Published on March 3rd, 2017 | by Akshay Nayak
RSAC 2017 – a View from the Floor
The 2017 RSA Conference showcased almost 500 security companies proposing elegant solutions to solve a plethora of problems across different domains of security, including web application security, network attacks, data forensics, malware and APTs, encryption key management, risk and crisis management, and biometrics.
The entire conference was massive, taking place over 5 days with venues spread across 3 buildings. I was only able to attend the conference on Wednesday, and it didn’t take long for me to understand that even with an exhibitor or an expo pass there are so many opportunities for learning that one day is simply not enough. First, there were the keynotes presented by renowned security experts. Then, there were multiple sponsored talks given on more than a dozen security topics. There was also the “Sandbox” that offered hands-on challenges focusing on IoT vulnerabilities, the impact of an attack on Industrial Control Systems, and even cyber-competitions like CTF (Capture The Flag). This was my first capture the flag competition and I thought I was doing pretty well until the winner was announced. He was just 18 years old and had captured 9 out of 11 flags in just 40 minutes!
The highlight of the conference was definitely the huge number of booths setup by the 500+ security companies in the North and South halls. The variety of the booths was mind-boggling, as were the themes on which they were based. Many companies even had the exhibitors don special outfits to match their booth’s theme. Given the large number of booths, there were lots of freebies and giveaways to take advantage of. While most freebies were smaller ‘swag’ given to anyone who had a conversation with the exhibitors, there were also the superior, out-of-sight gifts that could be won via raffle.
RSA provided everyone with lots of networking opportunities and a chance to interact with world-renowned security professionals. Kevin Mitnick was there on Tuesday to sign copies of his latest book “The Art of Invisibility”. I regret missing the book signing, but I did manage to get my hands on a copy of the book from the Knowbe4 booth. Ed Skoudis, a SANS instructor and author of the popular ‘Counter Hack’ series of books, was present at the CTF competition, and Troy Hunt, the creator of the breach notification service HaveIBeenPwned, was at the Varonis booth giving a presentation on how easily web application attacks such as SQL injection can be performed. Happily, I did manage to have a brief conversation with Troy before he left the booth.
This year’s RSA theme was the “Power of Opportunity”. This phrase aptly describes the large extent to which the security industry can advance, if the growing number of security startups, each with their own distinctive ideas, are given an opportunity to prove themselves and grow.