i had this wonderful goal of staying up-to-date on here with things i’ve been doing, but sadly i’ve been failing. i can’t say this is a promise to do better, but i can say that this is an admission that i’ll have half a moment to breathe once this month is up.
the last entry in here was right after Shmoocon…aligning pretty well with a major career-related move for me. i’m still at Accuvant LABS, but as of March 1, i’m no longer a Consulting Service Engineer, but rather an Associate Security Consultant. basically, this means that instead of spending my days scoping security gigs for other people to do, i’m actually conducting vulnerability assessments and pen tests. and…let me tell you. as much as i’ve goofed around with in my spare time, as much as i’ve picked up along the way from tinkering and attending con talks and picking the brains of far smarter security folk than i, there’s really nothing like doing my first this-is-for-an-actual-job pen test to smack me in the face and remind me just how much i still need to learn and improve at. i feel like with each gig i do i’m internalizing a bit more, and getting a bit better. though, i have a lot to learn as far as…just being more effective, knowing how to leverage the information i get, and isolating exactly what rabbit holes i should be going down.
aside from that, there’s quite a bit of conference craziness coming up. Notacon, Thotcon, and Security B-Sides Chicago are all coming up within the next approximately two weeks, making it a crazy month for me. at Notacon, i’m hosting Whose Slide Is It Anyway again, so i’ve been trying to come up with plenty of crazy slides for people to present. at Thotcon, i can catch a breath…i’m not speaking, i’m not con staff, i’m just there to say hi to everyone and enjoy the talks. at BSidesChicago, i’m giving an expanded version of my CTF talk — thirty minutes instead of fifteen. i’m looking really forward to that; even though i still don’t feel like it’s an hourlong talk, there were a few things i wanted to talk about that i didn’t quite have the time to hit at FireTalks. my thirty-minute slot at BSidesChicago should be perfect for that. in addition to speaking, i’m also volunteering for the day as a speaker wrangler. so, i’ve got a busy day ahead of me there.
and, if that wasn’t enough on my plate, the call for papers for Security B-Sides Detroit closes on the 27th, so i need to figure out what i’m proposing for that. i’m hoping i can think of something interesting and new for that conference, though i’ve been so focused on getting up to speed for work that other projects haven’t really been coming to me as i wish they were. we’ll see. hopefully soon; hopefully once i feel like i have my feet under me at least a little bit.