Navigating the BSides Salt Lake City 2023 Logistics and Community Infrastructure

TLDR: This post breaks down the logistical framework and community-driven infrastructure behind the BSides Salt Lake City 2023 conference. We examine how the organizers structured their hands-on workshops, CTF environments, and networking opportunities to maximize technical engagement for attendees. For researchers and pentesters, understanding these event structures provides a blueprint for how to effectively participate in and contribute to similar community-led security gatherings.

Community-driven conferences like BSides are the lifeblood of the security industry. While the vendor-heavy trade shows often focus on high-level marketing, events like BSides Salt Lake City prioritize the actual work: the exploits, the research, and the hands-on skill development that keeps our community sharp. Navigating these events effectively requires more than just showing up. It requires understanding the infrastructure the organizers have built to facilitate learning and collaboration.

The Infrastructure of Hands-On Learning

Effective security training requires a sandbox. At BSides Salt Lake City, the organizers moved beyond static presentations by creating dedicated spaces for technical experimentation. The conference utilized a split-venue approach, separating theoretical sessions from the high-noise, high-activity zones where workshops and CTFs occurred. This separation is critical for any event that aims to provide a genuine "lab" experience.

Workshops were structured to provide immediate, actionable experience with modern security tooling. For instance, the event featured dedicated tracks for network and endpoint analysis, specifically leveraging Zeek for network monitoring and CrowdStrike for endpoint detection and response (EDR) telemetry. By providing these tools in a controlled environment, the organizers allowed participants to practice detection engineering and threat hunting without the risk of impacting production systems.

Gamifying the Offensive Mindset

Capture the Flag (CTF) competitions are the most effective way to test a researcher's ability to pivot from theory to execution. The BSides Salt Lake City CTF was designed to be accessible yet challenging, with a focus on both network and endpoint exploitation. The organizers emphasized that the CTF was not just about winning prizes like the Nintendo Switch Lite or Apple AirPods Pro, but about the process of discovery.

The technical setup for these challenges often mirrors real-world enterprise environments. When participants engage with these challenges, they are essentially performing a simulated penetration test. For those looking to sharpen their skills, the official CTF platform serves as a primary resource for understanding how these environments are architected. The focus on "gamification" here is not just for fun; it is a deliberate pedagogical strategy to force participants to think through the entire attack lifecycle, from initial access to post-exploitation.

Building the "Arsenal"

One of the most valuable aspects of the conference was the emphasis on hardware and low-level security. The soldering workshops and the "eBadge" modification contests are not just hobbies; they are fundamental to understanding the hardware-software interface. When a researcher learns to modify a badge, they are learning about firmware analysis, side-channel attacks, and hardware-level persistence.

The "eBadge" contest, in particular, encouraged participants to push the limits of the provided hardware. This type of challenge is a direct nod to the OWASP Internet of Things (IoT) Project, which highlights the growing need for security professionals to understand the vulnerabilities inherent in connected devices. By providing a platform for these modifications, the conference created a space where hardware hacking is treated with the same rigor as web application security.

The Role of Community in Professional Development

Beyond the technical challenges, the conference served as a massive networking hub. The "Student Networking and Recruiting" event was a deliberate effort to bridge the gap between academia and industry. For experienced pentesters and researchers, these events are an opportunity to mentor the next generation. For those newer to the field, it is a chance to find a path into the industry that isn't just another generic job application.

The emphasis on non-profit organizations like Camp Kesem also highlights the importance of the human element in our industry. Security is a high-stress field, and the community support systems we build at these events are just as important as the technical skills we share.

Actionable Takeaways for the Next Engagement

If you are planning to attend a similar conference, do not just treat it as a series of talks. Treat it as a series of engagements. Before you arrive, review the schedule and identify the workshops that align with your current skill gaps. If there is a CTF, register early and start looking at the challenge categories. If you are a more experienced researcher, look for ways to contribute to the community, whether by running a workshop, mentoring a student, or simply sharing your own research in the hallways.

The value of these events is directly proportional to the effort you put into them. The tools and techniques discussed—whether it is Metasploit for network exploitation or advanced EDR bypass techniques—are only as useful as your ability to apply them in a real-world scenario. Use the conference as a testing ground for your own methodologies. If you find a technique that works in the CTF, document it. If you see a new way to use a tool, share it. The goal is to leave the conference with a sharper, more efficient, and more creative approach to your next penetration test or bug bounty hunt.