What Is DEF CON

DEF CON is the world's largest and longest-running underground hacker conference. Founded in 1993 by Jeff Moss — the same person behind Black Hat — it has grown from an informal party for dial-up bulletin board system users into an annual gathering of more than 30,000 security researchers, hackers, government officials, academics, and technology enthusiasts. DEF CON 34 takes place August 6–9, 2026 at the Las Vegas Convention Center, immediately following Black Hat USA — a scheduling choice that enables the "Hacker Summer Camp" tradition of attending both in the same week.

DEF CON's organizing theme for 2026 is "Agency" — described by the organizers as a focus on "self-determination in our use of tech, charting our own course and helping others do the same." The theme reflects the community's longstanding interest in understanding systems deeply enough to control them, not just consume them.

Unlike Black Hat, DEF CON maintains its roots as a community-driven, grassroots event. Talks are submitted through an open Call for Papers, speakers are unpaid, and the conference is structured around participation rather than observation. The conference has always accepted cash at the door (no pre-registration required), which serves both practical and philosophical purposes: anonymous attendance is a community value.

Pre-registration for DEF CON 34 is available with tiered pricing: Early Bird at $560, Regular at $580, and Late at $600. Walk-up cash registration at the door is available for $520.

Who's Coming to DEF CON

DEF CON draws a deliberately eclectic crowd. The core audience is security practitioners — penetration testers, vulnerability researchers, exploit developers, malware analysts, and CTF competitors — but the conference has long attracted attendees from adjacent worlds including journalism, policy, law, and art.

Government representation at DEF CON is extensive and somewhat paradoxical: federal agencies including the NSA, FBI, CISA, and various intelligence community organizations send delegations to observe, recruit, and participate alongside the very community that has historically been skeptical of government surveillance. The "Spot the Fed" game — a conference tradition where attendees try to identify government agents in the crowd — has been running since the early 1990s.

International attendance is significant, with strong contingents from Europe, East Asia, and Latin America. Students make up a meaningful portion of the audience; DEF CON's lower ticket price compared to Black Hat makes it more accessible to those early in their careers.

The conference skews younger on average than Black Hat and has a notably different social atmosphere: more informal, more experimental, and more likely to involve spontaneous technical demonstrations in hallways.

Want to know which companies are exhibiting? Lensmor tracks exhibitor profiles, booth data, and product categories for DEF CON and 1,000+ other trade shows. Explore DEF CON exhibitors on Lensmor →

Confirmed Speakers / Key Sessions at DEF CON

DEF CON's official speaker list is announced after the CFP closes, typically a few months before the event. The talk schedule is broad and covers both deeply technical research and sociotechnical topics.

Main Tracks. The primary talk tracks run in parallel across large rooms. Topics range from novel exploitation techniques and cryptographic attacks to social engineering case studies and policy analysis. The quality floor is high — weak submissions are filtered by the community review process.

Villages. DEF CON's village system is one of its most distinctive features. Villages are independently organized spaces focused on specific domains, each running their own mini-conference within the larger event. Major villages at DEF CON 34 are expected to include:

• Car Hacking Village — Automotive security research, CAN bus attacks, EV charging vulnerabilities
• AI Village — Adversarial machine learning, LLM jailbreaking, AI safety research
• Hardware Hacking Village — Embedded systems, JTAG/UART exploitation, IoT security
• Social Engineering Village — Vishing and phishing demonstrations, human factor research
• Voting Village — Election security research and voting machine analysis
• Cloud Village — Cloud-native attacks, serverless exploitation, multi-cloud security
• Biohacking Village — Medical device security, implantable technology research
• ICS Village — Industrial control systems and critical infrastructure security

Capture The Flag (CTF). DEF CON CTF is widely considered the world's premier competitive hacking competition. Teams qualify through online preliminaries held earlier in the year; the final round at DEF CON is a 48+ hour competition where teams attack and defend complex systems simultaneously. Winning DEF CON CTF carries significant prestige in the security community.

Contests and Challenges. Beyond CTF, DEF CON runs dozens of official contests: locksport competitions, social engineering challenges, hardware badges with embedded puzzles, and specialized research challenges offered by government agencies and private sponsors.

Sponsors and Exhibitors at DEF CON

DEF CON's commercial footprint is intentionally modest compared to Black Hat. The conference does not have a traditional vendor hall; instead, it maintains a limited sponsor program that funds operations without transforming the event into a product showcase.

That said, sponsors at DEF CON tend to be security-focused companies that understand the community and participate authentically: security tools vendors, open-source project sponsors, and organizations with genuine practitioner credibility. Sponsors often run village sponsorships, contest prizes, or hands-on activities rather than static booth displays.

The conference does host a "Vendor Area" with a small number of booths focused on security merchandise, hardware, books, and community-relevant products. This is not comparable to Black Hat's Business Hall in scale or commercial orientation.

Lensmor provides real-time exhibitor intelligence for DEF CON, including company profiles, product categories, and booth locations. Access the full exhibitor list →

Why You Should Attend DEF CON

Access to cutting-edge research you cannot get elsewhere. Some of the most significant vulnerability disclosures in the history of cybersecurity were first presented at DEF CON — including attacks on voting machines, automotive systems, medical devices, and telecommunications infrastructure. Attending puts you in the room for research that shapes security priorities industry-wide.

Unfiltered peer interaction. DEF CON's informal structure and cash-registration ethos creates a social environment where conversations happen across conventional professional boundaries. You will encounter perspectives and technical approaches that do not surface in corporate security conferences.

Village learning is irreplaceable. Spending a half-day in the Car Hacking Village or the ICS Village provides hands-on exposure to specialized domains that have no commercial equivalent. Village content is free, participatory, and often taught by the foremost practitioners in that subdomain.

CTF participation builds elite skills. Even if your team does not compete at the DEF CON finals level, the practice ecosystem surrounding DEF CON CTF has produced some of the most effective security engineers in the industry. The competitive environment accelerates skill development at a rate that training courses rarely match.

The community matters. The professional relationships formed at DEF CON have shaped careers, companies, and the direction of the security industry. The conference's informal structure makes it easier to initiate genuine conversations than more formal corporate events.

Travel & Logistics

Venue. Las Vegas Convention Center (LVCC), 3150 Paradise Rd, Las Vegas, NV 89109. The LVCC is located north of the Strip, accessible by the Las Vegas Monorail, rideshare, and taxi.

Getting There. Harry Reid International Airport (LAS) is approximately 3 miles from the LVCC. The Las Vegas Monorail connects several Strip hotels to the convention center. Rideshare and taxi are practical; the Monorail is efficient if you are staying near a station.

Where to Stay. Hotel blocks are confirmed at the Fontainebleau, Sahara, Wynn/Encore, and Circus Circus for DEF CON 34. Book through the official hotel block for best rates; the conference negotiates discounted rates but inventory fills quickly. The Fontainebleau is the newest option and is located directly across from the LVCC.

Registration. Pre-registration is available online at tiered pricing. Cash registration at the door is available and is a traditional option that many long-time attendees prefer. No ID is required for cash badge pickup — anonymity is a design choice.

What to Bring. DEF CON is a four-day conference and some of its best programming runs late into the evening. Wear comfortable shoes; the LVCC is enormous. The conference's badge traditionally includes an embedded hardware puzzle — bring a screwdriver, soldering iron access, and patience if you want to participate. Treat all networks at the venue as completely hostile.

Kids Track. DEF CON runs "Rootz Asylum," a dedicated children's track with age-appropriate hacking challenges and education. Families with children interested in technology are explicitly welcomed.

FAQ

Q: What is the "Hacker Summer Camp" and should I do both Black Hat and DEF CON?

A: "Hacker Summer Camp" is the informal name for the back-to-back week in Las Vegas that includes Black Hat USA (first) and DEF CON (immediately after). Many security professionals attend both. Black Hat ends Thursday; DEF CON begins Thursday evening. Combined attendance is common and the hotel logistics are manageable since many venues are shared or nearby. The two events complement each other well: Black Hat for vendor exposure and polished research presentations; DEF CON for community immersion and hands-on participation.

Q: Is DEF CON safe for corporate attendees?

A: DEF CON is attended by tens of thousands of security professionals including government officials, executives, and journalists. The event itself is safe. The primary risk is network-based: the DEF CON network environment is actively monitored and publicly reported as a research demonstration. Use a VPN, keep devices patched, disable Bluetooth and wireless when not needed, and treat all shared infrastructure as adversarial.

Q: How do I participate in the CTF?

A: DEF CON CTF is operated by a different team each year (selected by the previous winner). Online qualification competitions are typically held several months before the conference. Teams register through the CTF operators' website. Finals participation requires being on-site in Las Vegas.

Q: How do I find out about village schedules?

A: Each village maintains its own website and social media presence and publishes schedules independently. The DEF CON website aggregates links to all official villages. Schedules are typically finalized 2–4 weeks before the conference.

Q: Are there any talks or content available after the conference?

A: DEF CON publishes recordings of main track talks on its YouTube channel and media archive at media.defcon.org, typically released in the months following the event. Village content publication varies by village.

Q: How do I plan my schedule given so much parallel content?

A: DEF CON's sheer volume of parallel programming makes complete coverage impossible — accept this early. Identify two or three villages most relevant to your work and build your schedule around them. Use down time between sessions to explore the contest areas and engage in hallway conversations, which are often as valuable as formal talks. Tools like Lensmor help you research exhibitors before arriving — you can filter by industry, company size, and product category to build a target list.