A Pen Tester’s Guide to RSA Conference

By Phillip Wylie | May 11, 2022

I am a big fan of cybersecurity conferences and to say that I am excited about the RSA Conference this year is an understatement. For those that may not be familiar with RSA Conference, it is one of the largest conferences in the world, with upwards of 45,000 attendees. RSA Conferences are held in the United States, Europe, Asia/Japan, and the United Arab Emirates. Due to the pandemic, the 2021 RSA Conference was virtual. Like myself, others are anticipating the return of an in-person RSA Conference. 

Being a fan of cybersecurity and especially offensive security, I look forward to the Sandboxes. Sandboxes are the equivalent of what other conferences call ‘villages’. They are arranged by specialization, and I will be speaking on building cloud-hosted pen testing environments in the Dark Arts Sandbox. The Dark Arts Sandbox focuses on offensive security. So if you are interested in all things ethical hacking and red teaming, this is one you will want to visit. Sandboxes offer presentations, live demos, and hands-on learning opportunities such as capture the flags (CTFs). There are seven Sandboxes to choose from, Aerospace Sandbox, AppSec Sandbox, Dark Arts Sandbox, ICS Sandbox, IoT Sandbox, SANS NetWars Sandbox, and Supply Chain Village Sandbox. Listed below are the Sandbox hosts and a brief description. 

Aerospace Sandbox 
Brought by Aerospace Village

The aerospace industry continues to see new types of risks, driven by its dependence on connective technologies. This Sandbox offers insight into how the aerospace environment is being made safer, more reliable and more trustworthy thanks to aerospace companies themselves as well as security researchers and the public. 

AppSec Sandbox
Brought by AppSec Village

We rely on software more and more, thanks to the advent of IoT, smart transportation, digital voting – and many other advances. AppSec Village will use this Sandbox to show you both how to exploit software vulnerabilities and, on the other side of things, how to secure software. 

Dark Arts Sandbox
Brought by Dark Arts Village

The goal of the Dark Arts Village is to foster community and build knowledgeable, contributing Dark Arts practitioners. Get a deep dive across Dark Arts principles, like exploits, exploit research and development, bug hunting, bug bounties and software/system exploits. 

ICS Sandbox
Brought by ICS Village

ICS Village is back! Their website is updated, and they’ve got brand-new content on insights into their real-world Tactics Techniques and Procedures (TTP) hack on industrial processes. 

IoT Sandbox
Brought by IoT Village

The goal of IoT Village is to bring together researchers and industry to promote security in the Internet of Things (IoT). They host talks, hacking labs and contests as well as live bug hunting. The IoT Village and their Sandbox are a great place to learn about the most innovative ways to both hack and secure IoT. 

SANS NetWars Sandbox
Brought by SANS

This is a really popular staple in the RSAC Sandbox. The SANS Core NetWars Tournament allows you to compete in a hands-on cybersecurity challenge, designed to enhance your cybersecurity skills. 

Supply Chain Village Sandbox
Brought by I Am The Calvary

Supply chain management cannot be underestimated when it comes to business success. This Sandbox will explore the impacts of supply chain issues, giving you the chance to learn new concepts and approaches for managing cyber supply chains. 

For more information and schedules visit the Sandboxes web page; https://www.rsaconference.com/usa/programs/sandbox

The Five Most Dangerous New Attack Techniques

I was excited to hear about this panel discussion presented by SANS and featuring moderator Ed Skoudis and panelists James Lynn, Heather Mahalik, Katie Nickles, and Johannes Ullrich. This briefing discusses the most dangerous new attack techniques in use today, what's coming next, and what organizations can do to prepare. More details and schedule can be found here;  https://www.rsaconference.com/usa/agenda/session/The%20Five%20Most%20Dangerous%20New%20Attack%20Techniques

Hacking Exposed: Next-Generation Tactics, Techniques, and Procedures

This session caught my attention and is presented by Crowdstrike CEO and co-founder George Kurtz, and Crowdstrike CTO Mike Sentonas. They will discuss the increase in ransomware and supply chain attacks and the increased sophistication of ransomware. They will also review trends of next-generation tactics, techniques, and procedures from today's adversaries, and have a live demonstration of "Living off the Land" techniques used by adversaries. More details can be found here: https://www.rsaconference.com/usa/agenda/session/Hacking%20Exposed%20NextGeneration%20Tactics%20Techniques%20and%20Procedures

Building Effective Attack Surface Management Programs

If I don’t see you on the show floor, come find me in CyCognito’s Lounge at The Veranda just behind Moscone South at Folsom on June 8th. At 4pm I'll be leading a discussion on how to build an effective attack surface management program, and then after we can talk about pen testing, external attack surface management, career advice, personal branding or even bear wrestling. Details can be found here: https://www.cycognito.com/rsa-2022


About Phillip Wylie

Offensive Security Evangelist, CyCognito | Phillip Wylie is a cybersecurity professional and offensive security SME with over 18 years of experience, over half of his career in offensive security. Wylie is the Tech Evangelism & Enablement Manager at CyCognito. He is a former college adjunct instructor and published author. He is the concept creator and co-author of The Pentester Blueprint: Starting a Career as an Ethical Hacker and was featured in the Tribe of Hackers: Red Team.


Start Eliminating Your Shadow Risk

Demo Request