Tag: cloud

BSides Idaho Falls – Day (n where n > 2)

I’m back home from from BSides Idaho Falls which was an amazing conference. I hope to go to more like it and back to Idaho Falls next year. Now that the initial excitement of the conference is a little more tame, why not write a “lessons learned” post? Since this blog is focused on cyber security and my personal journey in the field, I will mainly stick to those topics but want to clarify that this conference also affected me on a more personal level. With that said, here are my after-conference thoughts.

Participating in the Cloud Forensics training seminar had the largest impact on me. This course made me reconsider my career focus. From first hand experience with AWS, I can definitely say that setting up a cloud environment is both a blessing and a curse. Yes, it is ridiculously easy to spin up a machine and hop on it in a matter of minutes. The documentation of implementing different features is pretty reliable and its modularity makes it very powerful. At the same time, that modularity makes it easy to misconfigure the setup and can accidentally allow unwanted access to your resources. It’s not enough to setup an environment and load up all of your stuff on it. You need to work out the security settings and infrastructure which often seems to be overlooked when using cloud services. Remember, cloud services like AWS will protect their infrastructure. You have to protect your resources. Having a deeper understanding of cloud security in my back pocket will not only benefit me but it will allow me to help others navigate this relatively new territory.

A somewhat less career-focused benefit of this seminar is that it pointed out some skills I can improve on. During the CTF (Capture The Flag) challenge, I realized that I can learn a lot more about encryption. I already know the main concepts of encryption but I do not know of the numerous ciphers and techniques that can be used to encrypt data. I am aware of some but there are a lot more I can know! This is important to me since I currently inspect network traffic for breaches and occasionally see encrypted text that could be remote code executions. In the long run having this knowledge during investigations means less guessing and more knowing which in turns improves how I report suspicious or compromising activity. This fits firmly with my belief that in order to defend something, you need to know how to attack it.

The seminar was not the only thing that had an impact. The different villages inspired me to do more. For example, the tinkerer’s village renewed my interest in hardware and circuit boards. I doubt that I will ever make that my career focus but it is fun to play around with and to have a better understanding of how machines physically work. I have to see if I actually do have an Arduino board in my tiny collection of circuitry tools so I can access the microprocessor of my conference badge. The lockpick village was a reminder that my skills have seriously atrophied…not that they were really good to begin with. However, a high school kid gave some pointers that I have to try out on my sets at home. Kudos to that kid!

The career village was the one village I forced myself to go into and I’m glad I did. Much like networking with people, writing resumes does not come naturally to me. Also like networking with people, it is a needed skill with great benefits. I received advice on how to craft a resume for my industry which is quite different from all of the other resume workshops I ever attended and what to think about as I move forward with my career. So, I will be rewriting my resume to make it stand out even more for future positions.

Finally, the talks. Honestly, I did not see many talks this time but the ones I did see really inspired me to one day present a topic myself. I don’t know what I would present on but the idea is enticing. I’m thinking maybe something about cloud security. Or maybe how hacking has improved my defending skills? Or maybe I find an unknown exploit and present it after responsible disclosure and a patch has been released? I really don’t know at the moment but I do feel that one day I will be in front of an audience to give a presentation.

Going forward, I want to keep learning so that I may help others. That’s what started this blog in the first place. Finding a way to contribute and help others even if it is a small contribution. I plan to continue going to conferences like BSides that focus on cyber security and technology as a whole instead of ones that focus on a specific tool or product. There is nothing wrong with those conferences. I’m just not that into them at the moment. I like being able to switch from one area of security to a completely different one that does not explicitly endorse one tool over another. My view is that if I know my end goal or have an idea of what I want to do, I can research the tools along the way. And there are generally multiple tools that provide the same basic functions. It’s a matter of features/bugs. Anyway, I hope to continue contributing to this amazing community one way or another.

BSides Idaho Falls – Day 1

Today, I woke up to ominous clouds and chilling rain. Not what I was hoping for the first day of the conference. In my mind, I could only think this was a sign that I would be an embarrassment to the cyber security community. Not to mention that my frustrations with setting up my AWS machine for the seminar continued after writing the blog post yesterday. That is another story that I plan to write about more since it sparked a new blog idea.

Overall impressions of the conference? Amazing!

I joined the seminar on Cloud Forensics taught by Kerry Hazelton. There were concepts in the seminar that were familiar: The different kinds of cloud. What is cloud computing? Who owns the data you put into the cloud? Then there were things like vendor-locking or the CLOUD Act that I absolutely did not know about! The seminar definitely had me thinking of ways to expand professionally and tinkering with cloud security more.

Another thing the seminar made me ponder about is getting new certifications. He mentioned a few but the CCSK (Certificate of Cloud Security Knowledge) seems like a good place to start. And since this was focused on forensics, I wondered about trying my hand at forensics again. It might be easier to practice on instances in the cloud. Not to mention, I can blog about that too!

I also got to meet some really nice people as well. One thing that I found amazing when meeting people was how humble everyone was. There was the sense that everyone felt they did not really know anything and wanted to learn as much as possible. How much of the former is true is legitimately questionable but the latter was definitely true. No matter what the skill levels were, everyone wanted to be better. It was refreshing!

Then came the CTF (Capture The Flag) event for our seminar. We were all split randomly into teams…then I moved to a different team to help even the numbers…then more people came late and just joined our team. In total, we were a massive nine person team compared to the average size of four! And guess who was elected as team leader?

We all did not really know how to go about the CTF but I may have had best idea of what was expected. I did capture the first flag for our team which was pretty cool but I still tip my hat to the team member who got the 1000 point flag! That was amazing and really pumped the team!

Meanwhile, I had to keep track of at least three different challenges the team as a whole was working on. I’ll tell you. Working on an encryption, network and two stenography challenges at the same time is not easy. However, I found that I was a pretty good resource of random information and often could point people in the general direction to solving the challenges. I also taught a few new linux commands to one of my teammates who I am soo happy he had a linux vm on his computer! There were a couple challenges that were easier to do thanks to him!

In the end, our team came in 2nd place! My imposter syndrome kicked in and told me that we didn’t deserve it because there were nine of us. A few seconds later, I disregarded that thought and replaced it with a new one. Our team consisted of people who mostly have never done any kind of CTF challenge and were new to cyber security. And we came in 2nd! We congratulated each other and the team member who solved that 1000 point challenge got a custom challenge coin! We did really well!

At the end of the day, many of the conference attendees gathered together to play board games. It was relatively relaxing and we continued to meet more great people. There were a ton of games but I opted to play only one game called “Jamaica”. It was great looting gold from people and attacking ships on a gamble.

Despite the deathly looking clouds and the freezing rain, this was a great start to the conference. I’m looking forward to tomorrow. Especially the Tinkerer’s Village. Stay tuned!