Shmoocon, an InfoSec conference held annually by The Shmoo Group since 2005, is held early each year in Washington, D.C. ShmooCon is a purposely smaller conference, focused on bringing original research to attendees and supporting networking. ShmooCon XIV was held January 19-21 at the Washington Hilton (for those history buffs out there, you might recall that ARPANET made its debut at this hotel in 1972). It is important to us at Gravwell to be involved in the community, so I jumped at the chance to attend this year's Shmoo!

ShmooCon CFP

During the ShmooCon annual call for papers (CFP), I submitted a proposal. The proposal was based on the original research done by Gravwell that allowed us to identify inauthentic submissions to the FCC Title II call for public comments. This was also the subject of a Gravwell blog post from October 2017. When I received the email that I had been selected, I was surprised and shocked.  Shmoocon is very selective with regard to speakers, with an acceptance rate of slightly below 20%. Excitedly, but also very nervously, I accepted and prepared to speak at the conference. I knew that the information was solid and highlighted how useful Gravwell was for mass data ingestion and analysis.

If you're interested in these kind of analytics, drop us a line and we're happy to talk about how Gravwell can help you!

Schedule a Demo


ShmooCon Tickets

The process for getting a ticket to attend ShmooCon is fairly competitive, and by fairly competitive, I mean that tickets sell out within seconds. Gravwell was able to obtain a ticket and we decided to give forward to the InfoSec community by providing a ticket to an individual in the security community. The winner was chosen at random from Twitter interactions. David Cafaro was the lucky winner. David was kind enough to take a picture with me before registration opened.



Speaking at Shmoo

I was slated to speak on Saturday at 3pm, which is prime time at an infosec conference. It didn't seem real until I saw my name on the speaker list for the room.


The room was more crowded than I expected, but everyone seemed friendly.


Despite my fears, it went over well, with there being more questions than there was time to answer. My talk also lead to some fun press coverage, starting with theRegister and Ars Technica.

Overall Impressions

ShmooCon XIV was an amazing experience. With only about 2200 people attending, it was a wonderfully intimate conference. There were some great presentations, including an awesome one by Mika Devonshire on the manipulation of fitness tracker data, a great talk about how to become a better community resource by Russell Handorf, and a great presentaiton on how to talk to the media by Sean Gallagher, Steve Ragan, and Paul Wagenseil. Shmoocon always seems to have some of the hottest InfoSec topics and I encourage you to explore all of the presentations. I feel honored that I was included in such a wonderful group of presenters and that I was able to present some really fun research to people who were excited to hear about it. Gravwell really shone in the presentation and I was so happy to show off what Gravwell can do.

If you are interested in seeing what Gravwell can do for you, drop us a line!