July 26, 2010, 8:50 PM — Two premiere security conferences -- Black Hat and DefCon -- run back-to-back in Las Vegas this week, each with their own distinct flavor. But even these events don't meet the needs of all computer security pros, setting the stage for a widening set of satellite events.
Some of these alternatives are corporate sponsored and some are grassroots, but all contribute to making Las Vegas the place to be this week for anyone hoping to raise their security know-how.
Black Hat's most notorious incidents: a quiz Jack Daniel, who is community development manager for Astaro, says he's getting to town a day early specifically for a four-and-a-half hour conference run by security vendor Codenomicon, then sitting on a panel at Security B-Sides -- which directly competes with Black Hat -- then speaking at DefCon. That wealth of content in one city at one time is a big draw. "It's a reason to get to Vegas this week if you can afford it," Daniel says.
DefCon (the oldest of the bunch) and Black Hat were both founded by security consultant Jeff Moss and each have their own appeal. "It's the dark side of the force and the light side of the force," says Josh Corman, an analyst with The 451 Group. DefCon is "a visceral, personal confrontation with what the adversarial community really is. It's more raw, more intense," whereas Black Hat is the more corporate side of the coin with briefings by white-hat researchers.
Inevitably some quality talks proposed for these conferences get rejected, which led to the formation last year of Security B-Sides, a much smaller but more populist conference where attendees can directly engage speakers rather than being talked to from the lectern. Talks aimed at niche sections of the security community can find a home here, Daniel says. The largest talk last year was attended by 60 people; Black Hat and DefCon meeting rooms can hold hundreds.
And the larger shows drift toward presentations by big names that don't necessarily have pure security credentials. For example, last year Adam Savage, the host of the TV show "MythBusters," spoke about carrying on through failure, not a security talk but nevertheless popular. "You couldn't get down that hall to the room," says Daniel. It's difficult, he notes, to maintain the feel of an elite hacker conference when it has more than 10,000 attendees.