All Speaker Bios

  • 0ddj0bb 0ddj0bb @0ddj0bb

    TalkNetwork Security? What About The Data?

    True Neutral, Security Engineer, Literal Sartorialist, Whovian. Superbly Sexable. 0ddJ0bb likes to keep his profession and hacker scenes separate for the most part. 0ddJ0bb helps run CircleCityCon. 0ddJ0bb has an associates degree and several years experience in IT and Security. 0ddJ0bb is an expert, but not THE expert. 0ddJ0bb also likes talking in the third person.

     

     

  • Akacki Danny @dakacki

    TalkThe Never Ending Hack: Mental Health Challenges in InfoSec

    Danny Akacki is just a hacker that adores what he does and the community that surrounds him. He is an enthusiastic speaker with a love of Tribal Knowledge Sharing, Japanese whisky and lock picks. Danny has spoken at events like BSides Augusta , BSides Philadelphia and is one third of the Rally Security podcast crew. He is also the creator of InfoSanity.org, a resource and sounding board for those dealing with mental health issues in the Information Security community.

     

  • Alvarez Raul @raulr_alvarez

    TalkCreating Your Own Customized Metamorphic Algorithm

    “I joined Fortinet in 2004, and is currently working as a Senior Security Researcher/ AV Team Lead. I am also one of the Lead Trainer responsible for training the junior AV/IPS analysts in malware analysis and reverse engineering.

    I have presented in different conferences like BSidesVancouver, BSidesCapeBreton, OAS-First, BSidesOttawa, SecTor, DefCamp, BCAware, AtlSecCon, and BSidesCalgary.

    I am a regular contributor to the Fortinet blog and also in the Virus Bulletin publication, where I have published 22 articles.”

     

  • Bates Nathan @Brutes_

    TalkSplunking Dark Tools – A Pentesters Guide to Pwnage Visualizationu

    Nathan Bates (@Brutes_) applies his knowledge of the blue-side to defend against organized crime, nation-states and Bryce. Currently, leading the security centric big data initiatives for Adobe’s marketing cloud infrastructure to build large scale systems for security monitoring and incident response.

     

  • Beatty Jason @beattyj

     


    TalkEverything is Not Awesome: How to Overcome Barriers to Proper Network Segmentation

    Jason Beatty started out as a desktop admin about 20 years ago, and has since moved through the ranks doing server administration, network engineering, firewall administration, served as a Managing Director of Infrastructure, and is currently a Security Consultant advising clients with Rapid7’s Strategic Advisory Services team.

     

  • Biswas Cheryl @3ncr1pted

    TalkIt’s A Disaster!

    Cheryl works as a cybersecurity analyst, researcher and consultant in Threat Intel with KPMG Canada. Star Trek got her started and Stuxnet led her here. In addition to chocolate, she loves APTs, demystifying mainframe security, and promoting defensible ICS Scada. Building bridges as well as building security awareness are her endgame. Cheryl holds a specialized honors degree in political science, and is ITIL designated. She uses her words to speak at various cons and to share her insights online and in print.

     

  • Brown Benjamin @ajnachakra

    TalkCryptocurrencies and Anonymity: The Good, The Bad, and The Future

    Benjamin Brown currently works on darkweb research, threat intelligence, incident response, and adversarial resilience at Akamai Technologies. He has experience in the non-profit, academic, and corporate worlds as well as degrees in both Anthropology and International Studies. Research interests include darkweb and deepweb ethnographic studies, novel and side-channel attack vectors, radio systems, the psychology and anthropology of information security, metacognitive techniques for intelligence analysis, threat actor profiling, and thinking about security as an ecology of complex systems.

     

  • Buening Jamie @JamieBuening

    TalkDetecting DNS Anomalies with Statistics

    Jamie Buening is a graduate of Purdue University with sixteen years of work experience in UNIX systems, networking, and information security. He currently works as an Information Security Analyst in the electric power industry. Responsibilities include Threat Intelligence and Incident Response. Jamie is a Certified Information Systems Security Professional (CISSP).

     

  • Burnett Karla @tetrakazi

    TalkIchthyology: Phishing as a Science

    Karla has a varied offensive security background: she’s reverse engineered train ticketing systems, written articles on TLS and SSH, and competed in the Defcon CTF finals for the last several years running.

    She officially works on authentication and application security at Stripe, but builds internal phishing campaigns when she has business hours to spare. She’s triggered many bouts of internal paranoia, and has built a reputation as being entirely untrustworthy when it comes to email.

     

  • Cannibal (Billy) @Cannibal

    TalkThe State of Security in the Medical Industry

    @cannibal has spent 10 years working in the medical device community. While spending the majority of the time handling defensive security, he recently switched to the attack side after joining the Phobos Group in 2016. The handle “cannibal” comes from disassembling electronics and “cannibalizing” their components for other uses, so please feel free to approach with questions he’s pretty harmless.

     

  • Cardella Joel @JoelConverses

    TalkThe Decision Makers Guide To Managing Risk

    Joel Cardella has over 25 years of experience in information technology, having run a gamut from network operations, sales support, data center management, field operations and information security. He has worked in industries including telecommunications, healthcare and manufacturing. As a former CISO, he helps C-suite executives better understand and interact with information security topics. He helps organizations build and run security programs, manage risk, and increase their security maturity posture. Joel has spoken at national conferences on topics ranging from blue teaming to risk management.

     

  • Cooley Kendra @4n6kendra

    TalkWe Don’t Always Go Lights and Sirens

    Kendra (@4n6kendra) currently works at Duo Security as an Information Security Analyst. She holds a Bachelor of Science in Digital Forensics and has her CISSP. Throughout her five years working in Information Security, Kendra has had the pleasure of working in several areas including identity and access management, compliance, and a security operations center. Kendra is an advocate for practicing good security hygiene, and regularly conducts security awareness presentations for her community. In her free time, she enjoys watching The Golden Girls and connects the most with Sophia’s character because of her lack of a verbal filter.

     

     

  • DC949 Adam @AdamOfDC949

    TalkFuzzing with AFL

    Adam is one of the founders of DC949 and has been hacking on things for over a decade. Previous shenanigans include but are not limited to: breaking reCAPTCHA with an accuracy of 99.1%, turning Twitter into a filesystem, and co-founding Open Capture The Flag (OCTF) at DEF CON. As a day job, he finds 0-days. His favorite kind of vulnerabilities are the design flaws. Why? Because one does not simply release a patch for a design flaw!

     

  • Goerlich Wolfgang @jwgoerlich

    TrainingBuilding and Running Security Exercises

    TrainingLevel Up Your Leadership

    TalkAnd the Clouds Break: Continuity in the 21st Century

     

    J Wolfgang Goerlich supports information security initiatives for clients in the healthcare, education, financial services, and energy verticals. In his current role with CBI, a cyber security consultancy, Wolfgang is the vice president for security programs. Wolfgang also leads the Academy teams, providing mentoring and guidance to the junior-level talent. He is an active part of the security community. He hosts a popular YouTube video series and the Encode/Decode Security Podcast. Wolfgang regularly advises on and presents on the topics of risk management, incident response, business continuity, secure development life cycles, and more.

     

  • Gray Joe @C_3PJoe

    TalkOSINT For The Win – Tools & Techniques to Maximize Effectiveness of Your Social Engineering Attacks

    Training:   OSINT For Pen Testers: Maximizing Your Efficiency

    Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is an Enterprise Security Consultant at Sword and Shield Enterprise Security in Knoxville, TN. Joe also maintains his own blog and podcast called Advanced Persistent Security. He is also in the SANS Instructor Development pipeline, teaching SANS Security 504: Hacker Tools, Techniques, Exploits, and Incident Handling. In his spare time, Joe enjoys reading news relevant to information security, attending information security conferences, contributing blogs to various outlets, bass fishing, and flying his drone.

     

  • Hnatiw Aaron @insp3ctre

    TalkSecurity Training: Making Your Weakest Link The Strongest

    Aaron Hnatiw is a Senior Security Researcher for Security Compass, an information security advisory firm specializing in application security. He is a former professor of Application Security at Georgian College, as well as the founder of Inspectral Security, a security consulting company that provided customized red team and vulnerability assessment services to medium-sized businesses across a wide range of industries. Aaron’s background has covered most areas of information technology- he has worked as a security consultant, system administrator, web and desktop application developer, and network security engineer. His current role involves researching information security issues across industries, and developing innovative solutions to these problems. In his free time, Aaron writes open-source security tools, and participates in the occasional hacking CTF from his home in Ontario, Canada.

     

     

  • J Chris @rattis

    TalkThreat Intelligence: Zero to Basics

    Chris has done Threat Intelligence analysis for two different Fortune 500 companies. At one of the companies, he worked on rebuilding the program from scratch. Chris has given include: using the Raspberry Pi to create a Wireless Intrusion Detection System, Human Trafficking, Campus Crime Mapping, Linux Hardening, countless presentations on Lockpicking. He has also taught a class on Software Defined Radio, and Linux system hardening. You can find him on twitter as rattis, and his blog posts on rattis.net.

     

     

  • JAe @switchingtoguns

    TalkPh’ing Phishers

    JAe is a Security Researcher on the Emerging Threats Research team at Proofpoint who eats a lot of phish.

  • Johnson Haydn @haydnjohnson

    TalkTrials and Tribulations of setting up a Phishing Campaign – Insight into the how

    “Haydn has specialized in offensive security and cyber threat intelligence for over 4 years. He has extensive experience in Information Security, network/web penetration testing, vulnerability assessments, identity and access management and identifying near future threats that face organizations on the horizon. Haydn is considered an industry expert on Red Teaming, and has been published several times in online articles on this topic. Additionally, he has a Masters in Information Technology and holds the OSCP and GXPN certifications. Haydn regularly contributes to the infosec community, speaking at various conferences including HackFest, BsidesTO, BsidesLV and Sector.

    https://ca.linkedin.com/in/haydnjohnson”

     

  • Jones Cindy @sinderznashes

    TalkClosing Keynote: Lectures or Life Experiences – Awareness Training that Works!

    Cindy brings over 15 years of specialized IT and security experience to her role of Senior Security Consultant with Rapid7. Cindy maintains a CISSP and MCP certifications. She has worked in multiple arenas including Federal, education, technology and healthcare and has a background in development, maintenance and management of information security programs. In her current role, Cindy assists clients in determining the most effective means of improving upon their information security programs. Cindy studied Psychology while in her home town of Los Angeles, and is currently enrolled with Western Governors University, earning a Bachelor of Science degree in Information Technology – Security. Cindy is actively involved within the information security community and volunteers her time by leading the registration team for BSides Las Vegas, volunteers for DerbyCon, and DEF CON.

  • Koop Ryan @cohesivenet

    TalkCybersecurity for real life: Using the NIST Framework to protect your critical infrastructure

    Ryan Koop is the Director of products and marketing at Cohesive Networks. He is responsible for product development and manages teams for public relations, international events, and content marketing. His role spans the technical product development, customer support, business development and thought leadership needs of a growing company. Previously, he worked at a trading platform software company in the US Derivative Markets.

    Recently, Mr. Koop presented the talk “Global WAN on the Cheap” at LASCON in Austin, Texas. He also presented and lead the Chicago Ideas Week Lab for Cohesive, titled “Get Started in Public Cloud” He previously spoke at the IBM Cloud Hour at Impact 2011.

     

  • Kot Alex @alex_s_kot

    TalkNetwork manipulation on video games

    Currently work as a Security Engineer in a payment processing company in Atlanta. A video gamer who enjoys FPS on Xbox. Used to be big into console hacking. Hobbyist of SOHO router firmware and wireless technologies. I spoke BsidesHuntsville, Notacon, and BsidesCleveland.

     

  • Kuntz Bryce @tweetFawkes

    TalkSplunking Dark Tools – A Pentesters Guide to Pwnage Visualizationu

    Bryce Kunz (@TweekFawkes) applies his knowledge of the red-side to discover vulnerabilities which enable exploiting all the things! Currently, leading the tailored testing of Adobe’s marketing cloud infrastructure to discover security vulnerabilities. As an Ex-NSA, Ex-DHS employee who hold various certifications (OSCP, CISSP, etc…) my fervor for perfection drives me to share intriguing research.

     

  • Lee Keith @keith55

    TalkFinding Your Way to Domain Admin Access and Even So, the Game Isn’t Over Yet.

    Keith Lee is a Senior Security Consultant with Trustwave’s SpidersLabs Asia-Pacific. SpiderLabs is one of the world’s largest specialist security teams, with over 100 consultants spread across North America, South America, Europe and the Asia Pacific. SpiderLabs has a focus on original security research and regularly presents at conferences such as BlackHat, DefCon, OWASP, Hack In The Box and Ruxcon. Keith is based out of Singapore and has primary focus is on providing penetration testing, social engineering and incident response services to clients in the Asia-Pacific region.

     

  • Man Jeff @MrJeffMan

    TalkTales from the Crypt (analyst) TrainingThe Art of the Jedi Mind Trick: Learning Effective Communication Skills

    Jeff is a respected Information Security expert, advisor, speaker, teacher, advocate, and curmudgeon. He has over 33 years of experience working in all aspects of computer, network, and information security, including risk management, vulnerability analysis, compliance assessment, forensic analysis and penetration testing. He has held security research, management and product development roles with NSA, the DoD and private-sector enterprises and was part of the first penetration testing “red team” at NSA. For the past twenty years, he has been a pen tester, security architect, consultant, QSA, and PCI SME, providing consulting and advisory services to many of the nation’s best known companies.

     

  • Mattingly Bret @bretmattingly

    Talk: How To Be Curious

    Bret Mattingly is a junior developer-turned-budding-hacker who has been playing with computers since his age was in the single digits. He’s obsessed with all things hacking related and thinking about how we think.

     

  • Momot Falcon Darkstar @falcondarkstar

    TalkYou’re not old enough for that: A TLS extension to put the past behind us

    Falcon is a Shadytel tactical lineman and a Leviathan security consultant. He usually talks about LangSec, and recently published “The Seven Turrets of Babel: A Taxonomy of LangSec Errors and How to Expunge Them”.

     

  • Peed Emily @_K_G_G

    TalkChanging our future with 3D Printing

    Emily is a writer for IFERS, or the Institute For Education, Research, and Scholarship, a 501(c)3 focused on providing high performing students opportunities for success and fostering associated tools. She spends her time studying high technologies and how they interact with aspects of society, economy, and our future. She has released a podcast that supports shows the behind-the-scenes research and brings cutting-edge topics to the forefront of American debate. She can be reached through knittinggothgirl.com, where more information can be found on writings, podcast materials, and the charity work being conducted.

     

  • Power Max @dontlook

    TalkOpen Sesamee

    Max Power has been working in IT as a jack of all trades but with an fascination for risk and what trust is actually based in. Four years ago he dove straight into the Locksport: running the Boston TOOOL chapter, helping with the lockpick villages at major cons, and actively working in the community. When not at work or picking locks he can found trying to load as much weight as possible on to the bar, training for powerlifting competitions, because nothing is more fun than not bending when the bar does.

     

  • Pustell Vivienne @yellingviv

    Talk: The Kids Aren’t Alright: Security and K-12 Education in America

    Teacher, new teacher coach, education researcher, and edtech manager, Vivienne Pustell has spent her adult life trying to get people to do their homework. Now she has replaced “homework” with “good security practices” as Director of Digital Safety for a California school district. Come for the learning, stay for the snark.

     

     

  • Serper Amit @0xamit

    TalkPeakaboo – I own you: Owning hundreds of thousands of devices with a broken HTTP packet

    “Amit leads the security research at Cybereason’s Boston HQ. He specializes in low-level, vulnerability and kernel research, malware analysis and reverse engineering. He also has extensive experience researching attacks on large scale networks and investigating undocumented OS resources and APIs.

    Prior to joining Cybereason, Amit spent nine years leading security research projects and teams for the Israeli government, specifically in embedded system security. He’s presented at RSA, BSides Tel Aviv and LayerOne.”

     

  • Sweet Kat @TheSweetKat

    TalkTalky Horror Picture Show: Overcoming CFP Fears

    Kat Sweet is in her final semester of studying network security at Madison Area Technical College. When she’s not hacking for grades (or lulz), she feeds herself (and her brain) by blue teaming for her school, writing, and teaching at her friendly neighborhood hackerspace. She got her speaking start in the BSidesLV Proving Ground, where she returned last year as a presentation mentor. She currently serves as the CFP co-chair for CircleCityCon, as well as a founding board member of TiaraCon. Her speaking credits include BSidesLV, CircleCityCon, CypherCon, SkyTalks, BSides NoVA, and the DEF CON Wireless Village. A renaissance woman with too many hobbies, she enjoys long walks on the beach, bursting into song, and picking unsuspecting locks.

     

  • Tentler Dan @Viss

    TalkOpening Keynote: Words Have Meanings


    Dan Tentler is the founder and CEO of The Phobos Group, a boutique information security services company. Previously a co-founder and CTO of Carbon Dynamics, and a security freelancer under the Aten Labs moniker, Dan has found himself in a wide array of different environments, ranging from blue team, to red team, to purple team, to “evil hacker for a camera crew”. When not obtaining shells or explaining against how to get shelled, Dan enjoys FPV racing and crashing drones in new and interesting ways.

     

  • Tottenkoph @tottenkoph

    TalkClosing Keynote: Lectures or Life Experiences – Awareness Training that Works!

    Magen Wu is a Senior Security Consultant with Rapid7 with almost 10 years of experience in the technology industry. Magen is currently pursuing her master in Organizational Psychology with the intent to apply its principles to security practices and training. She also volunteers for DEF CON and BSidesLV. Her twitter handle is @Tottenkoph.

  • Troutman James @troutman

    TalkWhy is the Internet still working?

    Troutman is an Internet “Old Timer” & Engineer, having first been online via a “paper TTY” with a 300 bps acoustic coupler modem in 1982. He has been an active user of the Internet & UNIX since 1987, and has been tasked with building and running Internet infrastructure off and on since the early 90s. He has held a wide variety of roles in Internet operations, engineering, and management at various regional ISPs, CLECs, ILECs, cable TV companies, and web hosts. He is a Director of the non-profit Northern New England Neutral Internet Exchange (NNENIX.NET) in Portland, Maine but his day job is roaming the countryside as a self-employed infrastructure consultant, based out of the great state of Maine.

     

  • Williams Jeff @blu3wing

    TalkLeveraging Vagrant to Quickly Deploy Forensic Environmentshi

    Jeff Williams (blu3wing) is a Security Engineer working in Healthcare and specializes in DFIR and Malware Hunting. He currently is still an undergraduate at Eastern Michigan University where he plans to finish his last two remaining classes over the Summer and Fall 2017 semesters. He is passionate about all things InfoSec, and spends most of his free time researching and monitoring security related events and news.

     

  • Wong Caroline @carolinewmwong

    TalkApplication Security Metrics

    “Caroline Wong is the Vice President of Security Strategy at Cobalt. Cobalt delivers crowdsourced pen tests and private bug bounties to modern organizations.

    Caroline’s close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. She is a well known thought leader on the topic of security metrics and has been featured at industry conferences including RSA (USA and Europe), IT Web Summit (South Africa), OWASP AppSec, Metricon, the Executive Women’s Forum, ISC2, and the Information Security Forum.

    Caroline received a 2010 Women of Influence Award in the One to Watch category and authored the popular textbook Security Metrics: A Beginner’s Guide, published by McGraw-Hill in 2011. She graduated from U.C. Berkeley with a B.S. in Electrical Engineering and Computer Sciences.”