Category: Speaker

RVAsec 14 Video: Andrew Case – Using Volatility 3 to Combat Modern Malware

RVAsec 2025 Video: Andrew Case
Director of Research – Volexity

Title: Using Volatility 3 to Combat Modern Malware
Volatility 3 is the latest version of the Volatility Memory Analysis framework, which has been the most widely used open-source framework for memory forensics since its creation in 2007. This new version of the framework is a complete rewrite starting from the first line of code. In this presentation, attendees will learn about Volatility 3’s new features while also seeing how many brand-new plugins can be used to detect a wide range of sophisticated, modern malware. This will include detection of the techniques currently deployed by ransomware and APT groups to evade EDR detection, inject code in a stealthy manner, and perform lateral movement. Examples of the covered techniques will include process hollowing, module unhooking, and privilege escalation. Attendees will leave understanding how to detect modern malware and attacker toolkits along with how to integrate Volatility 3 and its new features into detection workflows suitable for production use.


RVAsec 14 Video: Paul Asadoorian – The Security Professional’s Guide To The Linux Desktop

RVAsec 2025 Video: Paul Asadoorian
Principal Security Researcher – Eclypsium

Title: The Security Professional’s Guide To The Linux Desktop
Want to learn how running Linux as your desktop OS can make your life BETTER? This talk is for you! Every year the Linux nerds say, “This will be the year of the Linux desktop!”. If we put Android and ChromeOS aside for a moment, there has never been such a year. However, I switched to Linux on my laptops in 2016 and fully converted all my desktops in 2019. I’m never looking back. Many of you reading this are already thinking/voicing your opinions. I’ve heard for so many years, “I don’t want to run Linux as my desktop because [blank]”. This talk will dispel the myths and hopefully getting you on team Linux desktop! If you are open-minded about Linux as a desktop, haven’t tried it in a while, worried about Windows 10 going end-of-support in 2025, and want to learn about the benefits of the Linux desktop, this talk is for you. Maybe you even use Linux as your desktop OS and just want some tips and tricks; this is the talk for you. If you’ve already decided that Windows or MacOS is perfectly fine and Linux is just annoying, this talk may not be for you.


RVAsec 14 Video: Travis Altman – Running a proper Purple Team

RVAsec 2025 Video: Travis Altman
Cybersecurity Leader

Title: Running a proper Purple Team
Some folks within cybersecurity have probably heard the concept of purple teaming but what is it like to actually execute or leverage this type of service? What value does it provide? Where should it exist within the organization? What other challenges might you face when performing purple teaming?

This talk will dive into details on how to go from the concept or infancy of purple teaming to executing at a higher level of maturity and everything in between. I’ll walk thru specific examples of purple team exercises then debrief outcomes and values of those engagements. I’ll also walk thru variations of purple teaming (e.g., simulation vs emulation) and describe when a certain variation might be appropriate and when. Last but not least I’ll explain how to perform purple teaming in various environments (e.g., endpoint, cloud, network) and considerations for operating in those conditions.


RVAsec 14 Video: Stacy Aitken – The Importance of an Incident Response Plan

RVAsec 2025 Video: Stacy Aitken
Security Program Manager – Dragnet

Title: The Importance of an Incident Response Plan
An incident response plan (IRP) is a necessity. It can reduce damage, improve recovery time, reduce costs, comply with regulation, preserve evidence, and improve preparedness.


RVAsec 14 Video: Bruce Potter – Keynote

RVAsec 2025 Video: Bruce Potter
CEO and Founder – Turngate

Title: Keynote
Bio: Bruce Potter has been doing cybersecurity for 30 years, which makes him kind of old. Bruce is currently the CEO and founder of Turngate, a SaaS audit log analysis company. Prior to that Bruce served as CISO at several companies including Clear Street, Expel, and the KeyW Corporation.

Bruce is the founder of The Shmoo Group and assisted with running ShmooCon, a cybersecurity conference that ran for the last 20 years in Washington DC. Bruce has done DARPA research, led red teams, broken large networks (in good and bad ways), and even helped bring Internet service to remote parts of Alaska in the mid-90’s.


RVAsec 14 Video: Mike Bailey – Attacking & Defending ServiceNow: A Hands-on Lab for Red & Blue Teams

RVAsec 2025 Video: Mike Bailey
– Rotas Security

Title: Attacking & Defending ServiceNow: A Hands-on Lab for Red & Blue Teams
ServiceNow is a critical enterprise platform, often integrated with sensitive systems and privileged access. This talk explores how attackers can exploit misconfigurations and privilege escalation paths within ServiceNow to gain a foothold in an environment. We’ll walk through real-world attack techniques, from initial access to lateral movement, and demonstrate how defenders can detect and mitigate these threats.

In addition to offensive tradecraft, we’ll cover how to set up a dedicated lab to safely test these attack vectors, fine-tune detections, and improve defensive strategies. Whether you’re a red teamer looking to sharpen your tactics or a blue teamer aiming to strengthen your defenses, this talk will provide actionable insights and practical steps for securing ServiceNow.


RVAsec 14 Speaker Feature: Jon Waldman

Jon Waldman is a co-founder and President of SBS CyberSecurity and the SBS Institute. Over the past 20 years, Jon has helped organizations across the US identify and understand cybersecurity risks to allow them to make informed cybersecurity decisions. Jon is incredibly passionate about cybersecurity training and education and serves as a speaker at conferences across the country, along with writing blog posts, hosting webinars, and speaking on podcasts.

For 20 years, Jon Waldman, co-founder and President of SBS CyberSecurity and the SBS Institute, has passionately equipped organizations nationwide to conquer cyber risks. He’s dedicated to transforming complex threats into actionable intelligence. Catch his energy and insights as he actively shares his expertise through compelling talks, engaging writing, webinars, and podcasts.


Vendor Management 2025 – How to Make Better Vendor Management Decisions (<– add to your schedule)

Although vendor management has evolved, the core process remains the same: gathering and reviewing documentation to decide whether to continue business with a vendor. The key question now is how to ensure that vendors are genuinely protecting your datal

Come see Jon Waldman at RVAsec 13!


RVAsec 14 Speaker Feature: Jeremy Dorrough

Jeremy Dorrough has built his career around protecting assets in the most critical IT sectors. He started his career working in a Network Operations Security Center for the US Army. He then went on to work as a Network Security Engineer defending Dominion’s North Anna Nuclear Power Station. He also spent a few years as a Senior Network Security Engineer/Architect at Genworth Financial. Currently Jeremy works as a Client Director for Consortium Networks. He has presented at DefCon, RVASEC, UNC, JMU, ECPI, FBI Infragard and holds or has held Carnegie Mellon CISO certificate, MBA, CISSP, CISM, CEH, GIAC GPPA, CCSK, CCNA. Jeremy has spent over 20 years researching and implementing new ways to defend against the latest attacks. In his free time he loves spending time with his wife and two soon to be hacker children.


How to Win Budgets and Influence Stakeholders: Articulate Cyber Value to Non Technical Audiences (<– add to your schedule)

Limited budgets are a reality we all must live with. Security tools are getting pricier, and management is demanding stronger justifications for every dollar spent. Often, we in cyber struggle to explain the return on investment for all this security technology. Risk management frameworks and heat maps are not the saving grace they are made out to be. We as cyber professionals need to be fluent in financial discussions to guide the business toward informed decisions. I’ll walk you through some proven methods to bridge the communication gap between security and the business.

Come see Jeremy Dorrough at RVAsec 13!


RVAsec 14 Speaker Feature: Bobby N. Turnage, Jr.

Bobby Turnage is a business-minded attorney with more than 25 years of experience advising organizations dealing with technology and data-related matters, including cybersecurity, data security, data privacy, technology contracts, and conducting business on the web. Bobby advises clients of all sizes, both public and private, from start-up to well-established, and across multiple industries. Whether guiding clients through a data breach or ransomware attack with potential impacts in the U.S. and internationally, advising clients concerning data privacy and security obligations, or negotiating technology-related contracts that drive growth, Bobby brings a practical, “here’s how we can get it done” approach to delivering legal services. Bobby is the Cybersecurity and Technology Team Leader and is a Certified Information Privacy Professional/US (CIPP/US) by the International Association of Privacy Professionals. He previously served as SVP and General Counsel for Network Solutions and as AGC for Verisign.


Data Breach Management and Legal Issues for Information Technology Professionals (<– add to your schedule)

Please join us for a practical discussion (without the legalese!) about data breach management and minimizing the risk to your organization. In this discussion, we’ll talk through what it’s like to be in a breach situation, and we’ll cover some practical and legal considerations and suggestions that will help your organization achieve a better outcome.
Learning Objectives:
1. Gain a better understanding of what it’s like to be in a data breach situation.
2. Increase awareness of risks to your organization.
3. Increase awareness of the various people and workstreams involved in working through a data breach.
4. Increase knowledge of proactive measures to improve the outcome and minimize risk to the organization.

Come see Bobby N. Turnage, Jr. at RVAsec 13!


RVAsec 14 Speaker Feature: Alain Petit

Alain Petit is a seasoned Enterprise Security Architect at Capital One, bringing over 22 years of experience to his roles in restricted perimeter, governance, risk, compliance, and data protection. His career reflects a deep expertise in designing and implementing robust security architectures, leveraging frameworks like NIST, CSF, and MITRE. His tenure at Capital One has been marked by significant achievements, including earning top 1% recognition for delivering a project under budget and on time.

Prior to Capital One, Alain contributed to NASA’s EOS project at Hughes Aircraft and provided mission-critical support for the UARS satellite at Allied Signal, earning a Certificate of Appreciation from NASA. His early career also includes a 5-year stint as a Senior Object-Oriented Consultant. Born in Iowa, raised in France, and with a background in Physics, Alain thrives in complex environments. He holds a CISSP certification and a Leadership Certificate from the University of Virginia Darden School of Business. He enjoys strategy board games, history, and is currently reading “Hawkins Magic Beers: Bronze rank Brewer.”


Key Management and Basic Key Usage for Encryption 101 (<– add to your schedule)

raise your awareness of cybersecurity encryption with a simple analogy: house keys. This presentation breaks down key management and encryption basics, from creation to destruction, using relatable examples.

Come see Alain Petit at RVAsec 13!