Convention for individuals involved in computer security
A computer security conference is a convention for individuals involved in computer security. They generally serve as meeting places for system and network administrators, hackers, and computer security experts. Common activities at hacker conventions may include:
Hands-on activities and competitions such as capture the flag (CTF).
"Boot camps" offering training and certification in Information Technology.[3]
List of general computer security conferences
General security conferences might be held by non-profit/not-for-profit/for-profit professional associations, individuals or informal group of individuals, or by security product vendor companies.
44Con,[6] an Infosec conference and training event that occurs annually in London, UK.
ACM-CCS (Conferences on Computer and Communications Security),[7] security conference held since 1993.
ACSAC, Annual Computer Security Applications Conference[8] - oldest information security conference held annually.[9]
ASIA or the Annual Symposium on Information Assurance[10] that serves as the academic track for the New York State Cyber Security Conference,[11] an annual information security conference held in Albany, NY usually for two days during June targeted at academic, government, and industry participants.
Black Hat, a series of conferences held annually in different cities around the world. Black Hat USA, held in Las Vegas immediately before DEF CON, is one of the largest computer security events in the world.[12]
BlueHat Conference, a twice a year, invitation-only Microsoft security conference aimed at bringing Microsoft security professionals and external security researchers together.[13][14][15]
Brucon, yearly conference, previously held in Brussels, since 2012 it is held in Ghent. Lasting 2 days, and preceded by a training.[16]
CSS - International Conference on Cryptography and Security System[20] in Poland.
CIA Conference - A series of international conference on cyber security which aims to bridge the gap between the corporate need of cyber security to the fancy world of hacking.[21][22]
DeepSec, in Vienna covers many security aspects of computing and electronic communications as well as security management and social aspects. DeepSec is visited by a broad international audience, academics, researchers, vendors, finance, public administration etc. (2 days trainings, 2 days conference).[23] Presentations are published on Vimeo and YouTube.
Department of Defense Cyber Crime Conference, an annual conference that focuses on the computer security needs of the United States federal government, military, and defense contractors.
FSec - Croatian annual security conference held at the Faculty of organization and informatics in Varaždin.[25]
GreHack.fr,[26] an annual conference held in Grenoble. Speakers from academia, industry. Both offensive and defensive security.[27]
Hacker Halted, Presented by EC-Council, the objective of the global series of Hacker Halted conferences is to raise international awareness towards increased education and ethics in IT Security.[28]
HackinParis, Is an annual event organized by SYSDREAM. The program includes IT security, industrial espionage, penetration testing, physical security, social engineering, forensics, malware analysis techniques and countermeasures.[29]
HACK-IT-N[30] is a cybersecurity conference that deals with current issues and offensive and defensive techniques of the moment: hacking, cyber-espionage, cyber-surveillance etc. It's held in Bordeaux at the end of each year and organized by TEHTRIS[31] and the ENSEIRB-MATMECA[32] engineering school.[33]
Hackito Ergo Sum, Security conference pertaining to research topics, with attendees and speakers from both the industry, the offensive side and the academic circles, held in Paris every April.[34]
IIA/ISACA Chicago IT Hacking and Cybersecurity Conference, a regional, two-day event that brings together executives and professionals in audit, IT, and risk management functions to hear current trends and first-hand knowledge from subject matter experts.[40]
INFOWARCON[41] Beyond Information Warfare - Offensive Cyber Weapons and Technologies Training Congress.
IP EXPO Europe, held annually at London's ExCeL Centre
IP EXPO Nordic, held annually at Stockholm's Waterfront Congress Centre
IWSECC International Workshop on Security Engineering for Cloud Computing in conjunction with the 14th International Conference on Availability, Reliability and Security (ARES Conference » Vienna, Austria[42])
LeetCon, IT-Security-Convention in Hannover (Germany), frequently October or November every Year. Talks about IT-Security, IoT, Industry 4.0 and more.
Middle Tennessee Cyber Conference is an annual two-day event that covers cybersecurity trends, first-hand knowledge from subject matter experts, and operates a CtF for attendees.[43]
NDSS (Network & Distributed System Security Symposium),[44] annual security conference from Internet Society.
NSPW (New Security Paradigms Workshop),[45] a workshop with new ideas in security.
Nullcon Security Conference is an annual security event held in Goa, India.[46][47]
SecureWorld Expo, a series of IT Security conferences offering education, CPE training opportunities, and networking of security leaders, experts, senior executives, and policy makers who shape the face of security.[53]
SIN ACM, or the International Conference on Security of Information and Networks.[54]
SOURCE Conference, SOURCE is a computer security conference in Boston, Dublin and Seattle that offers education in both the business and technical aspects of the security industry.[55]
The actual events, time-spans, and details of various themes of these conventions not only depends on the specific convention attended but also its perceived reputation. Typically the actual details of any given convention are couched in mild secrecy due to the legality of certain panels, as well as the willingness of attendees to explain themselves to law enforcement and less computer-savvy individuals (see hacker definition controversy).
Common topics include wardriving, lockpicking, corporate and network security, personal rights and freedoms, new technologies, as well as general 'geek' motifs. Some may also have contests and general collaborative events such as hackathons.
One facet of Hacker conferences that tends to differentiate many "HackerCons" from general computer security conferences, is the evolution of the conference badge. While many conferences use a fairly standard paper/plastic badge to identify attendees by name, many hacker con's have evolved to use more non-traditional badges, such as electronic PCB's with LED's, LCD screens, and can include wifi and advanced, often hidden functionality, to include games, that do not identify the individual, sometimes promoting a group identity or regional/local group affiliation. This has spurred the creation of so-called "badgelife" where different individuals and organizations (such as local hacker groups) may design, create, and sell or otherwise distribute a separate badge attendees wear in addition to their conference badge. These badges may be purchased, but some may have to be earned by completing a challenge at the conference. One of the rarest and most desirable badges is the DefCon Black Badge.[62] While the use of the badges are traditionally associated with DefCon, their use has spread to other conferences.
Pixelflut is a common activity at hacker events. It is a protocol for software to draw a canvas. Usually this is done in a client-server architecture with multiple clients who send individual pixels and the server displays. The clients then overwrite each others images on the same server.[63][64] There are various variants of the protocol and different implementations for both the server and the client.
List of hacker conferences
AthCon, the largest hacker conference in South Eastern Europe taking place annually in Athens, Greece.[65]
BSides, community conference that initially started in the US is now global.[66]
Blackhoodie, is a series of free, women-only reverse engineering conference offering workshops and talks. They are held in different cities around the world on a regular basis to encourage women interested in the cyber security field.
BornHack, an annual hacker camp on the Danish island of Funen.
CactusCon, the largest hacker and cybersecurity conference in Arizona, held annually since 2012.[67]
CIA Conference - A series of international conference on cyber security which aims to bridge the gap between the corporate need of cyber security to the fancy world of hacking.[21][22]
CircleCityCon is a security and technology conference held annually in June in Indianapolis.[68]
Cop CON, is a unique Cyber Policing Conference held across India every year by Indian Cyber Army.[69]
Diana Initiative, an annual hacker conference to promote Women in cybersecurity technologies by The Diana Initiative non profit org located in Las Vegas, NV.[73]
Hackers Day is one of the hacking conferences in India held frequently in January–February every year.[80] The organizers also used to organize DEFCON Lucknow, which was dissolved by the DEFCON after many controversies[81][non-primary source needed] arose in 2016.
Hackers 2 Hackers Conference (H2HC) is the oldest security research (hacking) conference in Latin America and one of the oldest ones still active in the world.[82]
Hackers Idol, is a unique Hackers & Cyber Enthusiast Talent Hunt held across India every year by Indian Cyber Army.[83]
Hackfest.ca, in Quebec, Canada, bilingual conferences and hacking games.[85]
Hackers Teaching Hackers, a hacker conference in Columbus, Ohio, featuring talks, hands-on villages, a CTF, mentorship, and more.[86]
HackMiami Conference, a hacker conference in Miami, Florida, organized by the HackMiamihackerspace.[87]
Hardwear.io - Hardware Security Conference is an annual Hardware Security event held in The Hague, Netherlands. It is being organized every year to answer the emerging threats and attacks on hardware.[88]
IDSECCONF, Indonesian annual IT Hacking and Cybersecurity conference.[89]
INFILTRATE,[90] hosted by Immunity, Inc, is a deep technical security conference that focuses on offensive technical issues. The conference has been held annually in Miami Beach, Florida since 2011.
Kernelcon, is an Omaha, Nebraska hacker convention held annually in April, beginning in 2019.
LayerOne, held every spring in Los Angeles, California.[91]
LeHack, FRENCH HACKERS CONFERENCE hosted in Paris [92]
Malcon, the world's first International Malware Conference, hosted in India.[93]
No Hat[94] is an international computer security conference held annually in Bergamo (IT), and considered the largest technical security event in Italy.
NorthSec, in Montreal, Quebec, is an applied security event held yearly mid-May, featuring two days of conference followed by a 48h on-site CTF.[95]
Notacon, in Cleveland, Ohio, is an art and technology conference held frequently in mid-April.
Nuit Du Hack, in Paris, France, is the oldest and largest hacker conference held frequently in late-June.[96]
Roadsec,[100] One of the biggest hacking conferences in Latin America, held in Brazil, with smaller city editions throughout the whole year, and a big ending edition held in São Paulo in November (February - November).
ROOTCON,[101] is the leading pioneer of hacking conferences in the Philippines and the most sought after conference by security researchers, professionals and enthusiasts for top caliber source of security skills and discoveries that is held annually around the months of September - October.
RootedCON, in Madrid, Spain, is one of the biggest hacker conference in Europe. This convention started in 2010. (March)
ShellCon, in Los Angeles CA is an information security conference that is held annually in the beautiful beach cities of Los Angeles.[102]
SkyDogCon, A technology conference in Nashville, TN for the individual with the Renaissance Mind. SkyDogCon exists to facilitate learning, information sharing, and mingling with like-minded people in a relaxed atmosphere.[104]
Sthack is an annual security conference in Bordeaux, followed by the traditional Capture The Flag.
Summercon, one of the oldest hacker conventions, held during Summer (frequently in June). It helped set a precedent for more modern "cons" such as H.O.P.E. and DEF CON.
ZeroAccess, is a unique International Cyber Security Conference held in India, India in the Month of April by Indian Cyber Army[109]
Non-annual hacker conventions
Stichting HAL2001, a not-for-profit organization, holds a quadrennial Dutch hacker convention. They have, so far, held HAL2001 (Hackers at Large) and What the Hack (2005, originally called HEX (referring to the 16th anniversary of the event, as well as an acronym for Hacking Extreme)). The Dutch conferences held prior Stichting HAL2001's existence were Galactic Hacker Party (1989), Hacking at the End of the Universe (1993) and Hacking In Progress (1997), notable for being held simultaneously and in conjunction with Beyond HOPE. The not-for-profit organization 'Stichting Hxx'[110] was organizing the 2009 incarnation of this con; HAR (Hacking at Random).[111] During the summer of 2013 the next installment of the series, called OHM (Observe Hack Make), was held.,[112] followed by SHA (Still Hacking Anyway) in 2017. The 2021 edition was delayed due to Covid and held as MCH (May Contain Hackers) in 2022.