Rapid7 is engineering better security with simple, innovative solutions for IT security’s most critical challenges. Our security data and analytics solutions collect, contextualize, correlate, and analyze the security data you need to dramatically reduce threat exposure and detect compromise in real-time.
Come see us at RVAsec! Register now.
We are pleased to announce that Anomali and Guidepoint have partnered up to host our After Party Event this year. Planning is in the works so stay tuned for further information!
Mark Weatherford
vArmour
Mark Weatherford is Chief Cybersecurity Strategist at vArmour. He has more than 20 years of security operations leadership and executive-level policy experience in some of the largest and most critical public and private sector organizations in the world including roles as:
• Principal at The Chertoff Group
• Appointed by President Obama as DHS’s first Deputy Under Secretary for Cybersecurity
• VP and Chief Security Officer at the North American Electric Reliability Corporation (NERC)
• Appointed by Governor Arnold Schwarzenegger as California’s first Chief Information Security Officer
• Chief Information Security Officer for the State of Colorado
• US Navy Cryptologic Officer
In addition, Mark was:
• Selected as SC Magazine’s “CSO of the Year” award in 2010
• Named one of the “10 Most Influential People in Government Information Security” by GovInfoSecurity in both 2012 and 2013
• Selected for the 2013 CSO Compass Award for leadership achievements in the security community
(Your) Inevitable Path to the Cloud
Like the switch from steam to electric power a century ago, the shift to cloud computing is inevitable—in fact, it’s already here. But what this brings in efficiency, it misses in security as the lack of visibility in the virtual environment allows too much room for malicious activity. This presentation details the structure and blind spots of data centers and cloud environments and addresses ideas for companies to consider in securing their data assets.
We were able to get more rooms added to the hotel block! If you need a room please do not wait and book now!
RVAsec has reserved a block of rooms at the Crowne Plaza for out of town guests. The rate is $121/night (which does NOT include parking).
You can either book online or call the hotel.
When you call (855-472-7802) the hotel please tell mention the block “RV3” to get the special rate.
Crowne Plaza Richmond Downtown
555 East Canal Street, Richmond VA 23219
800-2CROWNE
More details can be found on the Hotel page.
Symantec is a global leader in providing security, information management solutions to help our customers – from consumers and small businesses to the largest global organizations – secure and manage their information against more risks at more points, more completely and efficiently than any other company. Our company’s unique focus is to eliminate risks to information, technology and processes independent of the device, platform, interaction or location.
Come see us at RVAsec! Register now.
Security Journey
Chris Romeo is CEO, Principal Consultant, and co-founder of Security Journey. His passion is to bring application security awareness to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Secure Development Life Cycle program, empowering engineers to “build security in” to all products at Cisco. He led the creation of Cisco’s internal, end-to-end application security awareness program launched in 2012.
Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris is a sought after conference speaker, with experience speaking at the RSA Conference, ISC2 Security Congress, AppSec USA, and many others. Chris holds the CISSP and CSSLP certifications.
AppSec Awareness: A Blue Print for Security Culture Change
How does an individual change the application security culture of an organization? By deploying an application security awareness program with engaging content, humor, and recognition. See the blue print for how you can build an application security awareness program based on real life experience. Change the security DNA of everyone in your organization.
Aruba, a Hewlett Packard Enterprise company, is a leading provider of next- generation networking solutions for enterprises of all sizes worldwide. The company delivers IT solutions that empower organizations to serve #GenMobile – mobile-savvy users who rely on cloud-based business apps for every aspect of their work and personal lives.
www.linkedin.com/in/troy-wojewoda-92387183
Newport News Shipbuilding A Division of Huntington Ingalls Industries
Troy has been in the IT and Infosec industry for over 10 years working in a wide array of roles such as application and system administration, network intrusion detection, wireless security, host and network digital forensics and incident response. Today, he leads the incident response team at his current employment and is also focused on cyber intel processing, IOC hunting, advanced adversary tracking, malware analysis and custom tool development. When Troy is not cybering the things, he enjoys being in the outdoors, taking things apart, home brewing and spending time with his wife and children.
Troy currently holds a B.S. in Computer Engineering and Computer Science from Christopher Newport University and has multiple certifications, including: GSEC, GCIA, GCIH, GAWN, GREM, GCFA, GNFA, CISSP
Bro’s before Flows
During an incident response, acquired network activity is critical in attempting to fully identify the what, when, where and how of a given incident. Security practitioners often find themselves losing “the full picture” over time and therefore constrained to context-less logs to help explain an already complex problem. This talk will explore multiple levels of network data acquisition; from full packet capture solutions to rudimentary network logs such as routers and firewalls. We will attempt to find the acquisition “sweet spot” using tools such as the Bro IDS platform and how such tools can be tailored to your organization
As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. With over 25 years of security expertise, we’re recognized as the market leader in server security, cloud security, and small business content security.
Come see us at RVAsec! Register now.
Cigital
RVA locals with an AppSec obsession, Brenton Kohler and Jacob Ewers.
Brenton Kohler is a Managing Consultant with Cigital, a software security company. Brenton has a MS degree from James Madison University in Secure Software Systems. He has professional experience as a developer, researcher, and consultant. Brenton’s security expertise includes software security group management, penetration testing, security assessments, and secure code reviews in a diverse set of technologies. In his spare time Brenton enjoys being active and spending time with his family.
Jacob Ewers, a Senior Consultant with Cigital, has over five years of 
experience working with clients to implement and optimize their security initiatives. After performing and leading countless dynamic and static assessments, Jacob began to focus on tackling the harder problems of how organizations can make sure that they’re doing AppSec “right” as solving the AppSec puzzle never looks the same for each type of organization.
So you’ve purchased a SAST tool
Despite the marketing, deployment of static application security testing (SAST) tools is much more than a point and click adventure. If you have purchased a SAST tool, you’ve undoubtedly had the thoughts, “Are we more secure?” “Are we done?” “Was that successful?” We will discuss the path for a successful SAST tool deployment, attempt to cut through the FUD in the industry regarding SAST, and highlight the real potential pitfalls you may face along the way through case studies.
