Bright Security’s Enterprise Grade Dev-Centric DAST Integrates with

Microsoft Defender for Cloud →
Product
Product overview

See how dev-centric DAST for the enterprise secures your business.

Web attacks

Continuous security testing for web applications at high-scale.

API attacks

Safeguard your APIs no matter how often you deploy.

Business logic attacks

Future-proof your security testing with green-flow exploitation testing.

LLM attacks

Next-gen security testing for LLM & Gen AI powered applications and add-ons.

Interfaces & extensions

Security testing throughout the SDLC - in your team’s native stack.

Integrations

Connecting your security stack & resolution processes seamlessly.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Book a demo

We’ll show you how Bright’s DAST can secure your security posture.

Resources
Blog

Check out or insights & deep dives into the world of security testing.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Case studies

Dive into DAST success stories from Bright customers.

Research

Download whitepapers & research on hot topics in the security field.

Company
About us

Who we are, where we came from, and our Bright vision for the future.

News

Bright news hot off the press.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

We're hiring

Want to join the Bright team? See our open possitions.

Bug bounty

Found a security issue or vulnerability we should hear about? Let us know!

Contact us

Need some help getting started? Looking to collaborate? Talk to us.

Resources > Blog >
Safety and Preparation for Hacker Summer Camp

Safety and Preparation for Hacker Summer Camp

Tanya Janca

Every August, hackers descend onto Las Vegas, Nevada to participate in #HackerSummerCamp, a combination of multiple cyber security/hacker events that occur simultaneously. There are several events, but the main ones you are likely to hear about are Black Hat, Def Con, B-Sides Las Vegas and the Diana Initiative. #HackerSummerCamp is just the affectionate nickname, it is not the official name.

Formally named or not, #HackerSummerCamp can provide security risks to you and your personal devices! In this article we will detail several ways you can protect yourself and your devices from the small minority of attendees at this event who behave unprofessionally by causing others issues during this annual event.

  • Do not connect to any WiFi with a device that you love. Bring a burner phone or laptop if you must connect while at/near the conference.
  • Use a VPN if you are going to connect for work, from your hotel. And use Cellular data if you can, instead of wifi. Do not connect to work from the conference WiFi. Do not connect to the conference WiFi unless you are using a burner or ghosted+backed-up device.
  • Make a backup of your laptop, then ghost it, attend Hacker Summer Camp, then ghost it again when you get home, then restore from your backup disk. This helped a lot when I received “the gift of malware” in 2016 at my first Def Con. Glad I prepared before I left home!
  • Turn off your Bluetooth and WiFi. Ensure they won’t turn themselves back on or do any scans in the background.
  • Use cellular, it’s safer.
  • Ensure that YOU are physically safe at all times. It’s best to not go to a party alone or with people you don’t know, but if you do, don’t get drunk/high/out of control.
  • Don’t accept drinks from strangers. Even if they are famous.
  • Don’t go back to someone’s hotel room unless you feel safe to do so, and preferably tell someone where you will be and don’t forget the room number when you say where you will be. Have someone check in with you after.
  • Exercise all the caution in the world when it comes to your physical safety, and then some more. Even if you have met someone before or feel like you know them very well from the internet, be careful; you are the most valuable thing you have.
  • Register for parties in advance to make sure you get a ticket. Getting tickets to thing last minute is a pain, and they often sell out.
  • Buy tickets to conferences in advance to make sure you get in.
  • If you have to do live demos I suggest recording them (I KNOW! Then they are not live). You can always ALSO do them live, but you have a back up just in case. That’s what I did and guess what? My laptop is fine AND my demo looked awesome!
  • If you go to Def Con, prepare to wait in line for at least 50% of the time you spend at the conference. Seriously. If you are an extrovert like me this can be fun, but if you are an introvert be prepared. #linecon
  • If you can network and make friends in advance of the event, it’s a good idea to do so. Attending in a group is always safer and usually more fun as well. If you can meet people who are part of a larger group, such as Diana Initiative, CyberJutsu, WoSEC, OWASP, etc. that can lead to even more fun (and safety).
  • If something happens, TELL SOMEONE. If a person has done something obviously inappropriate to you, they will (sadly) likely do it to even more people if you let them get away with it. Please report. For DEFCON there’s a hotline. And the people working there are super awesome and kind. They will help, regardless of the situation you’re in, regardless of the persons involved. You can even report anonymously over the hotline. Again: if something really bad happens please report.

Resources

Domain Hijacking: How It Works and 6 Ways to Prevent It

What Is Domain Hijacking?  Domain hijacking refers to the unauthorized acquisition of a domain name by a third party, effectively taking control away from the rightful owner. This form of cyber attack can lead to significant disruptions, including loss of website functionality, email services, and potentially damaging the brand’s reputation.  Domain hijackers often exploit security

Mastering Vulnerability Management: A Comprehensive Guide

Modern day organizations face a constant barrage of cyber threats, making it imperative to implement robust vulnerability management processes. Vulnerability management is a systematic approach to identifying, evaluating, treating, and reporting on security vulnerabilities in systems and their associated software. In this blog post, we’ll delve into the four crucial steps of vulnerability management process

Vulnerability Scanners: 4 Key Features, Types, and How to Choose

A vulnerability scanner is a specialized software tool designed to assess the security of computers, networks, or applications by automatically detecting and analyzing weaknesses. These scanners proactively search for security vulnerabilities, such as unpatched software, misconfigurations, and other security gaps that could be exploited by attackers. Some scanners can simulate the actions of an attacker to help identify exploitable vulnerabilities.

Get our newsletter