"Hacker Summer Camp," the annual confluence in Las Vegas of three cybersecurity conferences — Black Hat, DEF CON and B-Sides Las Vegas — is both a blessing and a curse.
One the one hand, it brings some of the globe's top cybersecurity talent and expertise into one place and provides a stage for presentations and discussions of cutting edge research and important trends. On the other hand, the sheer enormity of the three, overlapping events makes it all-too-easy to miss out on something.
But it doesn't have to be that way. Knowledge sharing that takes place in the sands of Las Vegas doesn't need to end when the lights and music from DEF CON's Chillout Lounge fade. Here are 10 speakers from this year's Hacker Summer Camp you can (and should) follow year-round.
[ See our full coverage from Hacker Summer Camp 2023 ]
Most of us are familiar with Walden, the acting national cyber director in the Biden administration. She was a keynote speaker at Black Hat USA, where she discussed the details of two major plans that have come out of Washington in recent weeks: the National Cybersecurity Strategy Implementation Plan and the National Cyber Workforce and Education Strategy. Follow her accounts (Twitter and LinkedIn) to stay up to date with all the cybersecurity legislation and plans from the White House.
Thrilled to see the rollout of the National Cyber Workforce & Education Strategy. This is more than just a strategy; it's a pathway for Americans to secure good-paying middle-class jobs & ensure a resilient, inclusive cyber future. #CyberSecurity.— Kemba Walden (@KembaWalden46) July 31, 2023
Economics can be dull, but it’s essential to life and cybersecurity. Instead of forcing yourself to read journals and articles that can be dense, follow Daniel Woods. Woods, via LinkedIn, can keep you updated on all things economic in cybersecurity through easy-to-understand graphs, short articles, and sometimes funny comics. He is genuinely a must-follow, and his postings won’t cause anyone to die of boredom.
Prefer the hacker side of things? Then I recommend following Nyxgeek, a hacker with a passion for enumeration. Like the following person on this list, he takes a lighthearted approach to Twitter, posting memes and pop-culture references, along with links to relevant blogs and GitHub repos.
Me every time I do user enumeration: pic.twitter.com/yOJ5DVoYWu— nyxgeek (@nyxgeek) July 26, 2023
For any security researchers out there, be sure to check out this guide on disclosures. Some great information in here. https://t.co/KxGz7pWKj7— nyxgeek (@nyxgeek) August 8, 2023
Everyone deserves to have some fun on their social media channels. So give Marcello ‘byt3bl33d3r’ Salvati a follow and liven up your feed. His Twitter is filled with sarcastic quips and memes relevant to the industry.
The only consensus that can be reached about AI is that it is here to stay. Everything else about it is up in the air. With such a volatile topic, you must be in the loop on any changes, for good or bad. Chowdhury can keep you in the know. An expert on AI and its pros and cons, Chowdhury has a LinkedIn profile full of news and updates on major AI/large language models and their uses in the real world, combined with her insights on what those updates mean. Following her will make anyone feel like an expert in the ever-changing world of AI.
Low- and no-code applications tend to fly under the radar in the cybersecurity industry. It seems logical that less code means less risk. Alas, that is not the case; according to Michael Bargury, an expert in low- and no-code platforms, a lot can and does go wrong. Don’t let the ease of low-code lull you into a false sense of security; follow Bargury on Twitter to stay in the know about any security risks that pop up. An extra bonus is that he posts links to sources in plain language for any new developers. And an extra-extra bonus: Bargury is on LinkedIn as well.
iOS and macOS users will want to follow Patrick Wardle, an expert in the operating systems who constantly posts to his Twitter updates on their security, which is a friendly reminder for people to not unthinkingly trust the ways of Apple. That makes him a good follow for Apple haters, too.
Do you want to cut to the chase with no fluff? If so, Schneier needs to be someone you follow. He posts only short titles of his blog posts and a link to them, with no extra add-ons or promotions.
Using Machine Learning to Detect Keystrokes https://t.co/uWBaZ1mouS— Schneier Blog (@schneierblog) August 9, 2023
Kemba Walden has the U.S. federal cybersecurity policies covered on her accounts, but what about around the globe? Chris Painter, an ex-cybersecurity diplomat, can cover the rest. His Twitter is full of comments and references on the global policies and attitudes toward numerous areas in the cyber industry. Plus, there is the occasional wine recommendation for any budding sommeliers.
The Zero Draft of the UN Cybercrime treaty is out & the rubber will hit the road in the next negotiation in just a couple weeks in NYC. Hear the head of the US del discuss the prospects & challenges w/me & @james_a_lewis https://t.co/tnJLxLHsX0— Chris Painter (@C_Painter) August 8, 2023
For any developers or security personnel reading, give Stepankin a follow. He is a security researcher at GitHub Security Labs and posts relevant CVEs that come out of his work, sometimes with little quips. There is also a healthy number of tips and tricks from developers that he reposts onto his feed to make your lives a little easier.
Java doesn’t stop to amaze me. CVE-2022-45146 is one of the most bizarre bugs I’ve seen lately. https://t.co/z7Y1QxJXlZ— Michael Stepankin (@artsploit) February 16, 2023
There you go; your social feeds should now be updated with the best social media users from Hacker Summer Camp. And here are a few bonus experts for anyone with a BlueSky invite code:
And for any people on Mastodon:
- Join Webinar: Threat Modeling & Software Supply Chain Security
- Supply Chain Risk Report: Learn why you need to upgrade your app sec
- See Special Report: The Evolution of Application Security
- Track key trends: The State of Supply Chain Security 2022-23
- Get report: Supply chain and the SOC: Why end-to-end security is key