BSides Birmingham 2023

Brad Proctor

Brad has 20 years of experience in the IT and Cybersecurity industries with extensive IT operations experience. Recently, Brad served as the project manager for an effort to set up a SOC and NOC for maritime vessels as part of the MAD Maritime team. Before MAD, Brad worked as an IT Manager for a defense contractor responsible for implementing compliance requirements, including CMMC. Brad spent 10 years in the MSP industry, where his vast IT operations experience was used to perform the technical implementation of cybersecurity requirements for a multitude of different operating environments. Brad brings all this experience to help defense contractors navigate the complex regulations and ever-changing cybersecurity landscape. He is a CISSP and Registered Practitioner with the Cyber AB, and holds numerous CompTIA, Microsoft, and Apple certifications.

  • Secure for Sea: Designing and Deploying Security Operations and Network Operations in a Mobile, Limited Bandwidth Maritime Environment
Danny Joslin
  • Secure for Sea: Designing and Deploying Security Operations and Network Operations in a Mobile, Limited Bandwidth Maritime Environment
Darrius Robinson

Darrius Robinson, CISSP, is an accomplished Penetration Tester at SecurIT360, boasting an impressive 8-year background in the realms of Information Security and Information Technology. Hailing from Birmingham, his journey into the world of pen testing was ignited when he harnessed the power of Burpsuite to explore the Tesla API and even crafted a web application that granted others the ability to control his car. His fervor extends beyond technology to the development of both web applications and individuals.

Beyond his professional role in pen testing, Darrius takes on a significant role as the Red Team Program Director at the non-profit organization, Black in Cyber Security (B.I.C). In this capacity, he has orchestrated a Red Team Training Program, designed to guide and empower aspiring professionals to obtain essential certifications and connect them with prospective employers. Darrius' dedication to enhancing cybersecurity and fostering the growth of others underscores his profound commitment to the field.

  • Securing and Managing the Open-Source Supply Chain
Gabe Lee

Information Technology instructor at Eden Career Technical Center, St. Clair County Schools

  • KEYNOTE: The Digital Architects of Tomorrow: The Crucial Role of High School Graduates in Information Technology
Gaurav Ravindra Raje

With over 15 years in software architecture, Gaurav specializes in creating secure, high-availability applications. He authored the book "Security and Microservice Architecture on AWS" (O'Reilly, 2021) and has contributed to the AWS Certified Database Specialty Exam. Gaurav also authored the SHA-224 package for Jython. He is passionate about combining business value with technical excellence. He holds an MBA from NYU Stern School of Business and a Master's in Computer Science from RIT, blending business acumen with technical prowess. He's nearing completion of his Doctorate in International Business from Rutgers, reinforcing his commitment to lifelong learning.

  • Match your cloud security and architecture to your business environment
Joey White

Started IT career in 1990s teaching grandparents to use email and Word. Graduated from FHSU with a networking degree in 2003. Went through Sprint’s internship program. Because of my networking background, I was provided the opportunity to deploy firewalls while working at Payless Shoe Source, which provided the path to InfoSec. For the last 16 years, I have worked at Blue Cross and Blue Shield of Kansas. Today, I balance multiple roles: Security Architect, Enterprise Architect, and AppSec team member, and I volunteer with IETF and ARIN.

  • Insecure OAuth configurations found in the wild
Justin Lewis

Justin Lewis is a Software Engineer at CrowdStrike working on the endpoint sensor both in the kernel and in user mode. Before that Justin worked at Horne Cyber writing ransomware simulations.

  • Next Generation Malware: Rootkits and Bootkits
Mark Gaddy

Mark Gaddy recently graduated from the University of West Florida with a degree in Cyber Security. At the University of West Florida, Mark was President of the Cyber Security Club, competing in red and blue team competitions. Mark is the IT Director at Calvary Academy and is working towards doing more vulnerability research and gaining certifications in the offensive security space.

  • Cloud Misconfigurations and Breaches
Mike Saunders

Mike Saunders (@hardwaterhacker) is Red Siege Information Security's Principal Consultant. Mike has over 25 years of IT and security expertise, having worked in the ISP, banking, insurance, and agriculture businesses. Mike gained knowledge in a range of roles throughout his career, including system and network administration, development, and security architecture. Mike is a Black Hat Trainer and is a highly regarded and experienced international speaker with notable cybersecurity talks at conferences such as DerbyCon, Circle City Con, NorthSec, SANS Enterprise Summit, the NDSU Cyber Security Conference, in addition to having more than a decade of experience as a penetration tester. You can find Mike's in-depth technical blogs and tool releases online and learn from his several offensive and defensive-focused SiegeCasts. He has been a member of the NCCCDC Red Team on several occasions and is the Premier Red Team Operator for Red Siege Information Security.

  • Rethinking Penetration Testing
Packet Ninjas
  • Capture the Flag (CTF) Village
Peter Dreyer
  • Secure for Sea: Designing and Deploying Security Operations and Network Operations in a Mobile, Limited Bandwidth Maritime Environment
Skyler Onken

Skyler Onken has been in the tech and security industry since 2003. He began as a Data Warehousing Engineer, but quickly found an interest in security by working as a Web Application Security Tester. Skyler's passion and empty pockets led him to beg and sneak his way into Black Hat where he became hooked and a lifelong hacker. After gaining an undergraduate degree, Skyler commissioned into the US Army as a Military Intelligence, and then Cyberspace Operations, officer. Skyler spent over 10 years in the Army working with the Department of Defense and United States Cyber Command (USCC). He served in various leadership and management positions, while simultaneously fulfilling technical roles like capability developer, and offensive operator. Most impactful from this service was his experience as a Mission Director for the Cyber National Mission Force, Director of the Joint Mission Operations Center - Georgia, and Master Operator for USCC and Joint Force Headquarters - Army.

Skyler is currently a Senior Principal Cyber Research Engineer at Palo Alto Networks, and an Army Reservist. He has a B.S in Computer Information Technology, and a M.S in Applied Computer Science. He holds a number of security certifications to include the OSCP, OSCE, GXPEN, GREM, and CISSP. He volunteers as member of the Association of U.S. Cyber Forces policy team working on legislation for the establishment of a U.S cyber service.

  • Big Game Hunting: Scanning the Internet for Malware
Steven Peterson

Founder and Chief Hacking Officer of White Box Security. Steven is a seasoned veteran of the network security space with over 17 years of experience in both offensive and defensive roles. Steven has been focused on penetration testing and red teaming for over a decade.

  • Sliver Me Timbers: A C2 Alternative to Cobalt Strike