Category: Conference

Speaker Feature: Caleb “chill” Crable

April 21, 2015
AnnouncementConference

Caleb “chill” Crable

@dirtywhitehat

 

Caleb is a long-time contributor to the information security scene. A dirty whitehat, Caleb’s career spans various stints at information technology firms where he managed malware response teams, researched web-based security vulnerabilities and tested security products. He is a frequent presenter at technology security events where he shares information and best security practices including the recent Bsides Tampa and upcoming CarolinaCon, and is also the organizer for CarolinaCon Shootout in its 6th year.

The Art of Post-Infection Response and Mitigation

In this day and age, we are all [mostly] fully aware how far signature-based antivirus detentions go… not very far at all in regard to real-time protection. Users will get infected, there are no longer any IF statements in this equation. My focus is the gray area of post-infection and the many different aspects of end-user and incident response frustration that occur after a virus has penetrated a system, or organization, and done its dirty work. I will also be going over various malware removal and mitigation techniques, tools of the trade, and general guidelines to follow to prevent infections from happening in the first place.

 

Register now for RV4sec!

RV4sec Schedule Posted!

April 21, 2015
AnnouncementConference

schedule_clipartThe full schedule for the RV4sec 2015 conference is now published!

Registration & breakfast start at 8 AM on Thursday, June 4th and end at 6 PM (followed by the after party).

Registration and breakfast start again at 8 AM Friday, June 5th and end at 4 PM, followed immediately by the closing reception at VCU.

For the full details and times for specific talks, please see the schedule page.

Speaker Feature: David Lodge

April 21, 2015
AnnouncementConference

David Lodge

@tautology0

http://www.pentestpartners.com/

 

Dave has been in the security industry for too long. Originally hacking games, then a developer, then sysadmin, then generic dogsbody and finally penetration tester.

For a job, Dave hacks companies. For fun, he drinks beer, develops stuff, plays interactive fiction, kills zombies, hacks flash games, drinks beer, brews beer, translates from American to English, drinks beer and likes being pedantic about language.

Internet of Toys?

Does adding network functionality to modern toys make sense? Can they be abuse to manipulate or spy of you or your child? Can we totally subvert them.

It’s a hacking talk: of course we can!

Register now for RV4sec!

Speaker Feature: Barry Kouns

April 20, 2015
AnnouncementConference

Barry Kouns

www.riskbasedsecurity.com

@riskbased

 

kouns_barry.jpg (134×167)Barry Kouns is principal consultant for ISO/IEC 27001:2013 pre-certification services at Risk Based Security, Inc., an information security, threat intelligence, and risk management consultancy. Barry’s experience includes information security consulting, risk assessment and quality management. Barry has provided training, procedure development and pre-certification consulting services resulting in the successful ISO/IEC 27001 certification of more than two dozen organizations. Barry has full knowledge of GLBA, FFIEC, HIPAA, Sarbanes-Oxley, and 201 CMR 17 and is well versed with PCI DSS, ISO 9001, COBIT, FISMA, NIST 800-53, BS 25999, ISO 31000 and ISO 20000. He has earned a B.S. in Statistics from Virginia Tech and a M.S. in Industrial Engineering Management from North Dakota State University. He has earned the CISSP designation, is a trained ISO /IEC 27001:2013 Auditor & ISMS Implementer, and is ITIL Foundation Certified. Barry was a Captain in the United States Air Force and served as a B-52H Navigator/Bombardier.

Incident Response Management – Not a Fire Drill

In spite of the billions of dollars spent annually to prevent a data breach, breaches are being reported at a rate of more than eight per day. Most security experts say it’s not a matter of if your organization’s data will be breached, but when. If your organization does not have a well designed, formally documented, and regularly tested Incident Response process in place, how well will you respond to the data breach that is most likely in your future?
Not all Incident Response programs are created equal. Speed of action, without first understanding the nature and severity of an event can often lead to elevating the costs to the organization. Join this session to learn how to build an effective Incident Response Management process to identify and properly respond to the various levels of information security events.

Speaker Feature: Jason Smith

April 20, 2015
AnnouncementConference

Jason Smith

appliednsm.com

@Automayt

200x200_smith_jason.png (200×200)Jason Smith is an intrusion detection analyst by day and junkyard engineer by night. Originally from Bowling Green, Kentucky, Jason started his career mining large data sets and performing finite element analysis as a budding physicist. By dumb luck, his love for data mining led him to information security and network security monitoring where he took up a fascination with data manipulation and automation. Jason is the co-author of Applied Network Security Monitoring, creator of FlowPlotter, and co-developer of FlowBAT.

Jason has a long history of assisting state and federal agencies with hardening their defensive perimeters and currently works as a Security Engineer with Mandiant. As part of his development work, he has created several open source projects, many of which have become “best-practice” tools for the DISA CNDSP program.

Applied Detection and Analysis Using Flow Data

While network flow data isn’t a new concept, it is easily one of the most powerful data types you can have in your arsenal as a network defender. It is incredibly low overhead, easy to setup and maintain, and provides tremendously flexible capabilities for network security monitoring (NSM) detection and analysis.
In this presentation, we will take a look at flow data from the perspective of the NSM analyst. To begin, we will harness the power of statistics to demonstrate how flow data can be used for detecting both structured and unstructured threats using techniques that go beyond simple signature matching. Next, I will discuss the concept of friendly intelligence and how flow data can be used to profile devices on your network so you can understand what normal communication looks like. Finally, I will describe how flow data can be used to augment the analysis of network security events that are detected by other mechanisms.

During this presentation, I will also demonstrate FlowPlotter, an open source tool I’ve developed to aide in visualizing flow data for detection and analysis. I’ll also introduce and demonstrate FlowBAT, a graphical flow-based analysis tool that Chris Sanders and I developed to break the significant barrier of entry into Flow Analysis. Every concept I discuss in this presentation will be demonstrated with practical, real-world scenarios complete with real data using the SiLK toolset. You will leave this talk with techniques you can apply to your network immediately with incredibly low overhead and high impact, and scripts to get everything running in minutes.

Speaker Feature: Schuyler Towne

April 20, 2015
AnnouncementConference

Schuyler Towne

http://schuylertowne.com/blog

@shoebox

200x200_towne.png (200×200)

Schuyler Towne is a security anthropologist and Research Scholar at the Ronin Institute. He has dedicated his life to understanding how security technologies have affected culture & the effect of culture on security technology.

 

 

Selling Security in a Post Lock Society

There are pockets of the United States that are living in such secure surroundings that residents could go without locks altogether, which some consumers are beginning to realize. In this talk we’ll explore what features the next generation of home security products need to have, and how they will need to market themselves to have an impact on the emerging class of secure consumers.

RV4sec Speaker Lineup!

April 17, 2015
AnnouncementConference

There was a lot of competition in the CFP, but we’ve managed to whittle it down to another great lineup for RV4sec. So here are the speakers for the 2015 RV4sec conference!

Jennifer Steffens G Mark Hardy
David J. Bianco Caleb “chill” Crable
Adam Crosby Chris Eng
Pete Herzog / Dave Lauer Allen Householder
Barry Kouns David Lodge
Kizz MyAnthia Mark Painter
Elissa Shevinsky Michelle Schaffer / Tim Wilson
Jason Scott Jason Smith
Schuyler Towne Robert Stratton
Boris Sverdlik Bill Weinberg
Governor Terry McAuliffe

 

For detailed information about the speakers and their talks please see rvasec.com/speakers/

Thank you to everyone who submitted a proposal to the CFP–the review team had to make some tough decisions and appreciate all the time and hard work that went into submitting.

Jennifer Steffens (@SecureSun) To Keynote RV4sec!

April 13, 2015
AnnouncementConference

We are pleased to announce that Jennifer Steffens will be keynoting RV4sec 2015!

As its CEO, Jennifer Steffens spearheads all aspects of IOActive’s global IOActiveCEO_JenniferSteffens_2013_02business operations and drives the company’s strategic vision. Jennifer brings a wealth of industry and business experience to the company, having been an early member of several successful startups.

Earlier in her career, Jennifer was a Director at Sourcefire, where she helped build and grow its run rate from $250K to over $35M in just four years. She helped commercialize the Snort open source intrusion detection and prevention technology and built several service offerings around research initiatives. Prior to joining IOActive, Jennifer came to Seattle to help startup GraniteEdge reinvent itself. While there, she led initiatives to restructure the company and developed a product strategy that ultimately secured two additional rounds of funding. With over ten years of industry experience, Jennifer has held senior management positions at Ubizen, NFR Security, and StillSecure.

Jennifer is a well-respected media source, appearing in InfoSecurity Magazine, SC Magazine, Good Morning America, BBC, Reuters, The Guardian, and CBS News. She has been invited to give keynote presentations at a variety of conferences such as HackInTheBox. Jennifer is a member of EWF, ISSA, and OWASP.

You can follow Jennifer on Twitter at @SecureSun.

Terry McAuliffe, Governor of Virginia To Provide Remarks At RV4sec!

April 8, 2015
AnnouncementConference

We are pleased to announce that Virginia Governor McAuliffe will be providing remarks at RV4sec!

Terry McAuliffe is the 72nd Governor of Virginia. Since being sworn-into office, Governor McAuliffe has aggressively focused on building a new Virginia Governor Elect Terry McAuliffeeconomy.

Whether traveling to Bedford or Beijing, Governor McAuliffe has made it clear that his number one priority is economic development and he is working hard to create and maintain jobs throughout the Commonwealth.

The Governor is also working to restore trust in government. On his first day in office, he signed an executive order imposing a $100 gift ban on himself, his family, and members of his administration and their families. He established through executive order the Commission on Integrity and Public Confidence in State Government, which will focus on ethics oversight and enforcement, limits on gifts and loans, rules on conflicts of interest, disclosure requirements and post-public service restrictions.

McAuliffe has proven that his administration will be smart stewards of Virginia’s transportation dollars. Demonstrating his commitment to bipartisanship, he worked with Republican leadership on House Bill 2 to prioritize transportation projects based on what is best for Virginia’s commuters not politicians.  He followed through on his commitment to lowering the downtown/midtown tunnel tolls to alleviate the burden on Hampton Roads residents, commuters, and businesses. He eliminated the EZ Pass maintenance fee for all Virginia commuters, and suspended work on Route 460, because he does not believe that Virginia taxpayers should be spending hundreds of millions of dollars on a road when we don’t have permits to ensure its completion. Governor McAuliffe also worked with the Governor of Maryland and the Mayor of the District of Columbia to invest $75 million in our regional metro system – taking cars off the roads and relieving congestion.

Governor McAuliffe understands that in order to compete for the jobs of tomorrow, it is essential that we make key investments today. The Governor signed legislation increasing the amount of Virginia qualified research and development expenses that can now be claimed as a tax credit. This legislation is important because it encourages private companies to invest in the jobs of the future.

In order to ensure that Virginia continues to have the best workers in the world, Governor McAuliffe understands that Virginia must continue to have a world-class education system. This year, he was proud to sign standards of learning reform legislation, to make Virginia’s education system work better for students, teachers, and our schools.

Virginia is home to approximately 800,000 veterans, and the Governor is committed to fighting for those who have so bravely served our country. He expanded the Virginia Values Veterans initiative, which encourages employers to recruit, hire, train, and retrain our veterans. He also signed legislation to provide unemployment compensation to military spouses who leave their job to accompany their spouse to a new military assignment in another state, as well as legislation that will expand access to higher education for eligible veterans’ family members.

In July 2014, Governor McAuliffe signed Executive Order 23 Establishing the New Virginia Economy Workforce Initiative.  With a goal of an additional 50,000 credentials, aligning the workforce supply with demand and giving experience credit to our veterans, Governor McAuliffe wants to redesign our current workforce system to work with the needs of our communities and businesses.

The Governor’s administration has made unprecedented progress on the restoration of rights to rehabilitated felons who have served their time. People who have paid their debt to society should be able to work, pay taxes and vote.

Governor McAuliffe ran for office to fight for uninsured Virginians and that is why he took bold executive action to expand health care. His plan, A Healthy Virginia, will help improve the lives of more than 200,000 Virginians by expanding access to care, improving care for veterans and for those with severe mental illness, and enhancing value and innovation across our health system.

Governor McAuliffe previously served as Chairman of the Democratic National Committee from 2001 to 2005, was co-chairman of President Bill Clinton’s 1996 re-election campaign, and was chairman of Hillary Clinton’s 2008 presidential campaign.

He and his wife Dorothy were married in 1988 and have five children.

The Governor attended Catholic University and Georgetown Law School.

 

Hotel Information – Book now!

March 4, 2015
AnnouncementConference

RVAsec has reserved a block of rooms at the Crowne Plaza for out of town guests. The rate is $113/night (which includes parking).

You can either book online or call the hotel.

When you call (855-472-7802) the hotel please tell mention the block “RVAsec” to get the special rate.

Crowne Plaza Richmond Downtown
555 East Canal Street, Richmond VA 23219
800-2CROWNE



View Larger Map
 

The hotel has a shuttle that runs back and forth from the conference location at VCU for both days.

If for any reason you are unable to get the RVAsec rate or the block of rooms has been filled, please let us know so we can contact the hotel!

Once the block is full or expires we are not able to have it extended.

Make sure you check out information on getting to the conference.