RVAsec 13: Full Schedule

Streaming: https://mssvideo.vcu.edu/RVAsec

arrow_back View All Dates

7:59am EDT

Registration - Day 1 Morning

Tuesday June 4, 2024 7:59am - 12:00pm EDT
1st Floor, Magnolia Room

8:00am EDT

Breakfast - Day 1

After you get registered, come upstairs and enjoy breakfast!
Make sure you are in the ballroom by 9am for the welcome session.

Go see our vendors in the Expo!

Menu:

Tuesday June 4, 2024 8:00am - 9:00am EDT
Top of The Grand

Food

9:00am EDT

Welcome Day 1

Welcome to RVAsec 13!

Remarks will be provided about what to expect at the conference and many thanks to our volunteers and sponsors for making it possible.

We will also have short presentations on CTF, Badge, and Lock Picking.

Speakers

Jake Kouns

Organizer, RVAsec

Jake is the founder of RVAsec and was previously the CEO for Risk Based Security that provides vulnerabilities and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSVDB.org) and DataLossDB. Kouns has presented at many well-known... Read More →

Tuesday June 4, 2024 9:00am - 9:30am EDT
Ballroom

Informational

9:30am EDT

Keynote

Speakers

Kymberlee Price

Founder + CEO, Zatik

Kymberlee is co-founder and CEO of Zatik Security, a fractional product security consulting company whose mission is to make world-class cybersecurity expertise available to companies of all sizes. A dynamic engineering leader and public speaker known for developing high-performing multidisciplinary teams, Kymberlee is a recogn... Read More →

Tuesday June 4, 2024 9:30am - 10:30am EDT
Ballroom

Keynote

10:00am EDT

HackRVA Badge Training & Repair

Come learn about your badge, get it fixed if there are any issues and talk to HackRVA!

HackRVA is a member-run and organized non-profit makerspace in Richmond, Virginia. HackRVA is a space filled with tools, computers, and people who like to build, invent, tinker, expand their minds, and learn and share new skills. You’ll find a diverse group of individuals who are into electronics, woodworking, embedded software, metalworking, programming, music, art, video, photography, 3D printing, sewing, textiles, and virtual reality—and that’s for starters. HackRVA members have access to the makerspace, tools, community and learning opportunities through member-lead workshops, events and projects.

Tuesday June 4, 2024 10:00am - 4:30pm EDT
Rappahannock

Village

10:00am EDT

Lock Picking Village and Contest

A variety of example locks, from simple to extremely hard, along with a picks of all shapes and sizes will be available in our lock pick village.

Stop by and have some fun testing your skills! Provided hand sanitizer will be required to help reduce the modern risks while we explore the oldest security mechanism on earth!

If you fancy yourself a strong picker or have a competitive streak, we are planning to have a time contest of a series of locks, with the fastest through them all taking home something epic.

Tuesday June 4, 2024 10:00am - 5:00pm EDT
Rappahannock

Village

10:30am EDT

Vendor Break & Room Change

Break and room change.

We need all attendees to leave both ballrooms quickly as possible so we can split the room for sessions.

Go see our vendors in the Expo!

Menu:

Tuesday June 4, 2024 10:30am - 11:00am EDT
Potomac

Vendor Break

10:30am EDT

Registration

After the initial rush of registration in the moving, it will be relocated to the "Top of the Grand".
If you have any questions or issues please stop by for help.

This is also where you can turn in your Passport for Prizes.

WiFi sponsored by RVAsec: Omni Meeting Password: PASSWORD SOON

Tuesday June 4, 2024 10:30am - 5:00pm EDT
Top of The Grand

Informational

11:00am EDT

Secure Legends GameDay - A Cloud Security Danger Room

The Secure Legends GameDay experience provides an interactive learning exercise for security professionals to develop practical skills for protecting cloud environments. We will explore real-world security scenarios that might include compromised credentials, data leaks, instance breaches, infrastructure attacks, and vulnerable CI/CD pipelines.

During this session, we’ll solve one of the challenges together in realtime and I’ll explain the mitigation tactics as you work in your own environments. No cloud environments needed, no cloud bill to pay at the end, and no sign up necessary! You’ll get temporary access to a real environment where you can actually build.

As an added bonus, you’ll also get to walk away with limited-time access to that cloud account and to additional challenges you can solve after the session!

Speakers

AM Grobelny

Developer Advocate, Amazon Web Services

I've spent the past 10+ years working on or helping people work on software. I was also a professional educator previously in my career, so I have a particular passion for helping people more easily understand difficult concepts. I currently work at AWS, and I'm focused on helping... Read More →

Tuesday June 4, 2024 11:00am - 11:15am EDT
1st Floor, Magnolia Room

101

11:00am EDT

Prioritization Myths Busted with Better Vulnerability Data

A good prioritization plan should let you know where to start when tackling risk. And yet, people don't know where to start when developing a good prioritization plan! Even worse, we make a number of bad assumptions when trying to navigate this labyrinth.

Which method is the best? Are many methods better than one? How many is too many? What does “best” even mean?

Ask 10 different practitioners these questions and you might get 10 different answers. There’s no better example of this situation than with the plethora of vulnerability prioritization methods available today. Luckily, we’ve been able to collect an unprecedented amount of data on vulnerabilities, and it’s taught us a lot about what makes sense, and what doesn’t.

Join us as we use this vulnerability data to dispel myths, avoid pitfalls, and conjure some solid recommendations that will put you on a better path.

Speakers

Ben Haynes

Data Scientist, Flashpoint

Ben Haynes is a data scientist at Flashpoint, leveraging analytics and his cybersecurity expertise to solve practical problems in the industry. Previously, he worked at Risk Based Security, where he dedicated his time to enhancing and implementing the organization’s cybersecurity... Read More →

Tuesday June 4, 2024 11:00am - 11:50am EDT
Ballroom A/B

Business

11:00am EDT

That Shouldn't Have Worked - Payload Development

The game of bypassing defenses and detection continues to be a cat and mouse game. Attackers often find clever ways to use common tools and techniques to execute their code and the defenders continue to create detections and mitigations for these methods. As a red teamer, it is becoming increasingly difficult to get around these defenses and emulate those attackers. In this talk, I will cover some of the methods we use during engagements to thread the needle and bypass those defenses.

Speakers

Corey Overstreet

Senior Security Consultant, Red Siege

Corey has been engaged with Fortune 500 organizations across a variety of industries, including financial services, government services, and healthcare and is widely recognized for his in-depth OSINT talks and workshops. Additionally, he is a Black Hat trainer and has spoken at conferences... Read More →

Tuesday June 4, 2024 11:00am - 11:50am EDT
Ballroom C/D

Technical

11:50am EDT

Lunch

TBD

Tuesday June 4, 2024 11:50am - 1:00pm EDT
James River Foyer

Food

1:00pm EDT

Its Coming From Inside the House: A Guide to Physical Facility Penetration Testing

Physical security is crucial to any organization; however, physical security sometimes takes a back seat. Many companies still maintain a physical office presence, and protecting employees working from the office, along with other critical assets is vitally important as protecting networks. An attacker gaining access into a building through social engineering or other means of physical entry could jeopardize those critical assets and employee’s safety. Attackers may access unattended workstations, open file cabinets, server rooms, or other information inside the organization. Skilled attackers may only need a few moments to slip into a building and plant a remote access device on the network without anyone noticing they were in the building.

Speakers

Ariyan Suroosh

Senior Security Consultant, Optiv

Ariyan Bakhti-Suroosh is a senior security consultant on the Attack and Penetration team under Optiv’s Threat Management divison. Ariyan has a diverse background in information technology caused by an exigent curiosity for how things work. Ariyan has over 5 years of experience in... Read More →

Tuesday June 4, 2024 1:00pm - 1:50pm EDT
1st Floor, Magnolia Room

101

1:00pm EDT

Verified for Business Continuity: How to Remediate Risk Safely Across the Enterprise

Remediation can feel like a high-wire act, balancing the need to close exposures against the imperative of maintaining business continuity. This talk addresses the quintessential challenge: how can organizations utilize their existing arsenal of security tools to remediate vulnerabilities, misconfigurations, and exposures without halting the business engine? Glean insights from a seasoned industry expert on leveraging security logs, configurations, and threat intelligence to unearth exposures, teaching CISOs to navigate this delicate balance.

Speakers

Oren Koren

CPO & Co-Founder, Veriti Security

Oren Koren is the Co-Founder and Chief Product Officer of Veriti. Oren brings 19 years of experience in cybersecurity, advanced threat analysis, and product management. Prior to founding Veriti, Oren was a Senior Product Manager at Check Point Software Technologies, where he led AI-based... Read More →

Tuesday June 4, 2024 1:00pm - 1:50pm EDT
Ballroom C/D

Business

1:00pm EDT

Some Assembly Required: Weaponizing Chrome CVE-2023-2033 for RCE in Electron

In this presentation, the development process of a remote code execution (RCE) exploit for CVE-2023-2033 is discussed. CVE-2023-2033 is an N-day type confusion vulnerability that affects Google Chrome for Windows, Mac, and Linux with which an attacker can exploit Chrome V8 engine to cause heap corruption via a crafted HTML page and gain RCE. Prior to this presentation, a public RCE exploit for this vulnerability did not exist. This exploit is based on publicly available proof of concept code that uses this vulnerability to implement v8 heap read/write/addrof primitives. This presentation focuses on weaponizing these primitives to achieve remote code execution consistently on an unsandboxed renderer process of an Electron version running a vulnerable version of Chrome. Methods to hijack the render process instruction pointer and to write and execute specially encoded chunks of shellcode using these primitives are discussed.

Speakers

Nick Copi

AppSec Engineer, CarMax

Nick Copi, an application security engineer at CarMax, seamlessly balances his professional role with a fervent pursuit of security research. From architecting full-stack web applications to spearheading innovative security initiatives at CarMax, Nick's diverse background enriches... Read More →

Tuesday June 4, 2024 1:00pm - 1:50pm EDT
Ballroom A/B

Technical

1:00pm EDT

CTF Prep

Come prep and learn more about the CTF contest!

Tuesday June 4, 2024 1:00pm - 4:00pm EDT
Shenandoah Room

CTF

1:50pm EDT

Vendor Break

Go see our vendors in the Expo!

Milk & Cookies: Warm Mini Cookies Vegetarian
- Cold Milk
- Chocolate Milk

Tuesday June 4, 2024 1:50pm - 2:00pm EDT
Potomac

Vendor Break

2:00pm EDT

The ABCs of DevSecOps

Application Security is the most oft-ignored, yet critically vulnerable attack vector in many businesses today. Development teams are encouraged to create new features first and foremost, at the expense of fixing vulnerabilities. It’s not until a breach or an audit finding when they pay attention to patching security holes.

So how does a thoughtful CISO get in front of this?

Application security has to exist across the application lifecycle. DevSecOps is the philosophy of imbuing proper security controls at every stage of the Software Development Lifecycle (SDLC). This session will introduce you to core DevSecOps concepts so you can bring them back to your company and make some proactive changes to “drive defects left” and reduce the risk of a catastrophic security breach in your applications

Speakers

Steve Pressman

President and CTO, Alpine Cyber Solutions

Steve is an experienced computer systems and security architect with a passion for standards-based security and compliance; cloud computing; and DevSecOps. He brings over a decade of experience in the defense industry, working for multiple federal defense contractors, and has directly... Read More →

Tuesday June 4, 2024 2:00pm - 2:50pm EDT
Ballroom A/B

101

2:00pm EDT

Once Upon a Cyber Threat: The Brothers Grimms Teachings on APT Awareness

Two hundred years ago, the first volume of fairy tales was published by the Brothers Grimm, introducing to the world a realm of magic, dark forests, and powerful villains to haunt everyone's dreams.

We never imagined this realm would exist in the digital age. "Once Upon A Cyber Threat" delves into the realm of advanced persistent Threat Groups (APTs), drawing parallels between the world of poisoned apples, breadcrumb trails, and magic mirrors and today's modern cyber threats. Serving not a tale of caution but a call to action and a lesson in storytelling, creating an outline that can help every security professional impart the caution, wisdom, and resilience we need to become the narrators that transformed Brother Grimm's tales into the happy ever after stories we know today.

Speakers

Ell Marquez

Researcher, Operation Safe Escape

Ell Marquez is a proud Hacking Is Not and Crime and Operation Safe escape advocate. She has traveled the world for five years, educating security practitioners on subjects from on-prem infrastructure to the cloud and everything in between. I've traveled the world educating security... Read More →

Tuesday June 4, 2024 2:00pm - 2:50pm EDT
Ballroom C/D

Business

2:00pm EDT

Consumer Routers Still Suck

You know that little box in the corner of your house doing all the heavy lifting required to connect you (and, now that everyone is working from home, your company) with the rest of the world? Yeah, that one. It’s no secret that these things are oftentimes security nightmares for consumers, but have ISPs or the various networking vendors improved things over the years, or are they still just as terrible as we all think they are?

Over the last few years, we’ve done a deep dive into many of these devices to see what makes them tick and evaluate the risks posed to consumers. In this talk, we’ll provide a rapid fire assessment of a handful of these devices, showcase the commonalities between flaws discovered, shed some light on behind-the-scenes supply chain issues plaguing this industry, and discuss where we see things going from here.

Speakers

Evan Grant

Staff Research Engineer, Tenable

Evan is based out of Halifax, Nova Scotia and works as a Security Researcher at Tenable. He got his start in infosec working with the Canadian Forces Reserves, and has been hooked ever since. Outside of work, he occasionally tries to climb rocks, at which he is definitely worse than... Read More →

Jimi Sebree

Sr Staff Research Engineer, Tenable

Jimi Sebree is security researcher on Tenable’s Research team. With a strong background in software engineering and security, he bounces between research disciplines in an effort to appear knowledgeable about a variety of topics. Occasionally he succeeds in tricking someone into... Read More →

Tuesday June 4, 2024 2:00pm - 2:50pm EDT
1st Floor, Magnolia Room

Technical

2:50pm EDT

Vendor Break

Go see our vendors in the Expo!

Menu:

Potato Chips & French Onion Dip - GF/Vegetarian

Tuesday June 4, 2024 2:50pm - 3:00pm EDT
Potomac

Vendor Break

3:00pm EDT

Embracing My Inner Cyber Wizard To Defeat Impostor Syndrome

Impostor syndrome is a psychological phenomenon that makes you feel like a fraud, despite your achievements and qualifications. It can affect your confidence, performance, and well-being. In this talk, We will discuss Impostor Syndrome and I will share my Infosec journey and how I’ve worked on minimizing the effects of Impostor Syndrome over the course of my career. I will go into detail about the concept of the Hacker Grimoire and how it and a focus on documentation in general helped me to challenge my Impostor Syndrome. Additionally, We’ll take a peek into my Hacker Grimoire and also give you tips on how to get started with your own.

Speakers

Corey Brennan

Sr. Information Security Engineer, Virginia529

Ever since he blew a capacitor installing a Cd drive and causing a small fire in his first self-built computer, Corey has been obsessed with computer systems and how they work. After 13 years in the Infosec industry wearing just about every hat, from being in a SOC to hunting threats... Read More →

Tuesday June 4, 2024 3:00pm - 3:50pm EDT
Ballroom C/D

101

3:00pm EDT

Defending Against the Deep: Is Your Workforce Ready For Generative AI Adversaries?

Gain insight into the evolving landscape of cybersecurity in the age of AI Generated Content. From defending against multi-vector cyber attacks to empowering your workforce through AI-powered cybersecurity awareness, Defending Against the Deep delves into the intricacies of Generative AI. Together, we will look at case studies, a technical demonstration of current capabilities, keys for leveling up your workforce, and an opportunity to test your ability to recognize AI Generated Content. In this talk, explore how the same technology used for malicious intent can be harnessed for good, offering innovative solutions to safeguard enterprise environments.

Speakers

Tucker Mahan

Director of Emerging Technology, MAXX Potential

Tucker currently leads emerging technology initiatives at MAXX Potential, expanding capabilities and coaching others to build careers in technology.He is a lifelong learner with a passion for all things Technology, and loves to share his ever-evolving knowledge on the subject. When... Read More →

Tuesday June 4, 2024 3:00pm - 3:50pm EDT
1st Floor, Magnolia Room

Business

3:00pm EDT

Hacking Exchange From The Outside In

Microsoft Exchange 2019 uses the Oracle Outside-In libraries to parse specific file types when attached to emails. This talk covers the process of discovering memory corruption vulnerabilities within the technology using AFL and Jackalope and the results of the fuzzing process.

Speakers

Ali Ahmad

Senior Research Consultant, Atredis Partners

With over 5 years of experience in the information security industry, Ali has performed a wide variety of security assessments including network penetration testing, application security assessments, full-scope red team engagements, adversarial simulation, and physical penetration... Read More →

Tuesday June 4, 2024 3:00pm - 3:50pm EDT
Ballroom A/B

Technical

3:50pm EDT

Vendor Break

Go see our vendors in the Expo!

Menu:

Potato Chips & French Onion Dip - GF/Vegetarian

Tuesday June 4, 2024 3:50pm - 4:00pm EDT
Potomac

Vendor Break

4:00pm EDT

Improv Comedy for Social Engineering

This workshop that introduces the techniques used in Improv Comedy and applies them to skills used in the OFFSEC field to enable the participants to better communicate, think on their feet, and gain confidence when operating in the unknown.

Speakers

Ross Merritt

Security Consultant, Blue Bastion

Ross Merritt is a U.S. Marine Corps Veteran, Former Private Investigator, Performing Comedian, and a Cyber Security Consultant at Blue Bastion specializing in Social Engineering and OSINT.

Tuesday June 4, 2024 4:00pm - 4:50pm EDT
1st Floor, Magnolia Room

101

4:00pm EDT

Orion's Quest: Navigating the Cyber Wilderness - Tales of Modern Penetration Testing

Focusing on real stories from the trenches, Orion's Quest walks through a series of modern application and API attacks Kevin and his team have pulled off. The talk describes how we found and exploited the flaws and provides information so you can test yourself.

Speakers

Kevin Johnson

CEO, Secure Ideas, LLC

Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions... Read More →

Tuesday June 4, 2024 4:00pm - 4:50pm EDT
Ballroom A/B

Technical

4:50pm EDT

Day 1 - Closing

Remarks will be provided on Day 1, and what to expect for the rest of the evening and Day 2.

Speakers

Jake Kouns

Organizer, RVAsec

Chris Sullo

Organizer, RVAsec

Chris is the founder of RVAsec and Head of Innovation at Project Discovery, Inc. Chris has been in the security industry for 27 years, working in various research and security roles with Focal Point, HP (SPI Dynamics) and Capital One. He is the author of the “Nikto” web server... Read More →

Tuesday June 4, 2024 4:50pm - 5:00pm EDT

Informational

5:00pm EDT

Vendor Break & Room Change

Menu:

Tuesday June 4, 2024 5:00pm - 5:30pm EDT
James River Foyer

Vendor Break

5:30pm EDT

RVAsec After Party

We are shaking things up at the end of the first day of RVAsec with our exhilarating Casino Night! This spectacular event begins immediately after the last talk on Tuesday, running from 5:30pm to 9:00pm. Step into a lively atmosphere, reminiscent of Las Vegas, right here in Richmond.

The RVAsec 13 after party, brought to you by RVAsec (still looking for a sponsor to make it even more epic!), will be at in the main Omni Ballroom on Tuesday, June 13th, right after the conference ends!

5:00pm to 9pm: Food/Beverage/Music
5:30ish: Let the games begin!
8:30ish: Games close and we will announce winners!

We’ve curated an array of classic casino games for your enjoyment. Roll the dice at the Craps table, or give our Roulette wheel a spin. If cards are more your speed, try a hand at our Black Jack table, or go all-in with Texas Hold ‘Em Poker. We also offer the exciting Texas Hold ‘Em Bonus Poker Table for a thrilling twist.

But it’s not all dice and cards – test your accuracy with our Golf Shot game, or back a winner with River City Horse Racing. And the best part? There will be food, beverages, music and fabulous prizes for the top players!
So whether you’re a gaming veteran or a novice, this is your chance to relax, have fun, network, and possibly win big! As the day’s talks wrap up, prepare to immerse yourself in an unforgettable evening at the RVAsec after party!

Let the best players win!

This is an exclusive event, so you must be registered to attend or you will not be allowed entrance–no exceptions!
Important Notes:

Menu:

Tuesday June 4, 2024 5:30pm - 9:00pm EDT
Ballroom

Social