Archive for the ‘Security Conferences’ Category

On Amrit Williams’ (BigFix) Beyond The Perimeter Podcast

July 18th, 2010 No comments

My good friend Amrit Williams (@amrittsering) from BigFix (congrats on the IBM acquisition!) has an awesome Podcast titled “Beyond the Perimeter.”

He was nice enough to invite me to record episode 93 titled “Is Trust the Real Barrier To Cloud Computing?” (ultimately points you to an iTunes subscription.)

We spoke for almost an hour on all sorts of great discussion points related to Cloud Computing, specifically focusing on Trust (which I define in context as Security, Compliance, Control, Reliability and Privacy.)

We also spoke about the Cloud Security Alliance, CloudAudit and the HacKid conference — three things I am very passionate about.

Thanks Amrit, great conversation as usual.


Enhanced by Zemanta

Introducing The HacKid Conference – Hacking, Networking, Security, Self-Defense, Gaming & Technology for Kids & Their Parents

April 26th, 2010 1 comment

This is mostly a cross-post from the official website, but I wanted to drive as many eyeballs to it as possible.

The gist of the idea for HacKid (sounds like “hacked,” get it?) came about when I took my three daughters aged 6, 9 and 14 along with me to the Source Security conference in Boston.

It was fantastic to have them engage with my friends, colleagues and audience members as well as ask all sorts of interesting questions regarding the conference.

It was especially gratifying to have them in the audience when I spoke twice. There were times the iPad I gave them was more interesting, however. 😉

The idea really revolves around providing an interactive, hands-on experience for kids and their parents which includes things like:

  • Low-impact martial arts/self-defense training
  • Online safety (kids and parents!)
  • How to deal with CyberBullies
  • Gaming competitions
  • Introduction to Programming
  • Basic to advanced network/application security
  • Hacking hardware and software for fun
  • Build a netbook
  • Make a podcast/vodcast
  • Lockpicking
  • Interactive robot building (Lego Mindstorms?)
  • Organic snacks and lunches
  • Website design/introduction to blogging
  • Meet law enforcement
  • Meet *real* security researchers 😉

We’re just getting started, but the enthusiasm and offers from volunteers and sponsors has been overwhelming!

If you have additional ideas for cool things to do, let us know via @HacKidCon (Twitter) or better yet, PLEASE go to the Wiki and read about how the community is helping to make HacKid a reality and contribute there!



Categories: HacKid, Security Conferences Tags:

Chattin’ With the Boss: “Securing the Network” (Waiting For the Jet Pack)

March 7th, 2010 8 comments

At the RSA security conference last week I spent some time with Tom Gillis on a live uStream video titled “Securing the Network.”

Tom happens to be (as he points out during a rather funny interlude) my boss’ boss — he’s the VP and GM of Cisco‘s STBU (Security Technology Business Unit.)

It’s an interesting discussion (albeit with some self-serving Cisco tidbits) surrounding how collaboration, cloud, mobility, virtualization, video, the consumerizaton of IT and, um, jet packs are changing the network and how we secure it.

Direct link here.

Embedded below:

Reblog this post [with Zemanta]

2010 RSA Security Bloggers Award – Thanks A Bunch…

March 7th, 2010 1 comment

I don’t pay much attention to lists or awards, other than to usually make fun of them (especially when I’m put on one.)

However, this time I’ll make an exception. I was nominated this year for the RSA Security Bloggers Awards in the category of “Most Entertaining blog” and was voted “most likely to do something stupid” (in other words, I won.)

I was up against some stiff competition from the likes of Mike Rothman, Jack Daniel, Erin Jacobs and Adam Shostack (et. al) All these folks are fantastic bloggers and I’m lucky enough to call them all my friends.  In between ejecting party crashers and making fun of Rich Mogull during my acceptance speech (the whole one sentence,) it was great to chill with people I only get to see in person at conferences.

Thanks very much to all who voted for me and thanks to the hard work by the judges and those who organized the bloggers meetup. Next year I hope they have a category for “best bouncer for the meetup.” 😉

I’d like to congratulate the winners in the other categories, also:

Best Technical Security Blog – The SANS Internet Storm Center Blog

Best Non-technical Security Blog – Krebs on Security by Brian Krebs

Best Podcast – Pauldotcom

Best Corporate Blog – Jeremiah Grossman, White Hat Security

Thanks again.


Related articles by Zemanta

Reblog this post [with Zemanta]

Don’t Hassle the Hoff: Recent Press & Podcast Coverage & Upcoming Speaking Engagements

February 19th, 2010 No comments

Here is some of the recent coverage from the last couple of months or so on topics relevant to content on my blog, presentations and speaking engagements.  No particular order or priority and I haven’t kept a good record, unfortunately.

Important Stuff I’m Working On:

Press/Technology & Security eZines/Website/Blog Coverage/Meaningful Links:

Recent Speaking Engagements/Confirmed to  speak at the following upcoming events:

  • Govt Solutions Forum Feb 1-2 (panel |n DC)
  • Govt Solutions Forum Feb 24 D.C.
  • ESAF, San Francisco, March 1
  • Cloud Security Alliance Summit, San Francisco, March 1
  • RSA Security Conference March 1-5 San Francisco
  • Microsoft Bluehat Buenos Aires, Argentina – March 16-19th
  • ISSA General Assembly, Belgium
  •, Belgium
  • Codegate, South Korea, April 7-8
  • SOURCE Boston, April 21-23
  • Shot the Sherrif – Brazil – May 17th
  • Gluecon , Denver, May 26/27
  • FIRST, Miami, FL,  June 13-18
  • SANS DC – August 19th-20th

Conferences I am tentatively attending, trying to attend and/or working on logistics for speaking:

  • InterOp April 25-29 Vegas
  • Cisco Live – June 27th – July 1st Vegas
  • Blackhat 2010 – July 24-29 Vegas
  • Defcon
  • Notacon

Oh, let us not forget these top honors (buahahaha!)

  • Top 10 Sexy InfoSec Geeks (link)
  • The ThreatPost “All Decade Interview Team” (link)
  • ‘Cloud Hero’ and ‘Best Cloud Presentation’ – 2009 Cloudies Awards (link), and
  • 2010 RSA Social Security Bloggers Award nomination (link) 😉

[I often get a bunch of guff as to why I make these lists: ego, horn-tooting, self-aggrandizement. I wish I thought I were that important. 😉 The real reason is that it helps me keep track of useful stuff focused not only on my participation, but that of the rest of the blogosphere.]


Don’t Hassle the Hoff: Recent Press & Podcast Coverage & Upcoming Speaking Engagements

October 26th, 2009 1 comment


Here is some of the recent coverage from the last month or so on topics relevant to content on my blog, presentations and speaking engagements.  No particular order or priority and I haven’t kept a good record, unfortunately.

Press/Technology & Security eZines/Website/Blog Coverage/Meaningful Links:


Recent Speaking Engagements/Confirmed to  speak at the following upcoming events:

  • Enterprise Architecture Conference, D.C.
  • Intel Security Summit 2009, Hillsboro OR
  • SecTor 2009, Toronto CA
  • EMC Innovation Forum, Franklin MA
  • NY Technology Forum, NY, NY
  • Microsoft Bluehat v9, Redmond WA
  • Office of the Comptroller & Currency, San Antonio TX
  • Intercloud Working Group, GooglePlex CA 😉
  • CSC Leading Edge Forum, VA
  • DojoCon, VA

I also forgot to thank Eric Siebert for putting together the VMware Top 20 blog list and putting me on it as well as the fact that Rational Survivability made the Datamation 2009 Top 200 Tech Blogs list.


My Talks/Panels At AGC InfoSec & RSA Security Conferences

April 17th, 2009 No comments

Here’s what I’ve got planned for next week at the America’s Growth Capital InfoSec and RSA Security Conferences:

America’s Growth Capital 5th Annual Information Security Conference

  1. Monday, April 20th – Keynote 3:00pm – 3:30pm – The Frogs / Cloud Computing and Virtualization Security Fable
  2. Monday, April 20th – Panel Moderator 3:30 – 4:15pm – Virtualization, Security and Management with:
    Simon Crosby, CTO, Citrix (CTXS)
    Dennis Moreau, CTO, Configuresoft
    Jay Litkey, President and CEO, Embotics
    Wael Mohamed, President and CEO, Third Brigade
    Allwyn Sequeira, VMware (VMW)

RSA Security Conference

  1. Wednesday, April 22nd – 10:40 – 11:40am Panel Discussion – Host 203 Defending & Deconstructing Virtualization Best Practices with:
    Rob Randell Senior Security Specialist, VMware
    Dave Shackleford Chief Security Officer, Configuresoft
    Moderator:   Chris Farrow Vice President, Configuresoft

  2. Wednesday, April 22nd – 2:45pm – 3:45pm Panelist/Founding Member – Cloud Security Alliance Kick-off
  3. Wednesday, April 22nd – 3:00pm – 6:00pm Panelist Jericho Forum Cloud Computing Event
  4. Thursday, April 23rd – 10:40-11:40 Panel Discussion – FEA 303 VirtSec Cage Match with:
    Andreas Antonopoulos Sr. Vice President, Nemertes Research
    Michael Berman CTO, Catbird
    Stephen Herrod CTO and VP of R&D, VMware
    Simon Crosby CTO, Citrix Systems
  5. Friday, April 24th – 10:10am – 11:10 am Speaker w/Rich Mogull (Securosis) – Bus 402 – Disruptive Innovation & The Future of Security

I’ve got a bunch of press interviews, videos and briefings going also. Just so you know, Wednesday evening is overbooked 8 times at this point. 😉

If you need to reach me, ping me via email (choff @ packetfilter. com,) DM me via Twitter (@beaker) or call my voice router +1.978.631.0302


Categories: Security Conferences Tags:

Pimping My Friends: One Of My Favorite NonCons – Troopers

April 8th, 2009 No comments

One of my favorite international security conferences is happening April 22nd/23rd in Munich, Germany. It’s run by my good friend Enno Rey and his team at ERNW:

Troopers09 is an international IT-Security Conference on the 22nd and 23rd of April 2009 in Munich, Germany. This event is created for CISOs, ISOs, IT-Auditors, IT-Sec-Admins, IT-Sec Consultants and everyone who is involved with IT-Security on a professional basis. The goal is to share in-depth knowledge about the aspects of attacking and defending information technology infrastructure and applications. The featured presentations and demonstrations represent the latest discoveries and developments of the global hacking scene and will provide the audience with valuable practical know-how.

Troopers09 is hosted by ERNW GmbH, an independent IT-Security consultancy from Heidelberg, Germany. In the past years, speakers from ERNW were invited all around the world to present their latest IT-Sec research results and to share their knowledge within the global hacking community. With this global experience in mind ERNW decided to launch an international conference in Germany in 2008. After last year’s success of Troopers08 we’re thrilled to do it again. Once more it’s going to be an event unlike all other „Security Conferences“ we have seen in Germany so far: No product presentations, no marketing blabla, no bull*ht-bingo – just pure practical IT-Security. Real answers and practical benefits to meet today´s and tomorrows threats.

Troopers08 was a fantastic event, so I can only imagine that this year’s will be just as good if not better.

Check it out here.


Categories: Security Conferences Tags:

Source Boston – Video Interviews of Security Rockstars…

March 13th, 2009 3 comments

Source Boston has officially wound down, but I’m still on Cloud 9 (sorry) following the amazing sessions and interaction I had with my fellow attendees and speakers.


My presentation was well received and with Marcus Ranum, Dan Geer, and Adam Shostack sitting six feet in front of me, I didn’t choke as badly as I could have.  I had a ton of fun giving this first run preso and got a lot of great feedback and questions. 

One of the most excellent things I got to do was spend some time walking about with Zach Lanier (@quine on Twitter) and interview many of the vendors and speakers extemporaneously on various subjects.


I’ll be updating this post with links to the interviews as I get them cleaned up and uploaded.


Here’s a sampling of what you can expect:
  • David Mortman, “I Can Haz Privacy”
  • Dmitry McKay, LogLogic
  • Chris Wysopal – Veracode 
  • Peter Kuper – “Silver Linings”
  • Jose Nazario, Arbor, “Politically Motivated DDoS Attacks” 
  • Jeremiah Grossman, Whitehat Security, “Get Rich or Die Trying, Making Money the Black Hat Way”
  • Amrit Williams, BigFix, “The Economics of CyberCrime & the Law of Malware Probability”  
  • Adam Shostack, Microsoft, “The Crisis In Information Security”  
  • Dan Kaminsky, IOActive, “DNS – Toward a Secure Infrastructure” 
  • Chris Weber, Casaba Security, “Exploiting Unicode-Enabled Software”  
  • Rob Cheyne, SafeLight, “The End Of Our Rope: The On-Going Discussion Between Business & Security” 

You’ll laugh, you’ll cry, you’ll wonder why people gave me this task…


But seriously, we discuss such mega-issues such as DDoS, Snuggies, Bedazzlers, Zombies and Estonian dissident groups (and that’s in just ONE of the talks.)  


I think I’ve found something I absolutely LOVE doing — vlogging (video blogging) and will try and do more of it.


Check back for updates to the links over the weekend.




Categories: Security Conferences Tags:

Don’t Hassle the Hoff: Recent Press & Podcast Coverage & Upcoming Speaking Engagements

February 2nd, 2009 No comments


Here is some of the recent coverage from the last couple of months on topics relevant to content on my blog, presentations and speaking engagements.  No particular order or priority.

Press/Technology & Security eZines:

Website/Blog Coverage/Meaningful Links:

I should note that many of my cloud computing writing is being republished over at the SYSCON Cloud Computing Journal with a self-branded mini-site:


I am confirmed to  speak at the following upcoming events:

  • Source Boston  - Boston, MA – March 11-13
  • TechTarget Threat Management Decisions Summit – New York, NY – March 26
  • Americas Growth Capital InfoSec Conference (keynote) – San Francisco, CA, April 20
  • RSA 2009 (multiple sessions) – San Francisco, CA, April 21-24
  • Virtualization Congress – Las Vegas, NV, May 4-7
  • (there are others being sorted at the moment

I should/will be attending the following events:

  • Shmoocon
  • Cloud Computing Expo