RVAsec 2025 Video: Travis Altman
Cybersecurity Leader

Title: Running a proper Purple Team
Some folks within cybersecurity have probably heard the concept of purple teaming but what is it like to actually execute or leverage this type of service? What value does it provide? Where should it exist within the organization? What other challenges might you face when performing purple teaming?

This talk will dive into details on how to go from the concept or infancy of purple teaming to executing at a higher level of maturity and everything in between. I’ll walk thru specific examples of purple team exercises then debrief outcomes and values of those engagements. I’ll also walk thru variations of purple teaming (e.g., simulation vs emulation) and describe when a certain variation might be appropriate and when. Last but not least I’ll explain how to perform purple teaming in various environments (e.g., endpoint, cloud, network) and considerations for operating in those conditions.

• Youtube: https://youtu.be/9q0D87_zqps
• Slides: https://rvasec.com/slides/2025/Altman_RUNNING_A_PROPER_PURPLE_TEAM.pptm

RVAsec 2025 Video: Stacy Aitken
Security Program Manager – Dragnet

Title: The Importance of an Incident Response Plan
An incident response plan (IRP) is a necessity. It can reduce damage, improve recovery time, reduce costs, comply with regulation, preserve evidence, and improve preparedness.

• Youtube: https://youtu.be/SLmo7DuH6vU
• Slides: https://rvasec.com/slides/2025/Aitken_Importance_of_an_Incident_Response_Plan.pdf

RVAsec 2025 Video: Bruce Potter
CEO and Founder – Turngate

Title: Keynote
Bio: Bruce Potter has been doing cybersecurity for 30 years, which makes him kind of old. Bruce is currently the CEO and founder of Turngate, a SaaS audit log analysis company. Prior to that Bruce served as CISO at several companies including Clear Street, Expel, and the KeyW Corporation.

Bruce is the founder of The Shmoo Group and assisted with running ShmooCon, a cybersecurity conference that ran for the last 20 years in Washington DC. Bruce has done DARPA research, led red teams, broken large networks (in good and bad ways), and even helped bring Internet service to remote parts of Alaska in the mid-90’s.

• Youtube: https://youtu.be/KYGCTwJ-tCM

RVAsec 2025 Video: Mike Bailey
– Rotas Security

Title: Attacking & Defending ServiceNow: A Hands-on Lab for Red & Blue Teams
ServiceNow is a critical enterprise platform, often integrated with sensitive systems and privileged access. This talk explores how attackers can exploit misconfigurations and privilege escalation paths within ServiceNow to gain a foothold in an environment. We’ll walk through real-world attack techniques, from initial access to lateral movement, and demonstrate how defenders can detect and mitigate these threats.

In addition to offensive tradecraft, we’ll cover how to set up a dedicated lab to safely test these attack vectors, fine-tune detections, and improve defensive strategies. Whether you’re a red teamer looking to sharpen your tactics or a blue teamer aiming to strengthen your defenses, this talk will provide actionable insights and practical steps for securing ServiceNow.

• Youtube: https://youtu.be/LxwyQV8sIdA
• Slides: https://rvasec.com/slides/2025/Popovich_Bailey_Attacking_and_Defending_ServiceNow.pptx