I was just recently in Washington D.C. where I attended and presented at the SANS Pen Test Summit. For those that have not had the chance to attend these events, they are two days of presentations and panels from well-known security experts. SANS has done a great job of presenting a great environment to bring together many different subjects all within the topic of Information Security.
I was fortunate enough to have been selected to be one of those presenters. I presented on Hacking ASP.Net: Tips and Tricks. I have been training secure .Net development for a while, but I feel that there are many things that pen testers just don’t understand that should be shared. Although my talk was limited to just a few key features of .Net, specifically Event Validation, Request Validation, and ViewState, I felt it was a lot of information that was new to the audience. I really enjoyed giving the presentation and hope that the audience enjoyed it just as much.
In addition to my talk, there were other great talk as well. Justin Searle, John Strand and Atlas of Doom all presented some great material. These guys all talk all over the country and world and it is always an experience to listen to them.
I recommend that if you are looking for a summit to attend, check out the SANS.org website. They host multiple discipline focused summits each year.