EP 7 – DEF CON 30 Review and Insights: Den Jones chats with cybersecurity friends from Cisco and Adobe

Speaker 1:

Hello and welcome to Get IT Started, Get IT Done, the Banyan Security Podcast covering the security industry and beyond. In this episode, our host and Banyan’s Chief Security Officer Den Jones speaks with Ken, Tech Lead at Adobe, and Neeha, an Information Security Engineer at Cisco. Den, Ken and Neeha all went to the DEF CON Hacking Conference in Las Vegas. Listen as they discuss what makes DEF CON uniquely open and rewarding among security conferences.

Den Jones:

Hi, everyone. I’m Den Jones. This is Get IT Started, Get IT Done, Banyan Security’s Podcast. And this a little bit of a twisted version today, so not go with the usual format. Instead after being in Vegas for Hacker Summer Camp, we decided we got a few folks together and just have a little bit of a, a debrief after DEF CON.

And, and this is a, a nice little conversation because basically, we’ve got someone who’s been around the industry for a long time, has a beard and a long hair and a bun-bun. And then someone who’s new to the business, being an intern early in career and all excited to go to DEF CON. So, let’s, I mean, first of all have everyone, everyone introduce themselves. Ken, why don’t you go first?

Ken Portie, tech lead at Adobe:

Yeah. I’m Ken Portie. I’m a Tech Lead at Adobe. And I think I’ve been go-, I’ve been going since DEF CON ’22.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Nice.

Den Jones:

Awesome. And Neeha.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah. Hi, I’m Neeha. I’m an Information Security Engineer on the Enterprise Security Intelligence Team at Cisco. So, I was an intern before. Now, I’m full time. And this is my first DEF CON that I attended in … early in career, so.

Den Jones:

Awesome. So, let’s, let’s start there, Neeha. So, first ever DEF CON, why did, why did you pick DEF CON? And what did, what did you hope to get out of it?

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah. So, um, I, you know, first like one of my coworkers mentioned it. And then, I started doing some of my own research into security conferences because summer is like the time where everyone’s going to those. And I ended up going with DEF CON because, you know, based off the forums that I read and everything, it was … it seemed very different from a lot of the security conferences that. It was very hands on.

And I saw the community online and everyone seemed like just excited to go there. There’s a lot of different challenges you could be part of, just different hands-on workshops. So, I thought that was the most that I was going to, um, be more engaged in a conference, kind of getting to do the activities rather than just being, you know, a listener.

So, kind of it had whole mix of everything. So, I wanted to go in there and just learn as much as possible. You know, be … meet different individuals, um, and try out some things for myself. So, that was kind of my goal going in.

Den Jones:

Awesome. And then, Ken, so 10 years-plus DEF CON attendee.

Ken Portie, tech lead at Adobe:

Eight, eight this year. Yeah, almost.

Den Jones:

So, so, Neeha has, Neeha has described her going in perspective. You’ve, you’ve gone back time and time again now. So, what is, what is it that makes you want to go back each year?

Ken Portie, tech lead at Adobe:

Ah, I, I think for me since the first time I attended, um, it’s just, it’s just one of those conferences that, that you get to meet a lot of people in your industry that are there, you know, not, not for the salesmanship part of it. They’re, they’re just there to learn or present what they’ve learned or, um, just meet people that are like-minded. And I think it’s such an open community that everybody, in my opinion, um, whether it’s your first time or your 100th time or, or whatever, 30th time, you, you get a sense of community.

And so now, you just go back, right? And you learn something. And it invigorates me every year when I go there and, and gets me excited again. And then, you just get to see all these people doing great stuff and get your hands dirty, just open conversation, everybody is welcoming. I mean, it’s, it’s one of the few conferences that you go to that is just a bunch of people trying to do good work, um, but have fun at the same time without trying to sell anybody in, in like a piece of software or, or a thought, right?

Everybody’s just open, you know, whether it’s, you know. And, and it could be literally everything, you know, whether it’s politics or, or, you know, um, you know, you want to wear a furry suit or whatever. Everybody’s inclusive and it’s just, it’s a good time. I mean, to, to learn, to, to learn and have fun like you said at Hacker Summer Camp, right? But like who doesn’t like that?

Den Jones:

Yeah. No, it’s also … I mean, I’m not … I don’t think I’m been doing eight, I think I’ve probably been doing about six now. And, and for me, it was just … it’s … un- unlike RSA and, and BlackCat which I kind of think of as like vendorship shows really. And, and, you know, I, I like going and connecting with people. So, any one of those three are, are good for me to connect with peers. But I really want to dig into sessions and the industry and the people and the culture. Then Ken, like you said, DEF CON, DEF CON for me is brilliant.

Okay. I’m a big, I’m a big fan of the villages. So, not the village people who, you know, if you’re a musical-inclined person, you might go for some of them. They’re shipped, too. But the villages for me, I, I love the Social Engineering Village. Neeha, what, what was … what’s … what was all … First of all, did you manage to see all the villages? And then if you did, what was your favorite and why?

Neeharika Kadavakolanu, IS Engineer, Cisco:

Oh, that’s a tough one. So, I … My goal actually going in, I, I was trying to plan out a rough idea of what I wanted to see. And I think what I wanted to focus on was villages. I tried going to as many as possible. Being my first DEF CON, I wanted to see what everything was about, um, what all the villages had to offer.

So, I didn’t get to go to all of them. There’s way too many to kind of hit all of them, um, in a short amount of time. But I got to, I got to see the majority I would say, quite a few. I kind of focused a lot on like the hands-on ones so like Packet Hacking Village. IoT Village also had some hacking labs as well that I participated in. And, um, Lock Picking Village, that was a fun community.

And, and then I also went to the Social Engineering Village. And I would say just from like … It’s really hard to pick just one because they all had different things to offer. But I guess the one that I keep talking about to everyone I know is the Social Engineering Village.

And just because I have a background in cognitive science so for me, the human behavior aspect of how they, um, people have went in for the vision competition. And they were able to speak, have live phone calls with individuals in other companies and how easily they were able to get information out of people. I think that was just super fascinating to be in that room and just see it live. Because you hear about it all the time but just to see people in action get that information was really fascinating. So, I’d say that was probably my most exciting one, favorite.

Den Jones:

Awesome. What about you, Ken?

Ken Portie, tech lead at Adobe:

Uh, I mean, I tried to hit most of them when I can. This year, you know, I guess what maybe the top three would be for sheer entertainment value. I mean, you can’t go wrong with Social Engineering. I mean, it’s scary good how, how those people are that … you know, and how calm they are. I mean, it’s … some of these people, I, I don’t understand like how they can just go and lie that will and and/or spin the truth. I mean, uh, I’m amazed by those people.

I like the Hardware Hacking Village personally because you get to get your hands on everything. But Lock Picking is always fun. I mean, every year, every year I go, I get something else lock picking, right? Like my daughter should be able to lock pick doors at this point.

But I thought like that some of the newer ones that are smaller like the Girls Hack was good or Women Hack, whatever it was. I went in there and that they were doing, um, you know, Blue Team, Red Team on Pas. And, you know, I thought that was amazing. You know, I’ll, I’ll … Just because of that, I’ll take my daughter next year, see, see if she takes it.

Den Jones:

Awesome. Awesome. And then, um, over, over the years, Ken, has, has that kind of top three changed a lot? Have you seen the villages evolve that much over the years and therefore your, your excitement goes one way or another?

Ken Portie, tech lead at Adobe:

Yeah. I mean, I think and, and I, and I might be completely wrong. I don’t follow it that closely. But, you know, eight years ago, I don’t remember there being a whole village dedicated to ATM or, or voting machine hacking, right? There wasn’t, you know … I, I don’t think there was a Whole Car Hacking Village, right? That, that became more popular in the last maybe, maybe six years or so.

So, yeah, I see, I see some of them get bigger. And then we … they add new ones, right? But depending on, like, like another littler one, it’s been around for a few years but, but it’s … I didn’t get to go in this year, I walked by it a couple times but had such a line was, um, the medical hacking one, right? Pacemakers and all that.

Den Jones:

Yeah.

Ken Portie, tech lead at Adobe:

That stuff. That, you know, that’s, that’s really it, right? That’s … Somebody’s gonna hack that, so why not? I think next time, I don’t know if it will go under, um, car or like farm but like the John Deere thing, that, that is probably going to get some, some traction somewhere. I mean, the, the more traction it gets, there will be a village for it. So, it’ll be, it’ll be curious.

But yeah, I think as you … as, as technology changes and we go into different areas, you know, some … that some things slide off and some people, things pick up. So, yeah, it’s always interesting what, what shows up and what you get to see.

Den Jones:

Yeah. And so, Neeha, so on that topic of hacks and things that show up, what was the scariest bit of research or session that you sat through this year?

Neeharika Kadavakolanu, IS Engineer, Cisco:

Um, I think like … I guess I have to bring it back to social engineering and also part of it is, um, just some of the talks I’ve listened to with, um, just like the cognitive security talks and the methodologies behind social engineering. Like you don’t realize how much work goes into it. Like they had packets of information that is just openly available online that they use. And within a few minutes, they were able to get so much out of people on their company like the physical security aspect, as well as their network details, um, and more about the individual.

And like Ken mentioned, just how calm they are and ease … their ability to lie so easily. But also getting it from the angle of going to the cognitive security talks, they looked at what are the psychological, um, behavioral tendencies that can make someone more susceptible to these, uh, attacks, make them more vulnerable, um, what to people focus on.

So, it was cool seeing that like the psychological aspect like the theories and then seeing it actually implemented in real life, how people pivot when they get a no or some sort of disagreement and then they get them to start giving information.

Um, so I think that was really scary to see. And just how, I mean, how brilliant people are. I think it’s like both like, you know, just being surrounded by so many people that are so excited, they’re a- able to just hack into things very quickly like the car hacking. They had the whole … Like I had someone set up with their friends inside the car just like they’re able to get into the Tesla, the Tesla.

So, I think like just seeing the brilliance is exciting but then also a little terrifying just how quickly you can get into it. So, I think that was my overall aspect of it.

Den Jones:

Awesome. Ken, what about you?

Ken Portie, tech lead at Adobe:

Uh, I mean, personally, the, the one that I think was kind of scary and enlightening was the two guys did a talk on the metaverse and how they can glean information from you based on they, they just set up a, a VR escape room, um, and you had to do different things to complete tasks. And, and everybody, you know, it’s like, it’s like a kind of … It’s a game, everybody wants to win. So, like they do these things. But these tests were actually designed to get specific pieces of information from you, right?

So, one was you did these poses. And when you did poses, you got letters above them. Well, one of the poses was outstretched arms, right? And what that did was give you … give them wingspan. And from wingspan, they can get height. So, that was like that. Within another room, there were monitors that had those charts that tell, you know, if you’re colorblind, right? And so, they had letters in those and if you could read them, then you would know and you could put the letters in and you get some stuff. But if somebody went through and didn’t see that, then they knew that that person was colorblind.

Um, and I think they could get like 19 pieces of information, maybe, maybe more, maybe 20 something. But with, with a good degree of accuracy, they could get seven pieces. They could get your income within 25,000 I think, your age within a couple of years, your sex, your age. I mean, so within seven pieces, they can pretty much tell you your demographic, right?

And I thought that was a little … that’s a little scary for me, right? You, you don’t think about that when you’re playing a VR game. But realistically, well, like they say, “Hey, if you’re not paying for a product, you are the product,” right?

Den Jones:

Yup.

Ken Portie, tech lead at Adobe:

So, you’ve got kids that are playing this stuff all the time. And so kids, you know, do this and they don’t realize they’re giving up information, right? So …

Den Jones:

Yeah. Yeah, nothing, nothing is free, right?

Ken Portie, tech lead at Adobe:

Exactly.

Den Jones:

When it’s, when it’s free then it says yeah. It- it’s funny, right? So, me, I, I had my heart surgery two years ago. And it just so happened the year before when I was at DEF CON and so, so I’ll talk about hacking a heart. And it was really all about the pacemaker, the Blue-, like Bluetooth and stuff like that. But it, but it was very intriguing, very intriguing for me to kind of see.

And, and I didn’t actually get to go into the Medical Village this year either, but it’s interesting for me to see that kind of stuff. And to see this from a medical perspective, we’re building all these little IoT devices but we’re not necessarily securing them from the outset and then, uh, harder to secure them afterwards really.

So, as, as we wrap up today’s talk, a couple of things, um, what would be your one piece of advice for someone going to DEF CON next year, um, if they had never gotten before? So, let- let’s start with you first, Ken.

Ken Portie, tech lead at Adobe:

I would say, you know, to echo, there’s a lady that gave a thing of dark tangent’s intro talk, you know, or, or one of the panelists, I don’t know, said, you know, “Look, look to your right and look to your left, don’t be afraid to talk to anybody, right? Don’t stick with just your people, your friends, your c workers. Go like solo and, and just talk to people, right?” Ev- everybody’s usually really chill and, and you might make a friend but also you’ll get a different perspective.

Two, please for the love of God, wear some deodorant. Like we all, we all know that it’s a problem but it’s a problem year after year. Just put some deodorant. And yeah, and I think just, just go and with the mentality of having, having fun. And, and yet go to talks that are in your area but like go do stuff that’s not, you know, like … I don’t, I don’t do hardware for, for a living but it’s fun, right?

And then you get a different perspective and it gets you churning in a different direction. So, you know, try something new, do something different. Wear deodorant. And talk to everybody.

Den Jones:

(laughs) Wear deodorant, right, Ken?

Ken Portie, tech lead at Adobe:

Yeah, I mean …

Den Jones:

Neeha, what about you?

Ken Portie, tech lead at Adobe:

Yeah. And I mean, I have to echo Ken. And then also, there’s a lot going on, um, you know, being my first time, it can be overwhelming. I got the Hacker Tracker app beforehand. So that basically is for the conference. It tells you all the live updates on the events and things going on and the location of them. So, that was super helpful just to star sessions that I was interested in.

But also realizing that the plan you had set forth and may not work out like, um, and just enjoying the experience that you have, don’t think about what you might have missed, um, because there are so many things that you won’t be able to hit them. So, focus on just enjoying what you’re experiencing right in front of you. Like I went to lock picking because I was walking by there and it just opened up. And I didn’t expect to go there at that time because I was thinking maybe there’ll be another session I want to go to a bit later.

But so I had to walk in, I met a great group of people at my table and I picked a bunch of locks. I didn’t even realize how much time I spent there. I missed one of the talks I was thinking of going to but I was fine because, you know, at the beginning, I didn’t even know how to pick locks and we’re all learning from each other. By the end, I was, you know, able to explain how to pick a lock to someone else. Like that was a super fulfilling experience.

And, you know, I didn’t think about, “Oh, the talk I missed.” I was just experiencing the moment. So, that’s a big thing I would say. And yeah, just get, you know, it’s a lot of excitement. And even though there were things that I didn’t know about, a lot of people were very friendly, just always willing to talk and share their experiences and what they know.

So yeah, again, like Ken said, just, you know, just talking to different people. And I think the biggest thing for me is now taking away this … Like coming back from the conference, it’s more of like, “These are all the opportunities of things I want to learn, um, rather than things I don’t know.” So, um, that’s a good mindset. So, yeah, I would say that.

Den Jones:

Awesome. Go guys. Thank, thank you very much. Um-

Ken Portie, tech lead at Adobe:

I got one question real quick.

Den Jones:

Yeah, yeah.

Ken Portie, tech lead at Adobe:

What, what was your favorite talk though?

Neeharika Kadavakolanu, IS Engineer, Cisco:

To me or to Den?

Ken Portie, tech lead at Adobe:

Yeah, everybody, what, what was your favorite talk like?

Den Jones:

Neeha, you go first.

Neeharika Kadavakolanu, IS Engineer, Cisco:

(laughs) Putting me on the spot. I mean, I will say I didn’t attend a lot of talks because I heard they were mostly recorded. So, I think the few, I was … I just kind of stopped by the cognitive security talks. But I spent a lot of times just kind of going around the villages and trying things hands-on. So, I guess the cognitive secure talks just because I was … that was the ones that I was around. I’d say those were the most exciting. But again, um, there are a lot of other stuff I was focusing on, so.

Den Jones:

Yeah. For me, it wasn’t the talk, it is more just the … one of the sessions in the Social Village and, and watch- watching women go through and just royally like get every bit of information shared with us far, you know. It was almost like she could get this, this person’s grandchildren’s names off and if, if she wanted their names so. So, not, not a talk but, yeah, I love, I love that side of it.

Ken Portie, tech lead at Adobe:

Yeah. I think mine was, uh, you know, I think Daniel and I talked about this, this is personal. But there was a guy out of Israel that gave a talk about, um, scalper bots. And why, why we can’t get shoes and Xbox and PlayStation and GPUs, right? Um, but the level of sophistication and, and the depth that he gave the talk, I always knew about the bots, right? Everybody knows about them.

But his, his description and, and his telling, it’s, it’s a much more complex thing at the, at the top end than I’ve ever realized. I mean, it’s, it’s, uh, these guys are, are scary good at that. And there, there aren’t that many that are at that top level but they- they’re like the best of the best. And that’s why, you know, things, whatever. It was such a … I was like, “Ah, shit, that’s why I can’t get any better shoes, right? Or, or Netflix?” It’s like, “Damn those people.”

So, that was one of my favorite ones because I was like, “Now, how do you, how do you go and use that knowledge to be able to get something like a shoes or Xbox?”

Den Jones:

Now, now that you know how they’re doing it, you want to get those damn tickets.

Ken Portie, tech lead at Adobe:

Yeah. I, I need to find those guys and be like, “Hey, how do I, how do I … How do you … How do I get you to help me do this, right?” Or, or just for the love of God, just give me a 10-and-a-half and a pair of Jordan ones or something, right? Like I’m not asking for the, I’m not asking for the whole stock, just get it and throw me a pair, you know?

Neeharika Kadavakolanu, IS Engineer, Cisco:

Right.

Den Jones:

It’s awesome. And then, yeah, Neeha, do you, do you have a question for Ken or I?

Neeharika Kadavakolanu, IS Engineer, Cisco:

Oh, um, I guess what are something that you’re … you’d want to see at the next DEF CON maybe or that you’re the most excited for, um, for next year? I’m curious like is there anything you’d particular want to see that you may be missed or something that doesn’t … wasn’t there that you didn’t get a chance to, you know, something like that?

Ken Portie, tech lead at Adobe:

Um, I don’t know. I think I would like … You know, there … It just depends on the year, right? Like whatever is big that year or what’s got a big focus. I enjoy both the Red Team and Blue Team but they just seem to be so packed. It’s really hard to get in there.

Um, and just depending on the year, honestly, the SkyTalks. SkyTalks are, are one of the best ones, um, because they’re not recorded and you can’t take your recording devices or phones and stuff. And so, you got to kind of just like pay attention. And if there’s something that looks interesting, it’s probably going to be really interesting, you just got to hope you can get in there.

So, I don’t really go in with like a sense of thinking, “Oh, I, I missed that last year so I’m gonna go do it this year.” But I, I just kind of take a look at what, what seems interesting. And then, I try to just pick up little random things here mixing talks with hands-on stuff.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Ken Portie, tech lead at Adobe:

So, I, I guess I would … I don’t really have anything that I’m, that I’m like, “Oh, I didn’t get to see that.” But the, the experience more so I would say is, is what I look forward to. And I would like to participate a little bit more in some of the hands-on stuff. I didn’t get to do a lot of that this year and I, and I think that’s what I’ll focus on next year I think.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Den Jones:

It’s a good question because I, I was thinking it’s like one of the things that I liked more and I know you’ve not been before, Neeha, so the venue for you probably seemed whatever the venue was. It’s … Having it split between three locations makes it tricky but, but being in the conference space was way better this year compared to split between the couple of hotels for the last X number of years.

So, for me, that kind of evolution, I think the conference has got to a point where it does need a bigger space because I’d, I’d love to get people into SkyTalks without having to wait for two hours in line. Or like the merged lane. This year, I think Carlos waited four hours in lane. And you can’t, you know, you can’t go to a two-day conference and spend four hours of it in the lane just about each year.

So, I think, I think there’s some really great evolutions. This con is definitely getting way bigger than it’s ever been before. And I, I think the numbers of people attending, I, I, I don’t know the official numbers but, but certainly, it was more than last year. Because last year, I was there and there wasn’t as many people.

But generally, it’s getting a lot bigger. And I think for next year, they need to plan like a bigger space even still. I mean, I don’t know, I don’t know how you do that or what it means for them but big- bigger space and more volunteers I’m guessing.

Ken Portie, tech lead at Adobe:

I think if they put like the … You remember like every other year, it’s been at Caesars like that’s a big space underneath. And if they did Caesars and the, the Caesar conference space, maybe that would be. I think Flamingo is just … like everything’s narrow and small, right?

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Ken Portie, tech lead at Adobe:

Low ceilings, narrow hallways, little rooms. Um, I don’t know if it’s just cheaper or whatever, but. Um, and I will have to say, this year, the goons were much quieter than they normally are. Normally, they’re yelling and, and, you know, you know, you don’t cross them. They were, they were a lot nicer this year. And I don’t know if that’s a good thing.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Right.

Ken Portie, tech lead at Adobe:

I mean, showing the lines here and there, right? And people walking in directions they shouldn’t be. Normally, they’re like, “Over there,” like, right? “You … This is the way, that is not the way.” And they’re like yelling, yelling and, and you don’t ever step out of line, right, which makes things seamless. This year, they’re a little nicer, so.

Den Jones:

Yeah. But wonder, I wonder if the larger conference space enabled, enabled a lot of that because there was more room to line up and it wasn’t as tramped and stuff like that. Because some of those hallways, you know, and, and products and valleys were tiny, like you said low ceilings but tiny little hallways as well. You know, they weren’t, weren’t large format.

So, you’re trying to get like 1,000 people or 500 people from one, one room to another. That was always a pain in the ass.

Ken Portie, tech lead at Adobe:

Yeah, yeah, yeah.

Den Jones:

And, and, you know. But I, I, I think, um, I, I think it was a way better conference. I love the little musical batch.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Den Jones:

I don’t mind … Being a music guy, I don’t know if I can add it to the arsenal of my sense yet and stuff, you know.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Den Jones:

Okay. So, so that’s and, Neeha has now, you got like wall art that she’s able to-

Neeharika Kadavakolanu, IS Engineer, Cisco:

No, yeah, I picked up a lot of them. They had like stickers and stuff people were making on their own. That’s what I really liked about the community, kind of people just brought their own things. Someone 3D printed their own little figurines and it’s all just different and unique. So, each person had their own style of art. So, I thought that was really cool.

And I think for me, looking forward to next year is like I think coming out of it, I did some hands-on stuff but I really want to do more of the capture-the-flag type events and kind of follow the forums a little bit because I ran into one guy who had a really cool like panda badge like an animal. And I was like, “Hey, how did you get that badge?” And it was towards the end of the conference. And he said, “Also, there’s this one guy who posts and he makes his own challenges. And if you get eight out of the 10 of the challenges, then you, you know, show him proof and he’ll give you a badge for free.”

So, I was like, “That’s really, really exciting. And that’s something that’s, you know, adjacent to the conference but not really like, you know, with the conference.” So, I thought that was really cool. So, I’m kind of looking forward to doing all of those, try to collect more of those badges and be a part of those competitions.

You know, maybe I’ll try if possible looking into doing the Social Engineering Fishing Competition. It could be pretty fun to try that. But yeah, just getting a lot more hands-on, I think it’s exciting. I came out of it. I’m like now I’m just going on trying to learn everything so I’m ready for next year even more.

Den Jones:

Yeah-

Ken Portie, tech lead at Adobe:

Yeah. That’s, that’s a whole new thing, right? Like that’s, that’s the whole subculture in itself, right? Like … Let me see. I’ll be right back. I think I got one that’s cool.

Den Jones:

You got one of the really old ones, Ken, right?

Neeharika Kadavakolanu, IS Engineer, Cisco:

Oh. Yeah, the badge culture people afterwards on forums are like, “What badges did you collect?” And it’s really cool.

Den Jones:

Yeah. I managed, I managed to get a few badges and stuff. Um, and then quite often … I mean, I keep, I keep all my DEF CON ones because those are cool.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Den Jones:

The other conference badges tend to be pretty lame, you know?

Neeharika Kadavakolanu, IS Engineer, Cisco:

(laughs) Yeah.

Ken Portie, tech lead at Adobe:

The group that called, that called the Hack for Satan, you know, they, they sell badges every year and this is one of the ones I got like two years ago.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Wow.

Den Jones:

Wow.

Ken Portie, tech lead at Adobe:

But yeah, it’s pretty, it’s pretty dope. So, it’s like finding some of the ones like this is, is pretty, is pretty fun, right? You get, you get all kinds and then like, uh, like Steve, I think you met him was hanging out with us. He, he bought a, a tour badge that actually solders into the main bed we had and it lights. And so, and so yeah, there’s … That’s a whole like you see people with kind of crazy cool badges.

And, and then next year, I don’t know if you know the format so this was digital. Next year, it will be analog so it won’t be a mechanical badge. It will be something, you know, analog. Like couple of years ago, Den, was it … it was a record, right?

Den Jones:

Oh yeah-

Neeharika Kadavakolanu, IS Engineer, Cisco:

Okay, cool.

Ken Portie, tech lead at Adobe:

Yeah. A little, a little, like 45-type thing, you know. So, so, it’s always cool to format steel, right? And, and the amount of time people put into this stuff like you saw the video of the, the family making the badges and everything. And, um, you know, usually, usually, there’s a badge challenge or, or a, a black badge on for this game.

And so, it’s like, yeah, it’s everything. Like there’s, there’s … All right, I think the first year I went, I did that challenge. It was like the LosT challenge and eight … I mean, I was awake 14 hours a day and I didn’t even attend the conference really. I was just trying to beat the stupid game. And … But I made some good friends. And I learned a shit ton of stuff.

And, you know, that’s a little community too, right? You find out early on there’s, there’s a ton of people in the very first few hours or a day that do it and then they trickle out. And then there’s a core group of people that are just like working on this thing. But like I said, I couldn’t attend any talks or anything because I was working on the damn thing every waking moment, but.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah. It’s easy to get sucked in. I, I noticed that a lot especially for the hands-on stuff. Once you’re in, like you don’t realize. I have to keep track sometimes at the time. I’m like, “Oh, wait, I want to go check all these other things out and you just … Sometimes you just zone in. But I’m excited for that since my first one. I wanted to kind of explore more. I think next year, I want to focus a bit more attention on a few and just do the challenges. I think that’s exciting for me.

Ken Portie, tech lead at Adobe:

Yeah. Hey, Den, are you going to DJ next year?

Den Jones:

I’ve still, you know, I’ve, I’ve still never … I’ve never looked into it. I’ve never, I’ve never thought about that.

Ken Portie, tech lead at Adobe:

Yeah.

Den Jones:

But we, we get past. There was one DJ and I think it’s the Chill Out Zone, Ken, right? And, and the music was soft and just mellow and stuff. But this guy was on stage rocking like he was Prince or Elvis, you know. And it was pretty, it was pretty funny because I’m like his head movement didn’t match the music (laughs).

Ken Portie, tech lead at Adobe:

Yeah. I want to be his mixing for later. But yeah, he … I was, I was like, wow. But that’s another thing that I overlook sometimes is the music, right? It- it’s … That’s the vibe for whatever that room is. And, and the Chill Out one is always pretty on point, right?

Den Jones:

Yeah.

Neeharika Kadavakolanu, IS Engineer, Cisco:

There is like ones near the hallway as you enter Caesars Forum. And there’s those people DJ’ing as well and it’s just kind of gets you pumped up. There are solid DJs I would have to say. It was really nice touch. And I think also attendees, like you were saying, you can wear whatever. I think it was really cool that people just kind of showed off their creativity. And like some people, because masks are required, so they were like gas masks with like LEDs. Or just like the way they just decided to style those, it was very fun.

Um, that’s what makes this conference pretty unique. It’s not just … You know, people are just having fun while learning. I think that was cool.

Den Jones:

Yeah.

Ken Portie, tech lead at Adobe:

Yeah. Yeah, I think that’s, that’s really good. I mean, I saw everything from, uh, like somebody was 6’4” and, and like dominatrix-type stuff. And then, you know, furries to dress in like, uh, the like a mass that was like a, a, a helmet, you know. Either … you know, you know, that’s a great thing in everybody, right?

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Ken Portie, tech lead at Adobe:

So, like, like my daughter’s you know, dressed little kind of anime weird emo-style-type thing. That’s, that’s like par for the course there, right?

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Ken Portie, tech lead at Adobe:

Not even remotely where somebody’s like, “Huh, that’s, that’s a little bit odd of a fare.” But, you know, I guess somebody like me just dresses in plane shorts and t-shirts, I’m probably the odd guy out, you know.

Den Jones:

It’s almost-

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah, I really like those.

Den Jones:

Turning up and then almost like the girl thinking of [inaudible 00:34:02].

Ken Portie, tech lead at Adobe:

Right.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah, right (laughs). I know. People look really cool.

Den Jones:

Polo shirt.

Ken Portie, tech lead at Adobe:

Right, right. If I didn’t have the long hair and beard, probably the same, right? But …

Den Jones:

Yeah.

Ken Portie, tech lead at Adobe:

It’s got … It’s like a disguise.

Neeharika Kadavakolanu, IS Engineer, Cisco:

It’s cool. People don’t really care what your identi-, like your background is or anything like that. No one really cares to us. They’re just like, “Hey, what are you doing right now?” And like they just want to learn from you. And there’s just no … At least from what I experienced, like people just didn’t have that, you know, guardrails up or that ego.

It was more just like, “Here’s what I’m doing. I’m excited to talk about it.” But also like, “What are you doing? I’m excited to learn from you.” It doesn’t matter what you look like or what … where you come from. So, I thought that was a really, really nice addition, too.

Ken Portie, tech lead at Adobe:

Sure.

Den Jones:

Yeah. I think … Ken mentioned that earlier. You know, it’s, it’s very all inclusive.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Den Jones:

Just really, really good. Um, I’m gonna wrap up with one question each. Did you manage to go to any of the evening parties? And if so, what was your favorite?

Ken Portie, tech lead at Adobe:

I’ll let you go first.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Okay. Um, I didn’t manage to go to a lot except for the opening mixer. I went to that the first night, um, because I had just came in to Vegas. And I was, you know, figuring out like how to … You know, I went to the conference area. And I was exploring. I’d met some guys who helped me figure out how to get to the conference from my hotel. It’s a little bit far away.

So, you know, I hung out. There was, you know, people and just jamming to the music, the LED lights. That was a great welcome to the conference because you’re just new. It wasn’t like … It was just so much more chill and open compared to … It wasn’t like any sort of stuck out thing. It was all about music and just partying a bit. And that was a great opener. So, I really, really enjoyed that a lot.

Ken Portie, tech lead at Adobe:

Uh, I did go to some of them. Um, you know, after eight years, you get … you kind of know which ones to show up to or, or, you know, some … which ones to stay away from. But I don’t know. I, I don’t think I went to as many this year as I normally would. Um, but yeah, I think we had some good times. And, uh, you know, whether it’s you go to the parties or you just go out with colleagues or former colleagues to, uh, you know, catch up over drinks. Those are fun.

I, I did miss Hacker Jeopardy. And I would have liked to go into that because that’s always fun. So hopefully, I will make that next year. But I always forget about some of the other ones. Um, you know, Shameless Plug, if you, if you get to go and you, you, you could go a little early, go to B-Sides. That’s always fun, too. And the last one is the Pool Party which is usually pretty, pretty interesting.

Um, but, you know, it’s, it’s a smaller place. You can actually talk to the, the speakers like at the bar later on, right? After they’ve given a talk, they’re all downstairs drinking and, and there’s a lot less people. So, if you’re like, like a talker, like what they talked about or want to talk to more, you can go down and like buy a beer and, and talk to them which, you know, it’s not a, it’s not a party, but it kinda is like a party, right?

Den Jones:

Yeah. And, and B-Sides is good because it’s regionalized. So, quite often, it’s a local event going on. It’s exclusive.

Ken Portie, tech lead at Adobe:

Yeah.

Den Jones:

So, I am … I, I like the Palo Alto Networks one. They’ve done one speakeasy which is also at the ice bar, right?

Ken Portie, tech lead at Adobe:

Yeah.

Den Jones:

So, that was good, too. And then I was fortunate enough to hang out with the team at [inaudible 00:37:36]. They were doing, um, a cabana. So, I got to hang out with some of those guys. And then some other like Cecil friends that, that I work in a Slack channel with and stuff. So, for me, a lot of, a lot of the time in a lot of the conferences, actually getting to reconnect with people we hadn’t seen in a long time.

So, that, that for me was, was probably the highlight I guess because very rarely do all of my peer groups suddenly arrive in the same city, right? So, that’s one time a year where most people tend to go. Um, so yeah.

So, thank you very much, guys. I really appreciate all the time and sharing your insights and your thoughts. And hopefully, um, we’ll, we’ll all be back at Hacker Summer Camp next year. And-

Ken Portie, tech lead at Adobe:

Yeah.

Den Jones:

… all over again, guys. But for now, thank you very much, Ken Portie. Thank you, Neeha. And I’m [inaudible 00:38:31] to impeach your last name. I like to really put like your full first and last name-

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah.

Den Jones:

That’s why my name was just an easy one, you know.

Ken Portie, tech lead at Adobe:

I was like, “Oh, that’s a long last name.”

Neeharika Kadavakolanu, IS Engineer, Cisco:

I know. Yeah. I realized afterwards that you guys just kept it short and sweet. It was like, “Oh, I’m putting my full name.”

Ken Portie, tech lead at Adobe:

Right.

Den Jones:

That was smart. I, I need a name less than five letters. So, you know.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Yeah. Neeha is good. Neeha is great.

Den Jones:

Thank you very much, guys. Really appreciate your time. And Neeha, we’ll speak soon. Take it easy.

Ken Portie, tech lead at Adobe:

Yeah.

Neeharika Kadavakolanu, IS Engineer, Cisco:

Thank you.

Speaker 1:

Thanks for listening. To learn more about Banyan Security and find future episodes of the podcast, please visit us at BanyanSecurity.io. Special thanks to Urban Punks for providing the music for this episode. You can find their tracks Summer Silk and all their music at UrbanPunks.com.

Close Transcript