        Atmosphere:
                An interesting mix of spooks and hackers. Lots of info-war
                heads and goofy kids with body piercings who think security
                begins and ends with getting root. Attracts media attention
                and since it's held in Vegas tends to have more than its
                share of hijinks.
        Level of sophistication:
                Very low and Very high at the same time. Usually there are
                a few real security gurus there with really top-notch work,
                and then a lot of hangers-on with cool Tshirts.
        Types of attendees:
                A very eclectic assortment.
        Quality of tutorials:
                Good.
        Other:
                This is a fun conference if you like the media circus atmosphere.
                It's simultaneously counter-culture and cliqueish in a way that
                is hard to describe.

mjr.
---
Marcus J. Ranum          Chief Technology Officer, NFR Security, Inc.
Work:                           http://www.nfr.com
Personal:                      http://www.ranum.com

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: