Tag: presentation

RVAsec 15 Speaker Feature: Ryan Bird

May 1, 2026
Speaker

AI SOC and Securing your Environment (<– add to your schedule)

This discussion is designed to help teams figure out where AI fits in their environment from an analysis perspective, it is vendor agnostic and includes agentic deployments, as well as AI SOC services, novel attack vectors from independent research, and the overarching philosophy of how the threat landscape has just massively changed and how to adapt to it.

Ryan Bird:
Ryan Bird moved to the MVA area in 2017 with his wife. He helped train the United States Army in their ASOT level one program as well as MCTOG in 29 Palms through 2019 with Obsidian Solutions Group before working at Annapolis Defense in a Maritime Security role. After Covid hit he went on to start school at University of Maryland Global Campus and began work in his first cyber security role at RSM Defense when it was being stood up with Unit 26, He then went on to support the Department of States’ Personal Security Device program, and on to FEMA at Mount Weather supporting their internal SOC with One Zero Solutions. He has since been hired at GuidePoint as a Security and Delivery Engineer supporting Elastic and CrowdStrike.

In 2019 he was also part of the Storm the Hill event at IAVA – assisting the IAVA team by talking to congressman and women about veteran suicide in order to get the Commander Scott Hannon bill passed, which changed the VA healthcare system to auto enroll service members upon discharge. He additionally did Disaster relief work during Hurricane Florence, and supported his Uncle running for Commonwealth’s Attorney in 2025 in the City of Fredericksburg.

He has brought common security knowledge from the physical security philosophy to the cyber side of things and holds a unique mindset and experience working his way from an Analyst position to a key member at GuidePoint’s Mid Atlantic SECOPS team.

Come see Ryan Bird at RVAsec 15!

RVAsec 15 Speaker Feature: Nancy Coblenz

May 1, 2026
Speaker

Gigawatts and Governance: The Data Security Crisis No One Is Talking About (<– add to your schedule)

Gigawatts of power. Trillions in investment. A data security crisis hiding in plain sight. The explosive growth of AI data centers has created an infrastructure layer most security frameworks were never designed to govern. When ownership of that infrastructure determines who truly controls the data inside it, conventional perimeter thinking is not enough. This session makes the case that infrastructure governance is the defining data security challenge of our generation.

Nancy Coblenz:
Nancy Coblenz is a transformational leader, tech visionary, and global strategist redefining what digital sovereignty means in the 21st century. As Co-Founder and President of Stellenium, she is pioneering sovereign AI infrastructure at a scale never before attempted, empowering governments to take control of their digital futures. With over 15 years of experience in technology, innovation policy, and large-scale systems strategy, Nancy combines geopolitical insight with human-centered design to solve urgent digital equity challenges.
Nancy served as CEO of MyBrand AI, an AI strategy and implementation firm that laid the groundwork for Stellenium. She held senior leadership roles at a private equity firm and a multibillion dollar global workforce solutions provider, scaling dozens of business units. Her early ventures, including a spatial computing agency, showcased her pioneering spirit.
Through deep government and enterprise partnerships, Nancy built innovation ecosystems that aligned global solutions with regional realities. Stellenium’s strategic roadmap includes sovereign infrastructure initiatives ranging from $500M to $3B.These projects go beyond AI data centers and energy plants; they include full-stack digital infrastructure and workforce programs like the Institute for Sovereign Infrastructure & Innovation (ISII), which provides accredited degrees, certifications, and apprenticeships through national university partnerships.
Nancy has cultivated relationships with government leaders and ministries across Africa, positioning Stellenium as a trusted partner in national digital transformation. She was a featured speaker at the IMF World Congress African Summit, where she addressed ministers of finance and ambassadors on the future of AI sovereignty.
Currently, Stellenium is building one of the world’s first sovereign AI cloud platforms, a fully autonomous, air-gapped system giving countries complete control over their data, infrastructure, and AI governance. This innovation marks a historic shift in global technology independence.
Nancy’s impact has been recognized globally. Her accolades include Los Angeles Time’s Most Inspirational Leader in Innovation (Finalist), Global Tech Awards’ Infrastructure Technology Winner, Stevie Awards Woman of the Year, Best Woman CEO in IT (USA), WomenTech Global Mentor of the Year, and recognition from cover feature for CEO Monthly, Los Angeles Business Journal, MSN, SIA’s 40 Under 40, and the International PlayMaker Digital Leader Award. She exemplifies what it means to lead with courage, clarity, and purpose, building not just infrastructure, but a future where every nation can own its digital destiny.

Come see Nancy Coblenz at RVAsec 15!

RVAsec 15 Speaker Feature: Nick Copi

April 30, 2026
Speaker

Hacking Customized IDE Distributions: Methodology Behind Six Figures in Bug Bounties (<– add to your schedule)

Customized IDE distributions pose a lucrative attack surface due to the interconnected systems they interact with, usually highly privileged. This talk covers high level technical ecosystem architectures, IDE threat modeling, common attack vectors, and takes a stab at defining an IDE exploitation kill chain. While specific bug bounty targets and findings remain undisclosed, the methodology developed while producing them will be covered.

Nick Copi:
Nick Copi is a full time bug bounty hunter targeting web applications, cloud infrastructure, desktop apps, and pretty much anything with an attack surface. His background spans application security engineering, full stack development, and a long track record of CTF competition wins. He’s presented technical talks at security conferences and regularly publishes and reviews security research. A Richmond area native, Nick skipped his own high school graduation to attend his first RVASec, so he keeps coming back. When he’s not chaining interesting gadgets into full exploits, he’s probably thinking about it.

Come see Nick Copi at RVAsec 15!

RVAsec 15 Speaker Feature: Andrew Skatoff

April 30, 2026
Speaker

From OSINT to Detection: Building an Agentic CTI Pipeline (<– add to your schedule)

Modern threat intelligence moves fast, but detection engineering lags. This talk presents an agentic workflow that transforms OSINT into actionable detections using structured extraction, LLM reasoning, and automated validation. Transparent, auditable pipelines accelerate the CTI lifecycle, from ingestion to Sigma rules, while preserving analyst control, reducing time-to-detection from days to hours.

Andrew Skatoff:
Andrew is a cybersecurity senior leader with over 20 years of experience protecting critical financial infrastructure within the national financial infrastructure. He leads large-scale programs spanning incident response, threat hunting, and detection engineering, and has served as Incident Commander for nationally significant cyber events.

He is the creator of Huntable CTI Studio, an open-source agentic workbench that transforms threat intelligence reports into actionable detections using transparent, auditable AI workflows. His work focuses on applying AI as a force multiplier for security teams—without sacrificing rigor, trust, or control.

Come see Andrew Skatoff at RVAsec 15!

RVAsec 15 Speaker Feature: David Reign

April 30, 2026
Speaker

A Peek Behind the Curtain: How A.I. Works (<– add to your schedule)

“A Peek Behind the Curtain: How A.I. Works” offers a clear, non-technical tour of how modern AI systems learn from data and generate predictions or content. The talk demystifies key concepts like training, inference, and model limitations so attendees can better understand what AI can—and can’t—do.

David Reign:
David Reign is a Security Analyst at Oracle with seven years of experience in information security, including three years supporting enterprise environments at scale. His work focuses on cloud security, virtualization, and strengthening security posture through practical risk management and control implementation. David holds a B.S. in Mathematics from Hampton University and an M.Eng. in Cybersecurity from the University of Maryland. He also maintains industry certifications including CompTIA Security+, CompTIA PenTest+, and GIAC Cloud Security Essentials (GCLD).

Come see David Reign at RVAsec 15!

RVAsec 15 Speaker Feature: Thomas Nance

April 29, 2026
Speaker

Beyond the Tip of the Iceberg: Undercover HUMINT Operations Inside the Ransomware Ecosystem (<– add to your schedule)

Ransomware attacks often begin with Initial Access Brokers selling network access through private channels invisible to traditional intelligence. This session explores how Darkweb IQ uses undercover personas to engage threat actors directly, uncovering attacker tools, techniques, and vulnerabilities before incidents occur. It also highlights how this intelligence supports law enforcement and contributed to a DOJ case involving an ALPHV affiliate.

Thomas Nance:
Thomas Nance is the Director of Intelligence Services at Darkweb IQ and a former CIA Operations Officer, where he conducted espionage and counterterrorism missions built on human source development and clandestine collection. He specializes in applying HUMINT tradecraft to cybercrime ecosystems, with a focus on infostealer-driven threats and initial access broker networks.

Prior to Darkweb IQ, Thomas led intelligence operations and solutions architecture at Flashpoint, delivering undercover, persona-led intelligence for Fortune 500 clients. He later helped scale a YC-backed AI threat intelligence company, closing enterprise contracts while shaping product direction through direct customer feedback.

At Darkweb IQ, he built and scaled the Intelligence Services function, delivering actionable intelligence to the FBI, cyber insurers, and enterprise security teams that is collected directly from 1:1 engagements with cyber criminals. His work centers on engaging directly with criminal networks to identify and disrupt access sales before the access is sold to ransomware gangs.

Come see Thomas Nance at RVAsec 15!

RVAsec 15 Speaker Feature: Kim Mahan

April 29, 2026
Speaker

Alert Fatigue Is a Misdiagnosis (<– add to your schedule)

“Alert fatigue” is a misdiagnosis of a deeper problem: the cognitive decay of the human defender. This talk brings the receipts on how a high-consumption information diet hijacks the prefrontal cortex — and why the answer isn’t more automation, but rebuilding the creative muscle that makes humans worth keeping in the loop.

Kim Mahan:
Kim Mahan is the Founding Apprentice at MAXX Potential, a technology consulting firm whose “earn-while-you-learn” model has produced hundreds of engineers—including cybersecurity professionals—now at Capital One, AWS, Google and beyond. A CISSP and Six Sigma Black Belt with 20+ years in enterprise technology leadership at GE and Genworth Financial, Kim specializes in hacking the human element.

She is a contributing author of Lead With Empathy (with Chris Voss), where she coined “Operational Empathy”—the tactical art of building systems around what people actually need to succeed, rather than what credentialing systems say they should know. Her current work, Human Amplified, applies neuroscience to the “Information Diet,” framing passive consumption as a primary driver of cognitive atrophy and a critical vulnerability in the modern workforce. Previously named an “Innovator Changing the South” by Fast Company and Entrepreneur of the Year by NAWBO.

Come see Kim Mahan at RVAsec 15!

RVAsec 2014 Videos

July 30, 2014
AnnouncementVideos

rvasec-tv

Miss a talk or even the entire conference? No problem! All of the speaker videos and presentations are linked below, or you can view the full Youtube playlist here!


David Kennedy – Keynote

Gene Fishel – Keynote

Ben Tomhave – How to Achieve Success with Cyber Risk Assessment and Analysis

Brian Baskin – Introducing Intelligence into Malware Analysis

David J. Bianco – The Pyramid of Pain: Intel-Driven Detection & Response to Increase Your Adversary’s Cost of Operations

Dan Holden & Elizabeth Martin – Pissing Down The Leg Of Much Of Our Careers; Why Are You People Still Buying Firewalls & IPS?

David Sharpe & Katherine Trame – Real World Intrusion Response – Lessons from the Trenches

Evan Booth – Terminal Cornucopia: Demystifying the Mullet

Inga Goddijn – Cyber Insurance – Worth the Effort or Total Ripoff?

Jayson E. Street – The hacker in the fun house mirror (A talk on skewed perspectives)

Jack Mannino & Abdullah Munawar – How To Find Mobile Internet Love

Joey Peloquin – Offensive Mobile Forensics

Jonathan Dambrot – Third Party Risk Management and Cybersecurity

Kimberley Parsons & Carmen Sullo – Leading Security When the Rest of The Business Doesn’t Care About Security

mubix – Attacker Ghost Stories: Mostly Free Defenses That Gives Attackers Nightmares

Nick Popovich – I Found a Thing and You Can Too: ISP’s Unauthenticated SOAP Service = Find (almost) All the Things!

Pete Herzog – Five Secrets to Building an Amazing Security Culture in Your Organization

Ray Kelly – Man In The Front – Modifying the Android OS for Mobile Application Testing

Schuyler Towne – How to Make a Lock

Seth Hanford – CVSS v3 – This One Goes to 11

Steve Werby – Bad Advice, Unintended Consequences, and Broken Paradigms – Think & Act Different!

RVAsec 2013 Videos: Keynotes!

June 27, 2013
Videos

The first of the RVAsec 2013 speaker videos are now posted!

Keynote speaker Chris Wysopal: Future of Government Info Sharing


Keynote speaker Alex Hutton: Towards a Modern Approach to Risk Management


Stay tuned for more videos coming soon!