Highlights From RSA Conference 2018

Approximately 50,000 attendees descended on San Francisco’s Moscone Center April 16–20 for RSA Conference 2018. With cyberthreats on the upswing, this year’s theme of “Now Matters” was especially apt, and a wide range of keynotes, sessions, and courses covering cybersecurity today didn’t disappoint. In this post, we’ll recap some of the highlights in a day-by-day rundown of the most interesting sessions, keynotes, and events. Whether you were able to attend or not, we want to share some of the great resources and information that came out of the conference. Read more “Highlights From RSA Conference 2018”

The Best Cloud Security Conferences to Attend in 2018 and Beyond

Securing any cloud infrastructure is a big job. You have to be constantly up to date when it comes to skills, tools, and technology, as well as the vulnerabilities and threats that crop up continuously. When it comes to security, being stagnant isn’t an option. A good cloud security professional only remains top notch by staying on top of the latest cloud security trends, emerging threats, and best practices.

That’s where cloud security conferences come in, bringing together top experts, cloud security thought leaders, and industry professionals to share tips, tricks, and tactics for bolstering cloud security in the modern landscape.

With the spring conference season kicking off,  we’ve rounded up 50 cloud security conferences you should attend in 2018, grouped by quarter so you can easily plan your schedule for the remainder of the year:

Read more “The Best Cloud Security Conferences to Attend in 2018 and Beyond”

This may be the scariest thing you read today . . .

A couple of weeks ago, we posted a survey so people could evaluate their cybersecurity savvy.

And the results are . . .

Well, let’s just say that most of us could brush up our security smarts.

Instead of reviewing the entire survey here, we’re going to focus on three of the questions where most of us were off the mark — and then, if you want, you can take (retake) the quiz to see how well you do. Read more “This may be the scariest thing you read today . . .”

Meet the TUGG’s Guppy Tank: HiTech, the Next Generation

Every year around this time, Threat Stack looks forward to taking part in TUGG’s (Technology Underwriting Greater Good) ‘Tech Gives Back’ day.

Each TUGG event finds us doing something fun, different, and valuable for the community. This year we had the honor of hosting a class of grade 6 students for a fun Guppy Tank event. Yes, it’s what it sounds like… shark tank, for the littles, but with a serious business attitude. Read more “Meet the TUGG’s Guppy Tank: HiTech, the Next Generation”

A Look Back at ChefConf 2017

Last week, over a thousand Chefs descended on the city of Austin for ChefConf 2017. The recipe for the week was two days of talks, numerous technical workshops, a heavy dose of innovation, and a dash of 70’s cover bands. Chef introduced their Chef Client 13 and showed off their newer technologies, like Chef Automate and Habitat, their application configuration and management software. The Threat Stack team (Tom McLaughlin and I) showed up to exhibit with donuts, socks, and plenty of cheesy puns — that’s right, we can help you be SOCK compliant.

NatalieFlatPeteChefConf.png

It was great engaging with the DevOps community and learning more about the challenges everyone is facing as technology evolves faster than anyone can keep up. Throughout the conference, I learned about all of the technological advances that Chef and friends are making and noticed some trends across all the talks and conversations I had with attendees. Here are three of the high-level themes I took away. Read more “A Look Back at ChefConf 2017”

5 Key Takeaways From DevOpsDays Austin 2017

Once again Threat Stack was pleased to be a sponsor and a participant at DevOpsDays Austin 2017 on May 4 & 5. Right off the bat it’s clear that this vibrant conference is continuing to expand, with its year over year increase in the number of attendees (650) and sponsors (40). Of particular note: The importance that people in the DevOps space are placing on security is definitely continuing to grow — and I put together five key observations about security, compliance, and the way DevOps teams operate. So without further commentary, here’s what I learned at DevOps Days Austin.

Read more “5 Key Takeaways From DevOpsDays Austin 2017”

Threat Stack Visitors Guide to Boston

Welcome to Boston!

Our city plays host to many tech conferences throught the year — and Threat Stack actively sponsors and particpates in many of these. To help you with your stay, we’ve compiled a comprehensive map of Boston, attempting to be both helpful (Where’s a nearby pharmacy?) and inclusive (Where are some kosher or halal eating options?).

Read more “Threat Stack Visitors Guide to Boston”

Cicadas & Security, Part 2: When a Verified PGP Key Takes You on a Trip to the Desert

Update!

A message from Cicada was discovered on Pastebin at the end of April 2017. It read “Beware false paths.  Always verify PGP signature from 7A35090F” and was, in fact, signed using the appropriate Cicada 3301 PGP key. Read further to find out how you can verify messages from Cicada and get involved in solving the latest puzzle.


Since our first installment in this series, there has been little excitement around the Cicada 3301 community, as a verified clue has yet to surface online or, as far as we know, in real life. A user going by the handle CicadaDave came forward on Reddit claiming to be part of a four-person team behind Cicada. His original post has since been deleted, but a lone comment remains on the account stating “I am Michael Cicada, aka Cicada Dave. We created Cicada 3301 as a joke between 4 bored MIT students. I am on Facebook if you have questions.”

Read more “Cicadas & Security, Part 2: When a Verified PGP Key Takes You on a Trip to the Desert”

DevOpsing at Home

I remember the days when SysAdmins bragged about server uptimes that were sometimes measured in years. I have been out of the SysAdmin world for quite a while, focusing on software development, and somewhere along the way, a small revolution happened. Here at Threat Stack, our DevOps team embraces immutable infrastructure, which allows us to spin down problematic servers and spin up brand new clean instances in a matter of minutes. Impressed with this approach, I started to look for a way to bring some of these concepts home. Read more “DevOpsing at Home”