((( Geekosaurus )))
Chester Wisniewski 🇨🇦Idea: A new #InfoSec conference called "The Boring Security Conference". It covers topics and hands-on advice that are what actually keeps organizations secure. No zero-days, no APTs and no "if the criminal does these 39 things in precise order and you're not watching your owned" talks.
Rowhammer? Very cool. Sorry, you aren't accepted. No one has been victimized through this. You will need to try a second-tier event like Black Hat. Try again next year.
Maybe a bit of "Getting shit done con"
Brian Clark@chetwisniewski check out @BlueTeamCon It’s a conference in Chicago that does just this
Matt Palmer@chetwisniewski @tychotithonus sorry, what was that you said? I couldn't hear you over the hype machine.
Tryst 🏴 🇮🇪 
@chetwisniewski "Back to BASIC"?
bassplayer@chetwisniewski I'd settle for tips on how to get managers to fund Executive Order on Cyber Security work
nipper@chetwisniewski BiMonSecCon?
bazcurtis@chetwisniewski We need to back to basics. What are the little things that admins can do with the limited time they have, which is short?
I worry many admins feel, I am never going to be on top of security, why bother. I would not want to be an admin any more.
I looked after 250 users with a decent it budget, but I still didn’t have a patching solution and relied on WSUS for Windows Updates.
KarlE@chetwisniewski unfortunately, "Boring" is a word meanwhile hijacked by a multibillionaire who had the idea of drilling tunnels for whatever purposes. It's hard to put that into a title without calling up associations with that.
Perpaps try "The Calm Security Conference"? @koehntopp
Perpaps try "The Calm Security Conference"? @koehntopp
Jonathan Yu@chetwisniewski Like @vicki's NormConf, but for security? I like it!
Will Smart@chetwisniewski this would be delightful.
@chetwisniewski Sessions could be like "making inventory slightly less horrible", "tactics for convincing people that documentation is important", "how to protect those Windows XP SP1 machines you still have on the network for reasons"
@SmartAsABrick Absolutely. "EDR Grab back: Everyone bring their favourite queries to exchange". Understanding vulnerability disclosures: Reading between the lines and understand that unauthenticated RCE means patch now!
@chetwisniewski "FunSecCon" the Fundamental Security Conference
pivot@chetwisniewski A. Can I buy advance tickets? B. I'd like to submit a talk on asset inventory management.
Sheogorath@chetwisniewski yes, please more of these, doesn't only have to be infosec, would also like see this for DevOps, Kubernetes, …
InfraCon, let's make infrastructure boring!