SunSec Trip Report
Last night Rich Mogull of Securosis, and co-host of Network Security Podcast, hosted SunSec (which was on hiatus for far too long) at the Furio in Scottsdale. It was a great turnout last night — about twenty people had shown up and talked up all kinds of storms for several hours.
Dre and I talked with Dennis Groves, one of the founding members of OWASP and contributor to the OWASP Guide. Dennis had mentioned the DARPA Browser Project and we then talked about trusted systems and how software assurance through formal methods will fix all the security problems.
Obviously with Mogull we had to talk about data security — his specialty, and what’s also obvious he is a rockstar at it. Where are all the other security researchers that are into data security like he is?? All I can count and know of is Dan Geer, Rob Newby and Gunnar Peterson (oh, and Christofer Hoff too!). We also had brought up the little SCADA hack/hoax that Hoff and him had tried to pull a couple weeks ago. Trailing off, we then got into a discussion about hacking train controllers, and what do I notice in my feed reader this morning? Courtesy of Domber’s Basecamp: Schoolboy hacks into city’s tram system.
All in all, SunSec rocked. If you live in the Phoenix area, you definitely have to make it to the next one.
Thanks Marcin,
I’m honoured to be included in the same sentence as DG and GP, and the same paragraph as the Mogull Himself. Whilst I can’t get to Phoenix that easily from the UK, I’ve just heard that I’m coming to Vegas at the beginning of Feb for a few days. Anyone in the area?
P.S. Rich missed a call with me today though - I think the fame is going to his head. Remember the people Rich…
I think Rich might be a little hungover, hahaha.
I had a brilliant time - I hope we can all get together again soon.
Obviously just an alcohol-inspired oversight, but you’ve omitted me from that list of people who are “…into data security” like Mogull is…where the hell do you think he gets all of his ideas! ;)
Jeez, what’s it take to get a little attention in this town!?
I’ve bought you drinks before!
…and Newby’s a furriner…he don’t count.
/Hoff
I don’t know how could I forget you Hoff! You were talked about quite a bit last night. I still can’t get over the prison wine. LOL
…vindication! Better to be talked about than have to work for a living.
If it weren’t for Mogull, I’d have no social life at all.
I saved some of that special “eau de toilet” for you…anytime you’re ready.
;)
The question I asked Rich was regarding smart, hands-on, technical people working in data security research/innovation in the form of usable software/solutions. Besides ones already mentioned such as the work Eric Monti / Matasano did on Extrusion Prevention and David Litchfield / NGSS did with Oracle security. I’d also like to hear more about defense research instead of just vulnerability research.
I think I was trying to get Rich to give up a name of a person working internally at one of the DLP companies. I think he said something to the effect of, “somebody he knows that’s really sharp at Symantec”, but it was kind of mumbled and he was kind of tipsy.