Talks at Hack Red Con 2023
All Conference Speakers
Our opening ceremony will include a panel of industry-leading keynote speakers as well as audience Q&A. Following the ceremony, this year's conference will continue our tradition of hosting high-quality cybersecurity talks and demonstrations.
Topics will range from beginner subjects all the way to advanced offensive security discussions.
Speakers Index
Anna Quinn
Barbi Howell
Chase Fontenot
Colin Glover
Chris Silvers
Edward McCabe
Gregory Carpenter
Joe Sarkisian
John Stigerwalt
Jonathan Perez
Jordan Silva
Josh Jackson
Logan Hicks
Nate Johnson
Nick Gipson
Paul 'The_Gibson' Miller
Qasim Ijaz
Richard Jackson
Sienna Delvasto
The Techromancer
Wally Prather
Yaamini Barathi Mohan
Keynote Roundtable
Ed Skoudis
President of SANS Institute Technology College, CEO and Founder of the Counter Hack consulting firm
Yvonne Rivera
CEO/CISO/Co-Founder at CyberMyte
Jason Haddix
CISO and Hacker in Charge at BuddoBot Inc
James Meece
Chief Information Security Officer at Louisville Metro Government
Yaamini Mohan
VxRail Security at Dell
Jessica Pepper
Information Security Manager, Transportation and Logistics
Talks
The Whimsical World of Business Email Compromise
Joe Sarkisian | OSCP, GCPN, GWAPT
Manager, Lead Penetration Tester, DenSecure by Wolf & Co.
Talk Synopsis:
The latest statistics are in: a business email compromise costs an organization, on average, $1.03 million for the costliest attacks, and is growing.
While multi-factor authentication, stronger password requirements, automated password protection tools, increased security awareness, and other factors have increased our ability to protect the business, the arms race between the proverbial “red” vs “blue” team is ever evolving. These controls take a huge amount of attack surface off the field, but novel ways around them and new ways altogether are constantly being researched and used in the real world.
Come and learn about these new approaches that both we as security testers and the real bad guys are using to breach organizations and invade their privacy.
Learning Objectives:
- Why MFA is not a set and forget control
- Why your email security solution is not a set and forget control
- Why your MS Teams configuration is not secure by default
- How Microsoft exposes insecure features when you setup your Azure/M365 tenant
- The lesser known “dual use” products that Microsoft 365 exposes for attackers to use against you
- How a successful phishing attack is often only a phone call away
- How to protect you organization from these vulnerabilities
- Much more!
Speaker Bio:
Joe serves as a Manager and Lead Penetration Tester on Wolf & Company’s DenSecure team. Joe is responsible for coordinating and conducting penetration testing services for clients in a variety of industries including financial, healthcare, and software. His expertise consists of internal and external network penetration testing, social engineering, vulnerability assessments, Microsoft Windows security and management audits, and general information security and controls. Joe has extensive experience conducting penetration testing audits and is pursuing ethical hacking certifications from industry-recognized organizations like the SANS Institute and Offensive Security.
Tales of AV/EDR Bypass: Overcoming Detection with Compilers
John Stigerwalt
Founder, Red Team Lead, White Knight Labs
Talk Synopsis:
Join us for a thought-provoking presentation, "Tales of AV/EDR Bypass: Overcoming Detection with Compilers," where we will delve into the realm of compiler tactics to navigate AV and EDR safeguards. Through practical examples, discover the potential of Cobalt Strike payloads to sidestep these security measures. We'll explore compilers like Clang++, LLVM, and G++, showcasing their role in reshaping security strategies. By showcasing submissions aimed at diverse vendors, we'll underscore the simplicity with which this shift can reintroduce invisibility to payloads. This session concludes with the release of sample code, enabling you to explore these strategies further.
Speaker Bio:
I'm an experienced professional in the realm of information technology, specializing in red teaming. My journey began in a modest role as an IT helpdesk representative and gradually led me to positions like security lead and red team lead. Through dedication and innovative thinking, I've also taken on the role of owner at White Knight Labs, a cybersecurity company comprising around 15 skilled individuals. Our focus is on delivering top-notch penetration testing and red teaming services.
My commitment to staying informed ensures a fresh perspective. Over the years, I've engaged in diverse red teaming projects, utilizing my expertise in security and penetration testing to assist organizations in identifying vulnerabilities. These experiences have sharpened my ability to think creatively and find effective solutions.
Outside of work, I prioritize time with family and seek out adventurous experiences like skydiving and martial arts. These hobbies offer a healthy balance.
I'm an eager learner, always exploring new technologies and approaches to improve my skills. Within the information security community, I actively participate in conferences and discussions.
I'm enthusiastic about sharing my red teaming expertise, helping organizations enhance their security and navigate the evolving threat landscape. With my background and role at White Knight Labs, I'm confident in offering valuable insights and a unique viewpoint. I look forward to ongoing growth and learning in this ever-evolving field.
The Internals of Veilid, a New Decentralized Application Framework
Paul ‘The_Gibson’ Miller
Hackers.town, Projekt: ONI
Talk Synopsis:
As Seen at DEFCON!
Veilid is an open-source, peer-to-peer, mobile-first networked application framework, with a flagship secure messaging application named VeilidChat. Veilid is conceptually similar to IPFS + Tor, but faster and designed from the ground-up to provide all services over a privately routed network. The network also enables development of distributed applications without a 'blockchain' or a 'transactional layer' at their base. Veilid can be included as part of user-facing applications or run as a standalone server for power users who wish to help build the network.
Architecturally, it is written in Rust, uses strong encryption, and nodes can run on Linux, Mac, Windows, Android, iOS, and in-browser WASM. Low-level protocols over UDP, raw TCP, Websockets and Secure Websockets. Nodes are optimized for low latency, high node churn, and are particularly capable of dealing with low level network changes, such as switching from cellular to wifi networks mid-communication.
This talk will focus on the internals of Veilid:
* How it works as a protocol
* How it leverages strong cryptography to provide private communications
* How it provides decentralized storage and cryptographically sound data structures
* How applications are written to leverage the Veilid Network
We will demonstrate Veilid Server, and VeilidChat, the application.
Speaker Bio:
Paul Miller is a Director of Veilid Foundation Inc., founder/leader/community organizer of hackers.town, Projekt:ONI (Optimistic Nihilists Inc.) organizer and founder, Hacker, Infosec professional, and is a passionate privacy advocate. Paul has worked to show the ways a centralized internet has harmed our culture and the future. He believes you should always be N00bin', and that collectively we can restore the future the internet once offered us.
Eye of the Paper Tigers:
Filling the Cyber Workforce Void
Chase Fontenot
Memorial Sloan Kettering
Talk Synopsis:
With the ever-growing cyber threats, the scarcity of cybersecurity professionals poses a critical challenge to safeguarding digital assets and maintaining robust defenses. This presentation, titled "Eye of the Paper Tigers: Filling the Cyber Workforce Void," sheds light on a potential solution to the workforce shortage. We delve into the often overlooked resource of "paper tigers" in cybersecurity - individuals possessing certifications but lacking practical experience. By exploring their untapped potential, we challenge the industry's perception and highlight how these "paper tigers" can bridge the workforce gap. It's time we uncover the value and capabilities of "paper tigers" and explore how they can address the global workforce shortage in cybersecurity.
Speaker Bio:
Chase Fontenot is a passionate Cybersecurity Engineer at RADER Solutions and a dedicated Cybersecurity Researcher with the Synack Red Team. He brings a wealth of experience as a member of Team Nighthawk, winners of the NolaCon 2022 Capture The Flag (CTF) competition. In addition to his achievements, Chase has also shared his expertise as a speaker at NolaCon 2023. As a member of the coaching staff for the 2023 US Cyber Games, he is committed to promoting cybersecurity awareness and supporting newcomers in the industry.
From DOS to BOSS: Mastering the Magic in DoD Cybersecurity
Richard Jackson
Talk Synopsis:
Strap in, folks, for the roller-coaster ride of a lifetime! We're about to embark on an epic journey through the hazardous hoops and treacherous turns of landing that coveted Cyber Security job in the DoD. Kick-start your journey as we demystify the mumbo-jumbo of qualifying for such a position. We'll dive into the abyss of applications and resurface with tips that make your resume shine brighter than a new recruit's boots! We then venture into the thrilling world of the DoD Cyber Security program. This is where cyber soldiers are forged, where firewalls are stronger than adamantium shields, and phishing is definitely not a relaxing weekend activity. Don't have the budget of Tony Stark? No worries! We'll explore how to secure systems while not blowing a Stark Industries-sized hole in your pocket. You'll become the McGyver of Cyber Security, making miracles happen with just a roll of duct tape, a Swiss Army knife, and an old router. Ever heard the saying, 'work smarter, not harder'? Well, we're going to demonstrate how to keep systems compliant without breaking a sweat. Expect to learn DOS batch files 101 - the secret weapon every Cyber Security superhero should have in their utility belt. And finally, we'll delve into the mysterious realm of the Risk Management Framework. It's not a cryptic secret society; it's the magic spell for keeping your DoD system in top shape. We'll reveal how it's implemented in the DoD, unmasking the arcane, and making it as easy as a Sunday morning. Join us on this wild journey. We promise, by the end of this talk, you'll be ready to dive headfirst into the exhilarating world of DoD Cyber Security jobs - all without a parachute!
Speaker Bio:
Richard Jackson is the Service Deliver Manager Director at Human Resources Command, Fort Knox, Kentucky. He was born in Clare, Michigan and joined the Air Force right out of high school. He was first stationed at Altus Air Force Base in Oklahoma where he served four years as a Flight Simulation Technician supporting the C141 Aircraft. Following his military service, Mr. Jackson then transitioned to the civilian sector, supporting the KC-135 Aircraft Simulator, Trident Nuclear Submarine Simulator, B52 Aircraft Simulator, M60A3, M1AI, and M1A2 Tank Simulators. He has worked at multiple sites including Little Rock AFB, Arkansas, McCord AFB, Washington, Wurtsmith AFB, Michigan, Fort Knox, KY, and Tabuk and Riyadh, both in the Kingdom of Saudi Arabia. In 2002, after 25 years as a Simulation Technician, Mr. Jackson earned the Microsoft MCSE certification and transitioned into an IT career. He worked with Lockheed Martin as an IMO for two years and was hired by the NEC (DOIM at the time) in 2004 to be the first Cyber Analyst for the Information Assurance Branch, now called Cyber Security. Mr. Jackson continued working his way to become the Chief of the Cyber Business Division and eventually the Director for the Network Enterprise Center (NEC). He earned a Bachelor’s in Information Technology from Western Governors University as well as over a dozen IT certifications. Throughout his civilian service, Mr. Jackson has earned a Civilian Achievement Medal and 10 Commander’s Coins along the way. He retired from Government service in March of 2023 and now works for OSCEdge as a Service Delivery Manager Director continuing to support the Fort Knox mission, working closely with the Human Resource Command (HRC) to ensure the HRC mission is highly effective.
Is it a Feature? Is it a Vulnerability? It's Active Directory.
Qasim Ijaz
Director of Offensive Security, Blue Bastion Security
Talk Synopsis:
This talk is a summation of stories from my recent penetration tests inside Active Directory networks. I will use this time to discuss common methods I have used to obtain initial access inside Active Directory environments, the features that paved the way to lateral movement, and vulnerabilities that escalated me to Domain Admin. This talk is laid out in a way that benefits both entry-level and experienced penetration testers. The content is for both blue and red teamers looking to better understand common Active Directory configurations that can lead to compromise. It has everything from memes to kerberoasting, with a pinch of humor (no dad jokes, I promise).
Speaker Bio:
Qasim "Q" Ijaz is the Director of Offensive Security at Blue Bastion Security and specializes in healthcare security and penetration testing. He has conducted hundreds of penetration tests in small to large environments with a focus on networks and web applications testing. His areas of interest include healthcare security, Active Directory, cybersecurity policy, and the "dry" business side of hacking. Qasim is a penetration test lead during the day and a teacher in the after-hours. Qasim has presented and taught at cybersecurity conferences including BSides and Blackhat on offensive security topics. He currently teaches a bootcamp on Offensive Security Certified Professional (OSCP) certification.
Incident Response Playbook-101: The importance of an Incident Response Playbook and how to create one.
Yaamini Barathi Mohan
VxRail Security at Dell
Talk Synopsis:
With the increase in security incidents happening across companies, Incident response teams are in the spotlight. An Incident Response Playbook will help the team organize the process and provide guidance during the time of chaos.
Join me to understand:
-
Why a Playbook is extremely important in the Incident Response process
-
What a Playbook is
-
How to build one for your company from scratch.
How To (Not) Crash UNIX
Barbi Howell, CISSP, CRISC, CISA
Talk Synopsis:
This presentation is for those who may use Linux such as Kali, Parrot, RedHat, or Ubuntu, but are not experts in UNIX commands. Instead of "How to use ls, cd, chown," this talk covers "what does the && do in ‘apt-get update && apt-get upgrade’ ?” The goal is less memorization and less looking up syntax and more understanding of why. The talk ends with real world stories of syntax errors causing system degradation and outages.
Speaker Bio:
Barbi is an IT Security Director specializing in Governance Risk and Compliance (GRC) and a former UNIX Sys Admin. A natural leader with a technical background, she is known for effective team building and promoting work-life balance. Barbi resides in Louisville, Kentucky and is a member of professional organizations such as Kentuckiana ISACA chapter. She assisted coordinating regional InfoSec conference, Louisville Metro Infosec Conference (2014-2017). She holds a bachelor's degree in Computer and Information Science and her certifications are not limited to CISSP, CISM and CISA.
CMMC Who? The Basics of New DoD Cybersecurity Compliance
Chris Silvers, CISSP
Founder and Principal Consultant, CG Silvers Consulting
Talk Synopsis:
The Cybersecurity Maturity Model Certification (CMMC) is the new security program the Department of Defense (DoD) is requiring Defense Industrial Base (DIB) contractors to comply with. CMMC 2.0, released in late 2021, aims to protect Controlled Unclassified Information (CUI) with the evolving nature of contemporary cybersecurity threats in mind. In this talk, Chris Silvers will explore the historical progression of DoD cybersecurity requirements (including the 9/11 Commission Report), highlight the most impactful new components of in CMMC, and provide his expert guidance for DIB contractors to forge a path to certification.
Chris, one of less than 100 individuals officially certified as both a Certified CMMC Provisional Assessor and Instructor, has led CMMC instruction for more than 500 students. His positioning on the front lines of the CMMC 2.0 rollout, and his cumulative 25-plus years in cybersecurity, uniquely qualify him to guide DIB contractors through the certification process.
Speaker Bio:
With more than 25 years of information security experience, Chris Silvers, CISSP, MBA, is the Founder and Principal Consultant at CG Silvers Consulting, a boutique information security firm based in Atlanta, GA. He is an established presenter and instructor, bringing an engaging, relatable storytelling style to all speaking engagements. In the classroom, Chris has worked with thousands of students, from 8-year-old Girl Scouts learning how to stay safe online to career forensic architects in government positions. Chris is also one of less than 100 individuals officially certified as both a Provisional CMMC Assessor and a Provisional CMMC Instructor, rendering him a uniquely qualified CMMC instructor for his almost 500 Defense Industrial Base students to date. On the presentation stage, he has been featured at DEF CON, TEDx, DerbyCon, and various universities, community events, and industry conferences. Chris regularly delivers engaging presentations on topics broadly ranging from social engineering, the state of the cyber security industry, cyber safety for families, and more. Chris' 2017 TEDx talk, The Cyber Skills Gap, has amassed more than 100,000 views and counting on YouTube.
Serving Soft Skills All Day
Sienna Delvasto
Talk Synopsis:
Deciding for a career change can seem intimidating when you're making the jump from a soft-skill-driven field such as hospitality to Cybersecurity, however, it doesn’t have to be. From the outside looking in, Cybersecurity can seem like an industry with heavy dependency on technical skills, though technical skills may be helpful for some roles, soft skills can be just as important (if not more). To ease the stress of this transition, this talk will be drawing the similarities between day-to-day activities as a server/bartender to that of a cybersecurity analyst. From juggling orders, running the expo window to working the closing section, you can leverage these skills to have a successful career in cybersecurity.
Speaker Bio:
Sienna Delvasto has been in the Cybersecurity industry for 5 years. While attending Gwinnett Technical College as a Computer Science Major she was introduced to Cybersecurity (love at first shell) and decided to focus her goals on that career field. In her time in the field, she started in Vulnerability Management, moved into Penetration Testing and is currently focused in Application Security. Prior to being in Cybersecurity she has spent 7 years in the service/hospitality industry and brought the skills gained from those years of experience into her career in Cybersecurity.
When not learning or practicing security skills Sienna can be found exploring menus and quality checking cocktails usually with the company of her pup, seeking new experiences and dancing to a beat (sometimes in her head).
Don’t let Ransomware Win -
A Blueprint for Ransomware Defense
Edward McCabe, CISM, CRISC, CGEIT, CDPSE, COBIT, SABSA
Talk Synopsis:
Ransomware attacks continue to increase in frequency, complexity and damaging effects worldwide. Cybercriminals have operationalized ransomware into a multibillion-dollar illegal enterprise with the capability to exploit and disrupt even the largest and most sophisticated companies. However, both the probability and severity of an attack can be mitigated when companies develop and maintain strategies for both prevention and mitigation. This talk offers insight into the current ransomware landscape and outlines steps an organization can take to prepare for and respond to ransomware attacks.
Abusing IPv6 on the Public Internet
TheTechromancer
Hacker, Black Lantern Security
Talk Synopsis:
As an attacker, what could you do if you had 4,722,366,482,869,645,213,696 IP addresses?
This is not a talk about mitm6 or DHCPv6. Instead we will focus on how IPv6 can be used for new and nefarious purposes on the Internet.
We'll get technical, demoing live attacks with TREVORproxy -- a special SOCKS proxy that splits your web traffic into a billion different source IPv6 addresses. We'll demo how to use this to bypass WAFs, password smart lockouts, and other rate-limiting mechanisms.
Then we'll cover each of the major cloud providers, their progress in deploying IPv6, and how they're vulnerable to these methods. Finally, we'll explore the kwirks and limitations of IPv6 attacks, and tricks for making them as effective as possible.
Speaker Bio:
TheTechromancer is a hacker at Black Lantern Security. When he's not pentesting, he enjoys writing hacking tools in Python, and speaking about them at conferences. He is an avid believer in open source software, and by the way he runs Arch Linux. He remains largely absent from the social media scene except on Github and ArtStation. He has some certifications, but asks that you judge him not by the color of his certs, but by the content of his Github profile. When provoked, he is likely to rant about Microsoft. Despite all these things he's actually a pretty friendly person.
ATOmically Passing Audits:
A CCRI love story
Josh Jackson
Talk Synopsis:
Join us as we navigate through a sizzling romance between regulation and risk management, traversing the often-convoluted terrains of the DoD. Discover how to charm your way into an ATO's auditor’s heart while dodging the fiery arrows of a CCRI. It's a tale of passion, audacity, and a relentless pursuit of compliance, guaranteed to keep you on the edge of your auditor's seat. So, grab your notepad, your laughter, and a heart ready for adventure. Because when it comes to cyber compliance in the DoD, it's not just business, it's a love story.
Speaker Bio:
I've been navigating the DoD sector for over 13 years now, serving as a Senior Middleware admin, Senior Linux Architect and now the Enterprise Architect / Technical Lead. It's been a fascinating journey, one where I've had the chance to work with an extensive array of systems and security tools.
But my passion for cybersecurity isn't just from my work experience. I have a degree in Cyber Security from Western Governors University, which has really been the foundation of my career in this ever-evolving field.
One of my proudest accomplishments is co-founding Optica, a compliance tool that's been instrumental in streamlining various processes. And when I'm not architecting or leading a venture, you can often find me elbows deep in code and scripts.
‘Flagged': Tracking Photo Geo-Locations Using Overpass-Turbo
Anna Quinn
Rapid7
Talk Synopsis:
In the talk, I will show how I can track images, videos, and more from photos and videos uploaded to social media without using metadata.
Speaker Bio:
Anna has a mixed IT background of over two years’ experience in system hardening, threat hunting, and blue and red team operations, as well as 3 years’ experience in IT in helpdesk and sysadmin roles. She joined Rapid7 as a penetration testing consultant in January of 2023. At Rapid7, Anna provides in-depth overviews on new exploitation techniques within the realms of Open-Source Intelligence (OSINT) and internal network penetration testing, specializing in Active Directory exploitation and pivoting. Anna also has expansive lab building experience - developing Application Programming Interfaces (APIs) for research and exploit development. In addition to this, Anna builds wireless labs, lockpicking environments, and Active Directory deployments for testing and research purposes. Anna also develops custom tools and scripts for the Rapid7 pentest team. Industries she has conducted penetration testing for and worked with closely include the financial, healthcare, social media, education, and energy industries.
The Unforeseen Battlefield:
Small Businesses as the New Frontline in National Cybersecurity
Nick Gipson
Founder/CEO, Gipson Cyber
Talk Synopsis:
The advent of the digital age has not only streamlined business processes but also brought along with it the increased risk of cyber threats. Recent trends indicate a shift in hacker focus from large corporations to unsuspecting targets such as small businesses, including mom-and-pop stores. The paper, titled "The Unforeseen Battlefield: Small Businesses as the New Frontline in National Cybersecurity," delves into the evolving cybersecurity landscape and analyzes the multi-faceted repercussions of cyber-attacks on small businesses and the consequent ripple effects on national security. Using a case study approach, the paper illustrates the real-life example of a mom-and-pop store that suffered a cyber attack, setting the stage for an in-depth exploration of the motives behind targeting small enterprises. The study underscores how seemingly innocuous entities, such as a small family-run business, can inadvertently become conduits for large-scale attacks on critical infrastructure and government systems. The paper also addresses the potential for aggregated data from multiple small-scale attacks to be used in more sophisticated, targeted attacks against national security interests. By illuminating the cascading effects of breaches in small business security, this paper advocates for a more inclusive approach to national cybersecurity strategies, emphasizing the need for awareness, education, and more robust security measures among small business owners.
Speaker Bio:
Nick Gipson is a seasoned cybersecurity expert renowned for his expertise in incident response, security research, and leadership as the CEO of Gipson Cyber. With nearly a decade of experience, Nick has been instrumental in safeguarding organizations from cyber threats. His published research and industry recognition demonstrates his profound knowledge and innovative insights. As a sought-after speaker and educator, Nick empowers others with his wealth of knowledge, driving proactive cybersecurity practices. Through his visionary leadership, Gipson Cyber remains at the forefront of the industry, offering comprehensive solutions in an ever-changing threat landscape. Nick Gipson’s unwavering commitment to cybersecurity continues to make a remarkable impact, securing organizations and raising awareness worldwide.
So you failed a pentest, now what?
Jordan Silva
Senior Manager, Hawaiian Telcom
Talk Synopsis:
Tips to get you back on track after receiving less than stellar pentest or vuln scan results and a few good cocktail recipes to help get you through the worst of it.
Synopsis: Overview of best practices for dealing with the management of tasks after a pen test or vuln scan that had less than stellar results. Includes info on how to prioritize issues, how to communicate them to responsible parties, how to prevent issues in the future, etc.
Speaker Bio:
Jordan has spent over a decade helping organizations implement and utilize technology to solve business challenges. As Senior Manager of Service Delivery at Hawaiian Telcom, Jordan’s teams are responsible for delivering Security and Cloud Services to customers big and small. Jordan has a Masters of Science in Leadership and Management and industry credentials, including the CISSP, C|CISO, and multiple GIAC certifications, giving him a unique balance of nerdy engineer and human leader. Given the opportunity, he will happily talk your ear off about anything related to technology, organizational culture, or the best ways to cook meat with fire.
Turning Breached Data into Intelligence
Wally Prather
Independent Intelligence Professional
Talk Synopsis:
The basics of this talk is to provide insight into the processes and methodologies utilized by intelligence professionals to discover data of high intelligence value. This talk will show communications networks, email chains, data bases, key personnel and more but specifically how to find it and then what to do with it.
In this talk we will also cover how this same methodology can be utilized to discover connections and provide attribution from cyber attacks.
Speaker Bio:
Jon “Wally” Prather is a seasoned intelligence professional with a wide range of subject matter expertise and at the time of writing this independently researching intelligence related topics and currently pursuing new career options. Wally is proficient in multiple intelligence disciplines including HUMINT Targeting, HVI Targeteer, and Network Analysis with 20 years’ experience, primarily in maritime counterterrorism/ counterinsurgency operations with the US Marine Corps, Special Operations, and Irregular Warfare. Wally has operational experience providing in-depth intelligence analysis and direct support to combat and interagency operations in the Middle East, Southeast Asia, and Africa with over four years deployed to combat, hostile and sensitive environments to include East Africa, Afghanistan, and Iraq. Wally now applies intelligence processes and methodologies to cyber data with unique and innovative results.
Application of Multiple AIs in Tandem for Offensive and Defensive Cyber Operations
Logan Hicks
Red Wolf Intelligence
Talk Synopsis:
1. CNO and Red team operations, using AI and training models & environments in order to make AI more effective at breach and extraction methods as well as all out cyber warfare.
2. Defensive Applications, leveraging AI to make real time detections, decisioning, to include modifications to entire infrastructure and pipelines if necessary to apply data centric methods to the prevention of impact of operations & data, in part or in full.
Speaker Bio:
I'm a multi-discipline, Senior Prinicipal level Architect that does pentesting & full stack development. I'm the guy that keeps your CISO awake at night, and why Legal includes phrases as "likeness" and "methods not yet concieved". I'm a push it till it breaks, stack it till it screams, No Limit Architect that makes Honey Badger look like a Sunday School Nurse. I'm an active cyberwarfare operator with verified campaigns against China, Russia, North Korea, and am currently actively involved in campaigns in the Ukraine/Russia conflict. I led the team that proved FaceApp was a Russian asset. I'm the guy who popped the 38,000+ QNAP devices in Japan via the Sony BBP months before they became ransomwared. I'm one of the primary drivers why X-Pack became open source after pilfering 30+ PB of data globally from Elasticsearch nodes. I'm an active participant in over 100 private VDP and BBP programs, and an active crew member in 3 professional crews. In simple terms, I'm John Wick's Tech Support.
Drone Penetration - Testing Lessons Learned
Jonathan Perez
Dark Wolf Solutions
Talk Synopsis:
In this talk, I give an overview of the lessons learned while performing penetration testing and supply chain analysis on UAS platforms for the Blue UAS and Green UAS programs. Topics include industry trends, common problems, and thoughts on the future of this space.
Speaker Bio:
Jon Perez is a Technical Program Manager with Dark Wolf Solutions specializing in Cybersecurity and Autonomous Systems. He is responsible for overseeing Dark Wolf's support of the Blue UAS and Green UAS programs in addition to other non-UAS programs. He strongly believes in leading with empathy and focuses his efforts on removing sources of friction so his stellar teams can thrive.
Jon holds a B.S. and M.S in Electrical Engineering from the Georgia institute of Technology. He would go on to spend the early years of his career pursuing electromagnetics research and secure software development as part of the Georgia Tech Research Institute. He currently resides in Atlanta, Georgia where he spends his free time relaxing with his family and writing music.
Sec is Dead...ish
Nate Johnson
Real Chemistry
Talk Synopsis:
Sec is dead, or at least it will be if we keep down this path. We are a self-perpetuating FUD machine that understands the threats out there, but normally can’t show our value add to a company. We are seen as a cost center and a burden. It’s time to look at options to fix the broken system, we may not be dead, but we’re close to needing life support. This is an interactive talk that takes a look at the less glamorous and more wholistically corporate strategy side of security. Moving from a single team to a dispensed group of security experts focused in training and informing business units, no longer are we looking at Sec Awareness training once a year, but creating an environment of users that have a security mindset, where its second nature to look at all problems, projects, etc. through a lens of operations and security.
Speaker Bio:
I’m the Head of Security at Real Chemistry, which means I do a lot of updates and paperwork most of my day. With a broad background ranging from admining systems and networks, commercial and DoD audits, DIACAP/RMF/NIST/SOC/ISO compliance, and managing security programs across the government and commercial entities; I’m uniquely situated to have a lot of experience across a lot of facets of the industry, and a mastery in absolutely nothing. I’m a firm believer in the passing of knowledge and openly sharing any experiences that may help others keep from making my mistakes. The stove is hot, I still touched it, now I’m telling you.
Teaching Information Warfare: Strategies in Academic and Government Institutions
Gregory Carpenter
KnoweldgeBridge International Inc.
Talk Synopsis:
This presentation provides a concise overview of the teaching strategies employed in academic and government institutions to educate individuals on information warfare. Academic institutions integrate these disciplines into their curricula, while government institutions, and academies, also emphasize specialized training programs. The multidisciplinary nature of information warfare actively encompasses cybersecurity, psychological operations, Operations Security, electronic warfare, deception techniques, and associated intelligence support. Curriculum integration involves adapting existing programs to address emerging information warfare threats. Specialized training initiatives, such as workshops and simulations, enhance preparedness and response capabilities in government institutions. Educators recognize the significance of cultural applicability in information warfare education, actively ensuring effective countermeasures against threats in diverse contexts. This presentation emphasizes the role of academic and government institutions in equipping individuals with the knowledge and skills required to navigate the complexities of information warfare. To highlight the foundational differences in approach, we investigate similarities and differences in policy and lexicons unique to distinct cultures. By adopting interdisciplinary approaches, adapting curricula, providing specialized training, and considering cultural nuances, these institutions contribute to developing competent professionals capable of safeguarding national security in the digital age.
Speaker Bio:
Gregory Carpenter is the Chief Security Officer of KnowledgeBridge International, a Fellow of the Royal Society for the Arts and was selected the National Security Agency’s Operations Officer of the Year. He serves on the Board of Directors for ATNA Systems, is a Senior Advisor for ARIC, Inc., and is a Special Operations Medical Association and Military Cyber Professionals Association member. He is a former member of the Board of Advisors for EC-Council University and the International Board of Advisors for the Mackenzie Institute.
Before joining KBI, Gregory held various military and civilian senior positions, including Vice President for Cyber Operations, Chief of Security Testing and Chief Operations Officer, Counterintelligence Division Chief and Chief of Special Space Operations, and Functional Team Lead for Electronic Warfare. He has been an epidemiological primary investigator and research team leader.
Gregory is a retired army officer of 27 years, holds a Bachelor of Science degree, a Master of Science degree, and a Doctorate in Public Health. He is a Certified Information Security Manager, Lean Six-Sigma Black Belt, and ISO-9000 lead auditor.
