Evan Booth is a builder and architect at Counter Hack, a company devoted to building fun and engaging challenges that educate and evaluate information security professionals. Armed with a profound fascination with how things are built, Evan has spent the past 20 years working on the creative, strategic, and engineering components of software and hardware projects for a wide variety of clients. Evan enjoys spending time with his family, taking stuff apart, and occasionally putting stuff back together again. X (Twitter): @evanbooth

Scaling Your Creative Output with AI: Lessons from SANS Holiday Hack Challenge 2023 (<– add to your schedule)

The rise in prominence of AI-powered content generation tools over the past year was tough to miss, and, heck, you have probably already created some cool stuff with them. Putting these tools to work in a meaningful, scalable way, however, can prove challenging.

In this talk, I will equip you with the technical knowledge required to build AI-enhanced tools, we’ll discuss strategies for identifying opportunities for said tools, and we’ll look at real-world examples from SANS Holiday Hack Challenge, the best darn free, seasonal hacking challenge in the world.

Come see Evan Booth at RVAsec 13!

Caleb Gross is the Director of Capability Development at Bishop Fox, where he leads a team of offensive security professionals specializing in attack surface research and vulnerability intelligence. Prior to coming to Bishop Fox, he served as an exploitation operator in the US Department of Defense’s most elite computer network exploitation (CNE) unit. As a top-rated military officer, Caleb led an offensive operations team in the US Air Force’s premier selectively manned cyber attack squadron. He studied at the University of Virginia and holds two degrees in computer science.

Josh Shomo leads the vulnerability research team within Bishop Fox’s Capability Development group. He investigates security issues in widely used applications and appliances, and produces vulnerability intelligence to prioritize offensive security research at Bishop Fox. Josh earned a master’s degree in computer science from Johns Hopkins University. Before joining Bishop Fox, Josh attended the Computer Network Operations Development Program (CNODP), the US Department of Defense’s foremost vehicle for developing technical leaders in information security. X (Twitter): @noperator

Patch Perfect: Harmonizing with LLMs to Find Security Vulns (<– add to your schedule)

Are LLMs a revolutionary leap forward for security research—or just spicy auto-complete?

The truth lies somewhere in between. This talk cuts through the hype and offers a practical perspective that’s grounded in real-world analysis of critical bugs in widely used products. We’ll walk through our process of harnessing large language models (LLMs) for patch-diffing in the context of N-day vulnerability research. Given a vague security advisory and some complicated code diffs, can an LLM get you closer to finding the right spot in the code to dig deeper? Which models work best for this task, and why? Let’s ditch the theory and get our hands dirty with iterative experimentation. Whether you’re a seasoned pentester, applied researcher, or budding practitioner, you’ll take away tactical lessons for incorporating AI into your security toolkit.

Come see Caleb Gross at RVAsec 13!

Evan Grant is based out of Halifax, Nova Scotia and works as a Security Researcher at Tenable. He got his start in infosec working with the Canadian Forces Reserves, and has been hooked ever since. Outside of work, he occasionally tries to climb rocks, at which he is definitely worse than Jimi.

Jimi Sebree is security researcher on Tenable’s Research team. With a strong background in software engineering and security, he bounces between research disciplines in an effort to appear knowledgeable about a variety of topics. Occasionally he succeeds in tricking someone into listening to his ramblings. X (Twitter): @dinobytes / @stargravy

Consumer Routers Still Suck (<– add to your schedule)

You know that little box in the corner of your house doing all the heavy lifting required to connect you (and, now that everyone is working from home, your company) with the rest of the world? Yeah, that one. It’s no secret that these things are oftentimes security nightmares for consumers, but have ISPs or the various networking vendors improved things over the years, or are they still just as terrible as we all think they are?

Over the last few years, we’ve done a deep dive into many of these devices to see what makes them tick and evaluate the risks posed to consumers. In this talk, we’ll provide a rapid fire assessment of a handful of these devices, showcase the commonalities between flaws discovered, shed some light on behind-the-scenes supply chain issues plaguing this industry, and discuss where we see things going from here.

Come see Jimi Sebree / Evan Grant at RVAsec 13!

Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute. X (Twitter): @secureideas

Orion’s Quest: Navigating the Cyber Wilderness – Tales of Modern Penetration Testing (<– add to your schedule)

Focusing on real stories from the trenches, Orion’s Quest walks through a series of modern application and API attacks Kevin and his team have pulled off. The talk describes how we found and exploited the flaws and provides information so you can test yourself.

Come see Kevin Johnson at RVAsec 13!

David is a Staff Security Strategist on Splunk’s SURGe research team. He is also a SANS Certified Instructor, where he teaches network forensics. David has more than 20 years of experience in the information security field, primarily in incident detection and response, threat hunting, and Cyber Threat Intelligence (CTI). He is the creator of both the Pyramid of Pain and the Threat Hunting Maturity Model, both widely cited defensive security models. Really, he just wants to make security better for everyone, and he has a special interest in helping people get started in their cybersecurity careers. You can follow David on Twitter as @DavidJBianco or on Mastodon as @DavidJBianco@infosec.exchange. X (Twitter): @DavidJBianco

My Way is Not Very Sportsman-Like: Shaping Adversary Behavior to Strengthen Defenses (<– add to your schedule)

We’re taking a fresh look at how to beat cyber attackers at their own games! It’s all about using our defender advantages wisely, controlling, constraining, and shaping the adversary’s moves before the attack even begins. We’re ditching the old “”Defender’s Dilemma”” mindset and showing how smart defense strategies can make a huge difference. Let’s shift our thinking, use our advantages better, and boost our defense without breaking the bank.

Come see David J. Bianco at RVAsec 13!