Having been to various conferences, from hack.lu and CTI Summit to botconf, FOSDEM, and SANS events across the EU and the US, I’ve learned that attending a conference is far more than just showing up and taking notes. Each event holds unique opportunities for growth, networking, and skills validation. Here’s how to make the most of them based on what I’ve gathered along the way.

Building a Reliable Network

One of the most rewarding aspects of conferences is networking. Over the years, the people I’ve met at these events have become go-to resources, especially when urgent information is needed—whether for an incident response or tracking specific threat actors. Networking at conferences goes beyond just meeting people; it’s about building a trusted circle that becomes invaluable over time. Through these connections, I’ve gained access to private communities where tradecraft, Indicators of Compromise (IoCs), and other crucial intelligence are shared within trusted circles—information you won’t find on public feeds. This network provides a distinct advantage, allowing faster, more informed responses to emerging threats.

  • Get Out There: A firm handshake and a quick chat can lead to partnerships that prove crucial down the line. Conferences offer a rare chance to meet key players in the field face-to-face, from vendor contacts to fellow CTI analysts.
  • Follow-Up Is Key: Once the event wraps, I make it a point to follow up with new contacts through email or social media. Consistent interaction ensures the network grows beyond just a business card collection.

Tools and Techniques: Always Something New

Each conference is packed with workshops and talks that showcase the latest tools and techniques. I’ve found this invaluable in staying updated and avoiding the “outdated” trap that can sneak up if you skip even a year.

  • Evaluation Through Practice: I look at each new tool with an eye on its practical applications. Will it replace an existing tool? Fill a gap? Workshops provide a low-risk way to test drive and evaluate, often with feedback from the presenters and other attendees.
  • Inspiration for Efficiency: Each event brings fresh insights. Listening to discussions or just chatting during breaks has sparked ideas on how to refine my daily workflows.
[!NOTE] Star and Fork on GitHub My advice is to star and fork valuable projects on GitHub whenever possible. This practice not only keeps the tools accessible but also helps me monitor updates and engage with the developer community.

Test Training Providers Before Committing

Professional training can be costly, and conference workshops offer a rare chance to try before you buy, which I find invaluable:

  • Preview Content and Format: Testing out a training provider’s content, format, and instructor style through workshops is key. It gives a snapshot of the depth of training on offer and helps me decide if it’s worth the investment.
  • Collect Resources for Evaluation: I try to gather any resources provided, as they give me a better sense of the program’s scope and whether it meets my needs.

Personal Development: Validation, Gaps, and Reflection

Conferences offer a unique space for personal growth. Not only do they validate existing skills, but they also highlight areas for improvement and encourage meaningful self-reflection.

  • Validate Skills: When a workshop feels straightforward, it’s a boost—an indicator that I’m on track. Occasionally, it even pushes me to consider running a workshop myself or sharing insights with peers.
  • Identify Knowledge Gaps: Areas that prove challenging are equally valuable, showing me where to focus my development efforts in the coming months.
  • Self-Reflection and Feedback: Conferences allow me to step back and reflect on my daily practices. Traveling with colleagues offers a great opportunity to gather feedback and brainstorm on our workflows.

Documentation: Bringing the Value Home

To keep the value of each conference alive, I make documentation a priority. This not only benefits my future self but also my colleagues, who may not have attended.

  • Notes and Feedback: I take time to refine my notes post-conference, aiming for constructive feedback that I’d find helpful myself. It’s about creating something that others can understand and apply.
  • Resource Collection: Gathering slides, videos, and any shared materials is part of my routine. These resources help me revisit topics and keep the content fresh long after the event.
  • Sharing What Matters: I believe in going beyond a summary, focusing on relevance. Sharing insights with colleagues—what’s important and why—ensures the knowledge serves the team, not just myself.

By documenting each event thoroughly, I’ve been able to track which conferences were truly impactful over the years—those that resulted in actionable changes in my practice versus those that offered less value. Time is a critical resource, especially when balancing conference attendance with full-time work. Proper records allow me to focus on the most beneficial events going forward and help build a track record I can use to demonstrate the value of attendance to management. This documentation becomes evidence, supporting the need to attend future events by showcasing the direct impact these conferences have had on my work.

For me, conferences have become a cornerstone of both my professional and personal growth. They’re not just events but essential check-ins on my journey as a CTI analyst, each one shaping my skills, network, and outlook in the cybersecurity world.