We are pleased to debut our new RVAs3c 2014 logo by Mar (@spux)!
The T-shirt Mar made is amazing, but we’ll be keeping that one under wraps just a bit longer…
RVAs3c 2014 Logo
David Kennedy to Keynote RVAsec!
We are pleased to announce that David Kennedy will be keynoting RVAs3c 2014!
David is the Founder and Principal Security Consultant for TrustedSec, who provides information security consulting services for a large portion of the Fortune 1000 space as well as medium-sized companies. Prior to TrustedSec, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company located in over 80 countries with over 16,000 employees. David developed a global security program that tackled all aspects of information security. David is considered a thought leader in the security field and has presented at over three hundred conferences worldwide.
David has had numerous guest appearances on Fox News, CNN, CNBC, Huffington Post, Bloomberg, BBC, The Katie Show, and other high-profile media outlets. David is the founder of DerbyCon, a large-scale information security conference. David has testified in front of Congress on multiple occasions on the threats we face in security and in the government space.
David also co-authored Metasploit: The Penetration Testers Guide, which was number one on Amazon in security for over a year. David was also one of the founding members of the “Penetration Testing Execution Standard” (PTES). PTES is the industry leading standard and guideline around how penetration tests should be performed. David has had the privilege to speak and keynote at some of the nations largest conferences.
David is the creator of several widely popular open-source tools including “The Social-Engineer Toolkit” (SET), Artillery, and Fast-Track. David has also released several zero-day exploits and focuses on security research. David has over 14 years of security experience, with over 9 specifically in security consulting. Prior to the private sector, David worked in the United States Marines for cyber warfare and forensics analysis activities.
David also recently testified before the US Congress about the security of the healthcare.gov web site.
RVAsec CTF: What to expect this year!
Last year RVAsec had its first CTF and it was a huge success. The team has been planning to make the event this years even better and have a lot in store. We caught up with Chris Gerling to get some information on what to expect this year.
(RVAsec) The CTF was aimed to be a bit of a different take than normal and huge hit at last year’s at RVAsec. Can you tell us a little about it?
Chris: We wanted to build an “Everyman” CTF, which allowed people from all skill levels and professions to participate and learn. Our goal was education, and to give people a platform for that to happen on. The trick was balancing easy challenges with medium and very difficult as well, giving everyone a challenge without making them feel too confused. We believe it worked very well.
(RVAsec) How many people participated? How did the RVAsec attendees do with the CTF?
Chris: 37 people ended up participating and nearly all scored on at least one challenge. It was really awesome to see people learning and solving problems, and even surprising themselves with what they could figure out.
(RVAsec) What were some things that you learned from last year?
Chris: We learned that the registration process needs to be cleaner, and we need to do a better job of keeping track of people for giving our prizes. It’s also going to be beneficial to have the event more organized with goals we want to hit in terms of announcements, at every stage of the event.
Hardware wise, we’re using a smaller machine that doesn’t weigh as much. The AP we used, which was a WNDR4500 held up well, but we’re going to augment that this year and look into providing wired access.
(RVAsec) What are the plans for the CTF this year?
Chris: We plan on offering a similar style CTF, with a tiered approach. Possible additions are a more robust story line, and a free 1 hour seminar for brand new participants who have never done a CTF before.
(RVAsec) If someone wanted to participate, what would you recommend they do to prepare?
Chris: There are a plethora of tutorials available on youtube and securitytube. There are also challenges available at https://www.honeynet.org/
(RVAsec) Can you give attendees any hints or teasers about the CTF?
Chris: Only if you bring us some beer. 😉 We’ll actually be releasing some teasers once we’ve got more content built out in the coming weeks!
(RVAsec) How do people sign up to participate?
Chris: You can register for the CTF when you purchase your ticket for RVAsec, or directly on the SecuraBit web site.
(RVAsec) Do you need any help? If so, what and how can people or companies help out?
Chris: We can always use help in creating this. We’re really ramping up over the next few weeks and starting to build things. If you want to build a challenge, or have any content at all you want to contribute, we definitely need that. If you’re really motivated and want to push on us all to do the best job we can, we’d love to have you on the team.
Sponsors are welcomed if any want to donate prizes to give away. We will give you a shout out and display your logo on the scoreboard.
(RVAsec) Anything else?
We can’t wait to see people learn again, and are very grateful to have a place to put this event on in RVAsec! If you want to get involved, have questions or want to sponsor please contact us at ctf@securabit.com
Training: Networking for Pentesters
We are pleased to announce that Rob Fuller (Mubix) will be teaching Networking for Pentesters. The class we be held on Thursday, June 4th before the conference and will cost $199.95.
Training classes are held on Thursday, June 4th, before the conference. This class will cost $199.95.
Networking for Pentesters
This is an introductory class into specific protocols and technologies
that are used on corporate networks around the world, focusing on the
point of view of an attacker. This class will cover things like how DNS, HTTP, SMTP and other basics of networking, then move on to “Layer 7” with
IIS/Sharepoint, VPNs, Windows Active Directory, and Unix services.
For more information on the class and the instructor, or to register, please see:
Training: The Secrets of Security with the OSSTMM
We are pleased to announce that Pete Herzog, the creator of the OSSTMM (Open Source Security Testing Methodology Manual) will be joining us at RVAs3c to teach a class on OSSTMM!
Training classes are held on Thursday, June 4th, before the conference. This class will cost $250.
The Secrets of Security with the OSSTMM
Get key insights from the very latest version of the Open Source
Security Testing Methodology Manual (OSSTMM). Discover gems of
knowledge that can greatly expand your view of security. Learn how and
where to apply this methodology in a practical and efficient way. Then
get your hands dirty on trying it out.
For more information on the class and the instructor, or to register, please see:
Training Class: Lockpicking & Lock Forensics
Back by popular demand, RVAs3c is pleased to announce the training class Lockpicking with Schuyler Towne! This year’s class will also offer new content on Lock Forensics!
Training classes are held on Thursday, June 4th, before the conference. This class will cost $250.
Lockpicking & Lock Forensics
This workshop is based around understanding both how to pick locks and how to analyze the evidence picking leaves behind. We will explore myriad methods of entry on basic pin tumbler locks, then, after each method is fully understood, we’ll place the components of the locks you’ve opened under a high-definition microscope and explain how to interpret the tool marks you have left behind.
The methods of entry covered will include:
- Single-pin picking
- Raking
- Percussive attacks (pick guns/bumping)
- and Impressioning
At the end of the workshop we’ll test your new knowledge by examining a few lock examples I’ve brought along under the microscope and analyze them together.
For more information on the class and the instructor, or to register, please see:
RVAsec tickets on sale now for $50
The base ticket price for RVAs3c is $100. However, until 3/14 all registrations will be half off–only $50!
For the last two years RVAsec has brought the best speakers to Richmond, kept attendees fed and watered, and ensured everyone had a great time for the lowest possible cost. Despite selling out both conferences, the large number of late registrations is a serious problem and adds to conference costs. So this year we are trying something different & raising the base price a little, but offering a deep discount to encourage early registration,
And if that’s not enough incentive to purchase your tickets early, late registrations (after 5/17) will be $150!
Don’t forget all the things you get with registration, including 2 full days of talks, parking, meals, snacks, drinks, reception, prizes, a capture the flag contest, t-shirt & swag!
So, to recap the conference prices:
- $50 discounted price until 3/14
- $100 regular price until 5/16
- $150 late registration until 5/30
Once again there will be no tickets sold at the door, and don’t forget that RVAs3c has sold out every year–so don’t wait!
Register now!
RVAsec 2014 CFP is now open!
The call for papers for RVAsec 3 is now open!
Conference: June 5-6th, 2015
Location: Richmond, VA
CFP Submission Deadline: February 14th, 2014 at 11:59 PM Eastern
RVAsec is a Richmond, VA based security convention that brings top industry speakers to the midatlantic region. In its second year, RVAsec 2013 attracted 265 security professionals from across the country. For 2014, the conference is a two day and dual-track format, with a mixed focus on technical and management/business presentations.
All talks must be 55 minutes in length, and submissions will need to select either technical or business/management tracks.
Join us and enjoy the perks!
For more information and requirements, or to submit, please visit:
If you are interested in running a training class on June 4th, please email us at info@rvasec.com with the following information:
1) Title Of Class
2) Overview of Class:
3) Instructor:
4) Instructor Bio:
5) Class Size:
6) Student Prerequisites:
7) Proposed Cost / Amount Required Per Student:
RVAsec 2014 – June 4-6
RVAsec 2014 will be held on Thursday and Friday, June 5th and 6th at the Commonwealth Ballroom at VCU’s University Commons. Training classes will be held on Wednesday, June 4th.
CFP information will be coming shortly!