RSA Conference: Exposing the exposures

Share this article:

Few people would consider the RSA Conference anything like the Wild Wild West. But there will be one showdown at high noon -- when security experts battle it out to see who can find vulnerabilities on websites the fastest and most efficiently.

On Tuesday and Wednesday of the RSA Conference, contestants participating in the Interactive Testing Challenge (ITC) will have a half-hour to test two websites and find as many bugs as possible, earning points for every flaw they find. The top players from each day will be invited back at 4 p.m. the same day for a face-off, when they will compete on different sites for 45 minutes. The competition ends when the final two contestants test their vulnerability-hunting skills at noon on Thursday, Feb. 16. The best vulnerability-finder will be crowned Thursday at 1 p.m.

The competition often draws curious spectators -- who will not have to squint to see small monitor screens; daily face-offs will be broadcast on large-screen TVs for optimal viewing. Herbert Thompson, chief security strategist with Security Innovations (SI), will provide commentary during the competition. SI, which manages and administers the ITC, first began the program at RSA Europe in 2004. This year's RSA Conference will be the first time it takes place in the U.S. Ed Adams, the chief executive officer of Security Innovation, says the competition is both fun and purposeful.

"We think it's a great way to generate interest in security," he says. "When the face-offs are going on, our goal for them is to be highly educational as much as they're highly entertaining."

The ITC also puts a human face on application security, a field few people truly understand before seeing it in person, Adams adds.

"We're trying to educate people, many of whom have not seen this before," Adams says. "We're thrilled RSA is giving this as much publicity as they can."

The ITC also helps to bring security into focus for those people who are less familiar with the reasons it is so crucial to everyone, including those not directly involved in the field, adds Thompson.

"For many people who aren't involved with it, security is something that is not real to them," Thompson says. "This lifts up the curtain, and lets people see behind to who the wizard is behind the curtain."

INNOVATION STATION: Winning over the VCs

Innovation Station features yet another competition, but for start-up companies. Over 40 companies registered to be selected, however there are only 12 spots to fill, says Sandra LaPedis, area vice president and general manager for RSA Conferences.

The high interest in this offering, which will be situated on the RSA Conference floor, centers around a competition in which participating companies will get the chance to extend "an elevator pitch" about their company to a panel of judges comprised of venture capitalists (VCs). The company that wins over the VCs will then have appointments with each during which they may be given funding and marketing help.

"It's kind of a neat thing to do for those start-up companies that potentially are looking for more funding or haven't positioned themselves in the market," she says.

Share this article:

Sign up to our newsletters

More in News

Pentagon to triple its security workforce by 2016

Pentagon to triple its security workforce by 2016

Defense Secretary Chuck Hagel recently announced the recruitment efforts during a speech in Fort Meade, Md.

Tech manufacturer's online payment system breached

LaCie confirmed an unauthorized party used malware to access its online payment system for almost a year and could have stolen customer information.

The Heartbleed bug works, and could be a scapegoat for older breaches

The Heartbleed bug works, and could be a ...

Researchers proved the Heartbleed bug was real in a challenge issued by CloudFlare to prove private keys can be stolen, right around the time companies are claiming they were breached ...