Category: Conference

Speaker Feature: Kashish Mittal

@IAmKMittal

www.linkedin.com/in/kashishmittalcmu/

Kashish Mittal is a Security Researcher and Engineer. He currently is the Head of Security at MileIQ, a Microsoft startup. He has worked for companies such as Elevate Security, Duo Security, Bank of America, Deutsche Bank etc. By choice, he is an ethical hacker and an addicted CTF player. He is a member of PPP (CMU’s elite CTF group). Prior to joining Duo, he did Security Research at Cylab, Pittsburgh. He has a BS and a MS from Carnegie Mellon University with a focus on Security. He is passionate about delivering Security awareness and training for employees, college students and high schoolers etc. He has been invited to presented his research and work at various national and International Security conferences.

One Man Army – Playbook on how to be the first Security Engineer at a company

How often have you heard that ‘Early stage startups don’t care much about Security because if there is no product, there is nothing to secure?’ Although there is merit in the argument that startups need to build product so as to sustain and grow, it often puts the person in charge of securing them in a tricky position. For most startups, this person is the first Security Engineer who can be somewhere between the 10th to 300th employee. By the time the first Security Engineer is on-boarded the attack surface has usually become quite large and he or she faces an uphill battle to go about securing the organization. In such cases, the Security Engineer needs to perform as a ‘one-man army’ keeping the attackers at bay. In this talk, i will present a playbook on how to perform as one.

Come see Kashish at RVAsec! Register now.


Speaker Feature: Danny McCaslin

Danny McCaslin is a systems administrator with the Frederick County Virginia Sanitation Authority. He recently finished work on a Masters degree in Information Technology with a concentration in Information Assurance and Security with American public University. Current projects and interests include Industrial Systems Security and Security Automation.

Automating Information Security

While the complexity of modern security breaches continues to increase security professionals have to find a way to handle the increasing number and complexity of attacks. Security automation is key to maintaining network security but has not been heavily adopted. This presentation will use NIST-defined security controls to provide insight into how automation can be leveraged for information security.

Come see Danny at RVAsec. Register now!


Speaker Feature: Harlan Carvey

www.crowdstrike.com/blog

Harlan has spent over 2 decades in the info/cyber security field, most of which has been spent in DFIR. He is a prolific author and public speaker.

From The Trenches: Observations of and Tracking Actor Activity

EDR and threat hunting capabilities provide an unprecedented level of visibility into an infrastructure, and by extension, into malicious actor’s behaviors and TTPs. This capability extends well beyond what is available from OSINT collection and processing, as well as traditional IR, and provides the foundation for a strategic tracking process to truly take full advantage of what’s available. Not only can you track behaviors over time, but mapping the observed TTPs to the MITRE ATT&CK framework can provide valuable insights, and inform defensive measures.

Come and see Harlan at RVAsec!


Speaker Feature: Christine Giglio

@kesseret

Christine is  the CAD Administrator for Bedford County, VA department of E-911 communications. Prior to this position, she was the Public Safety LAN Administrator for Bedford County, VA Sheriff’s Office, Fire & Rescue, and E-911 communications for 10 years. Bedford County is a rural joint E-911 center supporting both the Town of Bedford and the County of Bedford with a service area of approximately 762 square miles with a population of 84,000 people.

Secure 9-1-1 and Protecting Our First Responders

In the past 9-1-1 networks were mostly closed networks with no access to the outside world, there has been a lack of need to think about information security because why should you? With technology advancing software vendors are now utilizing cloud services and there are outside public safety applications that now need to communicate to 9-1-1. This has led to many centers in last decade to opening up their networks. The next several years will also be a large change for 9-1-1, as they will be switching from the analog Enhanced 911 (E911) to the digital NextGen 911 (NG 911) system. For large metropolitan PSAPs, this will be a blip on the radar as they have the resources and personnel to handle the changeover but smaller and rural PSAPs will have the same information security concerns but they will not have the resources or personnel available to them to address these concerns. There are a large list of security concerns for 9-1-1 centers to acknowledge and start addressing before the switchover to NG-911. I will go over telephony denial of service attacks on both the analog E911, the VoIP NG-911, and the non-emergency lines, prank/hoax calls to 9-1-1 (what I universally call “swatting”) and in what ways that can be accomplished using technology past and present, various attack vectors to the Computer Aided Dispatch, or CAD, network why that data needs to be protected both currently and in the future with NG-911, and physical/internal threats to the 9-1-1 center for both the data and the security of the dispatchers. This is just an informational talk about these concerns to help bring awareness to what we face in the public safety industry and how we handle it with the limited resources we have available to us.

Come and see Christine at RVAsec! Register now.


Speaker Feature: Jeff Tehovnik

Jeff’s Information Security career started in 1998 as a technician in the NOC at an ISP. Later he attended Virginia avatar for Jeff TehovnikCommonwealth University and earned his BS in IS and MS in Computer and Information Systems Security. While at VCU, Jeff worked as a Network Technician and Senior Information Security Analyst. Jeff joined Virtustream (formerly EMC’s Cloud Services) in 2015, where he now leads the Network IDS/IPS team, as well as the Enterprise Encryption team. Jeff recently earned his post-graduate certificate in Penetration Testing & Ethical Hacking from the SANS Technology Institute. Jeff’s background in programming, networking, and system administration is advantageous to his Ethical Hacking interests. Jeff has written papers and conducted research on Ethical Hacking topics such as Malware Command & Control, Security Enhanced Linux, Information Security in the UAE, etc. He currently holds an array of Certifications including CISSP, GCIH, GPEN, GWAPT, GXPN, and VMware NSX: Micro-Segmentation.

Network Security Monitoring: Experience and Lessons

Network Security Monitoring is an integral part of security defense. Setting up Network IDS/IPS properly is critical to ensuring an organization’s NSM is efficient and effective. I have learned quite a few lessons from my experience in the NSM realm: from properly sizing and architecting solutions to automating deployment and operations in a variety of environments. I will also share lessons on working with Network teams to configure network components for NSM, setting up and operating NSM systems, and scaling NSM solutions to handle customer demands. I will also compare Open Source Solutions to Vendor Solutions. My goal for this presentation is for attendees to learn from my experiences in order to make informed decisions in their own environments.

Come see Jeff at RVAsec! Register now.


Speaker Feature: Conrad Layne

@URSpider


Conrad Layne is a senior cyber intelligence analyst with General Electric since 2013. In this role, Conrad tracks more than 50 Nation-state actors, their attacks, and TTPs with efforts focused on cyber-attacks affecting industrial control systems. Conrad holds a Bachelor of Science Degree in Digital Forensic Science from Defiance College and a Master’s Degree in Cyber Security Intelligence from Utica College.

Operationalizing the ATT&CK™ Framework

Use of atomic indicators of compromise for cyber security, quickly become stale, and are often defeated by malicious actors. Behavioral-based detection strategies focus on series of actions, during an intrusion, and are more dynamic in defending against intrusions. In this talk, GE-CIRT discusses strategies to track, and respond to threat actors, by using frameworks like the Lockheed Martin Kill Chain and the MITRE ATT&CK framework with TIAMAT, GE’s in-house developed end-to-end operational ATT&CK tool.

Come see Conrad at RVAsec! Register now.


Speaker Dinner Sponsor: Varonis

We are very pleased to welcome Varonis as our Speaker Dinner Sponsor for Tuesday 21st May!

www.varonis.com   @varonis

Register Now!

Varonis

We arm our customers with an industry-leading platform that is built to protect the world’s most valuable and most vulnerable data. Varonis starts at the heart – with data – so our customers are prepared to defend their data against attacks from inside and out. Our platform eliminates repetitive, manual clean-up projects and automates manual data protection routines, so we bring security and cost-savings together – maybe for the first time in cybersecurity history.

 

Come see us at RVAsec. Register Now!

 


Speaker Feature: Aaron Bishop

bISHop has been in the security realm for over 10 years, focused on penetration testing for 6 years. If bISHop is not at a computer, he can often be found in the mountains with his dog.

An introduction to Cross Site Request Forgery, how to exploit it, and prevent it.

The talk will begin with an introduction to Cross Site Request Forgery, defining what it is, how to exploit, how to prevent it. Live demonstrations(if the demo gods cooperate) will be used during the presentation. The talk concludes with an example of using Flash to bypass the mistaken protections offered by Cross Origin Resource Sharing.

Come and see Aaron at RVAsec! Register now.


Speaker Feature: Jason Hill

@jasonhillva

Jason Hill serves as the Chief of the National Cybersecurity Assessments and Technical Services (NCATS) Red Team Operations conducting Red Team Assessments for Federal Government customers and Critical Product Evaluations (CPE) for industry partners. Through those assessments, Jason helps close capability gaps, limit exposure and reduce exploitation on the network. Jason works with more than 150 state, local, tribal, territorial and other critical infrastructure entities. Jason has also spent over 20 years in the Virginia National Guard conducting cyber operations during active duty mobilizations throughout his career.

Anatomy of a Government Red Team Assessment

As Chief of the Nation’s Red Team follow Jason Hill on a real world red team assessment of a partner Government Agency. See how CISA’s white hat hacker’s are training our nation’s cyber defenders.

Come see Jason at RVAsec! Register now.


Speaker Feature: Jonathan Glass

www.jon.glass

@GlassSecavatar for Jonathan Glass

Jon is a Senior Cybersecurity Associate serving the Federal Reserve’s National Incident Response Team as Lead Malware Analyst. He also teaches Digital Forensics, Malware Analysis, and Cybersecurity Python courses for University of Richmond: School of Professional and Continuing Studies. A nine year veteran of the United States Air Force.

Cybersecurity Zero to Hero with CyberChef

The Cyber Swiss Army Knife “CyberChef” is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. CyberChef has significantly lowered the entry threshold for field of Malware Analysis. This talk demonstrates how CyberChef provides the means for those without a strong programming or reverse engineering backgrounds to accomplish complicated, technical Cybersecurity tasks. This talk will also highlight how CyberChef can streamline the workflows of more seasoned analysts with advanced combinations of tasks.

Come see Jon at RVAsec! Register Now.