Blue Team Con 2024
200 North Columbus Drive
Chicago, Illinois 60601
US
Blue Team Con is a cybersecurity conference for defenders. Cybersecurity expert Aeva Black will deliver the keynote address, titled “How To Be a Responsible Consumer of Open Source Software,” at this year’s convention, taking place September 7-8 at the Fairmont Chicago Hotel. In addition, organizers announced a slate of pre-conference training sessions scheduled for September 5-6. More information and registration can be found at blueteamcon.com.
Black is an open source hacker, advocate and international public speaker with over 20 years of experience building digital infrastructure and leading open source projects at technology companies. She is the section chief for open source security at the U.S. Cybersecurity and Infrastructure Security Agency, and serves as the secretary of the board of the Open Source Initiative. Black spends her spare time riding motorcycles and supporting her local LGBTQ+ community.
“We are very excited to have Aeva as our keynote speaker this year,” said Frank McGovern, Blue Team Con cofounder and advisory board member. “There are many community-driven open-source projects that are critical to the technology ecosystem, and it's vital that defense-minded cybersecurity practitioners understand the latest U.S. and international policies on open-source software and how it affects what they protect. This is especially significant after several recent attacks against the open-source supply chain.”
Blue Team Con 2024 programming includes talks by expert speakers from Google, Airbnb, Sublime Security, Ripple, Georgia Tech and Morningstar, on such topics as strategies attackers use to manipulate high-reputation infrastructure and services to deliver email attacks, best practices for privileged access management, using AI to turn threat intelligence reports into real data, and the latest trends and insights into social engineering attacks.
In addition, topic-specific villages will provide flexible space for hands-on experiences and deep dives into areas of interest. Among the villages this year is one curated by Hak4Kidz, the first youth-based ethical hacking conference, featuring special activities designed for children ages 12-17. Three concurrent Capture the Flag competitions — presented by Graylog, Trend Micro and the Blue Team Con organizers — will offer newbies and veterans alike the ability to show off their skills and win the admiration of their peers in this unique and fun learning challenge.
The pre-conference training program will feature exclusive educational sessions over two days, including:
- PDA Cybersecurity Board Training. Presented by the Private Directors Association and designed in collaboration with Blue Team Con, this program prepares current and aspiring directors of company boards for participation in decisions regarding cybersecurity practices.
- Reverse-Engineering and Fuzzing Custom Network Protocol. In this two-part, hands-on training, attendees will learn about Protocol Reverse Engineering principals and write a protocol dissector using the Scapy framework to target the desktop game Minetest, then move to the offensive side and try to fuzz the game server to find security vulnerabilities.
- Practical Malware Analysis Bootcamp. In this two-day program, participants will get to know the internals of malware, understanding its behavior, origins, and modes of infiltration. Designed to bridge the gap between entry-level and intermediate malware analysts, participants will work hands-on with recent malware samples to get a good grasp of sophisticated evasion techniques.
- Security Intelligence: Practical Social Engineering & Open-Source Intelligence for Security Teams. Social engineering attacks remain at the top of the threat landscape and data breach reports, and attacks are becoming increasingly complex. This two-day training provides necessary knowledge on open-source intelligence and social engineering, and helps security teams build better protective measures — both proactive and reactive.
- Going Beyond the Risk Register: Crafting Compelling Risk Narratives and Gaining Executive Buy-in. This two-day training will enable cybersecurity and governance, risk and compliance (GRC) leadership and practitioners to build, measure, and track compelling cybersecurity metrics; convert metrics to insightful, executive-ready reporting; and build engagement across their organization. Attendees will learn about tools to align cyber risk to business risk and communicate cybersecurity and GRC program value.
- Masterclass/Tabletop for Determining Cybersecurity Incident Materiality. This workshop focuses on helping CISO’s lead their boardrooms and executive teams through an informed and deliberative process for identifying the material impacts and aspects of a cybersecurity incident. The masterclass and case-based tabletop program teaches the BLAST RADIUS-FALLOUT (BRFO) process for those looking to comply with SEC cybersecurity incident materiality disclosure rules or adopt leading practices.
“We are especially excited to expand Blue Team Con’s training offerings to two days,” said Stel Valavanis, Blue Team Con cofounder and advisory board member. “Between the training sessions and talks, attendees have the opportunity to earn as many as 32 continuing professional education (CPE) credits over four days."
Tickets to Blue Team Con 2024 are $199, or $50 for students 18 and over; anyone under 18 may attend for free with adult supervision. Training sessions are ticketed separately and range from $559 to $1,200; conference attendance is not required. Special room rates at the Fairmont Chicago Hotel are available for attendees.