Abhinav Khanna is an Information Security Professional, currently working as an Application Security Engineer at NotSoSecure | part of Claranet Cyber Security. He is an active bug bounty hunter & is a member of Synack Red Team as well. Apart from security, he likes playing Table Tennis.
- Writing Powerful Pentest Reports
Adam is an Information Security Analyst for the Cyber Threat Operations Center (CTOC) Incident Response Team. Prior to joining USAA, He worked as a Senior Cyber Security Instructor for root9B where He taught Adversary Tactics and Techniques and Cyber Threat Intelligence Analysis. He retired after serving just over 20 years in the United States Air Force. During that time, he worked as an Air 1B4X1 (Cyber Warfare Operations) at the 33 Network Warfare Squadron. He was also an Instructor for the Air Force's Intermediate Network Warfare Training.
Adam holds a Bachelor's of Science degree in Cyber Security from University of Maryland University College and three Associates of Applied Science degrees from the Community College of the Air Force. Adam also holds current GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), GIAC Defending Advanced Threats (GDAT), GIAC Certified Forensic Analyst (GCFA) and hopefully before my talk a GIAC Penetration Tester (GPEN)
- Awakened Training
- Spilling the Beans: How to Spot a Bad Pentest
Annabelle Klosterman is a Cyber Operations student at Dakota State University and Co-Founder of the Cyber Community Club. As a high school student, Annabelle worked as an Information Systems Assistant at a data center providing services to 15+ banks throughout the state. Now, she is a Cybersecurity Engineer, researcher, and speaker. Annabelle has been a national finalist for the Collegiate Cyber Defense Competition and CyberPatriot. She holds SANS certifications in Cybersecurity Technologies and Cloud Security.
Mariel Klosterman is a Network Security student at Dakota State University and Co-Founder of the Cyber Community Club. Mariel has presented at professional groups and conferences including Silicon Valley High Technology Crime Investigation Association, InfraGard South Dakota, NEbraskaCERT, and OSMOSISCon and received the 2021 Open Source Rising Star of the Year Award. She has appeared on podcasts such as PI Perspectives, Great Women in Fraud, and OSINT Cocktail.
- Utilizing Your Skill Sets and Opening New Opportunities from a Different Perspective
Chip Thornsburg is a Professor of Cyber Defense for NE Lakeview College in San Antonio. Chip is responsible for developing curriculum and practical lab projects to train the next generation of Cyber workers.
Chip began his quest for security knowledge in the 1980’s launching a research and consulting business in 1996 specialized in network communications and security. Informal education was found online in BBS systems and IRC channels and in person at conferences like Defcon, Blackhat and 2600 meetings. He obtained formal degrees from South Texas Junior College, San Antonio College, Texas A&M San Antonio and an MBA from Texas A&M Corpus Christi.
Chip taught and lectured on Technology and Criminal Justice subjects at River City College, Southern Careers and North Texas State. He is also a previous speaker at NolaCon, Texas Cyber Summit, and B-Sides San Antonio.
- Stop Trying to be a Unicorn!
Edward Wu is a Senior Principal Data Scientist (AI/ML and Detection Lead) at ExtraHop Networks, responsible for researching and developing AI/ML capabilities and infrastructure. He is an expert in applied AI/ML for cybersecurity and next-gen cyber defense, including behavioral intrusion detection, automated security operation, network/application monitoring, and cloud workload security. Edward holds 10+ patents in ML and cybersecurity and is a contributor to the MITRE ATT&CK framework. He received his master's degree in Computer Science & Engineering from the University of Washington, Seattle, and a bachelor of science in Electrical Engineering & Computer Science from the University of California, Berkeley.
- Know the Environment Better Than Devs, how network data can power visibility, detection, and response programs for securing cloud workloads
Gary Kasper is a dedicated and mission driven Identity Theft Expert with more than 10 years in the Identity Theft, Fraud, and Cyber Crime arena. He has assisted more than 1000 individuals and 100+ businesses with education and protection of their identities He has spoken for, University of Texas A&M Department of Finance and Administration, Michigan Insurance Associations National Convention 2021, Austin Small Business Week, Texas National Title for Realtors, National Association of Residential Property Managers, Williamson County Human Resource Association, West Austin Chamber of Commerce. He is a Keynote Speaker and published author. In 2008, Gary learned he had become a victim of Identity Theft. He discovered that there was an actual warrant for his arrest in the state of Texas for check fraud in 1983 during which time Gary was in Germany. Yes, someone had used his identity. Facing arrest and jail time he decided to clear his name.
- Consumer Identity Theft 101: What You Need To know
Jonathan Fisher is a staff security engineer at Praetorian, with a focus on IoT security. Jonathan has performed numerous security assessments against a large range of IoT devices, including consumer, medical, vehicle, and industrial connected devices. He also holds an OSCP and eCTPX certificate.
- Migrating IoT to the Cloud, Security Considerations and Benefits
Karan Dwivedi is a security manager at Google. He has over 6 years of experience specializing in digital forensics and incident response. Prior to Google, he was part of the incident response team at Yahoo where he gained experience in responding to the world’s largest breach. He serves as a program committee member of the DFRWS conference and DFIR Reviews publication. He graduated from Carnegie Mellon University with a Master's in Information Security in 2016. He owns the blog allthingspwned.com where he provides interviewing advice for security engineers. His articles are provided as a reference by Google's hiring team.
- Clean Forensics: Analyzing network traffic of vacuum bots
Electrical Engineer, Computer Scientist, experienced cyber capability developer, Air Force Officer.
- A Log4Shell Practice Exploitation Range in the Cloud
Based in Seattle and a natural creature of winter, you can typically find me sipping Grand Mayan Extra Anejo whilst simultaneously defending my systems using OSS, magic spells and Dancing Flamingos. Honeypots & Refrigerators are a few of my favorite things! Fun Fact: I rescue Feral Pop Tarts and have the only Pop Tart Sanctuary in the Seattle area.
- Threat Modeling in 600 seconds or less (ok, I lied, more like 2,400)
Possibly best known as the co-organizer of Car Hacking Village and serial volunteer across our community, Kirsten has been recruiting, primarily in infosec since 2010. After a brief spell programming and running help desks, she settled into recruiting, and specializes in the hacking community. Following a 6 year journey as the Director of Recruiting at Novetta, recently acquired by Accenture Federal Services (AFS), Kirsten now runs recruiting for the AFS National Security Portfolio. When she's not recruiting (and when is she ever really not doing that), she's doing all she can to help active duty service members and veterans, and possibly running a marathon or an ultra.
- Read the Room
I work for BrainGu as a Product Manager providing Senior Engineering Technical Assistance on a System Coordination Team on a US Air Force cyber weapon system program in San Antonio, TX. Since retiring from US Air Force intelligence career, I have worked on 4 different major programs associated with DevOps. As a cybersecurity expert, I hold several certifications including a CISSP. During a practical doctorate in strategic studies, I authored, "Cashing in on Cyberpower" to analyze 10 years of cyber-attacks from an economic perspective. I have a BS in English, an MS in Management, a DSS in Security and am a doctoral Candidate at Capella in Information Technology/Cybersecurity and Information Assurance
- Advancing DevSecOps Metrics
Mercedes Andreacchi is a cybersecurity analyst and Air Force veteran. Her background includes threat hunting, incident response, endpoint remediations, and malware triage and analysis. In her free time, she enjoys spending quality time with her spouse and fur kids, and also reading and researching malware.
- Malware Analysis of Microsoft Excel Documents
Michael is an independent security researcher specialized in vulnerability research, fuzzing and exploit development. With over a decade of industry experience in offensive security he has discovered a plethora of vulnerabilities across a wide range of high-value enterprise software and operating systems.
- Hacking OT Software – A case study of breaking a wide selection of products
Or Katz is a security veteran, with years of experience at industry leading vendors, currently serves as principal lead security researcher for Akamai. Katz is a frequent Speaker in security conferences and published numerous articles, blogs and white papers on threat intelligence and defensive techniques. Data driven security researcher that is constantly looking on how to move security challenges into the science and solutions space.
Qasim "Q" Ijaz is a Director of Offensive Security at Blue Bastion Security and specializes in healthcare security and penetration testing. He has conducted hundreds of penetration tests in small to large environments with a focus on networks and web applications testing. His areas of interest include healthcare security, Active Directory, cybersecurity policy, and the "dry" business side of hacking. Qasim is a penetration test lead during the day and a teacher in the after-hours. Qasim has presented and taught at cybersecurity conferences including BSides and Blackhat on offensive security topics. He currently teaches a bootcamp on Offensive Security Certified Professional (OSCP) certification.
- Spilling the Beans: How to Spot a Bad Pentest
Ryan Thompson is currently working as a Senior Intrusion Researcher at Crowdstrike. His primary functions include conducting post-mortem analysis on hands-on intrusions and researching attacker techniques and trends. Previously, Ryan has worked as an Instructor at Elastic teaching the Air Force, Navy, and Army to conduct threat hunting using open source tools such as Kibana, Suricata, and Zeek. Before that, he was a Senior Security Analyst at Alert Logic providing weekly recommendations to clients using packet analysis, IDS alerts, and log-based investigations. He currently holds several SANS certs and is a TA for SANS FOR508 (GCFA).
- Watching Kittens at Play: Dissecting an Iranian Nation State Interactive Intrusion
With over 5 years of experience protecting Banks and the financial sector against cyber threats, Saurabh Chaudhary is a renowned Security Researcher and a prominent speaker and trainer. He has spoken and trained people at international conferences like "The Texas cybersecurity summit", "BSides Budapest", "OWASP Indonesia, and several universities and forums.
He is a published researcher with multiple research papers on malware, ransomware, and cyber espionage and has experience and expertise in cyber threat intelligence, Malware, YARA rules, DFIR, etc.
He is a passionate InfoSec enthusiast and tech enthusiast. He is one of the chapter leaders of OWASP and is very much connected and contributing to the information security community.
- Beat'em at Their Own Game - Darkweb Intelligence
Vincent Matteo is a security researcher and a senior penetration tester at Seven Layers where he focuses on securing small to medium-sized businesses. Vincent is an Air Force veteran as well as a veteran of the technology world with over 30 years of experience -- 20 years of which spent running Seven Layers. Vincent is an author, a previous speaker at Grrcon, BSides, and Snowtalks security conferences, and a recreational bug bounty hunter with 17 CVEs. In his spare time, Vincent drinks copious amounts of coffee, he enjoys petting his two dogs, and when he’s not in front of a computer, he’s out running hundred-mile ultramarathons.
- I Know What You Did Last Summer… I’m Still Hacking Your Small Business
W. Garrett Myler is the owner of Enclave Defense and a cybersecurity consultant specializing in risk assessment and critical infrastructure. Garrett started his INFOSEC career as an U.S. Air Force cyber warfare operator and DoD contractor and has supported both offensive and defensive cyber operations from the strategic to tactical levels of effort. Part time, Garrett continues to serve as a cyber warfare trainer with the U.S. Air Force Reserves. He has a degree and some certs but would rather you ask him about his family or outdoor hobbies.
- ICS Ransomware and Lessons from Conti Chat Logs