Cisco Blogs

SecCon 2010 – The Hackers Come to Town

November 2, 2010 - 0 Comments
SecCon 2010 Banner

SecCon 2010 Banner

SecCon is Cisco’s internal security conference aimed at raising security awareness within the company’s development community. On Oct 4th – 7th we completed the third Cisco SecCon and it was a big success. At this year’s conference we had well over a thousand attendees, with representatives from almost every job function. Thank you to all the participants and speakers!

What was SecCon 2010 about?

Building upon last year’s success, this event featured a packed agenda including security keynotes from Cisco executives, industry leaders, panel discussions, and networking opportunities with both internal and external experts. We explored why product security is important to Cisco, our customers, and the entire connected ecosystem.

The overall focus of the conference was addressing current and emerging product security threats in market adjacencies. Cisco addresses these threats using the Cisco Secure Development Lifecycle (CSDL), our proactive approach that identifies specific tools and processes needed to deliver secure and resilient products. Other highlights included:

  • Cloud Computing and Security
  • Hacking the Smart Grid
  • Android Security
  • Uncovering the Criminal Ecosystem
  • 6 Security Bootcamps
  • Executive Keynotes

Who attends?

All of Cisco is invited; however, the Cisco development organization is the primary target audience. Unlike internal security professionals that regularly attend security conferences (like BlackHat, DefCon, CanSec, etc) and industry events, product teams don’t usually get to hear or interface with the security researchers directly. SecCon aims to bridge the communications gap.

Who speaks?

SecCon does not have a public Call for Papers; instead speakers are invited based on their current Cisco relevant research. Speakers are a mixed bag of internal and external experts. The security threat landscape for Cisco is not constant so each year SecCon seeks out new important topics to explore. Another unique aspect of our conference is that we have customers come speak directy to our development organization to reiterate cost of security issues and hear first hand how unfriendly hackers can be.

2010 Bootcamps – October 4th and 5th

  • CSDL for Managers, Product Managers, and Program Managers
  • Secure Development – C/C++
  • Secure Development – Java
  • Security Testing Fundamentals
  • Advanced Security Testing – Fuzzing
  • Security Test Package Advanced – Tips and Tricks

2010 Agenda – October 6th

Time Event Speaker
9:00 – 9:05 Kickoff/Agenda Overview Erick Lee
9:05 – 9:55 Keynote Mike Reavey, Microsoft
10:00 – 10:55 Cisco Secure Development Lifecycle (CSDL) Overview Ray Lewis
Special Message Kathy Hill
11:00 – 11:55 Executive Keynote Ben Fathi and Bret Galloway
12:30 – 1:25 Customer Panel Russell Smoak and AT&T
1:30 – 2:25 Vulnerability Analysis Omar Santos andDario Ciccarone
2:35 – 3:30 Counterfeit Prevention and other Product Protection Mechanisms Patrick Godding, Keti Kilcrease, and Andy Thanos
3:30 – 4:00 Bundled Third Party Software: The Complete Security Lifecycle Tim Sammut, Greg Taam,Ed Warnicke
4:00 – 4:25 Market Adjacency Case Study Jan Schlossberg
4:30 – 4:40 Obliterating Today’s Security Myths Tim Sammut
4:45 – 5:00 Securing UC Networks Akhil Behl

2010 Agenda – October 7th

Time Event Speaker
9:00 – 9:05 Kickoff/Agenda Overview Erick Lee
9:05 – 9:55 Keynote (Live Only) Steve Santorelli, Team Cymru
10:00 – 10:55 Cloudinomicon Christopher Hoff
11:00 – 11:30 CSDL – The CSG Story Peter Xiao and Joerg Reichelt
11:30 – 12:00 CLI is Dead – Network Security Is Default Michael Behringer and Steinthor Bjarnason
12:30 – 12:55 Security Awards Russell Smoak
1:00-1:55 Top Ten Risks with Cloud that will keep you awake at night Shankar Babu Chebrolu, Pankaj R. Telang & Vinay K. Bansal
2:00 – 2:55 DNSSEC Dan Kaminsky
3:05 – 3:55 Android Security Jessie Burns, iSec Partners
4:00 – 4:55 Wardriving the Smart Grid: Practical Approaches to attacking Packet Radios Shawn Moyer and Nathan Keltner, Fishnet Security
4:55 – 5:00 Recap Erick Lee

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.