RVAsec is pleased to present Red Canary as an RVAsec 12 Silver + sponsor!
We stop threats.
You focus on your mission.
Red Canary pioneered managed detection and response to secure your endpoints, cloud, and whatever comes next.
https://redcanary.com/
Twitter: @redcanary
RVAsec is pleased to present Orca Security as an RVAsec 12 Silver sponsor!
Orca Security is the industry-leading Cloud Security Platform that identifies, prioritizes, and remediates security risks and compliance issues across your cloud estate spanning AWS, Azure, Alibaba Cloud, Google Cloud and Kubernetes.
https://orca.security/
Twitter: @orcasec
RVAsec is pleased to present Abnormal Security as an RVAsec 12 Silver sponsor!
Better Cloud Email Protection, Lower Email Security Spend. Prevent email and email-like attacks, automate your security operations, and reduce your total spend with one extensible platform.
We are shaking things up at the end of the first day of RVAsec with our exhilarating Casino Night! This spectacular event begins immediately after the last talk on Tuesday, running from 5:30pm to 9:00pm. Step into a lively atmosphere, reminiscent of Las Vegas, right here in Richmond.
The RVAsec 12 after party, brought to you by RVAsec (still looking for a sponsor to make it even more epic!), will be at in the main Omni Ballroom on Tuesday, June 13th, right after the conference ends!
We’ve curated an array of classic casino games for your enjoyment. Roll the dice at the Craps table, or give our Roulette wheel a spin. If cards are more your speed, try a hand at our Black Jack table, or go all-in with Texas Hold ‘Em Poker. We also offer the exciting Texas Hold ‘Em Bonus Poker Table for a thrilling twist.
But it’s not all dice and cards – test your accuracy with our Golf Shot game, or back a winner with River City Horse Racing. And the best part? There will be food, beverages, music and fabulous prizes for the top players!
So whether you’re a gaming veteran or a novice, this is your chance to relax, have fun, network, and possibly win big! As the day’s talks wrap up, prepare to immerse yourself in an unforgettable evening at the RVAsec after party!
Let the best players win!
This is an exclusive event, so you must be registered to attend or you will not be allowed entrance–no exceptions!
Important Notes:
Even if you have a ticket for RVAsec and said that you wanted to attend during the signup process, you MUST now registered for the party!
If you haven’t bought a ticket for the RVAsec conference yet, now is the time…. click this link, you know you want to!
Or if you know better, don’t click that link, copy and paste this (https://www.eventbrite.com/e/639412268307) in and get that ticket!
Please make sure you log in to the Sched website or download the RVAsec Mobile App! You can easily download the Sched app for iOS or Android.
After downloading, please log into Sched (should be sync’d with your ticket purchase email address). You can then easily create and see your schedule. If you have any issues you can also reset your password and search for RVAsec. If you don’t want to install the mobile application, the RVAsec schedule is available also for mobile!
We need your help to assign sessions to appropriately sized rooms! This year we are back to three tracks at the conference for the first time at the Omni! We have three rooms but they are very different sizes, so we need to know what sessions you plan to attend to help determine room assignments!
You can also see speakers for the RVAsec 2023 and the times for specific talks on the schedule page. We are hoping to minimize movement of talks for each day and time, but we will adjust accordingly based on session interest. The sooner you can setup your personal schedule the better.
Thank you!
Personal Agendas
Plan out your own schedule in advance to get the most out of RVAsec.
Personalized Profile
Add a photo, bio, and connect your social media profiles.
Event Mobile App
Stay in-the-loop with iOS and Android apps.
Speaker Directory
Easily review speakers and their background.
Due to a slight technical issue, tickets for RVAsec were unavailable for purchase prior to the price increase. To provide additional time to correct that mistake, we have decided to extend Regular Ticket prices until May 12, 2023 at 11:59 PM. We are at 75% capacity right now, and once we sell out there will be no more tickets available!
David Girvin:
Hacker, BJJ enthusiast, world traveler and surfer. I am a giant weirdo who somehow found my niche in offensive security. I have been blessed getting to build AppSec programs for companies like 1Password and Red Canary. I have an extremely diverse background and hope I can relate and or add value to everyones experience,
Hacking your Job? Trying to cheat at life with ChatGPT
AI, it’s all the buzz. We have seen marketing fraudsters at Black Hat called out. Heard sales people use every buzzword they can to try and close. So is it all smoke and mirrors? Or maybe there is pragmatic use for this upcoming technology. I have taken ChatGPT and treated it like an offensive security lab. I trialed many different approaches to using it. In this talk I will show where it can add value in a technical, business and sales role. I will also show how it can fail miserably, it’s security concerns and how its influenced. Will this take your job or add to it? Find out in my talk.
Mr. McOmie started in offensive security in 1994 and is a trusted advisor, security leader and mentor. With a career focus in offensive security and a strong technical background, he is recognized for his excellence in developing and executing enterprise security strategies and leading technical and tactical programs. He has founded and contributed to several industry leading organizations over his career including start ups, fortune 100 enterprises, and federal agencies. As an extrovert, he passionately supports the information security community, is a featured speaker at various conferences, a published author, and an industry liaison for many businesses and organizations.
Specialties: Security Leadership & Program Development, Security Service Practice & Team Direction, Red Teaming, Ethical Hacking, Penetration Testing, Social Engineering, Physical Security, Assessments, Incident Response, Compliance. By leveraging these talents and his experience, Mr. McOmie guides companies and executive leaders to understand the importance of, communicating the need for, and addressing the challenges that it takes to create and maintain a strong security posture.
Twitter: @lmcomie
This fast paced, poking fun at ourselves presentation, tells a story through examples of how a majority of companies are fixated on old industry “”worst practices””. As we wander though the twisted road of things that we do THAT WE SHOULDN’T, the audenice will likely find themselves thinking differently about how the approach enterprise security programs, have a chance to laugh at how human we all are, and walk away with a new perspective.
Andrew has been securing and protecting critical infrastructure networks since 2002.
Raised by a Topgun Marine fighter pilot and a middle school special education teacher, Andrew was always driven to find meaningful work, solve interesting problems and help others do the same in an effort to make the world a better and safer place.
His love for computers started in college and after spending several years providing tech support in the energy and financial sectors, he achieved his MCSE certification. This led to his first information security job supporting a migration to active directory. Andrew then went on to champion, design and implement an automated compliance and vulnerability management program.
Andrew has been developing and leading incident response, malware analysis, threat hunting and digital forensics services for the past 18 years in critical infrastructure financial organizations.
He currently holds GREM, GCFA, GDAT, GNFA and CISSP certifications and serves as an Cybersecurity Senior Manager at a large financial organization.
Twitter: @dfir_tnt
Maturing your Threat Hunting Operations
This talk will present a roadmap for designing a mature threat hunting service. A maturity model will be shared, along with prerequisites and incremental steps along the way.
Having built the Threat Hunting service at the Federal Reserve, I will share our journey, recommend approaches and resources, and provide a path for listeners to follow to do the same.
Amelia is a security analyst working for ISECOM. From the beginning of her path in the cybersecurity industry, she’s been working with and learning from acknowledged professionals. This gave her a strong foundation and a set of skills that she intends to greatly expand. On a daily basis, she works with electronic evidence, collecting and analyzing it while maintaining the chain of custody. She conducts cyber investigations. She is also a cybersecurity trainer for the military and the Hacker Highschool project.
Let me tell you a story about what it’s like as a lawfirm’s investigator to try to get justice for someone after they’ve been robbed online. The problem starts with finding the perpetrator. We will walk through the process of investigating crypto hot wallets and NFTs while we collect electronic evidence with proper chain of custody to prove a theft occurred. Then I’ll show you how we need to dox and hack our way through the web of forums and social networks to uncover an anonymous suspect. Again, keeping proper, court-admissable evidence. I’ll introduce you to the AI tools and automation we built to capture and search huge volumes of discussions and videos the moment they appear in many of the popular social networks and forums. Finally, I’ll end the tale with who we found and how we sent the police to their home to get justice. But it’s not a happy ending.
