Loading…
Attending this event?

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Wednesday, May 22
 

8:00am

Breakfast
Wednesday May 22, 2019 8:00am - 9:00am
Richmond Salons

8:00am

Registration
Wednesday May 22, 2019 8:00am - 3:00pm
TBA

9:00am

Welcome to RVAsec!
Speakers
avatar for Jake Kouns

Jake Kouns

CISO, Risk Based Security
Jake is the founder of RVAsec and the CISO for Risk Based Security that provides vulnerabilities and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSVDB.org) and DataLossDB. Kouns has presented at many well-known security... Read More →


Wednesday May 22, 2019 9:00am - 9:10am
Ballroom

9:10am

Keynote - Andy Ellis
Speakers
avatar for Andy Ellis

Andy Ellis

CSO, Akamai
Andy Ellis is Akamai’s Chief Security Officer, and his mission is “making the Internet suck less.” Governing cybersecurity, compliance, and safety for Akamai’s planetary-scale cloud platform since 2000, he has also designed and brought to market Akamai’s TLS acceleration... Read More →


Wednesday May 22, 2019 9:10am - 10:10am
Ballroom

10:10am

Vendor Break
Wednesday May 22, 2019 10:10am - 10:30am
Richmond Salons

10:30am

CTF Intro
Speakers
avatar for Roman Bohuk

Roman Bohuk

Co-founder, MetaCTF
Roman Bohuk is a second year CS student and a Rodman Scholar at the University of Virginia. He is a co-founder of MetaCTF, an organization that has been hosting competitions and trainings for universities, companies, and security conferences for over 5 years. Roman was the Linux captain... Read More →
avatar for Jake Smith

Jake Smith

MetaCTF


Wednesday May 22, 2019 10:30am - 10:40am
Ballroom

10:40am

Badge Intro
Speakers
avatar for Paul Bruggeman

Paul Bruggeman

Badgeman, HackRVA
EMbeded software developer- C, assembler (mips) | AWS Admin | RH/Centos Admin | SQL developer, dbadmin (MySQL) | PHP, bash/tcsh
avatar for Jonathan Lundquist

Jonathan Lundquist

Badge Volunteer, HackRVA
Jonathan Lundquist volunteers his time at HackRVA building badges for RVASec and was recently the IEEE Student Branch Chair at VCU. Jonathan is on VCU's CCDC (Collegiate Cyber Defense Team), which placed 2nd at MACCDC regionals this year. Jonathan is a US Navy veteran having served... Read More →


Wednesday May 22, 2019 10:40am - 10:50am
Ballroom

10:50am

Vendor Break
Wednesday May 22, 2019 10:50am - 11:00am
Richmond Salons

11:00am

Intro to Infosec and Overview of the 101 Track
Information Security is constantly in the news and making headlines. Which companies are breached? What are the impacts? How will the government respond to adversarial nations? The Internet still behaves much like the wild west – policy decisions are consistently being made and changed based on the structure and sustainability of the web. Organizations large and small are feeling the impacts of having a poor cyber security posture. This talk is perfect for those who are beginners, career changers, or anyone who needs a refresh on the building blocks of  information security. It will discuss how data can be compromised, what those impacts are, and some suggestions of first steps. We will then dive into what vulnerabilities are and what to do about it. Finally, we will go over the things the rest of the 101 track will cover.

Speakers
avatar for Deana Shick

Deana Shick

Member of the Technical Staff, CERT/CC
Deana Shick has been a Member of the Technical Staff at the Software Engineering Institute's CERT Coordination Center (CERT/CC) for 5 years. Deana works on the Threat Ecosystem Analysis team where she researches and analyzes current and emerging threats and vulnerabilities. Prior... Read More →


Wednesday May 22, 2019 11:00am - 11:50am
TBA

11:00am

Automating Information Security
While the complexity of modern security breaches continues to increase security professionals have to find a way to handle the increasing number and complexity of attacks. Security automation is key to maintaining network security but has not been heavily adopted. This presentation will use NIST-defined security controls to provide insight into how automation can be leveraged for information security.

Speakers
avatar for Danny McCaslin

Danny McCaslin

Systems Administrator, Frederick Water
Danny McCaslin is a Systems Administrator at Frederick Water in Frederick County, Virginia. He recently ended a five and a half year stint as a systems administrator at the Northwestern Regional Adult Detention Center in Winchester, VA. Danny recently graduated with a Masters degree... Read More →


Wednesday May 22, 2019 11:00am - 11:50am
TBA

11:00am

Comparing Malicious Files
A critical step taken during the malware analysis process is to attempt to determine the malware family a sample may belong to. Even if one cannot link a file to a family, one must at least try to find files that are similar and extrapolate information about the sample from comparison with these similar files. This talk reviews a variety of methods for comparing files from simple to complex.

Speakers
avatar for Robert Simmons

Robert Simmons

Director of Research Innovation, ThreatConnect
Robert Simmons is Director of Research Innovation at ThreatConnect, Inc. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Robert has spoken on malware analysis... Read More →


Wednesday May 22, 2019 11:00am - 11:50am
TBA

11:50am

Lunch
Wednesday May 22, 2019 11:50am - 1:00pm
Richmond Salons

1:00pm

What is Cyber Insurance? Are you covered?
Attendees of this session will gain a clear perspective of what benefits Cyber Insurance can provide to their existing Cyber Security Program.  Today, Cyber Insurance is no longer a “nice to have” but is a “must have” for every company doing business in a digital world.  But how much coverage do you need and what’s really involved in getting cyber insurance?  People who attend this session will gain a clear perspective on what Cyber Insurance can and can’t provide and where traditional insurance policies fall short.

Speakers
avatar for Lou Botticelli

Lou Botticelli

Director, Markel Corporation
Lou Botticelli serves as Executive Underwriter, Professional Liability for Markel Assurance Risk Management.  Prior to his employment at Markel in 2015 he worked for insurance broker Marsh & McLennan on the Private Equity & Mergers and Acquisitions team performing both advisory and... Read More →
avatar for Kara Owens

Kara Owens

Global Cyber Underwriting Executive, Markel Corporation
Kara Owens is Managing Director, Global Cyber Underwriting Executive at Markel Corporation.  In this role, Kara is responsible for establishing and leading Markel’s cyber market strategy and working with cyber underwriters across the Company to achieve growth and profit initiatives... Read More →


Wednesday May 22, 2019 1:00pm - 1:50pm
TBA

1:00pm

One Man Army - Playbook on how to be the first Security Engineer at a company
How often have you heard that 'Early stage startups don't care much about Security because if there is no product, there is nothing to secure?' Although there is merit in the argument that startups need to build product so as to sustain and grow, it often puts the person in charge of securing them in a tricky position. For most startups, this person is the first Security Engineer who can be somewhere between the 10th to 300th employee. By the time the first Security Engineer is on-boarded the attack surface has usually become quite large and he or she faces an uphill battle to go about securing the organization. In such cases, the Security Engineer needs to perform as a 'one-man army' keeping the attackers at bay. In this talk, i will present a playbook on how to perform as one.


Speakers
avatar for Kashish Mittal

Kashish Mittal

Head of Security, MileIQ
Kashish Mittal is a Security Researcher and Engineer. He currently is the Head of Security at MileIQ, a Microsoft startup. He has worked for companies such as Elevate Security, Duo Security, Bank of America, Deutsche Bank etc. By choice, he is an ethical hacker and an addicted CTF... Read More →


Wednesday May 22, 2019 1:00pm - 1:50pm
TBA

1:00pm

Anatomy of a Government Red Team Assessment
As Chief of the Nation's Red Team follow Jason Hill on a real world red team assessment of a partner Government Agency.  See how CISA's white hat hacker's are training our nation's cyber defenders.

Speakers
avatar for Jason Hill

Jason Hill

Branch Chief, CISA Assessments (NCATS), CISA (DHS)
Jason Hill serves as the Chief of the National Cybersecurity Assessments and Technical Services (NCATS) Red Team Operations conducting Red Team Assessments for Federal Government customers and Critical Product Evaluations (CPE) for industry partners. Through those assessments, Jason... Read More →


Wednesday May 22, 2019 1:00pm - 1:50pm
TBA

1:00pm

CTF Prep
Wednesday May 22, 2019 1:00pm - 3:50pm
Virginia A-D

1:50pm

Vendor Break
Wednesday May 22, 2019 1:50pm - 2:00pm
Richmond Salons

2:00pm

Vulnerability Assessments and Penetration Tests
A quick look at the marketing FUD of 'Automated Pentests' and a high level look at the various technical pieces that delineate the difference between scanning and the real-world attacks used in pentesting. Touches on technical and business processes to ensure that your organization is spending its resources in the right places.

Speakers
avatar for David Sullivan

David Sullivan

Penetration Tester/Offensive Security, CampusGuard
Offensive Security Services at CampusGuard. Star Wars, Hockey, Emo Music, Mental Health Awareness and Swahili enthusiast.


Wednesday May 22, 2019 2:00pm - 2:50pm
TBA

2:00pm

Secure 9-1-1 and Protecting Our First Responders
In the past  9-1-1 networks were mostly closed networks with no access to the outside world, there has been a lack of need to think about information security because why should you? With technology advancing software vendors are now utilizing cloud services and there are outside public safety applications that now need to communicate to 9-1-1. This has led to many centers in last decade to opening up their networks.  The next several years will also be a large change for 9-1-1, as they will be switching from the analog Enhanced 911 (E911) to the digital NextGen 911 (NG 911) system. For large metropolitan PSAPs, this will be a blip on the radar as they have the resources and personnel to handle the changeover but smaller and rural PSAPs will have the same information security concerns but they will not have the resources or personnel available to them to address these concerns. There are a large list of security concerns for 9-1-1 centers to acknowledge and start addressing before the switchover to NG-911.  I will go over telephony denial of service attacks on both the analog E911, the VoIP NG-911, and the non-emergency lines, prank/hoax calls to 9-1-1 (what I universally call “swatting”) and  in what ways that can be accomplished using technology past and present, various attack vectors to the Computer Aided Dispatch, or CAD, network why that data needs to be protected both currently and in the future with NG-911, and physical/internal threats to the 9-1-1 center for both the data and the security of the dispatchers. This is just an informational talk about these concerns to help bring awareness to what we face in the public safety industry and how we handle it with the limited resources we have available to us.

Speakers
avatar for Christine Giglio

Christine Giglio

CAD Administrator, Bedford County Department of E-911 Communications
I am the CAD Administrator for Bedford County, VA department of E-911 communications. Prior to this position, I was the Public Safety LAN Administrator for Bedford County, VA Sheriff’s Office, Fire & Rescue, and E-911 communications for 10 years. Bedford County is a rural joint... Read More →


Wednesday May 22, 2019 2:00pm - 2:50pm
TBA

2:00pm

Preventing the Attack - DHCP and DNS for the Win!
When is the best time to prevent something?  BEFORE it happens of course!  This talk will describe the unique abilities of DNS and DHCP to protect your network by preventing potential malicious activity BEFORE it occurs.  Both of these protocols can literally block malicious activity BEFORE it occurs!  As the Internet of Things explodes on all of our networks, and complexity of networks increases, knowing what it on your network is critical.  The increased number of devices, many of which are not in your control, can lead to an increased number of threats to your network.  A simple, centrally controlled mechanism that can control access to ALL devices exists in your network already.  Attend this session to find out how it works.

Speakers
avatar for Jeff Cummings

Jeff Cummings

Sr. Systems Engineer, Infoblox
Jeff is a senior systems engineer working for Infoblox, Inc. focusing on the Virginia and West Virginia markets. Prior to Infoblox, Jeff managed CACI's Cyber Solutions Lab. Jeff has been working in security field for over 20 years. In those years he has worked many areas of the... Read More →


Wednesday May 22, 2019 2:00pm - 2:50pm
TBA

2:50pm

Vendor Break
Wednesday May 22, 2019 2:50pm - 3:00pm
Richmond Salons

3:00pm

Social Engineering, Physical Security & USB Attacks
You may think that USB drops are a thing of the past but that’s certainly not the case. Sometimes breaching a target with a massive defense budget is as simple as a $10 USB dropped at the right location. In this talk I’ll share how an organization could start their own USB drop assessment by detailing the history, common research, tools of the trade, tactics, and mindset of a potential attacker. 

Speakers
avatar for Brad Thornton

Brad Thornton

Senior Penetration Tester, ICSynergy
I’m currently a Senior Penetration Tester with a consultant firm. I participate in multiple CTF events, belong to several security focused organizations, and attend numerous conferences on the subject. Historically, I’ve served in various roles in relation to privilege identity... Read More →


Wednesday May 22, 2019 3:00pm - 3:50pm
TBA

3:00pm

Compliance, Technical Controls, and You
Information Security compliance without enforcement through technical controls is just checking boxes.  On the other hand, technical controls without the backing of compliance through effective policy and management support can equate to just playing with the latest bright and shiny security related hardware and software.  We will walk through effective and popular techniques used by attackers.  Then the compliance and technical controls that are designed to detect and mitigate these techniques will be discussed in depth .

Speakers
avatar for Derek Banks

Derek Banks

Security Analyst, Black Hills Information Security
Derek is a Senior Security Analyst at Black Hills Information Security and has over 20 years of experience in the IT industry as a systems administrator for multiple operating system platforms, and monitoring and defending those systems from potential intruders. He has worked in the... Read More →


Wednesday May 22, 2019 3:00pm - 3:50pm
TBA

3:00pm

From The Trenches: Observations of and Tracking Actor Activity
EDR and threat hunting capabilities provide an unprecedented level of visibility into an infrastructure, and by extension, into malicious actor's behaviors and TTPs.  This capability extends well beyond what is available from OSINT collection and processing, as well as traditional IR, and provides the foundation for a strategic tracking process to truly take full advantage of what's available.  Not only can you track behaviors over time, but mapping the observed TTPs to the MITRE ATT&CK framework can provide valuable insights, and inform defensive measures.

Speakers
avatar for Harlan Carvey

Harlan Carvey

Sr Researcher, CrowdStrike
Harlan has spent over 2 decades in the info/cyber security field, most of which has been spent in DFIR. He is a prolific author and speaker.


Wednesday May 22, 2019 3:00pm - 3:50pm
TBA

3:50pm

Vendor Break
Wednesday May 22, 2019 3:50pm - 4:00pm
Richmond Salons

4:00pm

No More Whack-a-Mole: How to Find and Prevent Entire Classes of Security Vulnerabilities
In software development, we frequently see the same logical coding mistakes being made repeatedly over the course of a project’s lifetime, and often across multiple projects. When these mistakes lead to security vulnerabilities, the consequences can be severe. No one knows this better than companies like Google and Microsoft, whose software is used by millions of people every day.

With each code vulnerability discovered, we’re presented with an opportunity to investigate how often this mistake is repeated, whether there are any other unknown vulnerabilities as a result, and implement an automated process to prevent it reappearing. In this talk, I’ll be introducing Variant Analysis, a new process being pioneered by security teams at a number of companies including Google and Microsoft, that does just this. I’ll discuss how it can be integrated into your development and security operations, and also share some stories from the trenches.

Speakers
avatar for Sam Lanning

Sam Lanning

Developer Advocate, Semmle Inc
Sam started working at Semmle in October 2014, after deciding to drop out of his Masters at Oxford University after having completed his undergraduate Computer Science degree there. Sam was the first full-time developer for Semmle’s LGTM platform, and worked on it for over 3 years... Read More →


Wednesday May 22, 2019 4:00pm - 4:50pm
Ballroom

4:50pm

Closing Day 1
Speakers
avatar for Chris Sullo

Chris Sullo

Founder, RVAsec
Chris is the founder of RVAsec, and Tech Lead for Application Penetration Testing at a bank. Chris has been in the security industry for 24 years, working in various research and security roles with Focal Point, HP (SPI Dynamics) and Capital One. He is the author of the “Nikto... Read More →


Wednesday May 22, 2019 4:50pm - 5:00pm
Ballroom

5:30pm

RVAsec After Party Sponsored by Risk Based Security and GuidePoint Security
You must register (another link will be sent) and sign up to attend.

Being registered for the conference or using Sched will not get you on the list.

More details to follow!

Wednesday May 22, 2019 5:30pm - 7:30pm
The Circuit 3121 W Leigh St, Richmond, VA 23230, USA
 
Thursday, May 23
 

8:00am

Breakfast
Thursday May 23, 2019 8:00am - 8:50am
Richmond Salons

8:00am

Registration
Thursday May 23, 2019 8:00am - 3:00pm
TBA

8:50am

Welcome to RVAsec Day 2!
Speakers
avatar for Jake Kouns

Jake Kouns

CISO, Risk Based Security
Jake is the founder of RVAsec and the CISO for Risk Based Security that provides vulnerabilities and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSVDB.org) and DataLossDB. Kouns has presented at many well-known security... Read More →


Thursday May 23, 2019 8:50am - 9:00am
Ballroom

9:00am

Keynote - Mandy Logan
Following a series of 5 strokes and major head injuries, Mandy is no longer in the construction engineering industry. She used her life hacking prowess from a non-traditional background (such as skipping five years of K-12 schooling while working on a ranch and then graduating from a giant, traditional high school in 2.5 years with a 4.2 GPA) to re-establish neuro control using her electrical system, her tongue against her teeth, and perseverance. Now, as a happy dyslexic autie (autistic person) she is pursuing all things InfoSec with an emphasis on Incident Response, Neuro Integration, Artificial General Intelligence, and Community, pressing forth to improve the lives of InfoSec professionals and long term ethical neuro tech for those unable to express themselves to their own satisfaction. She enjoys art, travel, naps, speaking, continuing and broadening her own recovery, and good people. Mandy always hopes to be half the person her service dog, Trevor, is. (He helped her relearn to walk!)

Speakers
avatar for Mandy Logan

Mandy Logan

Speaker, Student, Human, Mandy Logan
Following a series of 5 strokes and major head injuries, Mandy is no longer in the construction engineering industry. She used her life hacking prowess from a non-traditional background (such as skipping five years of K-12 schooling while working on a ranch and then graduating from... Read More →


Thursday May 23, 2019 9:00am - 10:00am
Ballroom

10:00am

Vendor Break
Thursday May 23, 2019 10:00am - 10:10am
Richmond Salons

10:10am

Risk Assessment - The Heart of Risk-based Security
Everywhere you look today you see “risk-based security” being touted as the next big thing. Knowing your assets, understanding the threats and vulnerabilities that may impact those assets, and calculating a risk score in order to prioritize mitigation actions, should be every organization’s goal. Risk-based security is not accomplished by performing a risk assessment exercise once a year. It requires a continuous assessment of your organization’s risk posture. Too many businesses think that completing a risk assessment is a difficult and complicated process that requires expensive software and can only be done by third party consultants. As a result, risk assessments are not conducted or conducted once and stored away to show the auditors. Risk assessments are essential in order to assure that the expenditures involved in mitigating vulnerabilities and the implementation of security controls are commensurate with the risks facing the organization. Attend this interactive session to explore the definitions, methodologies, structure and the expected results of a proper risk assessment that can be produced by your organization.


Speakers
avatar for Barry Kouns

Barry Kouns

CEO, Risk Based Security
Barry Kouns is CEO at Risk Based Security, a vulnerability intelligence, organizational ratings,and on-demand security solutions firm. Barry's experience includes information security consulting, risk assessment and quality management. Barry has full knowledge of GLBA, FFIEC, HIPAA... Read More →


Thursday May 23, 2019 10:10am - 11:00am
TBA

10:10am

Was I Supposed to Mix the Security in Before I baked it?
Security practitioners advocate ideals through clichés and analogies to help others understand complex problems.  One prominent analogy espouses baking security into a solution instead of bolting security on at the end.  This seems like an obvious analogy – a baker certainly can’t add flour to a cake after it’s in the oven.  In business reality, time-to-market beats security every day of the week.  How can an architect bake security into solutions when the extra time could result in a failed venture?  This talk explores the realities of blending security into the design and implementation of solutions with a goal of realizing better is not the enemy of perfect.  Some implementations bolt on security beautifully; other design patterns prove impossible to correct.  Look forward to a meme-filled tour of architectures, design patterns, and lessons learned that will help security practitioners and business people identify if they’re cooking soup or baking cakes (…if that sounds like a mixed metaphor, don’t be late for supper). 

Speakers
avatar for Brandon Martin

Brandon Martin

Security Craftsman
Brandon Martin is a solo security practitioner at Deconstructed Security, LLC. He helps clients find the right investments, partners, and internal improvements to mitigate cybersecurity risk. Through his experiences he earned the Offensive Security Certified Professional (OSCP), Certified... Read More →


Thursday May 23, 2019 10:10am - 11:00am
TBA

10:10am

Cybersecurity Zero to Hero with CyberChef
The Cyber Swiss Army Knife “CyberChef” is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. CyberChef has significantly lowered the entry threshold for field of Malware Analysis. This talk demonstrates how CyberChef provides the means for those without a strong programming or reverse engineering backgrounds to accomplish complicated, technical Cybersecurity tasks. This talk will also highlight how CyberChef can streamline the workflows of more seasoned analysts with advanced combinations of tasks. 

Speakers
avatar for Jonathan Glass

Jonathan Glass

Lead Malware Analyst, Federal Reserve Bank of New York
Reverse Engineer. Forensic Analyst. Teacher. Nerd.


Thursday May 23, 2019 10:10am - 11:00am
TBA

10:10am

CTF
Thursday May 23, 2019 10:10am - 3:50pm
Virginia A-D

11:00am

Vendor Break
Thursday May 23, 2019 11:00am - 11:10am
Richmond Salons

11:10am

Network Security 101
Think the network is a black box that magically gets your cat videos to you? This talk explains how it works at the fundamental levels.

Speakers
avatar for Rick Lull

Rick Lull

Lead Security Consultant, SyCom Technologies
Lifelong geek turned security consultant after stops as a desktop tech, server bubba, and network jockey. Rick is a healthcare IT survivor, and is now playing Horatio on the bridge for hire with a local technology consulting company, advising clients on security strategy and operations... Read More →


Thursday May 23, 2019 11:10am - 12:00pm
TBA

11:10am

Breaking and Entering: Emulating the Digital Adversary in 2019
As one of the United States government's premier assessment and penetration testing organizations, the Department of Homeland Security (DHS) National Cybersecurity Assessments and Technical Services (NCATS) team is responsible for proactively identifying risk against federal, state, local, territorial, and critical infrastructure networks. This session will provide detailed insight on how DHS emulates the digital adversary in order to identify and mitigate risk against our nation's infrastructure through core capabilities in vulnerability scanning, penetration and red team testing, design review, and phishing assessments. The quantifiable and objective data gained by the NCATS team will allow attendees to gain a comprehensive understanding of the issues that affect government networks and how DHS is helping to overcome them.

Speakers
avatar for Robert Thompson

Robert Thompson

Deputy Branch Chief, DHS
Bobby Thompson is a member of DHS’ National Cybersecurity Assessment and Technical Services (NCATS) team leading the effort to secure our nation’s critical infrastructure and government resources. NCATS is responsible for conducting comprehensive penetration tests, red team assessments... Read More →


Thursday May 23, 2019 11:10am - 12:00pm
TBA

11:10am

Introduction to CSRF
An introduction to Cross Site Request Forgery, how to exploit it, and prevent it.

The talk will begin with an introduction to Cross Site Request Forgery, defining what it is, how to exploit, how to prevent it.  Live demonstrations (if the demo gods cooperate) will be used during the presentation.  The talk concludes with an example of using Flash to bypass the mistaken protections offered by Cross Origin Resource Sharing.

Speakers
avatar for Aaron Bishop

Aaron Bishop

Principal Penetration Tester, SecurityMetrics, Inc.
bISHop has been in the security realm for over 10 years, focused on penetration testing for 6 years.  If bISHop is not at a computer, he can often be found in the mountains with his dog.


Thursday May 23, 2019 11:10am - 12:00pm
TBA

12:00pm

Lunch
Thursday May 23, 2019 12:00pm - 1:00pm
Richmond Salons

1:00pm

Being Secure Doesn’t Mean You Are Managing Risk
Charles will explain the beginner concepts of identifying, quantifying, qualifying, and decisioning risks with a focus on how this differs from the practice of cybersecurity.

Speakers
avatar for Charles Tango

Charles Tango

CISO, Altria
Charles is the Chief Information Security Officer at Altria, the parent company of producers of superior branded tobacco and wine products such as Philip Morris USA and Ste. Michelle Wine Estates.Charles also represents Altria on the board of the Richmond Technology Council, which... Read More →


Thursday May 23, 2019 1:00pm - 1:50pm
TBA

1:00pm

Security Mind Expansion
Information security is always changing and to keep up with these changes we need to somehow upgrade the professionals to keep up.  In order to do this we need to expand the brain of the information security professionals. In this presentation we will cover several modern day philosophy concepts and how to incorporate these concepts into your everyday practice. These concepts include: ontological design, looking-glass self, feedback loops, flow state, cognitive play. Applying these concepts will hopefully expand your mind and improve how information security is conducted.

Speakers
avatar for Chandos Carrow

Chandos Carrow

Information Security Officer, Virginia Department of Health
Chandos Carrow is a Co-Information Security Officer for the Virginia Department of Health.  He has worked for the Commonwealth of Virginia for more than 10 years and has been with the VDH for almost 2 years.  Chandos has worked in several state agencies in his career including healthcare... Read More →


Thursday May 23, 2019 1:00pm - 1:50pm
TBA

1:00pm

Network Security Monitoring: Experience and Lessons
Network Security Monitoring is an integral part of security defense.  Setting up Network IDS/IPS properly is critical to ensuring an organization’s NSM is efficient and effective.  I have learned quite a few lessons from my experience in the NSM realm: from properly sizing and architecting solutions to automating deployment and operations in a variety of environments.  I will also share lessons on working with Network teams to configure network components for NSM, setting up and operating NSM systems, and scaling NSM solutions to handle customer demands.  I will also compare Open Source Solutions to Vendor Solutions.  My goal for this presentation is for attendees to learn from my experiences in order to make informed decisions in their own environments.

Speakers
avatar for Jeff Tehovnik

Jeff Tehovnik

I am a Security Practitioner whom enjoys both offensive and defensive strategies, tactics, and operations. I also enjoy Coding in Python, especially for Automating tasks and interfacing with APIs. Network IDS/IPS is a particular interest of mine. Outside of IT I enjoy Reading... Read More →


Thursday May 23, 2019 1:00pm - 1:50pm
TBA

1:50pm

Vendor Break
Thursday May 23, 2019 1:50pm - 2:00pm
Richmond Salons

2:00pm

101 Panel
A recap of the 101 track and Q&A with some of our speakers and RVAsec experts.
Moderated by Deana Shick.

Speakers
avatar for Deana Shick

Deana Shick

Member of the Technical Staff, CERT/CC
Deana Shick has been a Member of the Technical Staff at the Software Engineering Institute's CERT Coordination Center (CERT/CC) for 5 years. Deana works on the Threat Ecosystem Analysis team where she researches and analyzes current and emerging threats and vulnerabilities. Prior... Read More →


Thursday May 23, 2019 2:00pm - 2:50pm
TBA

2:00pm

Code Signing: A Security Control That Isn’t Secured
As a security professional, how involved are you with your organization's code signing activities and processes? Learn how you can create a secure enterprise code-signing infrastructure that will scale and adapt as networks continue to evolve and grow.

Speakers
avatar for Eddie Glenn

Eddie Glenn

Senior Threat Intelligence Manager, Venafi, Inc
Eddie Glenn is the senior threat intelligence manager at Venafi and is responsible for researching the risks and threats of code signing and endpoint infrastructure. Eddie has more than 30 years of experience in enterprise software at companies such as IBM, Rational, and Wind River... Read More →


Thursday May 23, 2019 2:00pm - 2:50pm
TBA

2:00pm

Operationalizing the ATT&CK™ Framework
Use of atomic indicators of compromise for cyber security, quickly become stale, and are often defeated by malicious actors.  Behavioral-based detection strategies focus on series of actions, during an intrusion, and are more dynamic in defending against intrusions.  In this talk, GE-CIRT discusses strategies to track, and respond to threat actors, by using frameworks like the Lockheed Martin Kill Chain and the MITRE ATT&CK framework with TIAMAT, GE's in-house developed end-to-end operational ATT&CK tool.

Speakers
avatar for Conrad Layne

Conrad Layne

Sr Cyber Intelligence Analyst, General Electric
Conrad Layne is a senior cyber intelligence analyst with General Electric since 2013. In this role, Conrad tracks more than 50 Nation-state actors, their attacks, and TTPs with efforts focused on cyber-attacks affecting industrial control systems. Conrad holds a Bachelor of Science... Read More →


Thursday May 23, 2019 2:00pm - 2:50pm
TBA

2:50pm

Vendor Break
Thursday May 23, 2019 2:50pm - 3:00pm
Richmond Salons

3:00pm

CISO of 2025
So much of the news related to CISOs today is negative. The reasons are clear because the challenges are enormous. Many CISO’s believe they are not given a fair chance – essentially obstructed from doing their job. Often there can be poor trust with the board, primarily due to not having a pragmatic, cost effective plan, to solve board level problems. CISOs have failed largely in this regard as their security plans have been tactical and not delivering on strategic goals. The common argument is executives just don’t ‘get it’, but most do, and they realize that security doesn’t provide great value with historic or conventional approaches. They might say the business only wants check-box security, but executives understand that to a great degree that is the only material benefit offered by security – so may as well get it at best cost. This talk will explore where and why things have happened the way they have, and how to move towards a definition for the CISO of 2025.

Speakers
avatar for Dan Holden

Dan Holden

CEO, Pharos Security
Dan Holden is CEO of Pharos Security measures, aligns, and guides optimization of the ROI and level of protection of a security program and translates the security program into business level terminology. Mr. Holden has 25 years in information security having served as CTO of the... Read More →


Thursday May 23, 2019 3:00pm - 3:50pm
Ballroom

3:50pm

Closing - Day 2
Speakers
avatar for Chris Sullo

Chris Sullo

Founder, RVAsec
Chris is the founder of RVAsec, and Tech Lead for Application Penetration Testing at a bank. Chris has been in the security industry for 24 years, working in various research and security roles with Focal Point, HP (SPI Dynamics) and Capital One. He is the author of the “Nikto... Read More →


Thursday May 23, 2019 3:50pm - 4:00pm
Ballroom

4:00pm

Closing Reception & Awards
Speakers
avatar for Jake Kouns

Jake Kouns

CISO, Risk Based Security
Jake is the founder of RVAsec and the CISO for Risk Based Security that provides vulnerabilities and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSVDB.org) and DataLossDB. Kouns has presented at many well-known security... Read More →
avatar for Jake Smith

Jake Smith

MetaCTF
avatar for Chris Sullo

Chris Sullo

Founder, RVAsec
Chris is the founder of RVAsec, and Tech Lead for Application Penetration Testing at a bank. Chris has been in the security industry for 24 years, working in various research and security roles with Focal Point, HP (SPI Dynamics) and Capital One. He is the author of the “Nikto... Read More →


Thursday May 23, 2019 4:00pm - 5:30pm
Ballroom