RVAsec 2025 Video: John Stoner
Security Strategist – Google Cloud

Title: Defending Entra ID and Office 365 Using the Prism of GraphRunner
For organizations using Microsoft Entra ID and O365, it’s important to understand the landscape of the Graph API, how data is accessed and the logs available to gain visibility into probes and attacks that are targeting users and their information stores.

To drive this awareness, I’ve chosen to use a red team toolkit called GraphRunner that empowers offensive cyber practitioners an easy to use method to get started probing Microsoft Entra ID and Office 365 tenants. On the flip side of this, we are going to take a look at the logs generated by GraphRunner in a simulated attack chain to better understand what a blue teamer might see and how they can build detections and hunt, not just for GraphRunner, but for suspicious activities occurring within their Entra ID and Office 365 tenant.

• Youtube: https://youtu.be/BIXaShyiNpM
• Slides: https://rvasec.com/slides/2025/Stoner_Defending_Entra_ID_O365_Using_GraphRunner.pdf

RVAsec 2025 Video: Michael Roytman
Co-Founder, CTO – Empirical Security

Title: Cybersecurity is Ready for Local Models
This talk explores how a custom, local AI/ML model can be built internally at an enteprise for cybersecurity decision support. We’ll walk through data, methods, and pitfalls of building your own models rather than using off the shelf or vendor solutions.

• Youtube: https://youtu.be/9AKCykrJGaw

RVAsec 2025 Video: Nicholas Popovich
Principal – Rotas Security

Title: Attacking & Defending ServiceNow: A Hands-on Lab for Red & Blue Teams
ServiceNow is a critical enterprise platform, often integrated with sensitive systems and privileged access. This talk explores how attackers can exploit misconfigurations and privilege escalation paths within ServiceNow to gain a foothold in an environment. We’ll walk through real-world attack techniques, from initial access to lateral movement, and demonstrate how defenders can detect and mitigate these threats.

In addition to offensive tradecraft, we’ll cover how to set up a dedicated lab to safely test these attack vectors, fine-tune detections, and improve defensive strategies. Whether you’re a red teamer looking to sharpen your tactics or a blue teamer aiming to strengthen your defenses, this talk will provide actionable insights and practical steps for securing ServiceNow.

• Youtube: https://youtu.be/LxwyQV8sIdA
• Slides: https://rvasec.com/slides/2025/Popovich_Bailey_Attacking_and_Defending_ServiceNow.pptx

RVAsec 2025 Video: Alain Petit
Cyber Security Architect – Capital One

Title: Key Management and Basic Key Usage for Encryption 101
raise your awareness of cybersecurity encryption with a simple analogy: house keys. This presentation breaks down key management and encryption basics, from creation to destruction, using relatable examples.

• Youtube: https://youtu.be/SgkhjtvN09c

RVAsec 2025 Video: Qasim Ijaz
Director of Cybersecurity – Aveanna Healthcare

Title: What the Scope? Sh** my Consultant | Client Says
Scoping a penetration test shouldn’t feel like negotiating a hostage situation—but here we are. In this engaging, no-holds-barred session, two seasoned cybersecurity professionals take the stage in a hilarious and painfully relatable discussion, showcasing the absurd, frustrating, and all-too-common conversations between consultants and clients.

Expect real stories, plenty of laughs, and insights that will make you rethink how you approach penetration testing and security assessments. Whether you’re a consultant, security leader, or someone who’s just tired of hearing “We don’t need a pentest”, this talk is for you.

• Youtube: https://youtu.be/5wf1ge2pCg4
• Slides: https://rvasec.com/slides/2025/McOmie_Ijaz_Shit%20my%20client_consultant%20says.pdf

RVAsec 2025 Video: Luke McOmie
VP Offensive Security – Blue Bastion

Title: What the Scope? Sh** my Consultant | Client Says
Scoping a penetration test shouldn’t feel like negotiating a hostage situation—but here we are. In this engaging, no-holds-barred session, two seasoned cybersecurity professionals take the stage in a hilarious and painfully relatable discussion, showcasing the absurd, frustrating, and all-too-common conversations between consultants and clients.

Expect real stories, plenty of laughs, and insights that will make you rethink how you approach penetration testing and security assessments. Whether you’re a consultant, security leader, or someone who’s just tired of hearing “We don’t need a pentest”, this talk is for you.

• Youtube: https://youtu.be/5wf1ge2pCg4
• Slides: https://rvasec.com/slides/2025/McOmie_Ijaz_Shit%20my%20client_consultant%20says.pdf

RVAsec 2025 Video: Kevin Massey
IT Engineering Manager – Winebow

Title: Linux Kernel Exploitation for Beginners
My talk is focused on teaching people how to get into Linux kernel exploitation using Kernel based CTFs as an entry point.

• Youtube: https://youtu.be/YfjHCt4SzQc
• Slides: https://rvasec.com/slides/2025/Massey_Linux_Kernel_Exploitation_For_Beginners.pdf

RVAsec 2025 Video: Kyle King
Security Engineering Manager – Check Point Software Technologies Ltd.

Title: AI: Who’s watching whom?
Artificial Intelligence (AI) has intersected with cybercrime and cybersecurity that forces organizations to leverage the technology in order to benefit the industry while at the same time understanding how to protect against AI based threats. How will your organization use AI safely and securely?

• Youtube: https://youtu.be/Vi5_0_Ihn1E
• Slides: https://rvasec.com/slides/2025/King_AI_Whos_watching_whom.pdf

RVAsec 2025 Video: Christina Johns
Principal Malware Analyst – Red Canary

Title: Look Ma, No IDA! Malware Analysis Without Reverse Engineering
Do you think malware analysis is out of your reach because assembly code looks like reading the matrix? Fear not, this talk will convince you that learning assembly code is not the best place to start your malware analysis journey. For starters, the modern malware landscape is diverse and malicious code isn’t always compiled into assembly. Not every use case for malware analysis requires a deep dive and there are many great tools and services that provide information about a malware sample you can build your analysis on.

If you work as an incident responder, detection engineer, threat hunter, or intel analyst, you probably already do some malware analysis but don’t realize it. And if you don’t but would like to, this talk will discuss the tools and knowledge you should focus on first before embarking on groking the intel x86 manual.

• Youtube: https://youtu.be/z–EZAmgH_o
• Slides: https://rvasec.com/slides/2025/Johns_Look_Ma_No%20IDA.pdf

RVAsec 2025 Video: Dan Holden
CISO – BigCommerce

Title: CISO Of 2030 (a sequel of CISO of 2025)
The role of the CISO has never been more critical—or more complex. Six years after my original predictions, the cybersecurity landscape has shifted under the weight of evolving regulatory scrutiny, rising boardroom expectations, and the explosion of third-party risks. But there’s a new force at play: businesses are driving security forward through peer accountability, applying market pressure to elevate standards across the ecosystem.

In this session, we’ll explore the major forces shaping modern security programs, revisit past predictions to uncover lessons learned, and share insights into how CISOs are influencing strategy at the highest levels of organizations. Looking ahead to 2030, we’ll discuss how leaders must balance compliance, operational resilience, and innovation to meet the challenges of a hyper-connected world. Join me as we reflect on where we’ve been and chart a path toward the next era of cybersecurity leadership.

• Youtube: https://youtu.be/92jEgubz-EQ
• Slides: https://rvasec.com/slides/2025/Holden_RVAsec_CISO_of_2030.pptx