RVAsec is pleased to present Simeio Solutions, LLC as an RVAsec 13 Gold sponsor!
We execute, manage, and optimize your entire Identity and Access Management (IAM) program. With a team of experts specialized in identity management, we are protecting more than 160 MN identities and leading our client’s digital transformation journey securely.
https://simeio.com/
X (Twitter): @Simeio
We typically like to rotate our after party events, but back by popular demand we will again have our exhilarating Casino Night! This spectacular event begins immediately after the last talk on Tuesday (day 1), running from 5:30pm to 9:00pm. Step into a lively atmosphere reminiscent of Las Vegas, right here in Richmond.
The RVAsec 13 after party, brought to you by RVAsec (still looking for a sponsor to make it even more epic!), will be at in the main ballroom on Tuesday, June 4th right after the conference ends!
We’ve curated an array of classic casino games for your enjoyment. Roll the dice at the Craps table, or give our Roulette wheel a spin. If cards are more your speed, try a hand at our Black Jack table, or go all-in with Texas Hold ‘Em Poker. We also offer the exciting Texas Hold ‘Em Bonus Poker Table for a thrilling twist.
But it’s not all dice and cards – test your accuracy with our Golf Shot game, or back a winner with River City Horse Racing. And the best part? There will be food, beverages, music, and fabulous prizes for the top players!
So whether you’re a gaming veteran or a novice, this is your chance to relax, have fun, network, and possibly win big! As the day’s talks wrap up, prepare to immerse yourself in an unforgettable evening at the RVAsec after party!
Let the best players win!
This is an exclusive event, so you must be registered to attend or you will not be allowed entrance–no exceptions!
Important Notes:
Even if you have a ticket for RVAsec and said that you wanted to attend during the signup process, you MUST now registered for the party!
If you haven’t bought a ticket for the RVAsec conference yet, now is the time…. click this link, you know you want to!
Or if you know better, don’t click that link, copy and paste this (https://www.eventbrite.com/e/rvasec-13-security-conference-tickets-776407274057) in and get that ticket!
Tucker Mahan currently leads emerging technology initiatives at MAXX Potential, expanding capabilities and coaching others to build careers in technology.
He is a lifelong learner with a passion for all things Technology, and loves to share his ever-evolving knowledge on the subject. When he’s not helping others learn the fundamentals, he’s actively involved in many community and personal passion projects.
Trained in qualitative and quantitative data analysis to recognize trends and patterns
MicroMasters from The Georgia Institute of Technology in Analytics: Essential Tools and Methods
MAXX Potential Distinguished Alumni
VCU, BSc Sociology, minor in Math & Religious Studies
Defending Against the Deep: Is your workforce ready for Generative AI Adversaries? (<– add to your schedule)
Gain insight into the evolving landscape of cybersecurity in the age of AI Generated Content. From defending against multi-vector cyber attacks to empowering your workforce through AI-powered cybersecurity awareness, Defending Against the Deep delves into the intricacies of Generative AI. Together, we will look at case studies, a technical demonstration of current capabilities, keys for leveling up your workforce, and an opportunity to test your ability to recognize AI Generated Content. In this talk, explore how the same technology used for malicious intent can be harnessed for good, offering innovative solutions to safeguard enterprise environments.
Aqeel Yaseen transitioned into Offensive Security from over a decade of teaching yoga professionally, and is currently working with Blue Bastion Security. That might seem like a curious combination, but Pentesting and teaching yoga both help people cultivate awareness of blind spots, and find ways to learn and grow from that awareness. Aqeel has been teaching himself that art and skill of hacking by creating home labs, owning machines on HTB and Offsec’s Proving Grounds, and participating in CTFs. He has already earned the Security+, OSCP, and OSWA certifications, and is currently working towards the CRTO. He also has a website with two years of recorded yoga and meditation classes that are available for free. He is eager to learn and to share!
Mindfulness, Meditation, and Cybersecurity (<– add to your schedule)
We are meant to enjoy our lives; both personal, and professional.
As human beings, and as professionals, we all have to learn how to cultivate even-mindedness, balance, and fortitude to meet life/work challenges. Cybersecurity is fascinating because it requires us to constantly learn, and find ways to optimize our process. Burnout is a huge problem many fields, but especially in Cybersecurity. Cultivating a mindfulness or meditation practice is one of the most efficient ways we can support our process, and manage the stress and anxiety that comes with our professional and personal lives.
The focus of this talk is not specifically on work, because it addresses thoughtful ways to approach every aspect of our lives from our mental and physical health, to our relationships both personally and professionally. Whether new to the industry or a seasoned veteran, this talk with give you some insights, guidance, and the opportunity to practice.
Samuel S. Panicker specializes in cyber security and data protection. He is currently the CISO for NTS with over twenty-six years of experience in the field. Sam has authored several security awareness programs for SANS and Black Hat including “A healthy level of paranoia”.
Quickstart to building your own Private AI Chat (<– add to your schedule)
Join our quick start guide to building your very own Private AI! In this presentation, we’ll explore the key differences between Public and Private AI and the components needed for success. You’ll get hands-on experience setting up your development environment, preparing data for training, and using popular libraries to train a simple AI model. We’ll also discuss best practices in AI development and provide guidance on evaluating and fine-tuning performance. Don’t miss this opportunity to take control of your very own AI and build a system tailored to your unique needs and goals. Join us for an engaging and informative session that will empower you to start building your Private AI today!
We’re thrilled to reveal a fresh new look for RVAsec as we gear up for another year of top-notch security insights, networking, and community engagement. The new logo reflects both our ongoing evolution and the vibrant spirit of the security community in Richmond.
A Lucky or Unlucky Number? You Decide!
This year, we’re playing with the enigma of ’13’—a number steeped in mystery and superstition. Is it lucky? Unlucky? We’re embracing this ambiguity as a nod to the unpredictable and ever-changing landscape of cybersecurity.
We Want to Hear From You!
Do you have thoughts on the number 13? Ideas for how we can weave this theme into our conference experience? We’re open to suggestions and would love to incorporate your creative ideas into RVAsec 2024.
How to Share Your Ideas:
We’re excited to see your interpretations and integrate them into what promises to be the most memorable RVAsec yet. Let’s make the ‘unlucky’ number 13 a symbol of innovation and community strength this year!
Exciting news for all RVAsec attendees! This year, we’re partnering again with Garden Grove Brewing to create a custom beer, and we want your help to choose what we brew. Whether you’re a beer aficionado or just enjoy a casual pint, your input will help us decide on the perfect brew to complement this year’s conference.
Here are your choices:
How to Vote: To cast your vote, simply visit our voting page!
Voting is open until the end of the week, and the winning brew will be announced shortly thereafter.
Make your voice heard and help us choose the flavor of RVAsec 13!
We can’t wait to see which brew you pick, and then we get to talk names!
Ben Haynes is a data scientist at Flashpoint, leveraging analytics and his cybersecurity expertise to solve practical problems in the industry. Previously, he worked at Risk Based Security, where he dedicated his time to enhancing and implementing the organization’s cybersecurity intelligence products. He is responsible for multiple innovative risk models for vulnerability and breach intelligence, as well as pioneering ways to make that intelligence actionable for clients.
Ben earned his Bachelor of Science degree in Astronomy & Planetary Sciences from Stony Brook University, and subsequently a Master of Mathematical Sciences, specializing in Statistics, from Virginia Commonwealth University. He is an amateur archivist, data hoarder, and prolific collector of hobbies.
X (Twitter): @atbenhaynes
Prioritization Myths Busted with Better Vulnerability Data (<– add to your schedule)
A good prioritization plan should let you know where to start when tackling risk. And yet, people don’t know where to start when developing a good prioritization plan! Even worse, we make a number of bad assumptions when trying to navigate this labyrinth.
Which method is the best? Are many methods better than one? How many is too many? What does “best” even mean?
Ask 10 different practitioners these questions and you might get 10 different answers. There’s no better example of this situation than with the plethora of vulnerability prioritization methods available today. Luckily, we’ve been able to collect an unprecedented amount of data on vulnerabilities, and it’s taught us a lot about what makes sense, and what doesn’t.
Join us as we use this vulnerability data to dispel myths, avoid pitfalls, and conjure some solid recommendations that will put you on a better path.
RVAsec is pleased to present Qohash as the official RVAsec 13 reception sponsor!
Visibility and control over your sensitive data. Sensitive data is hiding in all kinds of files. Any lack of awareness regarding sensitive data can result in significant issues or even disasters.
https://qohash.com/
X (Twitter): @Qohash
Darryl MacLeod works for the Lares Advisory Services team and has over 20 years of experience in the IT security sector, having been responsible for developing, managing, and assessing information security programs for all levels of enterprise and government-level organizations. He has spoken at multiple conferences such as Security BSides St.John’s, GoSec, and the Texas Cyber Summit. He also sits on the Board of Directors for AtlSecCon and is the former lead organizer for Security BSides Cape Breton.
Strategic Alliances: How GRC Teams Can Empower Offensive Security Efforts (<– add to your schedule)
Collaboration between Governance, Risk, and Compliance (GRC) teams and offensive security teams is vital for a strong security stance. This presentation highlights the role of GRC teams in augmenting offensive security efforts. Traditionally, GRC teams are seen as policy makers, compliance assessors, and risk managers. Their role, however, significantly contributes to offensive security strategies, going beyond these conventional duties. The presentation emphasizes how GRC teams can enhance offensive security through risk-informed strategies, ensuring that offensive measures align with policies and compliance, optimizing resources, and bridging communication between technical and executive teams. The session aims to provide cybersecurity professionals and organizational leaders with a thorough understanding of the importance of GRC teams in offensive security and practical approaches for integrating these functions within their organizations.
