Bsides CambridgeMA 2024

I had the chance to attend Bsides Cambridge MA on October 5th 2024, and it is a pretty cool meet up. The atmosphere was relaxed, and some of the talks are pretty interesting, even the snacks are pretty good 🥨🧃. Here are recap of the presentations.

Dr. Chris Esquire talked about Software Defined Radio (SDR) where he set up to intercept a satellite communication for less than $1000.

Parth Shukla & Nishit Lakhnotra talked about utilizing AI for bot detection, honestly this felt more like old timey ML/statistic approach for bot detection, but I am not an expert on AI.

Yolanda talks about end to end overview of cryptocurrency infrastructure security architecture and principles.

Zara Perumal & Ryan Reeve talked about using agentic AI for OSINT, this one felt more AI-ish than the previous one (whatever that means🤣). Agentic AI is basically AI that can perform task (including using tools) with minimal human intervention, so this is pretty cool.

Ryan Cohen talks about several recent crypto heists and how these heists teach us about security fundamentals. Interesting because I’ve never even heard some of these heists, and some of them gets pretty complicated real fast.

Ezz Tahoun & Lynn Hamida supposed to deliver talk about correlate and contextualizing alert and logs. Being a blue teamer, this is actually the one I looked forward the most, but the presenter apparently missed their flight, so the talk was canceled.

Fred Heiding talks about the cyber strategy scorecard, where he evaluate cyber strategy from several countries.

This is one of the most interesting one. Unfortunately most of the countries assessed are developed countries so the result are predictable and nothing to write home about (see posted picture below).

One notable result that stood out to me is how South Korea's cyber strategy gives major consideration to vulnerable populations. His work should be finished 2024-2025, so if you are interested stay tuned to his page (https://fredheiding.com/research/)

Oh…he is also planning to apply the framework to developing countries (fingers crossed Indonesia is next!)

Another highlight of the I also get to chat with a particular gentleman that shared his path to cyber from blue collar job, by previously doing 4 years degree in WGU within just 1 year. I’ll never stop being amazed how people get to cyber!

All in all, the experience was delightful, I will definitely attend if there’s another InfoSec meetup nearby, so let me know if you’re aware of any around Boston.😎