So the last couple of days I was at the IT-SA a new security fair in Nürnberg (Germany).  This is / was the first edition but it is a attempt to make a security oriented fair out of the security section of the Systems in München which should take place 21-24th October 2009.

On Tuesday I was really disapointed with the fair, because I was expecting a conference RSA style.  But after taking the right perspective I think it was good,  most of the big players in the security field were there:  AV companies, the big firewall companies and of course your share of UTM and service providers.  They organized a speaking trend in each of the 2 exibition halls: a technical and a managment.  Most of the talks were short and white paper like and they had the usual “hacking live” talks that serve as “eye openers”.  They are fun to see but people should know that the pentesting or crackers job is normally not that easy, they don’t know exactlly what you are going to do in order to install a Trojan or what drivers you have install in oder to escalate privileges.

Today the BSI had it’s own embebed conference (3. BSI Grundschutztag) in the event.  The talks where OK, they presented the new changes that can be expected it in the next version of the IT-Grundschutz Katalog and their standards.

OWAP hat their share yesturday, I didn’t get the chance to attend but if someone got to go I would appreciate a link to the slides and/or the content of the sessions.