Andrew Clinton

Andrew Clinton has been working in IT and Information Security for more than 15 years. He’s held a wide range of roles from engineering to senior leadership across a wide range of focuses such as defensive security engineering, penetration testing, and compliance. He has a bizarre appreciation for project management. Outside of work he spends unreasonable amounts of money on complex hobbies he doesn’t have time for. He is currently Director of Cyber Security at Aveanna Healthcare where he oversees security engineering, incident response, and internal penetration testing.

  • Spilling the Beans: How to Spot a Bad Pentest
Andy Green
  • Organizers closing remarks and giveaways
  • Organizers welcome remarks
AshAndree

Asher Andree is a Senior Penetration Tester at risk3sixty. He works with the Renegade Labs team to help organizations identify the threats and vulnerabilities within their environments, as well as test their ability to detect and respond to emulated adversary attacks. Asher holds the Certified Red Team Operator (CRTO), Offensive Security Certified Professional (OSCP), and eLearnSecurity Junior Penetration Tester certifications (eJPT), and enjoys participating in capture the flag (CTF) events as well as studying Windows Internals in his free time

  • Death by a thousand cuts: How to secure Windows network protocols and frustrate your next pentester
Ashwin Rajendra

Ashwin Rajendra is an Cyber Security Incident Response manager on the incident response remediations team at Kimberly-Clark Corporation. His prior experience includes roles in both network security and threat intelligence, with a total of 10 years of security experience, four years in DFIR and Incident Response. Rajendra previously worked at ATOS and DELL. He holds a Master of Science in Cybersecurity, and certifications in digital forensics and data analytics. Rajendra loves to use and play with data in all aspects of work and he has a passion for security.

  • Protecting the Centerpiece Jewel in your Crown Jewels: Enterprise Financial System- Forensic Model, Detection and Logic
Brian Kime

Brian leads strategic intelligence production, competitive intelligence, and customer advisory at ZeroFox. He formerly led all threat intelligence, vulnerability risk management, and industrial control systems security research at Forrester. He is also a major in the United States Army Reserve Innovation Command where he seeks out operational innovation, concepts, and capabilities to enhance the readiness and lethality of the US Army as an Innovation Liaison Officer.

With over 15 years in Intelligence operations, Brian knows intelligence programs can only succeed with robust management support and an in-depth understanding of the environment and threats. Brian has worked at Secureworks where he helped defend the premier managed security service provider and later embedded in one of the firm’s largest client’s security teams. He also helped defend the electric grid from state-nexus actors at Southern Company. As an Army Reserve officer, he deployed to Operation Enduring Freedom where he provided intelligence support to special operations forces.

Brian holds many security certifications including CISSP, GLEG, GPEN, GCFA, GCCC, GCPM, GCIA, GCIH, GSEC and is an Army Cyber Operations Planner. He holds masters of science degrees from the SANS Technology Institute and Georgia State University, and a Bachelor of Science degree from Georgia Tech.

  • Planning is Indispensable: Tools to Ensure Threat Intelligence Success
Chris Farris

Chris Farris has been in the IT field since 1994 primarily focused Linux, networking, and security. For the last 7 years he has focused on public-cloud and public-cloud security for major media companies. He has built and evolved multiple cloud security programs focusing on enabling the broader security team’s objectives of secure design, incident response and vulnerability management. He has developed cloud security standard and baselines to provide risk-based guidance to development and operations teams. As a practitioner, he’s architected and implemented multiple serverless and traditional cloud applications, focused on deployment, security, operations, and financial modeling.

He opines on security and technology on Twitter and at his website https://www.chrisfarris.com

  • IR in the Cloud: Don't panic, take a deep breath, you've got this.
Christian Hyatt

Christian Hyatt is the CEO and Co-founder or risk3sixty. At risk3sixty, Christian has helped assess and build 100s of security programs. Risk3sixty is a winner of Atlanta's fastest growing company and best places to work 2020, 2021, and 2022. Learn more about risk3sixty at www.risk3sixty.com.

  • Security Team Operating System
David Hall

David Hall has more than 23 years experience in cybersecurity and IT operations. He is currently a Senior Customer Engineer at Microsoft specializing in cybersecurity. Before joining Microsoft in 2018 he served more than 21 years in the Army as a Signal Warrant Officer. He finished his Army career as an Instructor at the US Army Cyber Center Of Excellence, FT Gordon GA, teaching Microsoft Official curricula. He is also a former collegiate Adjunct Instructor and enjoys sharing knowledge with the community through his blog and YouTube channel at (https://www.cyberautomate.io)

  • Cyber Defense with Security as Code
Fernando Tomlinson

Fernando Tomlinson is a Principal Digital Forensics and Incident Response Consultant with Mandiant. Before joining Mandiant and retiring from the U.S. Army as a Chief Warrant Officer 4, he was the Senior Technical Advisor at the U.S. Army Cyber Command for forensics and malware analysis and all defensive actions within the U.S. Army. He also previously was a Technical Director of a Cyber Operations Center and has led multi-level Digital Forensics and Incident Response (DFIR) and threat hunting teams. Additionally, he is a collegiate cybersecurity Adjunct Professor who enjoys contributing to the community through his blog at https://cyberfibers.com and projects at https://github.com/wiredpulse.

  • A Tale of the Times: Flying Under the Radar Screen[Connect]
JoEtta LeSueur
  • Organizers closing remarks and giveaways
  • Organizers welcome remarks
John Heasman

John Heasman is the CISO of Chegg, the leading student-first connected learning platform where he is focused on proactive approaches to building secure software. Prior to Chegg, John was the Deputy CISO at DocuSign. He has presented at Black Hat, Defcon, OWASP AppSec and other industry forums on a diverse range of topics from web application security through to firmware APTs. Earlier in his career, he co-authored The Shellcoder’s Handbook (2nd Ed.) and The Database Hacker’s Handbook.

  • Why Your CloudSec Team Should Be Using Your SIEM
Martin Fisher

Martin Fisher is a 20+ year information security veteran who has worked in the commercial aviation, finance, and healthcare delivery industries. He currently serves as the CISO of Northside Hospital in Atlanta, Georgia. He was a founding host of the award winning Southern Fried Security Podcast for 10 years, has appeared on NPRs “Science Friday with Ira Fladow”, and has spoken internationally on a variety of information security topics. He has led a variety of teams through significant transformations and helped create high-performing teams of engaged and effective security professionals. Martin can be contacted on Twitter via @armorguy.

https://www.linkedin.com/in/martinjfisher/

  • Building an Effective Security Strategy: It's More Than A List Of Tech
Michael Taylor

Michael Taylor is a Manager in the Americas Cyber Security practice of Ernst &
Young LLP. Michael works with cyber security leadership to innovate cyber
security operations centers utilizing SIEM and SOAR capabilities and further
enhance incident response actions. He has a broad security experience in the
federal and civilian sectors in security process development, threat
intelligence, threat/vulnerability management, penetration testing, and
incident management. He brings more than 20 years of experience in Cyber
Security process development and leadership, network operations, computer
forensics, advanced packet, and malware analysis. Michael is a current Air
Force reservist leader where he serves as a Cyber Operator Section Chief
specializing in enhancing and training military members in offensive and
defensive security operations.

  • It is not a SIEM Failure. Its a data failure!
Mike Pearson

Mike Pearson is a passionate cyber thought leader and entrepreneur with over 30 years of experience in the industry. As Chief Technology Officer and co-founder for SecureWorks, Mike patented the first intrusion prevention service, coining the term IPS, and was responsible building the iSensor technology that led to the acquisition by Dell. Since SecureWorks, Mike has served in multiple roles as both a practitioner and advisor to CISO's worldwide. He currently serves as Founder and Managing Partner of Cymrix, a cyber-attack simulation platform.

  • We've Come A Long Way Matey
Qasim Ijaz

Qasim "Q" Ijaz is a Director of Offensive Security at Blue Bastion Security and specializes in healthcare security and penetration testing. He has conducted hundreds of penetration tests in small to large environments with a focus on networks and web applications testing. His areas of interest include healthcare security, Active Directory, cybersecurity policy, and the "dry" business side of hacking. Qasim is a penetration test lead during the day and a teacher in the after-hours. Qasim has presented and taught at cybersecurity conferences including BSides and Blackhat on offensive security topics. He currently teaches a bootcamp on Offensive Security Certified Professional (OSCP) certification.

  • Spilling the Beans: How to Spot a Bad Pentest
Ray Kelly

Ray Kelly is an internet security professional with over twenty five years of development experience, eighteen of which has focused on the internet security space. Ray has been a key player in multiple successfully acquired cyber security start-ups. He was the lead developer and business unit director for WebInspect with SPI Dynamics which is an industry leading application security scanner (later HP and Micro Focus). Ray holds three web application scanning patents and speaks regularly at security conferences. Today, Ray is a Fellow at Synopsis (formally WhiteHat) where he contributes to research, sales and vision of the security product line.

  • Why Automated DAST Scanners Fail Today
Ryan Basden

I am a penetration tester, red teamer, and adversary simulation practice lead at risk3sixty.

  • These Violent Delights: Burnout Recovery and Prevention 101
Scott "Duckie" Melnick

Scott currently leads the security research and development department for Bulletproof, a GLI Company conducting security penetration testing in the gaming and government sectors. Scott is an experienced IT leader and a white-hat hacker with over 25 years of experience. He specializes in the gaming industry with experience in slot system R&D and security operations. During his tenure in the gaming sector, Scott has assisted law enforcement and casino operators with the player and internal employee fraud investigations. Scott holds over 6 patents based on gaming and security and has one on the way for an anti-cheat engine.

  • GAMBLING WITH SECURITY - Comparing Casino and Slot Machine Security with Corporate Security.
Tim Fowler

Tim Fowler is a Security Analyst with Black Hills Information Security has over a decades of experience working in information security. He has worked for Fortune 200 financial institutions as well as a consultant, providing penetration testing and red team services. Tim is passionate about sharing his knowledge with others and has had the pleasure of speaking at multiple security conferences across the county. When not hacking away as a clients network or writing the subsequent report, Tim loves spending time with his wife and son swimming endless laps in the pool and making things with his CNC router and Co2 laser cutters

  • Offensive Window Event Logs for Red Teams
Tony Drake

Tony Drake has been involved in computer security roles beginning with his first job out of college. He has held positions in most aspects of computer security, system administration, and application administration over a career spanning 22 years and 4 states.

  • What Air Disasters Can Teach Us about Incident Response
Tony UV

After nearly 25 years of IT/ InfoSec work across a vast range of industries, experience has fueled my drive to deliver a better information security consulting practice. In 2007, I started VerSprite (aka VerSprite Security) with the idea of developing a team of 'security hybrids'​ - consummate security professionals that personify both technical mastery around emerging technologies and associated threats, as well as a foundation on business processes, acumen, and overall mindset. As such, the inception of 'true spirited'​ security consulting was developed. 

Through years of both hands on network, system, and software engineering and a foundation around risk management principles, the reality set in that true security, although relative to each organization, is best managed via a risk based approach where both an understanding of data usage and functional use cases are known in the context of viable threats scenarios and supportive attack vectors.

This risk-based approach led to the mantra behind VerSprite Security as well as the PASTA threat modeling methodology (Process for Attack Simulation and Threat Analysis), a co-developed risk based threat modeling methodology that I co-authored along with accompanying book (Risk Centric Threat Modeling, Wiley 2015). 

Leading VerSprite today requires constant innovation across both technical and non-technical areas. Changes to emerging technologies, regulations, and threat landscapes forces security strategy to be tailored, not pre-fabricated or imitated. As such, I focus on ensuring that VerSprite's consulting practice develops authentic and custom solutions for our clients in consideration of their risk appetite, threat landscape, technology footprint and regulatory environment.  Beyond VerSprite, I run the OWASP Atlanta, GA Chapter and have been heavily involved in the OWASP global initiatives since 2008.

  • A Tale of Two SaaS Providers around Session Hijacking - A case study in Vuln Disclosure Response, Session Hijacking & the Realities of Reverse Proxies in Compromising SaaS Accounts
Wes Lambert

Wes Lambert is a Principal Engineer at Security Onion Solutions, where he helps companies to implement enterprise security monitoring solutions and better understand their computer networks. He is a huge fan of open source software projects, and loves to solve problems and enhance organizational security using completely free and easily deployable tools.

  • Re-Imagining Incident Response with Velociraptor
Xavier Ashe

Xavier Ashe is currently a Senior Vice President in Truist's Security Operations division and the Vice-Chair of the Technology Association of Georgia (TAG) Information Security Society. Xavier is a Georgia Institute of Technology alumnus and has over 29 years of leadership experience in information security, working for various vendors and consulting firms, including IBM, Gartner, and Carbon Black. Xavier was the first hire at the startup Drawbridge Networks, where he was instrumental in bringing the first microsegmentation solution for servers and workstations to market. Mr. Ashe holds many industry certifications, including CISM, CISSP, ITIL, and SOA. Xavier has been invited to speak at many security conferences including DefCon, BSides, Splunk .conf, SANS, and others.

  • Hell, Firewire and Infosec: A Sermon
Xenia Mountrouidou

Xenia Mountrouidou is a Senior Consultant at Network to Code with a versatile experience in academia and industry. She has over 10 years of research experience in network security, machine learning, and data analytics for computer networks. Her research interests revolve around network security, IoT, telemetry, and machine learning. She has authored scholarly papers in the areas of performance modeling, computer networks, embedded computer architectures, and computer network security. She has presented her work in academic and industry conferences such as USENIX Security, IEEE Big Data, Grafana Observability Con, and Interop.

  • IoT Spy: Observability and Alerting for Internet of Things (IoT) Security
Yvette Johnson
  • Organizers closing remarks and giveaways
  • Organizers welcome remarks