Author: rvasadmin

RVAsec 14 Video: Mike Bailey – Attacking & Defending ServiceNow: A Hands-on Lab for Red & Blue Teams

July 5, 2025
SpeakerVideos

RVAsec 2025 Video: Mike Bailey
– Rotas Security

Title: Attacking & Defending ServiceNow: A Hands-on Lab for Red & Blue Teams
ServiceNow is a critical enterprise platform, often integrated with sensitive systems and privileged access. This talk explores how attackers can exploit misconfigurations and privilege escalation paths within ServiceNow to gain a foothold in an environment. We’ll walk through real-world attack techniques, from initial access to lateral movement, and demonstrate how defenders can detect and mitigate these threats.

In addition to offensive tradecraft, we’ll cover how to set up a dedicated lab to safely test these attack vectors, fine-tune detections, and improve defensive strategies. Whether you’re a red teamer looking to sharpen your tactics or a blue teamer aiming to strengthen your defenses, this talk will provide actionable insights and practical steps for securing ServiceNow.

RVAsec 15 – Save the Date!

June 25, 2025
AnnouncementConference

We’re turning 15 — and you’re invited to the celebration.

RVAsec 15 will be held on June 9-10, 2026, once again at the Downtown Richmond Marriott. Mark your calendars now — this is going to be the big one.

Over the past 15 years, RVAsec has grown from a local gathering to one of the premier cybersecurity events on the East Coast. We’ve hosted world-class speakers, pulled off legendary parties, sparked fierce CTFs, and built a community we’re incredibly proud of. Year 15 will honor that legacy–and raise the bar.

Location:
Downtown Richmond Marriott
500 East Broad Street
Richmond, Virginia, USA 23219

Sponsorships are already underway! If you’re interested in sponsoring RVAsec 15, please contact us as soon as possible — space will fill fast for this milestone year.

If you haven’t experienced RVAsec before, now’s your chance to see what it’s all about.

Catch the vibe on our YouTube channel, join our Discord server, sign up for the monthly meeting mail list, and make plans to be part of the RVAsec story!

Let’s make RVAsec 15 unforgettable.

RVAsec Discord: Old Server, New Life

June 23, 2025
Announcement

Today we’re officially launching the RVAsec Discord as the year-round home for our community—a place to connect, share, ask questions, post spicy takes, and continue the hallway track long after the conference ends.

We actually created the RVAsec Discord server back in August 2020. And… well… we never really did much with it. Like many great ideas from the pandemic era, it quietly existed in the background, untouched and unloved. Until now.

💬 What’s Inside?

We’ve built out a bunch of useful (and fun) channels, including:

  • #general-talk – the main hub for conversation
  • #general-conf-discussion, #cfp-discussion – for conference discussion and future speakers to get feedback
  • #monthly-social and #events – to keep up with and discuss our regular meetups
  • #infosec-chat, #red-team, #blue-team, #osint – for your technical fix
  • #jobs-and-gigs, #mentorship, #local-richmond – because RVA is home for many
  • And yes, there’s even a #bbq-and-bourbon channel (you knew that was coming!)

🧠 Why Join?

Because RVAsec isn’t just a yearly conference—it’s a community. And it’s a community that expands far beyond Richmond, VA. Yes, we come together every June, sure. But we also host monthly social meetups, organize occasional focused events, and now have a space where we can all stay connected in between with our friends and colleagues around the world.

No matter where you are on your security journey—just starting out, leveling up, or deep in the trenches—this is your space.

🔗 How To Join

🚪 Join us: https://discord.gg/gjD9dhBStN

  1. Head to the Discord server
  2. Read the #welcome-and-rules
  3. Say hi in #intros
  4. Jump into #general-talk and start posting

See you there!

RVAsec 14 “Passport for Prizes” Contest!

June 2, 2025
AnnouncementEvent

We are once again having the Passport for Prizes event at RVAsec! This event gives you the opportunity to win some awesome prizes from our participating sponsors. 

Visit 15 sponsor’s tables and get their initials or signature in the corresponding box. When completed, return your entry to registration for a chance to win.

Note: Your business information must be complete to be eligible*, and you must be present at the reception on Wednesday to win.

    • RVAsec “Mystery Bags” (2)
    • Advanced Logic – Apple Homepod Mini
    • Axonius – JBL Tune 660NC Wireless Headphones 
    • Blue Bastian – Flipper Zero
    • BullWall – LEGO: Star Wars Set
    • Checkpoint – Bose Waterproof Speakers
    • Corelight – LEGO: Star Wars Chopper Astromech Droid
    • Cyberark – Maui Jim Gift Card
    • Cyberhaven – AirPods Pro 2
    • Dragnet Cyber – LEGO: Technic NASA Mars Rover
    • Fortinet – Apple TV
    • Gigamon – Backpack cooler with Amazon GC, Emergency Car Tool, and more
    • Guidepoint Security – $100 Amazon Gift Card
    • Illumio – Bose Speaker
    • LayerX – Meta Ray Ban Glasses
    • Netskope – Ninja CREAMi Ice Cream Maker
    • Oligo Security – Nepresso Veruo Machine & Pods 
    • Ox Security – Bose SoundLink Micro Bluetooth Speaker
    • Rotas Security – $150 Amazon Gift Card
    • Rubrik – YETI Hopper Flip 8 Soft Cooler
    • Secure Ideas – LEGO: Shuttle Carrier Aircraft
    • Semperis – Hydro Flask 20L Backpack Cooler
    • Sentinel One – JBL Black Flip 5 Speaker
    • Snyk – Apple AirPods
    • Specter Ops – Ember Mug
    • sumo logic – Electric Scooter
    • Veem – $150 Visa Gift Card
    • VERITI – LEGO: Mario Kart Set

* Note: Contact information will be shared with Passport sponsors.

ExtraHop – RVAsec 14 Silver Sponsor

May 28, 2025
Sponsors

RVAsec is pleased to present ExtraHop as an RVAsec ’25 Silver sponsor!

ExtraHop provides cloud-native cybersecurity solutions to help enterprises detect and respond to advanced threats—before they compromise your business.

ExtraHop
X (Twitter): @ExtraHop

RVAsec 14 tickets are available now!

Lockpick Village & Contest Sponsored by Rotas Security

May 28, 2025
AnnouncementConference

Join us at the RVAsec Lockpick Village! 

Test your skills on a range of locks, including mini-doors, from easy to challenging, with a variety of picks at your disposal. There might even be a full size door as well. =)

Never picked a lock? Fret not! We have very beginner-friendly options available, as well as instructors to assist in your lockpicking education and adventures.

Think you’re a top-notch picker or want to challenge yourself? Then plan to enter our timed contest! Race through a series of locks and compete for the fastest time to win a prize.

To ensure everyone’s safety, we’ll provide hand sanitizer for use while you explore the ancient art of lockpicking.

Come by and have a blast with the team!

Rotas Security provides focused offensive cybersecurity solutions fortifying the security posture of organizations. We are experts in adversarial simulation, advanced persistent threat emulation, penetration testing, red teaming, attack surface analysis, and threat hunting.

Rotas Security

Netwrix – RVAsec 14 Silver Sponsor

May 27, 2025
Sponsors

RVAsec is pleased to present Netwrix as an RVAsec ’25 Silver sponsor!

Easily identify sensitive, regulated and mission-critical information in your data stores and focus on the information that truly requires protection.

Netwrix
X (Twitter): @netwrix

RVAsec 14 tickets are available now!

SailPoint – RVAsec 14 Bronze Sponsor

May 27, 2025
Sponsors

RVAsec is pleased to present SailPoint as an RVAsec ’25 Bronze sponsor!

The core of enterprise security is identity. Take a tour to see how our identity security platform delivers a foundation that securely fuels your business.

SailPoint
X (Twitter): @SailPoint

RVAsec 14 tickets are available now!

Still Need a Room and a Ticket? The RVAsec 14 Hotel Package Is Your Lifeline

May 27, 2025
AnnouncementHotel

The hotel block is officially closed—but don’t panic if you dropped the ball. If you’ve been slacking and didn’t grab a room (or even a ticket), the RVAsec Hotel Package is here to save the day.

This is hands down the most affordable and stress-free way to attend RVAsec 14, and it gets you way more than just a bed and a badge.

Here’s what’s included in the $650 RVAsec Marriott Hotel Package:

  • Two-night stay at the Richmond Marriott Downtown (6/2 and 6/3) — includes taxes and fees
  • Full RVAsec conference pass — two days of top-tier talks, keynotes, meals, snacks, drinks, CTF, lock picking and events
  • Guaranteed custom HackRVA electronic badge — the only way to lock one in
  • Official RVAsec T-shirt & swag bag
  • Entry into all events, including the after party, Capture the Flag, and more

💥 That’s over $1,000 worth of value for just $650.

There’s a very limited number of these packages left, and once they’re gone, they’re gone. Buying one now isn’t just smart—it’s a big way to support RVAsec and help keep this community-run conference going strong.

Remember:

  • No tickets at the door.
  • No hotel discounts left.
  • And no better deal exists.

So don’t wait. Don’t overpay. Don’t end up across town in a sketchy motel.

🎟️ Grab the Hotel Package now and lock in your best RVAsec experience:
👉 Register Now

Capture The Flag (CTF) Run By MetaCTF and Sponsored By CoreLight

May 26, 2025
AnnouncementCTF

The RVAsec Capture the Flag (CTF) competition is once again run by MetaCTF and sponsored by Corelight!

CTFs are a hands-on cybersecurity competition where participants solve a variety of challenges designed to simulate real-world security scenarios. They are a fun and immersive way to learn new skills. This year’s event will be jeopardy-style, and it’s perfect for participants of all skill levels. If you’ve never participated in a CTF before, this is a perfect one to try! Our team will be there to help you get started and offer hints.

You can compete solo or in a team of up to 4. You will need a laptop. Categories include web exploitation, binary exploitation, OSINT, reverse engineering, cryptography, forensics, and more. You might also get points for doing other things at the conference like lockpicking and hacking the badge.

This year the CTF once again is being held in the middle of the Expo hall. The action and energy last year was amazing and we expect the same again this year!

Tuesday: 1 PM to 4 PM – CTF prep, stop by the CTF area anytime

Wednesday: 10 AM to 3 PM – CTF

You’ll need a laptop to participate. We have over $2,000 in prizes, plus free training and 2026 RVAsec conference tickets. 

Check out https://metactf.com/prep for additional preparation instructions.

If you like to come prepared, check out practice challenges and solutions at https://mctf.io/practice

MetaCTF is a cyber skills platform that helps companies assess, recruit, retain, and upskill cyber talent. We specialize in competition-based exercises, such as on-demand labs, traditional jeopardy-style CTFs, and attack & defense CTFs that can be used for tool/skill training, secure coding, security awareness, and more. If you’re interested in hands-on exercises or labs for your team, reach out to us at contact@metactf.com or learn more at https://metactf.com/