DefCon 26: Steph’s Recap
This post has been a long time coming. DefCon 26 was one of the best experiences of my life. However, immediately after leaving, I suffered two great losses, back to back, and my family was going through a bit of a tough time. Now that the fog has somewhat lifted, I decided to reminisce about my experience at DefCon in hopes of inspiring some of you to go next year.
I had no clue I was going to be attending DefCon this year. I have wanted to go for about 4 years now, and each year, I either couldn’t afford it or was too scared to go alone. When I saw a tweet from WISP where they were sponsoring five women to go, I retweeted and hoped for the best. And I won! I immediately bought my ticket and reserved my hotel accommodations. I’d like to say thank you to all of the sponsors that donated and allowed 52 more women the opportunity to go to DefCon this year.
#WISPDEFCON !!!! I’d definitely appreciate the opportunity!— InfoSteph (@StephandSec) July 7, 2018
From the moment I landed until the second I left, I was firing on all cylinders, adrenaline pumping through me in massive amounts. It was my first time in Las Vegas AND my first time attending DefCon. Talk about culture shock. Everything is supposed to be bigger in Texas, but I think Las Vegas stole that. Holy large hotels!
Due to a rather annoying flight mishap, I came in on the Thursday before DefCon. I dropped off my bags, met my amazing roommate, Ebun and we made our way to the Diana Initiative, an inclusive conference that encourages diversity and supports women who want to pursue careers in information security. The enthusiasm for this event was unmatched. They had to turn 900 people away!
Luckily, I pre-registered, so I was able to get into the conference. I attended a bunch of talks, learned so much and forgot to eat a thing until later that night. I met a bunch of women in tech, networked and ultimately felt…at home. It felt like, for once, I wasn’t the only woman in the room. No one challenged my technical aptitude; instead, they encouraged my technical growth. I never once felt inferior, or unheard, or talked over. My favorite talk of all of the ones I attended (though all of the women were AMAZING) was a talk by Jennifer Edmonson (What IF? A Little Experiment on Lighting the Motivational Fire for my App Sec Team) where she shares an experiment that she did where she gave her team three hours on Friday to work on something unrelated to work and the effects that had on her team. May come in handy when it’s my turn to lead.
Sadly, after all of that, I was too exhausted to do much else. And so the first day ended. Day 2 began with a whirlwind as well. I rushed to get to Diana Initiative on time, so that I could have a good seat for my mentor’s Keynote Speech. Keirsten Brager gave the girls all of the tea on knowing your worth, demanding what you deserve and securing the InfoSec bag! Having read her book multiple times, I was familiar with parts of her speech, but she threw in some bonuses that I happily wrote down. After her speech, my Zero Days (Lauren and Ebun) and I made our way to the vendor booth. There, we networked, got some swag and talked to vendors.
After that, we joined a group of ladies from WISP and their Capture the Flag team (organized by Ian Coldwater). It was almost immediate that I found out it was extremely out of my depth. I did get to meet an amazing woman @TinkerFairy_Net who showed me the ropes on how to find one particular flag. I spent way too much time scratching my head during our time there, but it sparked an interest to try some at home. Later that night, we attended HackerOne and WISP’s event on ethical hacking. There was even a CTF that I didn’t do too bad with!
Day 3 started with WaffleCon, a private event for the #WISPDEFCON winners. After that, we met with my mentor and had a pretty awesome conversation. I also swore on a checkbook that by DefCon 28, I’d either have my CISSP or I’d be ready to sit for the exam. Yes, my mentor is cooler than yours. We visited the Car Hacking village and the ICS village and then ended up at the Ethics village, where a panel discussion on Diversity and Equality in InfoSec was underway. I even got involved in the topic of whether the phrase “I don’t see color” was problematic or not (If you were wondering, it is). After that, we talked, had dinner and talked some more.
My last day was spent having awesome and interesting conversations with a lot of black people in Info Sec. As someone who is passionate about diversity and inclusion in the InfoSec space, it was one of the highlights of my time there. I shared an almost teary goodbye to my Zero Days and embarked on a trip home.
Being at DefCon felt like a hug. I felt like I belonged. Being from a family that isn’t into technology and having most of my friends uninterested in technology, embarking on this journey can feel a bit lonely at times. At DefCon, I never felt misunderstood or alone. I felt like I was at home. And that is the most rewarding part of my experience.
Needless to say, I had an amazing time at DefCon. I’ll probably be writing a guide on how to do DefCon before the next one as well. I didn’t get to do most of the things I set out to do, or meet the people I wanted to meet. And that’s okay, because next year, I will! And…maybe I’ll speak next year as well? Only time will tell.