I’ve gotten my last letter back on a submitted CFP. I will be speaking three more times this year before looking ahead to 2024. Here are the conferences I will be at for the rest of the year. The topic I’ll be speaking on is API security. I’ll put the abstract below.

Infosec Nashville 2023 - September 26-27 - First time for me. I’m excited to go to a local event.

BSides Augusta - October 7 - I’ve been going to this conference since 2014. This is one of my favorite yearly events to attend. Yes, it’s a bit out there but it’s one of the biggest BSides in the world. For those curious Army Cyber Command is located in the area. It’s a very blue team focused conference.

MISECCON - November 17 - MISEC is one of the most talented local user groups in the country. This is a rebirth of Detroit Convergence and BSides conferences post pandemic. This is another one of my favorite conferences.

Title: The Security Hitchhiker's Guide to API Security

Abstract: API security is so hot right now! Organizations don’t fully understand APIs, how to find them, and secure them. This can feel scary. Don’t Panic. Grab your towel and join me on a meme adventure to explore the API galaxy. We’ll cover the history of APIs. Why people now suddenly care about them and why they’re such a hot topic. We’ll go over some ways to identify APIs within an environment. We’ll cover how API security is different and how to start securing them. We’ll review the API security tooling landscape. Finally, we’ll review resources to get your towel wrapped around API security and answer the ultimate API questions.

This blog post first appear on Exploring Information Security

I had an interesting follow up question to the most recent Exploring Information Security podcast, how to join the infosec community. Here’s the question:

Tyler Neeriemer:

Any advice for those of us in incredibly rural areas. Are there active online communities you can recommend?

This a great question, because I imagine there are a lot of people in a similar situation. My response was to join CitySec meetups remotely. Both MiSec and ColaSec stream and record the talks that they have. They would both love people to get involved online. Those are two groups that I know do this, there may be others (please hit me up if there are others).

I just started GamerSec, which is an infosec user group for those interested in video games. You can contact me directly to get added (my Twitter DMs are open or email, timothy.deblock[@]gmail[.]com). Again, there may be other online specific groups.

I also asked Micah for his input and he recommended checking meetup.com. If there’s nothing there you can get involved via listservs or slack channels. I am part of the OWASP, security metrics, ColaSec and GamerSec listservs. These are usually Google Groups that people with the same interest members can join to discuss an infosec topic. Slack is more of a chat channel (AKA IRC). I’m part of three slack channels: DevelopSec, MiSec, and ColaSec. I know there is also a channel for OSINT and Network Security and many others.

My final bit of advice is to start your own CitySec. You only need two people to start one. I've done a two-part podcast series on this topic. I would love to hear other suggestions.

This blog post first appeared on Exploring Information Security.