I was privileged to be able to attend SecTor again this year, my third year in a row and it was overall a great experience. Brian Bourne from CMS (SecTor's founding father) and the rest of the SecTor advisory board did a great job (again) pulling this all together.
For me, this was the best year so far in terms of the quality of both the keynotes and breakout talks. My only complaint was that the talks were so good, I didn't really get to spend any time in the lockpick village or with the hardware hackers. Oh well, drowning in riches. :)
Some Highlights (in order of appearance):
- Chris Hoff's opening keynote "Cloudifornication". The Hoff is a great presenter, his content is solid and his deck flows well. I was seriously under-caffeinated during this talk, and still managed to take a lot of good points surrounding the risks of cloud infrastructure.
- Jon Rose's talk on hacking Flex servers and his deBlaze tool. Eye opening, well presented. Really enjoyed.
- Both of Andrés Riancho's sessions on w3af. Great tool. Mind blowing amount of thought and work has gone into that "little" project. Really strong presentations.
- The SSL fail panel with Jay Graver, Tyler Reguly, Mike Zusman, and RSnake. Everything a panel discussion should be, lots of good information, good audience interaction. The conversation just didn't want to stop.