Author: <span class="vcard">karen</span>

Speaker Feature: Jeff Tehovnik

Jeff’s Information Security career started in 1998 as a technician in the NOC at an ISP. Later he attended Virginia avatar for Jeff TehovnikCommonwealth University and earned his BS in IS and MS in Computer and Information Systems Security. While at VCU, Jeff worked as a Network Technician and Senior Information Security Analyst. Jeff joined Virtustream (formerly EMC’s Cloud Services) in 2015, where he now leads the Network IDS/IPS team, as well as the Enterprise Encryption team. Jeff recently earned his post-graduate certificate in Penetration Testing & Ethical Hacking from the SANS Technology Institute. Jeff’s background in programming, networking, and system administration is advantageous to his Ethical Hacking interests. Jeff has written papers and conducted research on Ethical Hacking topics such as Malware Command & Control, Security Enhanced Linux, Information Security in the UAE, etc. He currently holds an array of Certifications including CISSP, GCIH, GPEN, GWAPT, GXPN, and VMware NSX: Micro-Segmentation.

Network Security Monitoring: Experience and Lessons

Network Security Monitoring is an integral part of security defense. Setting up Network IDS/IPS properly is critical to ensuring an organization’s NSM is efficient and effective. I have learned quite a few lessons from my experience in the NSM realm: from properly sizing and architecting solutions to automating deployment and operations in a variety of environments. I will also share lessons on working with Network teams to configure network components for NSM, setting up and operating NSM systems, and scaling NSM solutions to handle customer demands. I will also compare Open Source Solutions to Vendor Solutions. My goal for this presentation is for attendees to learn from my experiences in order to make informed decisions in their own environments.

Come see Jeff at RVAsec! Register now.

Speaker Feature: Conrad Layne


Conrad Layne is a senior cyber intelligence analyst with General Electric since 2013. In this role, Conrad tracks more than 50 Nation-state actors, their attacks, and TTPs with efforts focused on cyber-attacks affecting industrial control systems. Conrad holds a Bachelor of Science Degree in Digital Forensic Science from Defiance College and a Master’s Degree in Cyber Security Intelligence from Utica College.

Operationalizing the ATT&CK™ Framework

Use of atomic indicators of compromise for cyber security, quickly become stale, and are often defeated by malicious actors. Behavioral-based detection strategies focus on series of actions, during an intrusion, and are more dynamic in defending against intrusions. In this talk, GE-CIRT discusses strategies to track, and respond to threat actors, by using frameworks like the Lockheed Martin Kill Chain and the MITRE ATT&CK framework with TIAMAT, GE’s in-house developed end-to-end operational ATT&CK tool.

Come see Conrad at RVAsec! Register now.

Speaker Dinner Sponsor: Varonis

We are very pleased to welcome Varonis as our Speaker Dinner Sponsor for Tuesday 21st May!   @varonis

Register Now!


We arm our customers with an industry-leading platform that is built to protect the world’s most valuable and most vulnerable data. Varonis starts at the heart – with data – so our customers are prepared to defend their data against attacks from inside and out. Our platform eliminates repetitive, manual clean-up projects and automates manual data protection routines, so we bring security and cost-savings together – maybe for the first time in cybersecurity history.


Come see us at RVAsec. Register Now!


Speaker Feature: Aaron Bishop

bISHop has been in the security realm for over 10 years, focused on penetration testing for 6 years. If bISHop is not at a computer, he can often be found in the mountains with his dog.

An introduction to Cross Site Request Forgery, how to exploit it, and prevent it.

The talk will begin with an introduction to Cross Site Request Forgery, defining what it is, how to exploit, how to prevent it. Live demonstrations(if the demo gods cooperate) will be used during the presentation. The talk concludes with an example of using Flash to bypass the mistaken protections offered by Cross Origin Resource Sharing.

Come and see Aaron at RVAsec! Register now.

Speaker Feature: Jason Hill


Jason Hill serves as the Chief of the National Cybersecurity Assessments and Technical Services (NCATS) Red Team Operations conducting Red Team Assessments for Federal Government customers and Critical Product Evaluations (CPE) for industry partners. Through those assessments, Jason helps close capability gaps, limit exposure and reduce exploitation on the network. Jason works with more than 150 state, local, tribal, territorial and other critical infrastructure entities. Jason has also spent over 20 years in the Virginia National Guard conducting cyber operations during active duty mobilizations throughout his career.

Anatomy of a Government Red Team Assessment

As Chief of the Nation’s Red Team follow Jason Hill on a real world red team assessment of a partner Government Agency. See how CISA’s white hat hacker’s are training our nation’s cyber defenders.

Come see Jason at RVAsec! Register now.

Silver Sponsor Feature: Checkpoint



Check Point Technologies

Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.

Come see us at RVAsec! Register now.

Speaker Feature: Jonathan Glass

@GlassSecavatar for Jonathan Glass

Jon is a Senior Cybersecurity Associate serving the Federal Reserve’s National Incident Response Team as Lead Malware Analyst. He also teaches Digital Forensics, Malware Analysis, and Cybersecurity Python courses for University of Richmond: School of Professional and Continuing Studies. A nine year veteran of the United States Air Force.

Cybersecurity Zero to Hero with CyberChef

The Cyber Swiss Army Knife “CyberChef” is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. CyberChef has significantly lowered the entry threshold for field of Malware Analysis. This talk demonstrates how CyberChef provides the means for those without a strong programming or reverse engineering backgrounds to accomplish complicated, technical Cybersecurity tasks. This talk will also highlight how CyberChef can streamline the workflows of more seasoned analysts with advanced combinations of tasks.

Come see Jon at RVAsec! Register Now.

Speaker Feature: Robert Thompson

Bobby Thompson is a member of DHS’ National Cybersecurity Assessment and Technical Services (NCATS) team leading the effort to secure our nation’s critical infrastructure and government resources. NCATS is responsible for conducting comprehensive penetration tests, red team assessments, persistent vulnerability scanning, and architecture design reviews for federal, local, state, territorial, tribunal, private sector and critical infrastructure partners. Mr. Thompson has worked in the Information Technology and Security industry for over 20 years in both private and government sectors throughout his career. Mr. Thompson has been active in the cybersecurity community speaking and has served as a presenter at various conferences and engagements throughout the United States.

Breaking and Entering: Emulating the Digital Adversary in 2019

As one of the United States government’s premier assessment and penetration testing organizations, the Department of Homeland Security (DHS) National Cybersecurity Assessments and Technical Services (NCATS) team is responsible for proactively identifying risk against federal, state, local, territorial, and critical infrastructure networks. This session will provide detailed insight on how DHS emulates the digital adversary in order to identify and mitigate risk against our nation’s infrastructure through core capabilities in vulnerability scanning, penetration and red team testing, design review, and phishing assessments. The quantifiable and objective data gained by the NCATS team will allow attendees to gain a comprehensive understanding of the issues that affect government networks and how DHS is helping to overcome them.

Come see Bobby at RVAsec! Register now.

Speaker Feature: Dan Holden


Dan Holden is CEO of Pharos Security measures, aligns, and guides optimization of the ROI and level of protection of a security program and translates the security program into business level terminology. Mr. Holden has 25 years in information security having served as CTO of the Retail and Hospitality ISAC, and Chief Technology Strategist at Arbor Networks. His experience includes building multiple teams from scratch as well as having brought multiple products to market while at IBM, TippingPoint, and Arbor Networks. Throughout his career he has a broad range of experience across multiple business functions including engineering, product management, sales, and marketing.

CISO of 2025

So much of the news related to CISOs today is negative. The reasons are clear because the challenges are enormous. Many CISO’s believe they are not given a fair chance – essentially obstructed from doing their job. Often there can be poor trust with the board, primarily due to not having a pragmatic, cost effective plan, to solve board level problems. CISOs have failed largely in this regard as their security plans have been tactical and not delivering on strategic goals. The common argument is executives just don’t ‘get it’, but most do, and they realize that security doesn’t provide great value with historic or conventional approaches. They might say the business only wants check-box security, but executives understand that to a great degree that is the only material benefit offered by security – so may as well get it at best cost. This talk will explore where and why things have happened the way they have, and how to move towards a definition for the CISO of 2025.

Come see Dan at RVAsec! Register now.


Speaker Feature: Sam Lanning


Sam started working at Semmle in October 2014, after deciding to drop out of his Masters at Oxford University after having completed his undergraduate Computer Science degree there. Sam was the first full-time developer for Semmle’s LGTM platform, and worked on it for over 3 years before becoming a developer advocate. Sam’s has been an active member of the security and privacy community for a while, with a particular interest in vulnerability research, cryptography and peer-to-peer networks, having previously contributed to Signal’s Android and Desktop clients, among other open source projects. Most recently, in his free time he’s been working on an open source project that ties together music and lighting.

No More Whack-a-Mole: How to Find and Prevent Entire Classes of Security Vulnerabilities

In software development, we frequently see the same logical coding mistakes being made repeatedly over the course of a project’s lifetime, and often across multiple projects. When these mistakes lead to security vulnerabilities, the consequences can be severe. No one knows this better than companies like Google and Microsoft, whose software is used by millions of people every day.
With each code vulnerability discovered, we’re presented with an opportunity to investigate how often this mistake is repeated, whether there are any other unknown vulnerabilities as a result, and implement an automated process to prevent it reappearing. In this talk, I’ll be introducing Variant Analysis, a new process being pioneered by security teams at a number of companies including Google and Microsoft, that does just this. I’ll discuss how it can be integrated into your development and security operations, and also share some stories from the trenches.

Come and see Sam at RVAsec! Register Now.