RVAsec 2019 CFP is now open!

The call for papers for RVAsec 2019 is now open!

Click here to submit a talk to the CFP now!

Conference: May 22-23rd, 2019

Location: Richmond, VA

CFP Submission Deadline: March 24th, 2019 at 11:59 PM Eastern


RVAsec is a Richmond, VA based security convention that brings top industry speakers to the midatlantic region. In its seventh year, RVAsec 2018 attracted over 650 security professionals from across the country. For 2019, the conference is a two day and three track format, with a mixed focus on technical and management/business presentations.

We are adding a 3rd track that is focused on introduction 101 talks.

All talks must be 50 minutes in length, and submissions will need to select either technical or business/management tracks.

Join us at RVAsec and enjoy the perks!

For more information and requirements, or to submit, please visit:

http://rvasec.com/2019-cfp/

RVAsec 2018 VIdeos

We’re pleased to announce the immediate availability of the RVAsec 2018 videos!

YouTube.com

Click through to watch all presentations on YouTube, and all the slides are also now available as well!

 


RVAsec 7 Schedule

Looking for the RVAsec 7 schedule? See m.rvasec.com where you can set your own agenda, rate speakers, and make sure you don’t miss a thing!


RVAsec 7 CTF Prizes

RVAsec 2018 is just a few days away, which means it’s almost time for another CTF! As mentioned in our first blog post, we have some exciting problems planned in topics ranging from cryptography to web and binary exploitation to lockpicking and badge hacking. The actual CTF will take place on Friday, June 8th all day, but we’ll have some practice challenges set up on Thursday.

Thanks to Crowdstrike as well as Offensive Security and Netsparker, we have some really exciting prizes. As done in the past, we will have two separate prize tiers: you can either compete individually or in teams of up to 5 people. The top 3 individuals and teams in each category will be guaranteed a prize, and the remaining prizes will be distributed to the next highest individuals/teams. Priority will be given to the highest finishing competitors/teams (1st place chooses first, then 2nd, etc), with the top 3 individuals picking first, followed by the top 3 teams.

As one last note, you’ll be able to connect to the CTF stuff both wired and wirelessly. As we don’t have enough hardware to allow everyone to connect via a wired connection, you are encouraged to bring your own switch and long Cat5 cable.

Without further ado, the RVAsec CTF 2018 prizes:

● 2x Offensive Security PWK Course with 30 days of lab + OSCP Certification
● 2х Netsparker License
● 2x Hak5 WiFi Pineapple Tetra Tactical
● 2x Hak5 Bash Bunny
● 2x Hak5 Rubber Ducky
● 3x Holy Stone Racing FPV Drone
● 2x Anker PowerCore Speed 20000 Portable Charger
● 1x $250 Visa Gift Card
● 2x $100 Visa Gift Card


RVAsec 7 Layout

2018 Map

Click map for larger version

Wondering where things are for RVAsec in the VCU University Student Commons? Look no further!

  • Registration is outside the Richmond Salons
  • Talks are in Commonwealth Ballroom & Commons Theater
  • Vendors & food are in the Richmond Salons or outside Salons/Ballroom
  • Capture the Flag (CTF) is in the Virginia Rooms
  • Badges from HackRVA are in the Virginia Rooms

Click the map of the Commons 2nd floor for a larger version.

Talks:
Virginia Commonwealth University Campus
University Student Commons, 2nd floor
907 Floyd Avenue, Richmond, VA 23284

Parking:
Main Street Parking Deck
801 West Main Street, Richmond, VA 23284


RVAsec 2018 Proof of Attendance

If you need proof of attendance for your CISSP or other certification CPEs, please use this PDF.

Instructions:

 

Proof of attendance:


After Conference Reception Sponsor: Cisco

We are pleased to announce that Cisco are sponsoring our After Conference Reception on Friday, 8th June. The Reception will be held in the Commonwealth Ballroom directly after the last talk on Friday afternoon. Thank you to Cisco, and we look forward to seeing you all there!

www.cisco.com  @Cisco

Come see us at RVAsec. Register now!


Speaker Feature: Nathaniel Hirsch and Brian Brurok

nathaniel hirsch

0xdeadbeef.us

@morgothan

Nat Hirsch is the Director of the Red Team at a large financial institution. He has been doing Red Teaming, Pentesting, and other offensive focused security assessments for the last decade.

Brian Brurok is senior director of Security Software Engineering at Capital One focusing on delivering software solutions and automations for Security Operations teams. He develops and deploys custom applications focusing on Data Analysis, Incident Management, Automation and Live Response. His software tools have been used across teams to improve hunt operations, analyst performance, and incident management. Prior to Capital One, Brian spent 16 years in security operations building, maturing and managing over 50 security operations centers across DoD, Intel, Defense Contractor and Federal spaces. He’s active in the cyber community speaking at various conferences, and also regularly hosts and builds realistic training scenarios for multiple Capture the Flag events.

Building a Better Catfish

Picture this, a Red Team and a Blue Team working together to make the organization more secure, and not just trying to prove that they are better then the other one. This is how we did it.

Come see Nat and Brian at RVAsec! Register Now.


Speaker Feature: Karen Cole

www.assuraconsulting.com

@assura_incKaren Cole

Karen Cole is the CEO of Assura, Inc. a cybersecurity consulting firm located in Ashland, Virginia. Her company just celebrated its 11th year in business and is considered in the top 1% of women-owned companies in the United States according to a recent study by the U.S. Women’s Chamber of Commerce. Throughout her 20+ year career, Karen has worked with various executives, boards of directors, and legislators to bring cybersecurity to the executive level and get programs the support and resources they need. Many times, she has helped them work through their own 5 Stages of Grief to get them to embrace their new corporate responsibilities.

From Grief to Enlightenment: Getting the Executive Support for Information Security

Most information security professionals got into the field to enjoy the technical challenges of keeping the hackers at bay. However, as information security has moved into the executive level of organizations, most professionals struggle to get connect with executives and get the support they need for their programs. Karen Cole has been successfully handling the most ardent opponents of information security (think politicians, board members, and C-suite executives) for 16 years getting her clients what they need. This session is focused on real-world actions you can take to get the support and resources for your program. Leave your governance theory at the door. This session is going to get real!

Come see Karen at RVAsec! Register Now.


Speaker Feature: Tyler Townes

Tyler Townes, CISSP@tyler_townes

Tyler works at BlackBerry Product Security as a Security Program Manager and is the lead incident manager during emergency response events. His focus areas include SDLC, sustained engineering, vulnerability management, and risk management across multiple operating systems. He is currently researching pre-acquisition and post-acquisition security processes. In the past, Tyler has been responsible for vetting malware being submitted to mobile app stores, and ensuring that users are properly informed of the privacy risks posed by mobile applications and mobile ad packages.

Let’s build an OSS vulnerability management program!

Does your company use Open Source Software (OSS) libraries in the products that it builds? Do you worry that your customers and company will be exploited because no one in your organization is maintaining those libraries with vulnerability fixes? Let’s do something about that.
During this presentation, we will start from nothing and build a process for identifying the OSS libraries that your company uses in order to build a bill of materials.  We will source threat intel on those libraries, and we will take action to remediate the vulnerabilities in our source code repository so that we can keep our customers and company safe.

Come see Tyler at RVAsec! Register Now.