Alex is a dedicated Threat Intel, Response, and Detection Engineering enthusiast. He currently runs the Red Team at Barracuda Networks and helps protects their customers through XDR-powered security integrations and operations. In this role, he works with companies who are dealing with critical cyber security incidents and uses these investigations to create detections to help the SOC catch future threats.
- Threat Intel for Effective Recovery
Allyn Stott is a senior staff engineer at Airbnb. He currently works on the information security technology leadership team where he spends most of his time working on threat detection and incident response. He especially enjoys building strategies for hunting down and finding advanced threat actors. Over the past decade, he has built and run detection and response programs at companies including Delta Dental of California, MZ, and Palantir. Red team tears are his testimonials.
In the late evenings, after his toddler ceases all antics for the day, Allyn writes a semi-regular, exclusive security newsletter. This morning espresso shot can be served directly to your inbox by subscribing here: https://www.meoward.co
Allyn has previously presented at Kernelcon, BSides Seattle, BSides SATX, The Diana Initiative, BSides St. Pete, BSides Singapore, and the Texas Cyber Summit. He received his Masters in High Tech Crime Investigation from The George Washington University as part of the Department of Defense Information Assurance Scholarship Program.
- How I Learned to Stop Worrying and Build a Modern Detection & Response Program
CEO and Co-Founder of SecureRecruit, Amy is an experienced advocate for better hiring practices in the cybersecurity community. Recruiting continuously for 23 years, with experience building strategic partnerships and recruiting top cyber talent, she has focused on staffing positions specifically in the Cybersecurity space for the last 10 years. Amy understands the complexity of the challenges faced by corporations when it comes to hiring talented Cyber Security Professionals. Her career specialties include Product Security, Software Security, AppSec, DevSec, Security Architecture, and Security Leadership. Amy is born and raised from Georgia, and in her free time she enjoys music, getting sunshine, and spending time with her son Denver.
- Offer Comparisons to Make Informed Hiring & Career Decisions
Andrew Johnson
Senior Penetration Tester
OSCP | eWPTXv2
- Pivoting into the Cloud
Ayub Yusuf is a Penetration Tester at Black Hills Information Security. He holds several industry certifications including the OSCP and 6 GIAC certifications. Ayub is an active member of the infosec community where he is a Teaching Assistant at the SANS Institute, a volunteer at Antisyphon Training, and a competitor in capture the flag competitions.
- Hacker’s Guide to Starting Your Security Career
Belinda Mobley has been in the EDR space since 2017. She began moving into Cyber Security with Endpoint Protection in the Point of Sale environment back in 2011. With over 35 years of IT Industry and Security experience she is great in a crisis, but better at preventing one through EDR tools.
- Where to Start? Start at the End...Point
Just a nerd employed as penetration tester and offensive security researcher. Currently involved in two communities (tmp.0ut and VX-Underground) that produced printed and electronic magazines around malware development.
- ELF Binary Infection Attacks For Persistence and Heuristic Detection.
With more than 25 years of information security experience, Chris Silvers, CISSP, MBA, is the Founder and Principal Consultant at CG Silvers Consulting, a boutique information security firm based in Atlanta, GA. He is an established presenter and instructor, bringing an engaging, relatable storytelling style to all speaking engagements. In the classroom, Chris has worked with thousands of students, from 8-year-old Girl Scouts learning how to stay safe online to career forensic architects in government positions. Chris is also one of less than 100 individuals officially certified as both a Provisional CMMC Assessor and a Provisional CMMC Instructor, rendering him a uniquely qualified CMMC instructor for his almost 500 Defense Industrial Base students to date. On the presentation stage, he has been featured at DEF CON, TEDx, DerbyCon, and various universities, community events, and industry conferences. Chris regularly delivers engaging presentations on topics broadly ranging from social engineering, the state of the cyber security industry, cyber safety for families, and more. Chris' 2017 TEDx talk, The Cyber Skills Gap, has amassed more than 100,000 views and counting on YouTube.
- CMMC Who? The Basics of New DoD Cybersecurity Compliance
Christian is an entrepreneur, executive, and advisor to technology companies on cybersecurity. As an entrepreneur Christian has helped build one of the fastest growing cybersecurity technology companies in the nation. Christian is the CEO and Co-founder of risk3sixty.
- The Art of Service: 5 Lessons Learned About Life, Leadership, and Business From Building a Cybersecurity Company
Cory Wolff is a lifelong hacker with decades of experience in IT, security and development who serves as the Director of Offensive Security at risk3sixty. He has been building and breaking various technologies since his first computer in 1988 and has helped businesses of all sizes secure their infrastructure, build future-forward applications, and grow their information security programs since 2002.
Cory holds various certifications including the Offensive Security Certified Professional (OSCP) and Certified Information Systems Security Professional (CISSP) and serves as a core team member of Red Team Village.
- Darkweb Business School
Steve "crudd" Rudd is a Lead Information Security Engineer at Lumen Technologies responsible for reverse engineering malware samples across a wide variety of architectures and operating systems from a broad range of threats, including cybercriminals, ransomware operators and APTs. In addition to reversing network protocols and gleaning IoCs from custom loaders and implants to aid in investigations, Steve develops the automated threat validation capabilities of Black Lotus Labs through bot emulation and C2 validation to track and disrupt threats at scale. A self-taught practitioner, Steve is passionate about understanding how things work and digging into low-level assembly, operating system internals and network protocols
- Dissecting Linux malware from the Windows
- Organizers closing remarks and giveaways
- Organizers welcome remarks
Dwayne has been working as a Developer Relations professional since 2015 and has been involved in tech communities since 2005. He loves sharing his knowledge, and he has done so by giving talks at over a hundred events worldwide. Dwayne currently lives in Chicago. Outside of tech, he loves karaoke, live music, and performing improv.
- Who Goes There? Actively Detecting Intruders With Cyber Deception Tools
Graham Helton is currently a Red Team Specialist at Google specializing in Linux exploitation. Graham posts frequently on his website https://grahamhelton.com with deep dives on various security related topics. Additionally he has taught practical phishing assessments for TCM-security, which is now released for free online and founded a security consulting company, Low Orbit Security. In his free time he likes to pretend like he knows what he's doing.
Enjoys: Linux, videogames, coffee, FPV drones
Dislikes: Windows
- Human Memory Management: Techniques for actionable security research
Jackson is a security architect focused on multi cloud and container technologies. Outside of work he can be found drinking coffee or tinkering with his server rack.
- Cloud vulns and keys and breaches - Oh My!
- Threat Hunting on Budget - Using OSS to Hunt for the Unknown
Jessica leads risk3sixty’s people and Vibes (HR) functions and has been instrumental in building the company’s culture of ‘Investing in People.’
Jessica has extensive experience as a human resource officer, specializing in talent management and development for combat units.
Jessica graduated and received a B.S. from the United States Military Academy at West Point and her Master’s in Leadership from Georgetown University. She also holds Senior Talent Manager Practitioner certification.
- Think like a magnet: how to attract, retain, and develop amazing people
- Organizers closing remarks and giveaways
- Organizers welcome remarks
Jorge leads Detection and Response at Zoom, encompassing the SOC, IR, Detection Engineering, Threat Intelligence, and Security Logging. Prior to Zoom he led Security Operations and Response at Peloton, held several security and non-security roles at Microsoft, and piloted a desk in the US Air Force. Jorge hails from Puerto Rico, but has lived in ten different cities before relocating to the Alpharetta area in 2021.
- Hands off keyboard: Cyber Incident Commander primer
Matt Carothers is a Sagittarius. He enjoys sunsets, long hikes in the mountains, and intrusion detection. After studying Computer Science at the University of Oklahoma, he accepted a position with Cox Communications in 2001 under the leadership of renowned thought leader and virtuoso bass player William “Wild Bill” Beesley, who asked to be credited in this bio. There Matt formed Cox's first customer safety department, which he led for several years, and today he serves as Cox’s Senior Principal Security Architect. On weekends you can usually find him crashing radio controlled planes and 3d printing replacement parts for them.
- Stupid Log Tricks
Mike has spent many years in the MSP world helping businesses protect and grow their IT systems. Over that time, I've fixed mice, laid out IT roadmaps, and managed systems & tools that do the behind-the-scenes heavy lifting. My first computer was an Apple IIc clone, I learned programming on the Atari 2600, and I've braved an AS/400. Away from the keyboard, I enjoy time with my kids, geocaching, and wood-turning.
- DFIR 101 - Clones, drones, & prison phones
Nat has 20+ years of cybersecurity experience across Identity, Endpoint, Network, SIEM, Data, OT, and DevSecOps in both products and services. He is currently a part of the IBM Storage CTO office driving cyber resiliency across IBM Storage portfolio. In his previous roles, he built security development teams across Americas, Asia, and EMEA for IBM Security and X-Force Consulting. Nat is a well-regarded senior leader and hands-on subject matter expert in Cyber Range industry known for driving unprecedented results within competitive, emerging industries. He built first commercial immersive cyber range in Cambridge, MA and first cyber range on wheels for EMEA market. As a Cyber Range Consulting practice leader, Nat drove the business development and partnership based on IBM experience in the cyber range business since 2016.
His project won 2019 Edison Award and 2019 InAVation Award for Control Room of the Year by leading team to create world’s 1st cyber tactical operation center, X-Force Cyber Tactical Operations Center (C-TOC).
In addition to his technical contribution, Nat also led workforce development for IBM Security through university relationships, early professional recruiting, and external cybersecurity competitions.
- Building Your Cyber Defense in Storage Systems
Nick runs a DevSecOps and IT Consulting company. This includes working with start-ups and blockchain companies to help ensure their infrastructure is stable and secure.
- Unchained: Unraveling the Unconventional Security Threats in Web3
My mom always made sure a computer was in our home. That was the key to my beginning. I was also a very hands on kid who liked taking things apart and putting them back together. As I got older I would repair the VCRs from my mom's school when they would break and troubleshoot computers in different classrooms for her.
So how did I get wanting to do information security?
Wellllll, back when I was about 14 (1994-1995ish), I decided it would be a good idea to download an adult screensaver (I know, I'm dating myself. lol) Well I clicked on the link in the email and ALL HECK BROKE LOOSE!!! LMAO I had popsup and skulls and sirens, the whole 9! I freaked out and looked at the clock, it was currently 2 or 3 pm and my mom would be home around 4:30. So I got to work. I had Spybot: Search & Destory installed. I got it to run. That cut some of the mess, but then I realized the malware was trying to murder my harddrive by writing junk to C drive and the registry. I suddenly had the thought to kill the internet connection, so I reached up and unplugged the phone cable that was connecting my little 56k modem to the world. The data flood stopped. (I breath) I look at the clock, it is getting closer to doomsday. I get Spybot: S&D to clean the C drive, but the registry is another story! I do get a list from Sb:S&D and I painsteakingly begin cleaning the computer. I do a final reboot as I hear the garage door start to go up. Everything comes back up!!! WOOT!!!
Aftermath.
So first off, my mom didn't find out about this until just a few years ago. Secondly, I started researching (There was no Google, it was metacrawler, excite, Lycos, and yahoo.) I researched malware and everything I could find out about it.
I skated the deck for a few decades, started my own PC repair business, became the family PC support guy (I mean, I could set the clock on a VCR. If ya know, ya know.) I tried my hand at network security and as an associate degree student, I build Cisco labs (because the equipment was "OK" at best but could not do what the actual lab manual required.) for the graduate level students. After get my AA in Computer Network Security, I worked in IAM, I have mad respect for anyone that stuck with it from the early days! Y'all rock! After doing that for a year I moved to SOC work and became a network security engineer for 2 years. After that I stayed in the SOC, but joined the Incident Response Team. That was 5 years ago. It took me well over 20 years to get to where I wanted to be, but here I am. Building Incident Response programs from the ground up.
- Improving Incident Response or is it Incident Management.
- JAMBOREE: Java Android Magisk Burp Objection Root Emulator Easy
- From Checkbox to Checkmate: Winning the Game for Security Budgets
Ryan is a cyber security engineer at the Georgia Tech Research Institute. Previously, Ryan worked for a government contractor in the Mark Center in Alexandria, Virginia where he configured Linux systems to be compliant with DISA STIGs. Ryan took this knowledge and applied it at GTRI where he developed automated security hardening content utilizing SCAP-based tools. A Red Hat Certified Engineer, Ryan helps support many admins in ensuring their Linux systems are both security compliant and functional. In his spare time, Ryan enjoys rock climbing, cooking, and making sure his cats don’t tear down his house.
- Writing Your First SCAP Check
Sherrod DeGrippo is Director of Threat Intelligence Strategy at Microsoft. She was selected as Cybersecurity woman of the year in 2022 and Cybersecurity PR Spokesperson of the year for 2021.
Previously, she was VP of Threat Research and Detection at Proofpoint, where she led a global team of threat researchers, malware reverse engineers and threat intelligence analysts. Her career in cybersecurity spans 19 years with prior roles including leading Red Team Services at Nexum, senior solutions engineer for Symantec, senior security consultant for Secureworks, and senior network security analyst for the National Nuclear Security Administration (NNSA).
She is a frequently cited threat intelligence expert in media including televised appearances on the BBC news, and commentary in the Wall Street Journal, CNN, New York Times, and more. Having presented at Black Hat, RSA conference, RMISC, BrunchCon, and others, Sherrod is a well known public speaker.
In her personal time, Sherrod spends time with her rescue dog Boris Karloff.
- Keynote
Founder and Chief Hacking Officer of White Box Security. Steven is a seasoned veteran of the network security space with over 17 years of experience in both offensive and defensive roles. Steven has been focused on penetration testing and red teaming for over a decade.
- Sliver Me Timbers: A C2 Alternative to Cobalt Strike
Tony Drake has been working in security and security adjacent roles for almost 3 decades. Over the years he has held positions ranging from UNIX and Linux administration to system architecture, engineering, application security, security administration, IR, Forensics and "hey security guy". He currently is the Lead Researcher for Threat Intelligence at the Intercontinental Exchange where he works on long term tactical security challenges to advance the next generation of security solutions.
- Bare Knuckle Forensics for White Knuckle Moments
Winston is a senior research scientist at the Georgia Tech Research Institute. He is a security professional and a Linux enthusiast.
- Writing Your First SCAP Check
- Organizers closing remarks and giveaways
- Organizers welcome remarks