15 Sep 2023

Blogs

My Time on the BSide

This week, a few AUSCERT staff members journeyed from sunny Brisbane to brave the crisp Melbourne air and participate in the annual BSides conference. BSides is a volunteer-driven initiative spearheaded by members of the infosec industry who share a common objective: to foster and support a thriving cybersecurity community. The conference offers a platform for first-time speakers, students, as well as new and experienced professionals to showcase their work in a friendly and welcoming environment. AUSCERT takes great pride in sponsoring this event and contributing to the growth of the cybersecurity industry in Australia.

One of our AUSCERT team members who participated in BSides Melbourne last weekend was our Senior Software Developer, Lucas. This week, we had the opportunity to sit down with Lucas to delve into his highlights, favourite sessions, and other noteworthy aspects of the event. Here’s his first-hand account of the experience.

Highlights

One of my standout moments from the conference was teaming up with a colleague to take part in the Capture the Flag (CTF) competition. A CTF competition is composed of many different challenges that fall under different cybersecurity categories. The challenges vary in difficulty and are designed to test the participants cybersecurity skills, whilst also offering valuable hands-on learning and networking opportunities. These challenges provide a unique educational and training experience within a fun and competitive environment.

As a software developer, I typically don’t engage in offensive security work. However, this challenge provided me with a unique opportunity to broaden my expertise and skills in this particular field. Achieving the 11th position in the challenge among 53 other competing teams was a proud moment for me. It demonstrated that I do possess a certain level of proficiency in this area and continues to motivate me to pursue further skill development in this field.

Favourite Session

One session that left a lasting impact on me was Paul McCarty’s talk on defending the software supply chain. As a software developer focusing on the development operations space, this session provided invaluable insights into crucial considerations and areas for improvement. In an era where the software supply chain faces increasingly sophisticated attacks, it’s imperative for software developers and engineers like me to comprehend how to safeguard against emerging and existing threats to the software supply chain. The session explored valuable open-source tools that can assist organisations in establishing new processes and developing tools to enhance the security of their software supply chains. The session put into perspective the breadth of the software supply chain and how it can be attacked, and it introduced me to some very useful open-source tools for visualising and improving the security of AUSCERT’s software supply chain.

Interesting Aspects

One particularly interesting aspect of the conference was the extensive focus on career support and guidance they offered. It was truly inspiring to witness the dedication to fostering professional development and the readiness to assist attendees at various stages of their careers. The conference featured sessions led by experts who offered invaluable advice and support, enabling individuals to expand and evolve in various aspects of their careers. Moreover, it encouraged attendees to explore new passions that might not yet exist in their current fields.

In summary, my experience at BSides Melbourne was truly memorable, primarily due to the opportunity to connect with numerous outstanding individuals in the industry. The sessions were both relevant and engaging, and the warm and inviting attitude of the entire staff and community contributed to a friendly and welcoming atmosphere that everyone enjoyed!