DEF CON: A first timer’s perspective

By |Published On: September 10th, 2019|Tags: |

Unlike my coworker Tom, I was a complete neophyte to DEF CON – I wasn’t sure what to expect. There’s plenty of information online about DEF CON, but much of it seemed pretty sensational with people stopping just short of entering the witness protection program to prevent getting hacked. After coming back, I wanted to share some of the takeaways from my experience.

Everyone’s Interested in the Same Things You Are (and Why That Matters)

What stood out to me the most during DEF CON was the level of enthusiasm about cybersecurity as a whole that I encountered across everyone I met. Conversations about packet sniffing, vulnerabilities, and even lockpicking were the norm.

Getting to discuss these topics is cool and different from everyday small talk, but the real value comes from meeting people and finding out about technologies and techniques they put into place in their personal or professional lives to enable the awesome things they are trying to build. I got to see a little behind the scenes of how advances in deep learning are enabling malware researchers to detect malicious files faster than ever before. I didn’t know much about microservice architecture before attending DEF CON. After learning more about how this could be used and built securely, it inspired me with an idea of my own (which should be coming in a future blog post).

Overall, I think that learning about disparate topics like these is why events like these are useful. Almost everyone employed in technology will find themselves in a bubble by virtue of needing domain expertise to perform their jobs well. It’s rare to have an opportunity to expand your horizon to see what others are doing in the same field. Having a chance like this to make connections and to learn allows you bring that information back, learn more, and synthesize it with what you’re already doing to create even cooler, more useful things.

You’re Not Going to Get Hacked If You Use Good Cybersecurity Practices

I had a bit of apprehension about the security of my electronic devices before attending; DEF CON has a bit of a reputation for personal devices getting hacked if you go by what Google says. However, what I found was an environment that was much less of a minefield than I was anticipating.

There was a secure WPA2 encrypted network with 802.1x authentication, and the registration packet offered quick instructions on getting connected. That being said, there were still pitfalls to be wary of, mostly in the form of open, unsecured WiFi networks. All of the pitfalls can be easily avoided if you’re careful about what you’re exposing while in public, and if you don’t let your device connect to networks or devices you aren’t familiar with.

If you’re feeling a little shaky about whether or not you’re using good cybersecurity practices, you should check out our Information Security 101 blog series, created by Rob Hooven. This series will help you protect yourself from phishing sites, scams, ransomware, and other security concerns.

The Villages Are a Great Resource

I was consistently impressed by how much time and effort went into every village I visited. The villages at DEF CON are smaller events, ranging from a smaller series of speakers in a conference room to near conventions themselves with events, demos, workshops, and speakers.

Tom, my coworker and peer mentioned earlier, was also involved in a variety of initiatives during DEF CON and BSidesLV, including a mentorship, the Packing Hacking Village, and the Wall of Sheep. You can read about his reflective experiences in related blog posts Parts 1 and 2.

Thursday ended up being a bit of a slow day for me (most events take place on Friday and Saturday), so I ended up pitching in with set up on one of the villages. I got to know quite a few of the organizers and got the behind the scenes view on what really goes on to make these events happen (it involves a lot of last minute trips to Fry’s and meeting with DEF CON’s supply techs).

The Main Takeaway

The major takeaway for me throughout the entire conference was the passion and knowledge all these people bring to the table, and how incredibly generous they are in sharing that knowledge and passion with others. Big thanks to everyone for making it happen!

Share with your network!
Get monthly updates from Hurricane Labs
* indicates required

About Hurricane Labs

Hurricane Labs is a dynamic Managed Services Provider that unlocks the potential of Splunk and security for diverse enterprises across the United States. With a dedicated, Splunk-focused team and an emphasis on humanity and collaboration, we provide the skills, resources, and results to help make our customers’ lives easier.

For more information, visit and follow us on Twitter @hurricanelabs.