Free Hands-On Hacking, Labs, and Other Hidden Gems of RSAC

I’ve been a member of the RSAC Program Committee for many years, but it still astounds me how many “hidden gems” and free hands-on labs are scattered throughout the agenda. I stumbled on a few putting together The Network Security Pro’s Guide to RSAC, and then reached out to my friends (and RSAC content masterminds) Britta Glade and Kacy Zurkus for more.

If you’re interested in interactive sessions, hands-on labs, collaboration, check out this list.

Learning Labs

Learning Labs are longer sessions, usually 1.5 to 2 hours in length and are more hands-on. Note that some labs require attendees to bring their own laptop, may recommend installing lab software ahead of time, and others don’t. Here are a few highlights, but you can find the full list of learning labs on the agenda.

• Intrusion Analysis and Threat Hunting with Open-Source Tools
• Adversarial Machine Learning – Learn Why and How to Break AI! with Beat Buesser, researcher with IBM
• Privilege Escalation and Persistence in AWS
• Cloud Threat Gamification: Implementable Tabletop Exercises with infosec pros from Starbucks and Raytheon
• Secure the Supply Chain: Hands-on Incident Response Workshop with Keatron Evans
• Human Security Engineering: Stopping User Initiated Loss with Tracy Celaya Brown and my good friend Ira Winkler currently chief security architect at Walmart
• Cyber Defense Matrix Learning Lab with Sounil Yu, author of the Cyber Defense Matrix – I’ve already reserved my seat for this one!
• Build and Lead an Effective Security Program: 7 Key Factors, 13 Activities with Todd Fitzgerald
• FIND MORE LEARNING LABS (20)

Birds of a Feather

Birds of a Feather (BoF) were formerly called Peer to Peer sessions at RSAC and are peer-oriented roundtables. They’re limited to around 20 attendees, don’t include any presentation, but do have a facilitator. Here are a few that caught my eye. Notice some of the facilitators from organizations such as the US Cyber Command, FBI, and representatives from MITRE and NIST. These are a GREAT way to have a conversation about a topic instead of a one-way information push of a presentation.

Also worth noting, media and press are not allowed in Birds of a Feather sessions.

• BoF: Cyber Insurance – opportunity or distraction?
• BoF: Defeating Foreign Covert Actors: Taking Action While Protecting Free Speech with Kurt Sanger, Deputy Staff Judge Advocate, U.S. Cyber Command
• BoF: Cyberwar, AI and the Law of Armed Conflict with Lawrence Dietz
• BoF: Planning for PCI DSS version 4.0
• BoF: Preparing for CMMC
• BoF: When Cyber and Physical Worlds Collide: Building a Converged Security Model – A lot of my consulting questions recently have been around OT-IT segmentation, and one of the burning questions is “How do you segment systems but de-segment the security model and strategy?” I think this might be a great session for those of you asking that question.
• BoF: Authoritative Reading: “Hall-of-Fame” Cybersecurity Books from your Library
• BoF: Mid-Size Focus: Getting Started with Zero Trust for Remote & On-Prem Users – This is the session I’m facilitating for mid-size organizations implementing zero trust.
• BoF: NIST Cybersecurity Framework Update with Cherilyn Pascoe, NIST
• BoF: Implementing and Maintaining Devsecops Infrastructure at Large Enterprises with Prateek Mishra, ADP
• BoF: Counterintelligence: Combatting State-Sponsored Threats with Anthony Rogers, FBI
• FIND MORE BIRDS OF A FEATHER (36)

Sandbox

Hop over to Moscone South in between sessions to check out the Sandbox (that’s what I do). RSAC Sandbox explores various disciplines of cybersecurity in new and innovative ways. This year, RSAC is featuring six different sandboxes with dozens of interactive experiences such as Capture the Flag and live demos. You’ll also find Lightning Talks – the new rapid-fire session format, and plenty of networking with our CyBEER Ops reception and more in this casual, cool atmosphere adjacent to RSAC Early Stage Expo. 

See the Sandbox landing page, hours, and links to all activities. This year’s sandboxes are:

1. IoT Sandbox hosted by IoT Village with CTFs, live bug hunting, and more
2. ICS Sandbox hosted by ICS Village with CTFs and industrial process hacking through today’s TTPs
3. Dark Arts Sandbox hosted by Dark Arts Village has a great lineup for researchers and bug bounty hunters
4. AppSec Sandbox hosted by AppSec Village is covering exploits in software that impact  IoT, medical devices, the power grid, smart cars, and voting apps, among other things
5. Aerospace Sandbox hosted by Aerospace Village is showing how savvy aerospace companies, security researchers, and the public are working towards a safe, reliable, and trustworthy environment
6. Supply Chain Village Sandbox hosted by I Am The Calvary
7. SANS NetWars hosted by SANS is a tournament happening Tuesday and Wednesday and is presented alongside the Sandbox content
8. MORE INFO ON SANDBOX EVENTS

Students and Security Scholars

This is really neat! Each year RSA Conference Security Scholar hosts scholars from select universities. Many of these select scholars will share their current research with attendees at a poster board exhibition on Wednesday, June 8 from 12:25 – 1:15 PM PT.

There are about 15 students presenting research boards. I’m just going to highlight Nyteisha, who’s coming from NC A&T University here in North Carolina and speaking on medical device security which I’m very passionate about.

Nyteisha Bookert
Scholars Student at North Carolina Agricultural and Technical State University 

“Will Examining Internet of Medical Things (IoMT) devices in the smart home environment reveal new privacy threats? “
Watch her 3-minute thesis video here!

VIEW THE FULL SECURITY SCHOLARS STUDENT LIST

Team Rubicon

If you haven’t heard of Team Rubicon, take one minute to read this.

Team Rubicon is a veteran-led disaster response organization that helps people prepare for, respond to, and recover from disasters and humanitarian crises. Launched in 2010 in response to the earthquake in Haiti, the organization has grown to more than 150,000 volunteers who have responded globally to over 1,000 disasters or crises. Team Rubicon supports vulnerable communities by responding to all phases of the disaster cycle to minimize risk and increase resilience.

Don’t miss Jake Wood’s keynote Wednesday and learn more about Team Rubicon, how to volunteer or donate.