Author: <span>rvasadmin</span>

RVAsec 2020 CFP is now open!

The call for papers for RVAsec 2020 is now open!

Click here to submit a talk to the CFP now!

Conference: May 5-6th, 2020

Location: Richmond, VA

CFP Submission Deadline:  March 1st, 2020 at 11:59 PM Eastern

RVAsec is a Richmond, VA based security convention that brings top industry speakers to the midatlantic region. In its eighth year, RVAsec 2019 attracted over 750 security professionals from across the country. For 2020, the conference is a two day and three track format, with a mixed focus on technical and management/business presentations.


  • Conference location: Richmond, VA
  • Dates: May 5-6, 2020
  • All talks must be 50 minutes in length
  • Presenters will need to select technical, business/management, or 101 tracks.
  • While we welcome foreign speakers, we are unable provide sponsorship for entry to the U.S.

We try to treat our speakers well with a special VIP event, gifts, and travel assistance (if possible). Join us at RVAsec and enjoy the perks! Join us at RVAsec and enjoy the perks!

For more information and requirements, or to submit, please visit:


RVAsec 2020 – May 5-6

We’re pleased to formally announce dates for RVAsec 2020!

Due to some unforeseen scheduling conflicts at VCU we have had to move up the dates for 2020.

The 9th Annual RVAsec conference will be held on Tuesday and Wednesday, May 5th and 6th at the Commonwealth Ballroom at VCU’s University Commons.

If you are interested in speaking, keep an eye out for a CFP announcement coming shortly!

Sponsorships are still available, but as a reminder we sell out every year so please contact us soon if interested!

RVAsec 2019 Proof of Attendance

If you need proof of attendance for your CISSP or other certification CPEs, please use this PDF.


Proof of attendance:


RVAsec 8 CTF Sponsored by Capital One

It’s that time of year again! RVAsec is right around the corner, and the MetaCTF Team as well as a small army of volunteers are hard at work preparing some exciting challenges for this year’s competition. In keeping with the format of the past several years, we’ll be running a practice CTF on the first day of the conference (Wednesday, May 22nd). This will be a great opportunity to get familiar with the platform, and if you’ve never done a CTF before, a perfect time to try one out with plenty of people on hand to help!

On Day 2 (Thursday, May 23rd), we’ll be running the actual competition. Even though it will contain some hard challenges, this is a learning CTF – not a stump-the-chump competition. As such, there will be plenty of challenges including lockpicking, recon, web & binary exploitation, forensics/IR, and more designed for people of all levels and backgrounds. Additionally, you may choose to compete as an individual or form teams of up to 4 people – there are separate prize categories for both.

You will need an updated Kali machine, but we will provide everything else. In addition, we’re excited to announce that Capital One will be sponsoring the CTF this year!

Below is a list of some of the skills/topics that have been covered in previous years:

Entry Level: Primarily aimed at beginners and those with a less technical background, focusing on basic infosec skills and concepts.

  • Rot N encoding
  • Google Fu / OSINT
  • Examining website source code
  • Basic file analysis (eg. file, strings)
  • Trivia

Intermediate: Expect to begin taking a deep dive into the core categories by finding and exploiting vulnerabilities, cracking passwords, etc.

  • Extracting objects from Wireshark dump
  • SQL Injection
  • Recovering and analyzing forensic artifacts
  • Cracking password hashes (using john, Hashcat, etc)
  • Reverse Engineering and Disassembly

Hard: For our battle-hardened, seasoned CTF players which will challenge competitors to truly think outside the box, crack encryption, exploit binaries, and more.

  • Blacklist filter evasion for SQL Injection
  • Binary Exploitation (buffer overflows and ROP chains!)
  • Cracking RSA Encryption
  • Multi-step OSINT investigation
  • Hardware / Wireless 🙂

Finally, good luck to everyone, and we’ll see you in Richmond soon!


Introducing Our 101 Track–We Need You To Help Us!

Ch-ch-ch-changes! Every year we grow & tweak RVAsec to provide the best experience possible, and this year is no exception. The biggest change is that we’ve added a third room for talks, the “101” track, where the foundations of cyber security topics will be presented. While you can learn in any of our tracks, if you’re new to security, or want to learn the basics of something new, this is the place for you!

While the track is called “101”, this isn’t meant to come across negative. These talks are given by some of the best speakers, and will provide amazing insight. The big difference is that in this track, concepts are explained, and the intended target is anyone that wants to learn about a specific topic.

Here is the current 101 line up:

Wednesday, May 22

11:00am - Intro to Infosec and Overview of the 101 Track - Deana Shick

1:00pm - What is Cyber Insurance? Are you covered? - Lou Botticelli • Kara Owens

2:00pm - Vulnerability Assessments and Penetration Tests - David Sullivan

3:00pm - Social Engineering, Physical Security & USB Attacks - Brad Thornto
Thursday, May 23
10:10am - Risk Assessment - The Heart of Risk-based Security - Barry Kouns

11:10am - Network Security 101 - Rick Lull

1:00pm - Being Secure Doesn’t Mean You Are Managing Risk - Charles Tango

2:00pm - RVAsec 101 Panel - Deana Shick

Room Planning & Schedule Request:

Finding the space to handle a third track at VCU proved to be challenging. Therefore, we need some assistance from our attendees to help us determine which rooms are appropriate for the speaking tracks. We are asking everyone to take a moment and update your Schedule in Sched.

When you registered for the conference you should have been automatically signed up for Sched.  It would be best that you check your email for the invitation and follow the instruction.

Once logged into Sched, you can visit the Conference Schedule and then select the talks that you plan to attend. This will be particular helpful for us if are planning to attend talks in the 101 track.  Then you can click the Radio Dial next to each talk Title that you plan to attend:

This helps with using Sched to its fullest, but also for capacity planning.  We would like to request that you do this as soon as possible.

We are very excited and also thrilled to have Deana Shick from CERT/CC with us this year helping to run this 101 track!

RVAsec 8 After Party at The Circuit — Register Now!

The RVAsec 8 after party brought to you by RVAsecRisk Based Security, and GuidePoint Security, will be at the awesome Circuit Arcade Bar on Wednesday, May 22nd, right after the conference!

This is an exclusive event with limited availability, so you must be registered to attend or you will not be allowed entrance–no exceptionsRVAsec registration does not guarantee a spot at the after party.

Important Notes:

  • You must use the same email you used to register to RVAsec.
  • Each attendee must have his/her own name listed (duplicates will be deleted).
  • If you are not registered for RVAsec,  your ticket will be deleted.

Wed, May 22, 2019
5:30 PM – 7:30 PM

The Circuit is located at:

3121 W. Leigh St
Richmond, Virginia 23230

The Circuit is an arcade bar in the Scott’s Addition Beverage District of Richmond, VA. We have a growing family of 70 arcade games, pinball machines, and skeeball lanes, as well as a forever rotating 50-tap beer wall boasting both local and national favorites.

This is an exclusive event with limited availability, so you must be registered to attend and bring your RVAsec badge or you will not be allowed entrance–no exceptions!

Even if you have a ticket for RVAsec and said that you wanted to attend during the signup process, you MUST now registered for the party!

Register Now!

RVAsec 2019 Speakers and Schedule Announced

We had many great submissions to the CFP this year! It was extremely hard but the CFP team has managed to select a great lineup for RVAsec 2019.

Thank you to everyone who submitted a proposal to the CFP –the review team had to make some tough decisions and we appreciate all the time and hard work that went into submitting.

Without further delay, here are the speakers for the RVAsec 2019!

For the full details and times for specific talks, please see the schedule page.

Ticket are selling quickly so if you haven’t now is the time to register if you haven’t yet!

Also, reminder we have the hotel rate sorted out.  If you booked prior to the code, please contact the hotel and ensure they know that you are with RVAsec.  This will ensure that you get the best rate possible.

Ticket Prices Go Up On 4/21!

Prices for RVAsec go up on 4/21!

RVAsec planning is coming along nicely!  The full schedule should be published in the next week or so.

Once we sell out there will be no more tickets available (Warning: we are closing in fast on our max attendance even with more space added this year!)

So, to recap the conference prices:

  • $200 regular price until 4/20
  • $250 late registration until 5/10
  • $350 super late registration until 5/17

If you are unable to attend due to the price, please contact us to discuss as we do have stipends available for students and also have volunteer opportunities that provide a great way to get in for free!

Once again there will be no tickets sold at the door, and don’t forget that RVAsec has sold out every year–so don’t wait!

Register now!

RVAsec 2019 Crypto Challenges are Live!

New for 2019, we have 3 crypto challenges to test your skill at de-coding/de-crypting/de-everything!

Each challenge will eventually lead to a code for an RVAsec 2019 ticket! Winners for each code will need to register before the code is used (consider this part of the challenge!). As each challenge is completed, winners will be posted.  (Note: if you have a ticket already, register & we’ll refund the original price paid.)

Ready to go?

Crypto Challenges

Need help or having a problem? Contact

Mandy Logan (@5urv1va7rix) To Keynote RVAsec 2019!

We are pleased to announce that Mandy Logan will be keynoting RVAsec 2019!


Following a series of 5 strokes and major head injuries, Mandy is no longer in the construction engineering industry. She used her life hacking prowess from a non-traditional background (such as skipping five years of K-12 schooling while working on a ranch and then graduating from a giant, traditional high school in 2.5 years with a 4.2 GPA) to re-establish neuro control using her electrical system, her tongue against her teeth, and perseverance. Now, as a happy dyslexic autie (autistic person) she is pursuing all things InfoSec with an emphasis on Incident Response, Neuro Integration, Artificial General Intelligence, and Community, pressing forth to improve the lives of InfoSec professionals and long term ethical neuro tech for those unable to express themselves to their own satisfaction. She enjoys art, travel, naps, speaking, continuing and broadening her own recovery, and good people. Mandy always hopes to be half the person her service dog, Trevor, is (he helped her relearn to walk!).