Last week, Tripwire compiled a list of the top 10 information security conferences. We made a special effort to ensure that our article included the biggest, most industrialized conferences in the industry, and we feel that we succeeded in capturing the major brands across the infosec conference landscape. Even so, we recognize that information security is host to a wide array of conferences that are perhaps not as well-known as RSA or Black Hat, but nevertheless, offer significant resources for personnel in the field. With this in mind, Tripwire has compiled a list of five other information security conference gems. This list is by no means exhaustive. On the contrary, it is our hope that it will be the first in a multi-part series. (NOTE: This article is listed in alphabetical order only and is not ranked.)
#5: CanSecWest
Tyler Reguly, Manager, Security Research & Development at Tripwire, sees CanSecWest as one of his favorite information security conferences. “The top of the list would have to be CanSecWest, the cream of the crop of Canadian Conferences,” Reguly explains. “It's a single-track, highly focused conference that is aimed at people who are hands-on and have a deep, technical grasp. The information that comes out of this conference is always useful, and you can expect a line-up of speakers that are well-respected and proven in their field.” CanSecWest is a three-day conference that focuses on bringing together security professionals on issues related to applied digital security. As such, the conference features a single-track of thought-provoking presentations that give preference to new research and hot issues in the industry. When: March 18-20, 2015 (past) Where: Sheraton Wall Centre hotel in downtown Vancouver, British Columbia, Canada Website: https://cansecwest.com/
#4: Hacker Halted
Hacker Halted comes highly recommended by Lane Thames, a Software Development Engineer and Security Researcher with Tripwire’s Vulnerability and Exposure Research Team (VERT), from the perspective of both an attendee and a presenter. “I have to say that this was a very enjoyable conference, and I will be attending it whenever possible in the years to come,” explains Thames. “Currently, it is not very huge; it probably had only a few hundred attendees. But it was very well organized, it had a very nice line of keynote speakers, and the presentations were of very high quality. The attendees were also very eager to learn new security topics and were highly engaged, which added a bit of excitement to each of the presentations.” Hacker Halted is part of a global series of computer security conferences offered by the EC-Council that are designed to promote security awareness with regards to education and ethics worldwide. This year’s conference will focus on the issue of the “cyber pandemic.” When: September 13-16, 2015 Where: Renaissance Atlanta Waverly Hotel & Convention Center in Atlanta, Georgia, USA Website: http://www.hackerhalted.com/2015/home/
#3: REcon
Much of what Reguly likes about CanSecWest he also finds in REcon. “REcon is another technical conference that is focused on a subset of security, specifically reverse engineering,” Reguly observes. “While it has expanded a bit, it remains highly technical and, like CanSecWest, is single-track, ensuring you don't miss any of the high quality talks they include." Additionally, REcon offers four days worth of training prior to the actual three-day single-track conference. Its current sponsors this year include Hex-Rays and No Starch Press. When: June 15-21, 2015 Where: Hyatt Regency Montreal in downtown Montreal, Canada Website: https://recon.cx/
#2: SecTor
SecTor is a conference of choice for information security professionals, particularly those who live in Canada. Reguly could not agree more with that statement. “SecTor is on my list for a couple of reasons,” he explains. “For starters, it gives Canada the multi-track, reasonably priced conference that neither CanSecWest nor REcon provide, bringing together management tracks, technical tracks and sponsored talks. With a small vendor floor and lock picking village, this conference also does a good job of merging small-scale versions of RSA, DEF CON and Black Hat into a local conference that doesn't mean a five-hour plane ride to the west coast of the United States.” SecTor was created by TASK, North America’s largest and most successful IT security group. It has since involved into Canada’s premiere information security conferences. When: October 20-21, 2015 Where: Metro Toronto Convention Centre, Toronto, Canada Website: http://sector.ca/
#1: USENIX Security Symposium
Thames values USENIX Security Symposium for the variety of presentations it has to offer. “The USENIX conference provides a very nice mix of academic and industry-level presentations who together work to introduce both technologies and new ways of thinking for cybersecurity.” Those responsible for organizing USENIX also screen each presentation according to an extensive peer review process. “Another great thing about this conference is that all presentations must come with a paper that describes the work that will be presented. These papers are required to go through peer review, and those that are accepted into the conference are made freely available to the public in a compiled PDF document.” Each security symposium is hosted by USENIX, a computing association that is dedicated to fostering technical expertise and innovation around the world. When: August 12-14, 2015 Where: Washington DC Website: https://www.usenix.org/ Did we miss one? Be sure to write in the comments any security conferences that you believe deserve a spot.
