BSides Atlanta 2025

The speaker’s profile picture
Brett Jenson

Brett is the Offensive Security Lead for Wellstar Health System in Marietta, GA, with more than a decade of experience in the security space. His areas of interest include security research, offensive security, programming, and, more recently, working in the LLM/AI Red Teaming space. He especially enjoys teaching and mentoring up-and-coming security students and professionals, having personally helped to expand internship opportunities at Wellstar for the Information Security program.

  • The CEO is Calling: A Hacker's Guide to Building and Weaponizing a BEC Demo Environment
The speaker’s profile picture
Dr. Andy Green

Andrew “Andy” Green, Ph.D., is a cybersecurity professor at Kennesaw State University and one of the organizers behind BSides Atlanta. green teaches, researches, builds hands-on labs, and occasionally breaks things on purpose so students learn how not to.

green has spent nearly two decades bouncing between academia and the real world—consulting for small and mid-sized businesses, wrangling healthcare IT, and now herding undergrads and their malware into something resembling employability. green runs the ISA undergraduate program and advises KSU’s award-winning Offensive Security Research Club, which means lots of late nights, too much coffee, and the occasional “whoops, that was prod” story—purely hypothetically, of course.

green’s happy place is where policy, security, and practicality crash into each other at highway speeds. Expect opinions on coordinated disclosure, risk management that isn’t just spreadsheet cosplay, and classrooms where students ship real work instead of memorizing acronyms. When green isn’t grading or organizing BSides Atlanta, he’s enjoying cigars, bourbon, and the open road on his motorcycle. During the fall, you can almost certainly find him anywhere the University of Alabama football team is playing. Compliance is a floor, not a ceiling; patching is a love language; packet captures are therapy.

Bring questions, bring receipts, and bring your A-game—green certainly does. And remember: there’s never a wrong time to say “Roll Tide.”

  • Organizers closing remarks and giveaways
  • Organizers opening remarks
The speaker’s profile picture
Emmanuel Taiwo
  • Adaptive Defense: How Microsoft Defender Evolves to Outsmart Modern Threats
The speaker’s profile picture
Eric Logan

Eric M. Logan brings over 26 years of dedicated experience in IT and cybersecurity across K-12 and higher education environments. Currently serving as Director of Information & Network Security for DeKalb County School District, Eric leads the district's cybersecurity transformation, having built their first dedicated security team and launched innovative programs like Cyber Champions, which empowers students to become peer leaders in digital safety.

His career spans institutions including Georgia Tech Research Institute, where he served as Cybersecurity Operations Manager and later as Governance, Risk & Compliance Manager, and Emory University, where he provided technical expertise to students and researchers while managing campus-wide technology systems. Eric's unique perspective combines hands-on technical expertise with strategic leadership and a genuine passion for education.

  • Ctrl+Alt+Career: Rebooting Your Path into Cybersecurity for the AI Era
The speaker’s profile picture
Garrett McGuire

I’m a Detection Engineer at Cox Communications who enjoys digging into malware and turning what I learn into better detections. My main interests are cyber threat intelligence, malware analysis, and building defenses that actually work in the real world.

  • Signals in the Noise: Malware Inspired Detection Engineering
The speaker’s profile picture
James S
  • New Locks, Old Keys: Testing Microsoft’s Latest Controls Against Service Principal Abuse
The speaker’s profile picture
Jason Maddox
  • Building a Standout Resume for Information Security: New / Recent Grads and Early Career Pros
  • Resume Workshop for Aspiring IT and IS Professionals
The speaker’s profile picture
Kartik Khurana

Kartik Khurana is a cybersecurity professional working at NVIDIA, where he leads initiatives in Customer Trust within the Governance, Risk, and Compliance (GRC) team. With expertise in cloud security, compliance frameworks, and risk management, Kartik plays a key role in strengthening customer confidence by ensuring robust security and compliance practices.
Previously, he gained hands-on experience through five internships spanning penetration testing, auditing, cloud security, and identity and access management. At Health Catalyst, he led projects enhancing cloud security metrics and conducting HiTrust and SOC 2 Type II audits, demonstrating his ability to manage complex compliance landscapes and improve security infrastructures.
Kartik holds a Master’s in Cybersecurity (Analytics and Operations) from Pennsylvania State University, where he maintained a 4.00 GPA and actively engaged in workshops and industry seminars. His technical proficiency includes AWS, Crowdstrike, and Prisma Cloud, equipping him to address diverse cybersecurity challenges effectively.
Dedicated to advancing cybersecurity practices, Kartik combines strong communication, technical, and leadership skills to drive trust, resilience, and innovation in security programs. His long-term goal is to grow as a cybersecurity leader, making impactful contributions to protecting digital infrastructures and building customer confidence.

  • Bridging the Gap Between GRC and Cybersecurity: Strategies for Effective Collaboration
The speaker’s profile picture
Keith Watson

Christopher Atkinson and Keith Watson founded Atlanta Locksport on October 14th, 2019. Atlanta LockSport hosts the mini lockpicking village at dc404 meetings and we have monthly club meetings.

Atlanta LockSport is a collection of lockpicking enthusiasts from the Atlanta area. Lockpicking is a fun hobby, and the fundamental knowledge of locks, their operation, and selection for physical security is an essential skill for cybersecurity professionals.

  • Lockpicking village
The speaker’s profile picture
Khushi Gupta

Khushi Gupta is an assistant professor of cybersecurity at the University of North Georgia.

  • Toward Quantum-Safe Standards: Collaborative Adoption of PQC
The speaker’s profile picture
Kristen Wells

Kristen Wells is a Senior Consultant at IBM specializing in Operational Technology (OT) cybersecurity, with experience leading transformation initiatives across critical infrastructure, energy, and manufacturing sectors. Her work bridges the gap between engineering and cybersecurity, helping organizations align frameworks such as IEC 62443, NIST SP 800-82, and the NIST Cybersecurity Framework with real-world industrial operations. Kristen has developed methodologies for OT security assessments that emphasize collaboration, measurable outcomes, and sustainable security practices. She is passionate about sharing knowledge across disciplines and equipping both engineers and cybersecurity professionals to build resilience together in complex operational environments.

  • Engineering Wisdom, Executive Results: The Evolution of OT Cybersecurity Assessments
The speaker’s profile picture
Laura

Laura Sang Hee Scherling, EdD, is a director and lecturer at Columbia University. She teaches in the Tech, Policy, and Innovation concentration. Scherling is the founder of the Cyber Care Institute and co-founder of Civic Art Lab. The Future of Hacking: The Rise of Cybercrime and the Fight to Keep Us Safe (Bloomsbury, 2025) is her fourth book. Her previous books include Ethics in Design and Communication (Bloomsbury) , Digital Transformation in Design (transcript), and Product Design, Technology, and Social Change (Intellect). She is a contributor to Tech Policy Press. Scherling is passionate about tech ethics, and cybersecurity awareness.

  • The Deceptive Web of Scam Compounds
  • Caring for our Elders: Cybersecurity Awareness for Older Adults
The speaker’s profile picture
M4x 5yn74x

ʘṨḷӤ₮, εηсʀעрҭїѳɲ, ǿϐғᵾꝸḉѧϯɨӫᵰ, & ɱꬰƛώἇяє.

  • Where did the Threat Actor go? - They RAN-SOM-WARE...
The speaker’s profile picture
Marisa Fagan

Marisa Fagan is Head of Product at a “security champions as a service” startup called Katilyst. She works on building security into the SDLC and empowering developers to own secure code. Previously, she has worked as a security culture expert at places like Atlassian, Synopsys. Salesforce, Bugcrowd, and Facebook. Since 2024, she has been a contributor to the OWASP Security Champions Guide Project and Track Lead for the OWASP AppSecGlobal Conferences. She lives in San Francisco, CA, USA.

  • My Security Champions are doing too much (and other good problems to have!)
The speaker’s profile picture
Murthy Rallapalli

Dr. Rallapalli is a United States Fulbright Scholar and an IBM Quantum Ambassador, recognized for his deep expertise in quantum computing, cloud security, and information privacy. With a career spanning over 25 years, he has held senior leadership and distinguished technical roles at IBM, Honeywell Corporation, and Ernst & Young, leading major initiatives in cybersecurity, enterprise architecture, and emerging technologies.
At present, Dr. Rallapalli serves as an advisor to Guidehouse, focusing on advanced and emerging technologies such as quantum computing and next-generation cybersecurity solutions. He also holds a faculty appointment as Professor of Practice in Cybersecurity at the University of North Georgia in Atlanta, GA.
Through the prestigious Fulbright Scholar Program, Dr. Rallapalli has contributed globally—teaching and collaborating at Fulbright University Vietnam, and engaging in research initiatives in Iceland and Kosovo.
He holds a Ph.D. in Information Security and Privacy from Stevens Institute of Technology and a Quantum Computing certificate from MIT. A prolific contributor to the field, Dr. Rallapalli has authored numerous technical papers, published books, and holds multiple patents in data privacy and cybersecurity. His current research centers on quantum algorithms for optimization and the future of secure computing.
Outside his professional life, he enjoys exploring historical landmarks across the globe and playing pickleball at local parks.

  • Toward Quantum-Safe Standards: Collaborative Adoption of PQC
The speaker’s profile picture
Nick

Lead penetration tester part of the DC864 CTF team. There would be several of us supporting the CTF.

  • DC864 - CTF
The speaker’s profile picture
Nick Kammerdiener
  • Network King of the Hill CTF
The speaker’s profile picture
Pranay Singh Suri

Pranay Singh Suri is a cybersecurity professional with over three years of experience in compliance, security assessments, and audit readiness across cloud and enterprise environments. He currently works as an Associate Security Engineer at Coalfire Systems, where he supports FedRAMP assessments, penetration testing, and threat intelligence validation.

Previously, Pranay served as a Senior Consultant at Grant Thornton and a Senior Analyst at Deloitte, specializing in SOC 1/2, SOX, and ITGC audits. His work has spanned access reviews, identity and access management, and control testing across industries such as banking, healthcare, and cloud services.

Pranay is a certified ISO 27001 Lead Auditor, CCSK, and Security+ professional, and he recently earned his eJPT certification. He holds a Master of Science in Cybersecurity Analytics and Operations from The Pennsylvania State University, and a Bachelor of Technology in Computer Science Engineering from the University of Petroleum and Energy Studies.

With hands-on expertise in AWS, Azure AD, and tools like Burp Suite, Tenable, and Wireshark, Pranay focuses on bridging compliance and technical security to strengthen organizational resilience. His interests include penetration testing, cloud security, and improving audit processes through automation and evidence readiness.

  • Bridging the Gap Between GRC and Cybersecurity: Strategies for Effective Collaboration
The speaker’s profile picture
Qasim

Qasim is the Director of Cybersecurity at a leading healthcare organization, overseeing detection, incident response, vulnerability management, purple teaming, and cybersecurity engineering. With a strong background in offensive security and risk management, he has helped organizations strengthen their defenses against evolving threats. Passionate about bridging the gap between cybersecurity and business, Qasim specializes in offensive security and cybersecurity strategy. He is also a dedicated educator, mentoring professionals and sharing his expertise at conferences such as BSides and Black Hat. Committed to advancing cybersecurity in healthcare, he drives innovation in proactive defense and risk management.

  • AI Governance for Sentients
The speaker’s profile picture
Robert Kwak

LifeTimeScriptKiddie.

  • Cloud : Learn Like a Systems Engineer (Hack Like a Script Kiddie)
The speaker’s profile picture
Samson Adewale

Samson Adewale is a Senior Security Engineer at Klaviyo, specializing in threat response and automation. He has led initiatives building automated forensics labs and response frameworks in cloud environments. With a background spanning AWS, Azure, and DevSecOps, Samson is passionate about practical applications of AI to reduce operational overhead and enhance security resilience.

  • Empowering Security Operations with AI and Large Language Models (LLMs): From Noise to Insight
The speaker’s profile picture
SteveInIT

Dad, Native Plants Enthusiast, and IT Architect specialized in Network Forensics

School:
3 years studying biology. 1 year giving up to study Cisco certs and pivot.

Work:
5 years in the enterprise space in network engineering, 6 years in the vendor space working with Network Detection and Response technology.

Certs:
Some CCNAs, Part of a CCNP
CompTIA A+, Net+, Sec+, CySA+
AWS CCP, AWS-SAA

And sometimes I talk about IT-Sec stuff on YouTube Channel SteveInIT

  • Tin Can AI vs CLI: Catching AI Threats with Simple Network Forensics
The speaker’s profile picture
Steven Peterson

Steven is a seasoned veteran of the network security space with over 20 years of experience in both offensive and defensive roles. He is a KSU alumni with a degree in Information Security and Assurance.

  • The Virtual Crack Dealer: Distributing Cracking Workloads with Proxmox
The speaker’s profile picture
Tony Drake

Tony Drake has over 25 years of experience in information security and systems administration. He has worked in roles ranging from systems design and administration to incident response, tactical intelligence, and managing pen tests. He has worked for the last 20 years in various roles in financial firms including brokerage, banking, exchange and payments in roles ranging from jack-of-all-trades "security guy" to tactical intelligence and malware analysis. He has worked in all aspects of Pen Testing from scoping, and planning to managing results, to incident response. In his current role he serves as lead security researcher for the Intercontinental Exchange, solving tactical security problems with creative solutions.He holds a CISSP as well as SANS certifications in Incident Response, Web Application Pen Testing, Network Pen Testing and Threat Intelligence, and OSINT.

  • A Pirate err Hacker Looks at 50
  • A Friendly AI Intervention
The speaker’s profile picture
Udochi Nwobodo

Udochi Nwobodo is a security engineer with extensive experience in infrastructure security, product security, and vulnerability management. She has worked across cloud and on-premises environments, leading initiatives that improve security posture through automation, secure design, and scalable processes.

Her background includes deploying security solutions with infrastructure-as-code, managing enterprise vulnerability management programs, and implementing DevSecOps practices that align with business and compliance needs. She is particularly focused on building sustainable security programs that reduce risk while supporting engineering velocity.

Udochi is committed to advancing the security community by sharing practical lessons and strategies through conference talks, mentorship, and collaborative projects.

  • Building a Dating API: Security, Empathy, and the Tradeoffs of Full-Stack Experimentation
The speaker’s profile picture
Unique Glover

Meet Unique Glover, a cybersecurity force with 23+ years in the game. Unique leads a security solution engineering sales team responsible for helping enterprise customers strengthen their security posture through Microsoft products and services. From NYC roots to ATL vibes, Unique blends tech expertise with people-first leadership and a “fail fast, fail forward” mindset🧠.??Armed with technical degrees and a stack of certs (CISSP, CCSP, and more), Unique’s career spans Microsoft, EY, NCR, and beyond.??Off the clock? Unique’s all about mentoring, family, travel, and giving back. Life motto: be present, lead with purpose, and always send the elevator back down🎁.

  • Adaptive Defense: How Microsoft Defender Evolves to Outsmart Modern Threats
The speaker’s profile picture
Wes Widner

Wes Widner is a Senior Principal Engineer with a deep background in security-focused distributed systems. He started as a data engineer on McAfee’s Global Threat Intelligence team. Back before “data engineering” was a job title. Later became the founding manager of the multi-cloud team at CrowdStrike. He now leads strategic engineering initiatives at Cyberhaven, a data detection and response startup.

Wes specializes in uncovering the hidden risks in complex systems. Especially the quiet, high-trust assumptions we make when integrating AI agents into our workflows. He’s been responsible for evaluating, securing, and operationalizing AI agents across production environments.

Lately he’s been inventing new (and slightly scarier) attack surfaces by vibe‑coding kernel modules that talk to physical hardware. Testing the boundaries of what an over‑confident agent should ever be allowed to control. What could possibly go wrong?

  • From Vibes to Vulnerabilities: How AI Agents Turn on Their Users
The speaker’s profile picture
Xavier Ashe

Xavier Ashe has been hacking since the late 80s and been working in information security since the early 90s. He is currently a Senior Vice President at Truist and a Georgia Institute of Technology alumnus. Xavier has over 30 years of leadership experience in information security, working for various firms including IBM, Gartner, and Carbon Black. Xavier was the first hire at the startup, Drawbridge Networks, where he was instrumental in bringing the first microsegmentation solution for servers and workstations to market. Mr. Ashe has plenty of war stories, including the first DDOS attack ever, Target, Sony, Aramco, NotPetya, and others. Xavier is an accomplished speaker and has presented at many security conferences including DefCon, BlackHat, RSA, BSides, Splunk .conf, SANS, and others.

  • Empowering Digital Privacy: Hands-On Workshop for Everyone
  • The Fediverse: Embracing the Hacker Ethos for a Decentralized Social Media Experience
The speaker’s profile picture
Zach Tisher

Zach Tisher is the USIS CISO at Equifax, bringing extensive cybersecurity leadership experience from SunTrust, The Home Depot, and Equifax. Forged in post-breach environments, he excels in risk management and supply chain security, driving transformative initiatives and fostering strong security cultures. A lifelong endurance athlete and ultramarathon runner, Zach connects lessons from the trail and the boardroom to build resilient teams and sustainable security programs.

  • The Endurance of Defenders: Lessons from Ultrarunning and Cyber Resilience