Spotlight | KCon Decade, White Hat’s Tech Rock Extravaganza

From October 30th to 31st, the 10th KCon Hacker Conference (abbreviation: KCon 2021) was successfully held in Beijing. In the words of Zhou Jingping, CSO of Zhichuangyu, KCon has grown from a security salon in a coffee shop to an industry benchmark conference with great influence in the international network security circle. Although the format and theme may change, the one thing that will never change is KCon’s “original intention” – to create a bigger and better platform for technical exchange and sharing.

Ten years of KCon, the pursuit of technology is never-ending

The KCon hacker conference is hosted by Zhichuangyu. It adheres to the spirit of pursuing dry goods and willing to share, and strives to create a creative stage for every partner who loves hacking technology research to Display and interact with each other.

“Gathering the Wisdom of Hackers” is the slogan that KCon has always adhered to. As Zhao Wei, CEO of Zhichuangyu, said: “KCon brings geeks together, and uses the spirit of breaking through and the results of exploration to convey the righteous hackers to the security industry and the entire Internet. The values ​​and outlook on life that should be possessed. KCon is positioned in dry goods and taste, focusing on valuable technical content and the real hacker spirit. This platform gathers the wisdom of hackers. Such meaningful exchanges also make the development of the security industry more vitality.”

The theme of this year’s KCon is “Vertical and Horizontal”, with one out of ten vertical and one horizontal, all-inclusive, just like the offense and defense in cyberspace, which are unpredictable.

The pursuit of technical “dry goods” is the first position of KCon. KCon has always focused on the most cutting-edge and cutting-edge topics in the field of cybersecurity, aiming to present more abundant topic speeches and more practical security automation tools. , more hardcore security events and more interesting hacker trendy equipment, there is a so-called “no KCon without dry goods”.

Zhou Jingping said that compared with previous years, the highlight of this year’s KCon can only be said that “the goods are very special!”. Zhou Jingping introduced that this year’s KCon collected a total of 38 highly valuable topics, which is the most in history. On this basis, 19 topics were finally selected through strict selection, saying that this year’s KCon is “dry goods among dry goods” at all. for too.

I know Zhou Jingping, CSO of Chuangyu

Ten years ago, with the birth of a series of new Internet products such as Web 2.0, social networking, and Weibo, the first KCon was also a Web Security Forum. Today’s offensive and defensive methods have become more intelligent and complex, and KCon’s issues have also advanced with the times.

Zhou Jingping introduced that this year’s KCon discussed cutting-edge technologies such as vulnerability mining and exploitation, red-blue confrontation, threat intelligence, cloud virtualization container security, and mobile security. The speakers were all from Tencent, Alibaba, Meituan, 360, NSFOCUS, JD.com , Byte and other famous network security teams and laboratories, in two days, presented a technical feast focusing on actual attack and defense for the participants.

The core of KCon is the exchange and sharing of technology. Zhou Jingping said that not only can you see the directions and achievements of front-line researchers, but also learn from the research thinking and methods of others, so as to bring new ideas and inspiration, and make better breakthroughs. At the same time, as a platform for technical exchange and sharing, the core of KCon is to establish “fetters” between researchers. Every year, KCon is a large-scale “netizen running” meeting, allowing technology enthusiasts from all over the world to pass KCon Establish friendship, promote more technical exchanges and sharing in the industry, and continue to strengthen China’s cybersecurity power.

In addition to the sharing of topics, this KCon conference, in conjunction with FireWire Security, jointly created a loophole digging competition suitable for actual combat – “Watching Fire” digging competition. The intense technical competition and the sharing of experience after the game made the KCon conference full of interaction and communication.

Outside the KCon venue, the exhibition area is equally exciting. The weapon spectrum Display area, as in previous years, exhibited 11 innovative safety tools for participants to understand and use; in the “Hero List” display area, TOP white hats from various partners showed their style here; In the display area, major SRCs are actively recruiting white hat heroes to strengthen their own security; in the hacker equipment market, you can buy exquisite peripheral goods from KCon.

Ten years of KCon have come to a successful conclusion. Looking back on the development of KCon, Zhou Jingping has a lot of feelings. In 2012, the first KCon was a cafe salon with less than 100 people, half a day, and several topics; in 2013, KCon was still half a day, 5 topics, but the number of participants reached 500, and it began to take shape; in 2014, KCon was held in the Bird’s Nest, and 600 tickets were sold in one day for the full-day conference. At the same time, KCon began to become associated with “rock”. From the beginning of this session to the following years, there were wonderful rock performances; in 2015, KCon’s The scale was further increased, the duration was extended to 3 days, and the number of participants exceeded 1,000, including one-day closed-door training and two-day speeches. This KCon was also co-hosted by another established security conference, XCon, and successfully created a A “Cyber ​​Security Technology Summit Week”; in 2016, KCon invited internationally renowned security figures such as Jeff Moss, the founder of Defcon Blackhat, who expressed their approval and shock to the atmosphere of KCon, and KCon began to embark on the road of an international hacker conference. .

Due to the impact of the epidemic, this year’s KCon has also been postponed, but it can be seen that the ten-year KCon is still the “teenager” in the cafe back then, full of enthusiastic speakers, serious listeners, and young faces. . Zhou Jingping said, “The future of cybersecurity technology belongs to young people”, and the spirit of KCon will always be young.

For the country and the people, defend network security with technological strength

As the organizer of KCon, the 404 laboratory led by Zhou Jingping is also very fruitful and will share the results at KCon every year. Today, due to the large number of topics, Zhou Jingping gave up this traditional sharing session, leaving time for more speakers. In the reporter’s interview, Zhou Jingping introduced the main research directions and achievements of the 404 laboratory.

Zhou Jingping introduced that after years of growth and evolution, he knows that Chuangyu 404 laboratory has grown to cover the vulnerability research team (Seebug system), cyberspace mapping research team (ZoomEye system), 404 active defense laboratory team (Chuangyu security brain system) , the 404 blockchain security research team, the 404 special penetration and security support team and other teams of “multi-service combined army”.

The development of the 404 laboratory has been carried out by micro-taoing “vulnerabilities” and “data”. In the field of vulnerability research, the laboratory outputs research results to Microsoft, Apple, Oracle and other international first-tier companies all year round, builds and operates the industry-renowned Seebug vulnerability platform, and supports the national vulnerability database CNVD (National Information Security Vulnerability Sharing Platform) and CNNVD (National Information Security Vulnerability Sharing Platform) Security Vulnerability Library) work and its recognition. In the field of data, ZoomEye (Chinese: “Zhong Kui’s Eye”), China’s first cyberspace search engine, has been created, and it has become the representative of “Made in China” in this field and has been highly recognized at home and abroad.

At the same time, the Chuangyu security brain system supported by the 404 Active Defense Laboratory team relies on the massive attack data of Chuangyu Cloud Security, through attack identification, data mining and correlation analysis, and through real-time portraits of attackers, turn defense into attack, and attack Global attackers trace the source. For example, in recent state-led offensive and defensive drills, the attackers have been successfully traced for many times, and even some cases of foreign gangs damaging our country’s infrastructure have been successfully traced.

Zhou Jingping emphasized that knowing that Chuangyu has always been committed to “the great man, serving the country and the people”, the same is true for the 404 laboratory. Only with a high enough vision and pattern can we clearly see the direction of progress, and constantly strengthen the laboratory’s loopholes. And the technical advantages in data, for the country and the people, to defend the security of cyberspace.

The Links:   LJ64HB34 SKIIP23NAB126V1