For the past 12 years in Austin, TX, the last week of October has been reserved for the Lonestar Application Security Conference (LASCON). Unequivocally, LASCON is the best cybersecurity conference you have never heard of!
LASCON is the annual confab of the Austin, TX OWASP (the Open Worldwide Application Security Project) chapter. OWASP is a volunteer organization that is a treasure trove of application security information with things such as standards, discussion groups, documentation, and more. The organization tracks the annual OWASP Top 10 web application security risks and is the proverbial north star for developers seeking more secure coding practices.
LASCON 2023 talks are recorded and available.
As a conference, LASCON rolls up its metaphorical sleeves and puts on a fabulous show. The uniqueness of LASCON:
- Delivers exceptional content focused on application security
- Offers every attendee the opportunity to challenge themselves and gain new life skills
- Provides physical and cerebral entertainment
Exceptional content
LASCON is wholly committed to discussing, exploring, and showcasing application security. Check out the 2023 agenda here to see the extensive programming focused on application security.
Why is application security so important? In the world of cybersecurity, the subset of application security is the last mile and the area the adversaries know may be less security-aware.
Software is malleable and widely shared. In many cases software developers live in an environment of “just ship it” only to find that unintentional vulnerabilities crept into a production release.
The push to “DevSecOps” or “SecDevOps” means security disciplines are being incorporated from the beginning to alleviate many of the problems that stem from a “just ship it” environment.
LASCON tackles the what, why, and how of application security. In 2023, there was plenty of focus on the needs and benefits of automation, how development teams need to communicate to different audiences, and of course what generative-AI means for application security. In other words, something for everyone.
Many of the LASCON sessions were recorded and the replays will be available in the next few months. I highly recommend viewing this topical content.
New life skills
Similar to other conferences, LASCON has an expo hall where sponsor-vendors showcase their technology and give away swag.
But…LASCON goes a step further and brings in the Longhorn Lock Picking Club to set up Lock Pick Village in one end of the expo hall. Lock Pick Village focuses on locksport. This skill uses logical thinking, involves manual dexterity, and brings out the physical aspect of security.
Lock Pick Village is a favorite among attendees and creates a bonding opportunity at LASCON. The mayor of Lock Pick Village runs various contests throughout the two days of the conference with winners walking away with bragging rights.
Entertainment
LASCON has something for everyone!
Each year, the LASCON organizing team hosts “speed debates”. These debates are sarcastic, outlandish, and just plain funny. A moderator hosts two teams who take on cybersecurity topics of the day and present heartfelt pro or con arguments. Topics are far-ranging and include the need to make all of your passwords the same, why cryptocurrency is the only thing that matters, and why cyber adversaries are just doing a job. As the debates rage on, the arguments become more tongue-in-cheek, and everyone is laughing at the downright absurd statements made. If you are a developer and cyber nerd and have a sense of humor, the speed debates are a must-attend activity!
And for physical entertainment there is the mechanical bull. Yes, you read that correctly, a mechanical bull – LASCON is in Texas, after all!
During the afternoon of the first day of the conference, one of the meeting rooms is magically transformed into a corral for a mechanical bull! All you have to do is sign a waiver, make your way across the air-filled padding on the floor, and ride the bull! This is far simpler than it sounds – signing the waiver is the easiest part.
Fortunately, the operator understands the audience and is quite patient as he explains the apparatus. Some of us stayed on for mere nanoseconds while others looked as though they were real live cowboys! Regardless of where you fall on the bull-riding spectrum, it is an adventure not soon forgotten.
LASCON is memorable
Between the outstanding content, learning how to pick locks, speed debating, and riding a mechanical bull, LASCON creates a lasting impression. The organizers, who are all volunteers make the conference a must attend event – thank you for being so creative with LASCON!
In 2023, I was fortunate enough to be selected as a speaker. As a thank you, the LASCON team bestows all of the speakers with an epic challenge coin with the theme of the conference engraved.
This token of appreciation is greatly admired and made its way home with me to a prominent place in my office. I look at the coin each day and recall what I learned at LASCON and look forward to the 2024 conference.
Mark your calendars for the week of October 22, 2024 for LASCON 2024. Come to Austin, TX and experience the best cybersecurity conference you never heard of!
See you at LASCON!