This is a non-technical post, just to let everyone know what’s going on. It’s been a crazy last few weeks and it only gets more crazy. After moving to Texas, I’ve been working really hard on a client of ours, getting our office set up, and learning my way around. It’s been a lot of fun but a lot of hard work. But over the next week it’s going to get more interesting.
Next week I am going to be doing a lot of talks. Firstly I’m doing three talks (two short ones for executives and one long one for the developers) at Microsoft’s Bluehat conference. I’m doing a talk on Death by 1000 cuts (well, not entirely, but similar concept - on how small holes become a big deal). Here’s the overview:
Web application security is the new security frontier. Firewalls, IDSs, and IPSs have become all but commodities. Today’s threats completely circumvent the whole concept of network security, attacking websites, web browsers and the victim’s themselves. Many modern threats don’t damage websites at all, but they can have drastically bad effects on users and corporate perception. Phishing, cross-site scripting, cross site request forgeries and dozens of technologies tied together greatly increase the threat landscape. This talk will do a deep dive into the technical aspects of the threat, while keeping a steady eye on the consumer issues that drive large-scale website design.
That’ll be fun, and I’m sure I’ll have a lot more stories once I get back. After that I’ll be doing a very short talk at Toorcon’s Seattle Beta conference. It’s an invite-only conference with 150 people or so (not on their website). Here’s the overview on my “Master Recon Tool” talk:
So if anyone is going to be at either of those, drop me a line if you want to meet up at some point. So if I don’t do a lot of posting over the next week that’s what’s going on.