BSidesSATX 2023

Abhishek Tripathi

Abhishek Tripathi is an accomplished Managing Consultant in EY's Threat Detection and Response practice, bringing over seven years of experience in designing, building, and operationalizing Security Operation Centers (SOCs) worldwide. He holds a Master of Science degree in Computer Science from Syracuse University, New York. With a proven track record of success in the field of cybersecurity, Abhishek is passionate about staying up-to-date with the latest industry trends and technologies to help organizations safeguard their digital assets against evolving threats. As a mentor, Abhishek helps new analysts navigate the challenges and complexities of the cybersecurity industry.

  • Writing Effective Triage Notes in the SOC: The Importance of Clarity, Actionability, and Leadership Support
Allyn Stott

Allyn Stott is a senior staff engineer at Airbnb on the infosec technology leadership team, where he works on threat detection and incident response. Over the past decade, he has built and run detection and response programs at companies including Delta Dental of California, MZ, and Palantir. Red team tears are his testimonials.

  • How I Learned to Stop Worrying and Build a Modern Detection & Response Program
Andrew Neumann

Andrew Neumann is a cybersecurity professional with expertise in malware analysis, vulnerability research, and reverse engineering, and posses a strong background in malware reverse engineering and C/C++, Python development. Andrew is an Air Force veteran, and is currently the Exploit Development lead at UTSA Console Cowboys, as well as being employed by Global Infotek as a cyber capabilities developer.

  • Discovering the Dark Side: An Introduction to Malware Reverse Engineering
Dana Behling

Dana Behling is a highly esteemed senior threat researcher at VMware Carbon Black, renowned for her exceptional skills in identifying and researching new and emerging cyber threats. With her vast knowledge and experience, she is a driving force in ensuring the security and safety of countless individuals and organizations.

Prior to joining the world-renowned VMware Carbon Black team, Dana served in numerous public sector cybersecurity roles, where she was instrumental in enhancing national security measures. Her invaluable contributions to the field have garnered the respect and admiration of her peers, making her a sought-after authority in the world of cybersecurity.

Dana's unwavering commitment to protecting individuals and organizations from cyber threats has earned her a reputation as a trailblazer and an inspiration in her field. Her dedication and expertise continue to set the bar for excellence in the ever-evolving world of cybersecurity.

  • Driving Your Own Vulnerability: How to Navigate the Road of BYOD Attacks
Daniel C. Marques

As an experienced Red Team leader, Daniel applies a strong background in software development and networking to help Fortune 500 companies identify and remediate vulnerabilities in various technologies, including corporate networks, applications, and smart devices. Working in the Cybersecurity field since 2006, prominent local and international security conferences such as HOU.SEC.CON, Black Hat Regional Summit São Paulo, and the BSides São Paulo featured his penetration test research. He holds a B.Sc. in Computer Science and a M.Sc in Cybersecurity. In 2019, Daniel was part of the team that won the DEF CON Biohacking Village Capture the Flag competition.

  • Kickstarting your in-house Red Team: Challenges and approaches
Dr. J

Dr. Melisa A. Joyner is a USAF Education with Industry Fellow (EWI) at Counter Hack. She specializes in cyber mission planning, cyber convergence, purple teaming, and integrating intelligence into operations to bring lethality into execution and information warfare. She has experience in threat hunting, purple teaming, ICS, and cyber threat intelligence and is experienced in incident response. During her off time, she is a technical mentor for the local Cyber Patriot team.

  • Challenging the Standard
Frank Buckholdt

As a cybersecurity professional with significant experience in the field, I hold multiple industry certifications in areas such as security operations and cloud security. Currently, I work as a Security Analyst in a Security Operation Center, where I leverage my expertise to enhance organizational security. In addition, I have prior experience in physical security and application support, which further informs my approach to cybersecurity.

  • Cybersecurity Careers: How to Find Your Fit
Frank Hall

Fredrick volunteers as a CyberPatriot coach for Medina Valley High School, and through the Hondo Public Library in Hondo, Texas, and is a technical mentor for the Alamo Academy’s Information Technology Security Academy (ITSA) CyberPatriot team. He has also mentored an all-girl team at Davis Middle School in cooperation with BrownSTEM, INC, and also teaches the CyberPatriot CyberGenerations cyber safety course for senior citizens. He has been a guest speaker at many cybersecurity conferences and has been featured on numerous webinars and podcasts. Fredrick served as the lead instructor for the SA Cyber 4 Uvalde initiative which provided two one-day camps for the elementary and middle school students in Uvalde. In 2018, U.S. Representative Will Hurd Texas, District 23, gave him the title of Cyber Education Leader Texas District 23. In September 2019, Fredrick was a contributor and a character in a chapter book for middle school students, Journey Through the Unified Field.

  • CyberPatriot: Mentoring the Next Generation
Gabe Schuyler

Gabe is an enterprise solutions engineer at Wiz, inc. His day-to-day stock in trade is cloud security, helping people secure what they've got in the cloud and keeping everyone on top of trends. Off the clock, he enjoys tinkering with RFID, experimenting with ambient notification, and encouraging the use of technology for social change.

  • Trending cloud security threats and defense
Gideon T. Rasmussen

Gideon Rasmussen is a Cybersecurity Management Consultant with over 20 years of experience in corporate and military organizations. Gideon has designed and led programs including Information Security (as a CISO), PCI - Payment Card Security, Third Party Risk Management, Application Security and Information Risk Management. Has diverse industry experience within banking, insurance, pharmaceuticals, DoD/USAF, state government, advertising and talent management.

Gideon has authored over 30 information security articles. He is a veteran of the United States Air Force, a graduate of the FBI Citizens Academy and a recipient of the Microsoft Most Valuable Professional award. Gideon has also completed the Bataan Memorial Death March (4 occurrences).

  • Cybersecurity Metrics, KPIs and KRIs
iamv1nc3nt

Vincent is a security researcher and a senior penetration tester focusing on securing small to medium-sized businesses. Vincent is an Air Force veteran as well as a veteran of the technology world with over 30 years of experience -- 20 years of which spent running a small technology business. Vincent is an author, a previous speaker at Grrcon and BSides security conferences, and a recreational bug bounty hunter with 17 CVEs. In his spare time, Vincent drinks copious amounts of coffee, he enjoys petting his two dogs, and when he’s not in front of a computer, he’s out running hundred-mile ultramarathons.

  • I Came in Like a Wrecking Ball
Jacob Wellnitz

Incident Response Engineer and Post Breach Remediation Consultant

Currently dedicated to Incident Response with Kudelski Security
14 months at an electric cooperative as NOC Analyst and Security Administrator
5 ½ years at a private nonprofit university, including as Systems Administrator, with a focus on security
4 years at the world's largest telecommunication provider in network monitoring and remediation roles

  • How LockBit Orchestrated the Destruction of a Domain and Network and How We Kicked Them Off Stage
Jeremy Galloway

Jeremy Galloway has been active in the security scene since 2002, focusing on the dark corners of the internet, hacktivism, penetration testing, intelligence gathering, privacy technologies, threat detection, incident response, cybercrime, building security products and just about everything in between. He's previously spoken at BSides Austin, BSides San Antonio, BSides Las Vegas, ISSW, BlackHat, and SecTor. Jeremy is a proud member of both the Electronic Frontier Foundation and the Austin chapter of The Satanic Temple.

  • Cover your SaaS: Cloud threat Detection beyond Endpoints
Justin Ibarra

Justin Ibarra is the leader of the Threat Research and Detection Engineering team at Elastic, where he was previously a principal security research engineer. He focuses on many aspects of offensive and defensive security research, including endpoint, cloud, and web based technologies. He spends a lot of time in telemetry and building detection capabilities, while also continually looking for ways to advance and evolve detection engineering approaches and principles.

  • Homophonic Collisions: Hold Me Closer, Tony Danza
Matt Tesauro

Matt Tesauro is a DevSecOps and AppSec guru with specialization in creating security programs, leveraging automation to maximize team velocity and training emerging and senior professionals. When not writing automation code in Go, Matt is pushing for DevSecOps everywhere via his involvement in open-source projects, presentations, trainings and new technology innovation.

As a versatile engineer, Matt’s background spans software development (primarily web development), Linux system administration, penetration testing and application / cloud security. He thrives on tackling technical problems, but his economics background gives him a unique understanding of business constraints and incentives around security initiatives.

Early in his career, Matt served as Director of Community and Operations at the OWASP Foundation, Senior AppSec Engineer at Duo Security, Senior Software Security Engineer at Pearson and Senior Product Security Engineer at Rackspace.

  • DefectDojo, Taking your DevSecOps to 11
Michael Holburn

Michael is a Solutions Engineer at Laminar and has been in security for about 20 years now. Michael started out in the U.S. Army as a network administrator for 8 years and is a veteran of the Iraqi Freedom campaign. He is excited to be working on data security in the cloud, but also has a deep background in SIEM and DLP (network, host, CASB, DSPM).

  • Accidentally Exposed - Classifying Publicly Exposed Cloud Files
Michael McCabe

Michael McCabe is the president of Cloud Security Partners. Michael helps clients migrate their workloads to the cloud in a secure and managed way. He's worked with large financials during their cloud migrations and transformations. He focuses on creating secure and approachable solutions for his clients.

  • Infrastructure as Remote Code Execution: How to abuse Terraform to elevate access
Ozgun Kultekin

Ozgun is a 22 year old Offensive Security Engineer at Trendyol Group, focusing on breach & attack simulation and penetration testing. Prior to joining Trendyol, Ozgun gained valuable experience in the realm of wireless security, specializing in Bluetooth, RF protocols, Wi-Fi, and other related technologies.

Currently, his primary focus revolves around the advancement of red team operations and penetration testing, with a particular emphasis on web security.

Ozgun holds a Bachelor of Science degree in Computer Engineering as well as the OSCP certification. When he's not around, you'll likely find him busy demolishing CTF competitions or embarking on thrilling bug hunting expeditions in the vast wilderness of the web!

  • SIEM Slam: Tricking Modern SIEMs with Fake Logs and Confusing Blue Teams (Pre-Recorded)
Parth Shukla

Parth Shukla is a cyber security analyst at Cequence Security and has a great passion for Web Application Security. Parth Shukla is also a Bug hunter; community builder and Cyber security enthusiast and I believe in the quote “security is a myth”.

  • The Darkside of GraphQL
Paul Guido, CISSP, CCSP

Paul Guido has over 25 years of experience working with financial institutions, keeping their employees, customers, and data safe.

  • Use DMARC, do not let others abuse your brand!
Reagan Short

Reagan Short is a Technical Director on the Operations Innovation team for Managed Security Services at BlueVoyant. He primarily works alongside SOC, detection content, threat intel, and platform engineering teams to build and refine technologies and processes. Working with queries, graphs, pivot tables, mind maps, and diagrams, he enjoys applying innovation to detect, analyze, and mitigate evil at scale.

  • Homophonic Collisions: Hold Me Closer, Tony Danza
Ross Bryant

Ross Bryant, Ph.D. is the Senior Security Researcher at Phylum and leads the Phylum Research Team. Ross has over two decades of cybersecurity and math research experience. Prior to joining Phylum in late 2021, he worked as a research project lead at Sandia National Labs where he led a team that researched and developed real-time analytic solutions to network forensics problems. He has also worked in cybersecurity operations for the NSA and U.S. Air Force and as an Applied Research Mathematician for the NSA.

  • Malware and Malicious Code in the Open Source Software Supply Chain
Sandip Dholakia

Sandip Dholakia works as a principal security architect within SAP Global Security Group. Before joining SAP, Sandip was an information security architect at Enterprise Information Security Group at Cisco Systems. Sandip has also worked as a security architect and compliance leader at General Motors, where he supported end-to-end security activities for a large functional unit. Sandip has authored a book, holds a US patent and published papers/blogs on various security topics including a feature article on zero trust in ISSA Journal. Sandip has CISSP, CCSP, CCSK, GIAC WAPT and AWS security certifications and is a member of InfraGard.

  • SciFi to Reality: Use of AI in Cybersecurity (Pre-Recorded)
Sara Friedfertig

Sara Friedfertig is a Security Developer at Arctic Wolf, focusing on endpoint detections and third-party EDR integrations. She describes her “sweet spot” as the intersection of cybersecurity and programming, while still valuing any opportunity to serve as a communications liaison across teams. She holds an undergraduate degree in Software Engineering, a graduate degree in Cybersecurity, a dreamworld degree in Literature (doesn’t she wish!), and an EC-Council CEH certification. Prior to her current role, Sara has worked in and around the SOC as an analyst, engineer, and consultant. Driven by curiosity, Sara is known to ask the most questions on any given day at work; always learning, she takes pride in calling herself a forever-student. Sara is also a champion of advancing women in the cybersecurity workforce, having co-founded the Austin, TX Women in Cybersecurity (WiCyS) affiliate and currently serving as the chapter's Senior Vice President.

  • Two Sides of the Same Coin: Interview lessons, as learned by both interviewee and interviewer
Victoria Dea

Victoria is a cybersecurity consulting manager specializing in penetration testing and vulnerability identification. With 7 years of professional experience, Victoria has helped Fortune 500 companies improve their resilience against cyber threats through red team and purple team exercises. In 2019, Victoria was a part of the team that won first place at the DEF CON 27 Biohacking Medical Device Capture the Flag competition in Las Vegas. Victoria holds a Bachelor of Science degree in Computer Science with a minor in Applied Computer Security from the University of Southern California as well as the CISSP, GPEN, GWAPT certifications.

  • Kickstarting your in-house Red Team: Challenges and approaches