How often do we get the chance to go behind enemy lines and see how the other side works? Coopsys Security Technician Vitor Brandao did just that, attending DEF CON 32 this past August in Las Vegas.
DEF CON is perhaps the most well-known hacker conference in existence. Debuting in 1993, the iconic event has become a must-attend for cybersecurity professionals, offering innovative presentations, hands-on workshops, and unique activities like Capture the Flag. Focused on security, privacy, and emerging tech, this year’s event drew more than 70,000 attendees from around the world.
A Sprawling Spectacle
Vitor started his five-day DEF CON journey “in a state of shock,” he says. “The registration line alone was multiple thousands of people long and snaked around the entire Las Vegas Convention Center. It was insane, but it was a great experience. You’re there with a huge crowd of people who share common interests and everyone is really genuine. That’s where you make your first connections. There’s a reason they call that first day ‘Line Con.’ It’s really your first interaction.”
From there, Vitor had the opportunity to choose from a wide range of courses, working sessions, and other learning opportunities, most of which were made available in dozens of topically named “villages” within the venue (e.g., AI Village, BioHacking Village, Car Hacking Village, IoT Village, Lock Pick Village, and many more).
There were also community-specific villages. Two of the core groups are Blue Team Village, built for and by people who defend computer systems, networks, and people against cyberattacks, and Red Team Village, which is focused on training in the art of critical thinking, collaboration, and strategy in offensive security. (Purple Teaming offers a collaborative approach to cybersecurity that brings together Blue and Red teams to test and improve an organization’s security posture.)
Vitor’s Purpose
Attending DEF CON was a bucket list item for Vitor.
“I’ve wanted to do this for years,” he enthuses. “I decided nothing would stop me this year. And I went in with a plan: I wanted to experience hacking from the other side of the table; from a more offensive standpoint. I’ve always been on defense, so I wanted to get a taste of more penetration testing learning and other Red Team issues.”
Keeping a low profile (“I try not to do the whole ‘I’m from Cooperative Systems” when I go into one these like hacking conventions because you may never know if someone may have malicious intent,” he says), Vitor made the most of his time at DEF CON, attending a great number of presentations and workshops.
“I had to be fast because the classes and workshops filled up so quickly,” he says. “Among the ones I truly enjoyed were those on command and control and automation. In the back of my head, as I was attending these sessions, I kept thinking, ‘how can we defend against this? What tools can we use?’ It was great to learn all this from a different standpoint. I also loved the hands-on tools we got to try at the AI Village, especially the scenario planning, where you were put in a position to have to act in the absence of technology.”
Key Learnings
Next year, Vitor says, he plans to do more to work with the Blue Team at DEF CON and try to bring more value back to his colleagues.
“Regardless of the team I join or the sessions I take, my DEF CON learnings definitely bring value to our team and clients,” he adds.
“Cooperative Systems has been incredibly supportive of my professional goals, particularly regarding my trip to this conference,” continues Vitor. “Attending this conference allowed me to deepen my knowledge of cybersecurity and connect with other professionals. By learning from industry experts and networking with peers, I gained insights that will enhance our service offerings and improve our security protocols. This knowledge enables us to better protect our clients and stay ahead of emerging threats. The best advice I was ever given was, ‘Be comfortable being uncomfortable.’ While at the conference, I definitely stepped out of my comfort zone; it’s the only way to learn. I’m grateful for the investment Cooperative Systems has made in my development.”
Contact us to learn more about how we can put our experience to work for your company.