Attending Bsides Harrisburg
By Ron & Tyler
Bsides Harrisburg was on March 11, 2023. This was the first conference for two attendees and below are their own stories. I hope this inspires you to check out a local conference or consider traveling for a Bsides event.
I am a Cloud Network Engineer, and part of my responsibility is to ensure the cloud environment I help manage is secure and follows recent cloud security best practices. Before working in the cloud, I was a route/switch guy. All I was concerned about was whether end users could browse local company resources and receive calls on their VOIP phones. Besides configuring port security on switches and ensuring firewalls have network connectivity, I was not involved with security work. Everything security related was relegated to the security team. However, once I started working as a Cloud Engineer, my responsibilities shifted to actively managing the security and compliance of our cloud platform. Realizing that I do not have much practical experience related to cyber security. When my friend talked about going to BSides Harrisburg, I thought it was the perfect opportunity to attend my first cybersecurity conference. My main goal was to gain more knowledge and understanding about the cybersecurity field and industry.
The conference was fun, all the speakers were engaging, and the organizers and all the other attendees were friendly and encouraging. I attended more technical sessions such as: “Formulating Red Team Scenarios with the power of open-source Intelligence” by TJ Null and “How to Build the Perfect Red Team Hardware Implant” by Sean T Smith. There were two major workshops, CTF and the lock-picking village. The people running the workshops were extremely helpful and actively encouraged newbies like myself to try everything out. I think what was most important is that the conference was not intimidating. It did not have more than a thousand attendees like Shmoocon or Defcon. This intimate setting allowed me to focus on the content of the talks and workshops rather than stressing about finding room to watch a session in an overcrowded conference.
Overall, I highly recommend going to one of the BSides events. The people were awesome, and the talks were interesting and informative. I learned a lot and was exposed to tools, technologies, and best practices that I didn’t even know existed. I will definitely be attending again in the future.
I’m a software engineer by profession, but I have been interested in cybersecurity for a while. In previous years, I’ve dabbled with beginner-aimed CTFs and spent several weeks going through tryhackme and some cybersecurity-related books. I’ve also watched some talks from a few different cybersecurity conferences. However, I’ve never attended one in person, and I decided to check it out when asked if I wanted to go.
My friends and I went to BSides in Harrisburg, PA. The conference was in a hotel but only spanned a couple rooms. I liked that it was on the smaller side as it meant there weren’t any lines, and it didn’t feel too packed. I’ve heard stories of other larger conferences where that wasn’t the case. The staff was friendly, and everything was pretty well organized. The talks were split between two different rooms. One side seemed to be a bit less technical than the other, and I decided to attend the more technical talks since that was more up my alley.
I liked the variety of the talks I attended, one on OSINT and another on network-based hardware implants. I thought both were pretty interesting, although a bit complex at times. I think the speakers did a great job at keeping things technical but not too technical for people that aren’t in the industry. I also attended the two workshops that they had as well. One was lockpicking, and another was a CTF. Unfortunately, I didn’t get to spend as much time as I had liked on the CTF, but it was still fun. The lockpicking was especially neat, as I had never done anything like that before.
Overall, I had a great time and would recommend anyone considering going for their first time. I’d especially recommend attending this conference or any smaller one as your first one. I met some great people and learned about many different cybersecurity tools/practices that I never knew existed. I’ll definitely have to get tickets next year.