Travel

Last year I was lucky enough to go to the FIRST2015 conference in Berlin. It was a great conference, good talks (including yours truly), and an even better hallway track. I’d never been to Berlin, or Germany in general, and I enjoyed seeing this amazing city a little bit as well. Traveling to a new country as a security minded person is always a bit jarring. Even a country as friendly as Germany bares consideration when it comes to laptops, tablets, phones, etc. A conference like FIRST has people coming from all over the place, including people from countries at odds (US, China, Iran, Germany, etc). As a result those IT security concerns are even more heightened. As a result we ended up having some academic conversations about operational security while traveling internationally (or traveling generally). ...

I’m lucky enough to get to go to FIRST 2015 in Berlin. I’ll be speaking on Tuesday afternoon, but one of the best things about conferences like this is being able to attend other sessions. I’ve never been to FIRST before, and this year looks jam packed. Here are the talks I’m most excited about and you’ll be likely to find me in. Monday June 15: Time Presentation Presenter Notes 11:00 Building instantly exploitable protection for yourself and your partners against targeted cyber threats using MISP Mr. Andras IKLODY (CIRCL) MISP is one of the bigger open source threat intelligence platforms (along with CRITs). I’m pretty familiar with CRITs, but I’m curious to see what mature MISP can do. 13:00 –3J4E — JIGSAW, JUMPSTART, JUNCTURE: Three Ways to Enhance Cyber-Exercise-Experience Mr. Stefan RITTER (National IT-Situation Centre and CERT-Bund, German Federal Office for Information Security BSI) I’m really interested in writing better table top exercises. This seems like a dramatically different approach. 14:00 So You Want a Threat Intelligence* Function (*But Were Afraid to Ask) Mr. Gavin REID (Lancope) So this sounds along the lines of a talk that Kyle Maxwell and I put together for BlackHat USA (but unfortunately didn’t get accepted). I’ve thought a lot about how to build useful directed Threat Intelligence, so this is super curious. 16:00 Incident Response Programming with R Mr. Eric ZIELINSKI (Nationwide) I don’t write R, not sure I ever would, but better data analysis is super important for better incident response. Also Nationwide is from my current hometown, so I’m happy to support the local guy. This is going to be a full day, which is a great thing for me. Lots of great talks, a wide variety of topics. Should be fun. ...

I started writing this at the end of March right after two trips in a row. I’ve since done another type of packing, moved, and now I’m finally catching up, so forgive some out of date thoughts. I’ve basically traveled non stop for the last two weeks, home only for last weekend. Back to back travel of fairly similar lengths makes it easy to compare, experiment, and plan a bit better. ...