Aruba, a Hewlett Packard Enterprise company, is a leading provider of next- generation networking solutions for enterprises of all sizes worldwide. The company delivers IT solutions that empower organizations to serve #GenMobile – mobile-savvy users who rely on cloud-based business apps for every aspect of their work and personal lives.
www.linkedin.com/in/troy-wojewoda-92387183
Newport News Shipbuilding A Division of Huntington Ingalls Industries
Troy has been in the IT and Infosec industry for over 10 years working in a wide array of roles such as application and system administration, network intrusion detection, wireless security, host and network digital forensics and incident response. Today, he leads the incident response team at his current employment and is also focused on cyber intel processing, IOC hunting, advanced adversary tracking, malware analysis and custom tool development. When Troy is not cybering the things, he enjoys being in the outdoors, taking things apart, home brewing and spending time with his wife and children.
Troy currently holds a B.S. in Computer Engineering and Computer Science from Christopher Newport University and has multiple certifications, including: GSEC, GCIA, GCIH, GAWN, GREM, GCFA, GNFA, CISSP
Bro’s before Flows
During an incident response, acquired network activity is critical in attempting to fully identify the what, when, where and how of a given incident. Security practitioners often find themselves losing “the full picture” over time and therefore constrained to context-less logs to help explain an already complex problem. This talk will explore multiple levels of network data acquisition; from full packet capture solutions to rudimentary network logs such as routers and firewalls. We will attempt to find the acquisition “sweet spot” using tools such as the Bro IDS platform and how such tools can be tailored to your organization
As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. With over 25 years of security expertise, we’re recognized as the market leader in server security, cloud security, and small business content security.
Come see us at RVAsec! Register now.
Cigital
RVA locals with an AppSec obsession, Brenton Kohler and Jacob Ewers.
Brenton Kohler is a Managing Consultant with Cigital, a software security company. Brenton has a MS degree from James Madison University in Secure Software Systems. He has professional experience as a developer, researcher, and consultant. Brenton’s security expertise includes software security group management, penetration testing, security assessments, and secure code reviews in a diverse set of technologies. In his spare time Brenton enjoys being active and spending time with his family.
Jacob Ewers, a Senior Consultant with Cigital, has over five years of 
experience working with clients to implement and optimize their security initiatives. After performing and leading countless dynamic and static assessments, Jacob began to focus on tackling the harder problems of how organizations can make sure that they’re doing AppSec “right” as solving the AppSec puzzle never looks the same for each type of organization.
So you’ve purchased a SAST tool
Despite the marketing, deployment of static application security testing (SAST) tools is much more than a point and click adventure. If you have purchased a SAST tool, you’ve undoubtedly had the thoughts, “Are we more secure?” “Are we done?” “Was that successful?” We will discuss the path for a successful SAST tool deployment, attempt to cut through the FUD in the industry regarding SAST, and highlight the real potential pitfalls you may face along the way through case studies.
Optiv’s vision is to become the most advanced, most comprehensive and most trusted partner for cyber security solutions. We provide a full suite of information security services and solutions that help define cyber security strategy, identify and remediate threats and risks, select and deploy the right technology, and achieve operational readiness to protect from malicious attack.
Come see us at RVAsec! Register now.
Enjoys long walks with a debugger. As well as profound conversations with IDA. All while eating tacos and drinking redbull.
Reversing for humans.
This talk is about reversing malware in the easiest way possible. While the tactics and procedure for doing so are not new the goal is to show you how you can get the simple things out and quickly identify the ‘things’ you need to asses its threat in your environment. This talk is for those that like to get dirty
SLAIT Consulting is an Information Technology consulting services company that specializes in delivering customized, creative IT solutions for customers in the commercial and public sector.
Come see us at RVAsec! Register Now.
CloudFlare
Evan Johnson is an engineer at CloudFlare in San Francisco. He previously worked at LastPass and can distinguish diet coke from diet pepsi by taste.
Staying Above A Rising Security Waterline
Security is not a destination, it’s a journey. At CloudFlare, the journey is taking place daily at light speed. More products, more features, more services, more attack surface. I’ll talk about the technical work and process we created to maintain a high standard of security internally without burdening our developers.
Sunera is a leading provider of risk-based consulting including Internal Audit, IT Audit, Information Security, Corporate Governance, and Regulatory Compliance.
Come see us at RVAsec 2016! Register Now.
https://breakpoint-labs.com/blog/
BreakPoint Labs
Andrew McNicol is driven by his passion for helping organizations identify exploitable vulnerabilities before an adversary. He is currently the CTO at BreakPoint Labs specializing in offensive security services, mentor for SANS, and one of the founders and lead authors of Primal Security. Previously, he lead a penetration testing team and worked on an incident response team focusing on malware analysis and network forensics for DoD, Law Enforcement, and Commercial companies.
Andrew holds an M.S. in Information Assurance, and variety of InfoSec qualifications (OSCE, OSCP, OSWP, GICSP, GCFA, GCIA, GCIH, GPEN, GREM, GSEC, GWAPT, GWEB, CISSP, CEH, etc.)
Zack Meyers is a business oriented guy that then became a motivated InfoSec geek after getting started a
s a continuous monitoring vulnerability analyst. Shortly after, he took an interest in the offensive side of security work and currently works as an Offensive Security Engineer at BreakPoint Labs. Today he is always looking to learn about new techniques and tools that can help him identify his next big vulnerability finding. He is currently a member of Primal Security Blog | Podcast and holds several security certifications including OSCP, CISSP, GWAPT, GPEN, GCIH, etc
Beyond Automated Testing
Have you ever run a vulnerability scan and thought “Okay… now what?” This talk is all about how to go beyond automated testing to find vulnerabilities that scanners miss. The goal of the talk is to help inspire others to reach beyond Nessus and Burp Suite scans to help their organization identify vulnerabilities that expose high impact risk.
@kongo_86
