Loading…
Streaming: https://mssvideo.vcu.edu/RVAsec
arrow_back View All Dates
Tuesday, June 3
 

7:59am EDT

Registration
Tuesday June 3, 2025 7:59am - 5:00pm EDT
Upstairs, Desk
For Day 1, please line up as volunteers direct the crowd.

Registration on Day 1 is the most hectic part of the conference! We ask that you please read the instructions carefully and also please bring your patience!
  • Registration starts on Tuesday morning at 8 AM and will be on the main floor near the escalators (see Sched for the map). 
  • This is always a hectic time, please look for RVAsec volunteers directing traffic and be patient with the process. 
  • The line will form from the registration desk, then wrap around towards the parking deck. 
  • Please ensure that you have your EventBrite QR code (printed or electronic) to make check-in even faster. It will be at the bottom of this email.
  • After you have checked in, please continue forward then around  toward the escalators downstairs to obtain your t-shirt, bag, badge, info sheets, and program.
This is also where you can turn in your Passport for Prizes.

WiFi sponsored by RVAsec:

Network is "RVAsec"
Password is "nevermore!"
Tuesday June 3, 2025 7:59am - 5:00pm EDT
Upstairs, Desk
  Informational

8:00am EDT

Breakfast - Day 1
Tuesday June 3, 2025 8:00am - 9:00am EDT
Downstairs, Foyer
After you get registered, come downstairs and enjoy breakfast!
Make sure you are in the ballroom by 9am for the welcome session.

Go see our vendors in the Expo!

Menu:
  • Breakfast Sandwiches
  • Sausage Biscuits, Crispy Bacon, Egg & Cheese Croissants
  • Heirloom Potato Hash (GF, Vegetarian, Vegan)
  • Egg Bites (Gluten Free/Vegetarian)
  • Orange and Cranberry Juices
Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.

Seating: You are welcome to take your breakfast to any area of the hotel except Fall/Line. Banquet tables & chairs can be found on both sides of the Grand Ballroom upstairs. There is also seating downstairs in the Capital Ballroom (Expo). Please note these tables on Day 2 are reserved for the CTF. Various locations downstairs in the foyer are also available.

Tuesday June 3, 2025 8:00am - 9:00am EDT
Downstairs, Foyer
  Food

9:00am EDT

Welcome Day 1
Tuesday June 3, 2025 9:00am - 9:30am EDT
Upstairs, Grand Ballroom D/E/F/G
Welcome to RVAsec 14!

Remarks will be provided about what to expect at the conference and many thanks to our volunteers and sponsors for making it possible.

We will also have short presentations on CTF, Badge, and Lock Picking.

Speakers
avatar for Jake Kouns

Jake Kouns

Founder, RVAsec
Jake is the founder of RVAsec and was previously the CEO for Risk Based Security that provides vulnerabilities and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSVDB.org) and DataLossDB. Kouns has presented at many well-known... Read More →
avatar for Peter Maxwell Warasila

Peter Maxwell Warasila

Powertrain Control Solutions, LLC
avatar for Nikola Bura

Nikola Bura

Systems Administrator, MetaCTF
avatar for Nicholas Popovich

Nicholas Popovich

Principal, Rotas Security
Nick Popovich's passion is learning and exploring technology ecosystems, and trying to find ways to utilize systems in unexpected ways. His career has focused on adversarial threat simulation, offensive and defensive security, and advanced technical security assessments. He is a hacker... Read More →
Tuesday June 3, 2025 9:00am - 9:30am EDT
Upstairs, Grand Ballroom D/E/F/G
  Informational

9:30am EDT

Hoff - Keynote
Tuesday June 3, 2025 9:30am - 10:30am EDT
Upstairs, Grand Ballroom D/E/F/G
Christofer Hoff joined LastPass as Chief Secure Technology Officer in 2022, bringing more than 29 years of experience in high-profile global roles in network, application and information security architecture, software development, engineering, operations, and management. Before joining LastPass, Christofer had multiple cyber security leadership roles at Bank of America. His previous roles include Chief Information Security Officer at Citadel, Vice President and Security CTO at Juniper Networks, and Director of Cloud & Virtualization Solutions at Cisco Systems, among other security-focused roles.

In addition to his professional leadership responsibilities, Chris takes an active role in engaging youth in the impact of technology, privacy and security on society and culture as founder of HacKid, an interactive STEAM conference for parents and kids from diverse backgrounds. Chris was a founding member of and technical advisor to the Cloud Security Alliance and serves as an advisor to numerous companies and organizations.

Speakers
avatar for Christofer Hoff

Christofer Hoff

CSTO, LastPass
Christofer Hoff joined LastPass as Chief Secure Technology Officer in 2022, bringing more than 29 years of experience in high-profile global roles in network, application and information security architecture, software development, engineering, operations, and management. Before joining... Read More →
Tuesday June 3, 2025 9:30am - 10:30am EDT
Upstairs, Grand Ballroom D/E/F/G
  Keynote

10:30am EDT

Vendor Break & Room Change
Tuesday June 3, 2025 10:30am - 11:00am EDT
Downstairs, Capital Ballroom
Break and room change.

We need all attendees to leave the ballroom quickly as possible so we can split the room for sessions.

Go see our vendors in the Expo!

Menu:
  • Assorted Warm Pastries & Scones w/Softened Butter
  • Gluten Free Option Upon Request (Limited Quantities)
Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.

Tuesday June 3, 2025 10:30am - 11:00am EDT
Downstairs, Capital Ballroom
  Vendor Break

10:30am EDT

HackRVA Badge Training & Repair
Tuesday June 3, 2025 10:30am - 4:30pm EDT
Downstairs, Dominion
Come learn about your badge, get it fixed if there are any issues and talk to HackRVA!

HackRVA is a member-run and organized non-profit makerspace in Richmond, Virginia. HackRVA is a space filled with tools, computers, and people who like to build, invent, tinker, expand their minds, and learn and share new skills. You’ll find a diverse group of individuals who are into electronics, woodworking, embedded software, metalworking, programming, music, art, video, photography, 3D printing, sewing, textiles, and virtual reality—and that’s for starters. HackRVA members have access to the makerspace, tools, community and learning opportunities through member-lead workshops, events and projects.
Tuesday June 3, 2025 10:30am - 4:30pm EDT
Downstairs, Dominion
  Village

10:30am EDT

Lock Picking Village and Contest
Tuesday June 3, 2025 10:30am - 5:00pm EDT
Downstairs, Shenandoah
A variety of example locks, from simple to extremely hard, along with a picks of all shapes and sizes will be available in our lock pick village.

Stop by and have some fun testing your skills! Provided hand sanitizer will be required to help reduce the modern risks while we explore the oldest security mechanism on earth!

If you fancy yourself a strong picker or have a competitive streak, we are planning to have a time contest of a series of locks, with the fastest through them all taking home something epic.
Tuesday June 3, 2025 10:30am - 5:00pm EDT
Downstairs, Shenandoah
  Village

11:00am EDT

It's Not All Ninjas and Anonymous Masks
Tuesday June 3, 2025 11:00am - 11:50am EDT
Downstairs, Madison / Jefferson / Monroe
In this talk, I'll give you an insider’s look at what the day-to-day reality of working in cybersecurity really entails. We'll dive into the typical tasks you’ll face, from scoping and executing the test to long-term security strategy. I’ll also share how to bridge the gap between technical jargon and business language, making complex concepts understandable for non-technical stakeholders. Of course, we can’t forget about reporting—a crucial yet often challenging part of the job. I’ll discuss the complexities of crafting reports that not only communicate risks but also drive action. Along the way, we'll touch on the unique challenges posed by timelines and the tools we rely on. What makes this talk unique is my perspective from both sides of the fence: working on an internal team and as a consultant. This experience allows me to highlight the key differences and offer insights into how each role shapes your approach to cybersecurity.
Speakers
avatar for David Young

David Young

Security Consultant, Secure Ideas
David Young has worked in the I.T. industry for over 27 year with specializing in Cybersecurity for the last 16 years.  David has worked in several different areas from healthcare, government, financial, utility and consulting. David really enjoys helping organizations find and resolve... Read More →
Tuesday June 3, 2025 11:00am - 11:50am EDT
Downstairs, Madison / Jefferson / Monroe
  101

11:00am EDT

CISO of 2030 (a sequel of CISO of 2025)
Tuesday June 3, 2025 11:00am - 11:50am EDT
Upstairs, Grand Ballroom D/E
The role of the CISO has never been more critical—or more complex. Six years after my original predictions, the cybersecurity landscape has shifted under the weight of evolving regulatory scrutiny, rising boardroom expectations, and the explosion of third-party risks. But there’s a new force at play: businesses are driving security forward through peer accountability, applying market pressure to elevate standards across the ecosystem.

In this session, we’ll explore the major forces shaping modern security programs, revisit past predictions to uncover lessons learned, and share insights into how CISOs are influencing strategy at the highest levels of organizations. Looking ahead to 2030, we’ll discuss how leaders must balance compliance, operational resilience, and innovation to meet the challenges of a hyper-connected world. Join me as we reflect on where we’ve been and chart a path toward the next era of cybersecurity leadership.
Speakers
avatar for Dan Holden

Dan Holden

CISO, BigCommerce
Dan Holden is an accomplished cybersecurity leader with almost 30 years of experience in IT and cybersecurity. As CISO at BigCommerce, he oversees the company’s global cybersecurity strategy, balancing risk management with business enablement while aligning with public company governance... Read More →
Tuesday June 3, 2025 11:00am - 11:50am EDT
Upstairs, Grand Ballroom D/E
  Business

11:00am EDT

Internal Domain Name Collision 2.0
Tuesday June 3, 2025 11:00am - 11:50am EDT
Upstairs, Grand Ballroom F/G
The proliferation of new Top-Level Domains (TLDs) has sparked security concerns primarily around phishing and social engineering attacks. However, the emergence of these new TLDs has broadened the attack surface, making it easier for threat actors to exploit other domain-related vulnerabilities. Our research explored another critical but often overlooked vulnerability: Internal Domain Name Collision. During our research, we examined how legacy systems configured before the TLD boom can become susceptible to these collisions, potentially allowing threat actors to redirect or intercept sensitive internal traffic. This vulnerability can have a ripple effect, impacting even newly installed systems that rely on configurations from those legacy systems (e.g. DHCP, DNS Suffix, etc.). This presentation will showcase our methodology for identifying vulnerable domains and present real-world examples of high-value targets at risk, including a major European city, a US Police Department, and critical infrastructure companies.
Speakers
avatar for Philippe Caturegli

Philippe Caturegli

Chief Hacking Officer, Seralys
Philippe has over 25 years of experience in building, defending, and attacking across all areas of Information Security. He's been performing penetration tests since the early 2000s, gaining deep expertise across diverse security landscapes. In 2012, he founded Seralys, a boutique... Read More →
Tuesday June 3, 2025 11:00am - 11:50am EDT
Upstairs, Grand Ballroom F/G
  Technical

11:50am EDT

Lunch
Tuesday June 3, 2025 11:50am - 1:00pm EDT
Downstairs, Foyer
  • BOX LUNCHES ARE ALL THE SAME - inside you will find: Cole Slaw, Chips, Brownie, Hot Sauce Packets and Plastic Utensils
  • CHOOSE ONE:
    • Pulled Chicken BBQ Sandwiches w/Sweet Baby Ray’s BBQ Sauce (GF)
    • Chopped Mushroom BBQ Sandwiches (50 servings have been reserved for our Vegetarians, please keep this in mind when making your selection - Veg, Vegan)
    • Gluten Free Box Option Upon Request (Very Limited Quantities)


Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.

Seating: You are welcome to take your lunch to any area of the hotel. Banquet tables & chairs can be found on both sides of the Grand Ballroom upstairs. There is also seating downstairs in the Capital Ballroom (Expo). Please note these tables on Day 2 are reserved for the CTF. Various locations downstairs in the Foyer are also available.
Tuesday June 3, 2025 11:50am - 1:00pm EDT
Downstairs, Foyer
  Food

1:00pm EDT

Hacker, Hipster, Hustler, Humanist: Establishing the Government's Role in Public Interest Cybersecurity
Tuesday June 3, 2025 1:00pm - 1:50pm EDT
Downstairs, Madison / Jefferson / Monroe
Public interest cybersecurity is the application cybersecurity measures and strategies to protect critical infrastructure, non-profits, state & local governments, schools, healthcare facilities, and other institutes that primarily seek to serve the public good. 
Speakers
avatar for Christopher Cruz

Christopher Cruz

Cyber Program Manager, Virginia Fusion Center
Christopher Cruz is the Cyber Program Manager for the Virginia Fusion Center, which provides a vital conduit for intelligence collection and information exchange throughout the Commonwealth. He is responsible for the development, management, and integration of cybersecurity capabilities... Read More →
Tuesday June 3, 2025 1:00pm - 1:50pm EDT
Downstairs, Madison / Jefferson / Monroe
  101

1:00pm EDT

Leveraging AI in Surveillance for Public Safety Amid Privacy Concerns
Tuesday June 3, 2025 1:00pm - 1:50pm EDT
Upstairs, Grand Ballroom D/E
During this session, we'll explore the dual-edged role of artificial intelligence (AI) in enhancing public safety through surveillance while navigating the complex landscape of privacy and legislation. As AI transforms law enforcement and emergency responses with its advanced monitoring and threat detection capabilities, it also prompts critical questions about privacy rights and ethical considerations. This talk will dissect the balance between leveraging cutting-edge AI technologies and adhering to evolving privacy laws. We’ll delve into the latest trends, discuss the implications of facial recognition and behavior prediction, and examine how legislation is adapting to these rapid technological advancements. Whether you're a tech professional, policy maker, or privacy advocate, this session will equip you with the insights needed to responsibly implement AI in surveillance, ensuring public safety enhancements do not compromise individual privacy. 
Speakers
avatar for Vennard Wright

Vennard Wright

CEO, PerVista AI
Vennard Wright is the President & CEO of PerVista, an award-winning AI-weapons detection firm headquartered in National Harbor, MD.  Prior to founding PerVista, his professional experience was comprised of multiple executive leadership roles including serving as the Chief Information... Read More →
Tuesday June 3, 2025 1:00pm - 1:50pm EDT
Upstairs, Grand Ballroom D/E
  Business

1:00pm EDT

The Lazy Pentester's Guide to Coasting Through Internals
Tuesday June 3, 2025 1:00pm - 1:50pm EDT
Upstairs, Grand Ballroom F/G
It's been said that nobody wants to work anymore, and pentesters are certainly no exception to this rule. Internal pentests can be hard, time consuming drudgery. Pentesters may spend hours scanning hosts, looking for open ports and exploitable services only to find themselves with little time left to exploit anything, and a lack of focus on where to begin.

What if there was a better more efficient way? What if there was an 80% solution that will have you traipsing around the network with elevated privileges and creds in hand requiring a fraction of the time and effort using tools you're already using?

 In this talk we'll cover multiple proven methods for obtaining creds, gaining footholds, and just generally wrecking up the place that are quick, relatively painless, and will leave you owning a client's network fast.
Speakers
avatar for Matthew Fisher

Matthew Fisher

Penetration Tester, STACKTITAN
Matt Fisher is a security consultant at STACKTITAN, with an emphasis on the penetration testing and red team disciplines. Matt is a US Army veteran who spent 14 years working in various roles within the DOD Intelligence Community before being drawn to the field of cyber security... Read More →
Tuesday June 3, 2025 1:00pm - 1:50pm EDT
Upstairs, Grand Ballroom F/G
  Technical

1:00pm EDT

CTF Prep
Tuesday June 3, 2025 1:00pm - 4:00pm EDT
Downstairs, Capital Ballroom / Middle
Come prep and learn more about the CTF contest!
Tuesday June 3, 2025 1:00pm - 4:00pm EDT
Downstairs, Capital Ballroom / Middle
  CTF

1:50pm EDT

Vendor Break
Tuesday June 3, 2025 1:50pm - 2:00pm EDT
Downstairs, Capital Ballroom
Go see our vendors in the Expo!

Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.


Tuesday June 3, 2025 1:50pm - 2:00pm EDT
Downstairs, Capital Ballroom
  Vendor Break

2:00pm EDT

Linux Kernel Exploitation for Beginners
Tuesday June 3, 2025 2:00pm - 2:50pm EDT
Downstairs, Madison / Jefferson / Monroe
My talk is focused on teaching people how to get into Linux kernel exploitation using Kernel based CTFs as an entry point.
Speakers
avatar for Kevin Massey

Kevin Massey

IT Engineering Manager, Winebow
I am an IT Engineering Manager and Independent Security Researcher. I am focused primarily on vulnerabilities, binary exploitation, and network protocols.
Tuesday June 3, 2025 2:00pm - 2:50pm EDT
Downstairs, Madison / Jefferson / Monroe
  101

2:00pm EDT

Vendor Management 2025 - How to Make Better Vendor Management Decisions
Tuesday June 3, 2025 2:00pm - 2:50pm EDT
Upstairs, Grand Ballroom D/E
Although vendor management has evolved, the core process remains the same: gathering and reviewing documentation to decide whether to continue business with a vendor. The key question now is how to ensure that vendors are genuinely protecting your data!
Speakers
avatar for Jon Waldman

Jon Waldman

President, SBS CyberSecurity
Jon Waldman is a co-founder and President of SBS CyberSecurity and the SBS Institute. Over the past 20 years, Jon has helped hundreds of organizations identify and understand cybersecurity risks to allow them to make better and more informed business decisions. Jon is incredibly passionate... Read More →
Tuesday June 3, 2025 2:00pm - 2:50pm EDT
Upstairs, Grand Ballroom D/E
  Business

2:00pm EDT

Following The JSON Path: A Road Paved in RCE
Tuesday June 3, 2025 2:00pm - 2:50pm EDT
Upstairs, Grand Ballroom F/G
Dive into researching JavaScript implementations of JSON path libraries, breaking out of JavaScript sandboxes, achieving code execution, and examining the blast radius of impacted components. This talk covers both the research process for the discovery of these novel vulnerabilities and footguns, as well as the process for identifying the blast radius, weaponizing the vulnerabilities against actual targets, and engaging impacted stakeholders. Join me to hear a harrowing tale of remote code execution in several widely used products, CVE assignments, and critical bounty payouts.
Speakers
avatar for Nick Copi

Nick Copi

AppSec Engineer, CarMax
Nick Copi is an application security engineer at CarMax who in his spare time immerses himself in security research and bug bounty. With a background spanning from building full stack web applications to pioneering application security initiatives at CarMax, he brings a wealth of... Read More →
Tuesday June 3, 2025 2:00pm - 2:50pm EDT
Upstairs, Grand Ballroom F/G
  Technical

2:50pm EDT

Vendor Break
Tuesday June 3, 2025 2:50pm - 3:00pm EDT
Downstairs, Capital Ballroom
Go see our vendors in the Expo!

Menu:
  • Warm Chocolate Chip Cookies 
  • Cold Chocolate Milk and 2% Milk

Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.



Tuesday June 3, 2025 2:50pm - 3:00pm EDT
Downstairs, Capital Ballroom
  Vendor Break

3:00pm EDT

Look Ma, No IDA! Malware Analysis Without Reverse Engineering
Tuesday June 3, 2025 3:00pm - 3:50pm EDT
Downstairs, Madison / Jefferson / Monroe
Do you think malware analysis is out of your reach because assembly code looks like reading the matrix? Fear not, this talk will convince you that learning assembly code is not the best place to start your malware analysis journey. For starters, the modern malware landscape is diverse and malicious code isn’t always compiled into assembly. Not every use case for malware analysis requires a deep dive and there are many great tools and services that provide information about a malware sample you can build your analysis on.
 
If you work as an incident responder, detection engineer, threat hunter, or intel analyst, you probably already do some malware analysis but don’t realize it. And if you don’t but would like to, this talk will discuss the tools and knowledge you should focus on first before embarking on groking the intel x86 manual.
Speakers
avatar for Christina Johns

Christina Johns

Principal Malware Analyst, Red Canary
Christina Johns is a Principal Malware Analyst at Red Canary with 15 years experience. Prior to becoming a malware analyst she worked in a variety of areas including web application assessment, android forensics, and incident response. Her research interests lie at the intersection... Read More →
Tuesday June 3, 2025 3:00pm - 3:50pm EDT
Downstairs, Madison / Jefferson / Monroe
  101

3:00pm EDT

AI: Who's Watching Whom?
Tuesday June 3, 2025 3:00pm - 3:50pm EDT
Upstairs, Grand Ballroom D/E
Artificial Intelligence (AI) has intersected with cybercrime and cybersecurity that forces organizations to leverage the technology in order to benefit the industry while at the same time understanding how to protect against AI based threats.  How will your organization use AI safely and securely?
Speakers
avatar for Kyle King

Kyle King

Security Engineering Manager, Check Point Software Technologies Ltd
Kyle King has designed, implemented, managed, and secured information systems and networks for various industries throughout his 28+ year career, including construction, financial, and healthcare. A native of Hickory, NC, he has been employed by Check Point Software Technologies for... Read More →
Tuesday June 3, 2025 3:00pm - 3:50pm EDT
Upstairs, Grand Ballroom D/E
  Business

3:00pm EDT

Defending Entra ID and Office 365 Using the Prism of GraphRunner
Tuesday June 3, 2025 3:00pm - 3:50pm EDT
Upstairs, Grand Ballroom F/G
For organizations using Microsoft Entra ID and O365, it’s important to understand the landscape of the Graph API, how data is accessed and the logs available to gain visibility into probes and attacks that are targeting users and their information stores.

To drive this awareness, I’ve chosen to use a red team toolkit called GraphRunner that empowers offensive cyber practitioners an easy to use method to get started probing Microsoft Entra ID and Office 365 tenants. On the flip side of this, we are going to take a look at the logs generated by GraphRunner in a simulated attack chain to better understand what a blue teamer might see and how they can build detections and hunt, not just for GraphRunner, but for suspicious activities occurring within their Entra ID and Office 365 tenant.
Speakers
avatar for John Stoner

John Stoner

Principal Security Strategist, Google Cloud
John Stoner is a Global Principal Security Strategist at Google Cloud and leverages his experience to improve users' capabilities in Security Operations, Threat Hunting, Incident Response, Detection Engineering and Threat Intelligence. He blogs on threat hunting and security operations... Read More →
Tuesday June 3, 2025 3:00pm - 3:50pm EDT
Upstairs, Grand Ballroom F/G
  Technical

3:50pm EDT

Vendor Break
Tuesday June 3, 2025 3:50pm - 4:00pm EDT
Downstairs, Capital Ballroom
Go see our vendors in the Expo!

Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.

Tuesday June 3, 2025 3:50pm - 4:00pm EDT
Downstairs, Capital Ballroom
  Vendor Break

4:00pm EDT

Why There is No Casino Night at RVAsec This Year (Sorry)
Tuesday June 3, 2025 4:00pm - 4:50pm EDT
Downstairs, Madison / Jefferson / Monroe
Every year, RVAsec hosts an after-party to close out the first day of talks at the conference. For the last two years, that nightly entertainment has been CASINO NIGHT, an opportunity to bet fake money on games of chance in order to win some very real prizes. Unfortunately, through some fault of my own, Casino Night will not be returning this year.

Join me for a retrospective of the last two Casino Nights: what went right, what went wrong, how systems (and people) can be gamed, how to adapt to new information, how I managed to win numerous prizes, and more. We will discuss how to harness game theory, social engineering, statistics, and other things that will get you kicked out of a normal casino.
Speakers
avatar for Ben Haynes

Ben Haynes

Data Science & Analytics Lead, Flashpoint
Ben Haynes is a data scientist at Flashpoint, leveraging analytics and his cybersecurity expertise to solve practical problems in the industry. Previously, he worked at Risk Based Security, where he dedicated his time to enhancing and implementing the organization’s cybersecurity... Read More →
Tuesday June 3, 2025 4:00pm - 4:50pm EDT
Downstairs, Madison / Jefferson / Monroe
  101

4:00pm EDT

Large Language Models for Hackers
Tuesday June 3, 2025 4:00pm - 4:50pm EDT
Upstairs, Grand Ballroom F/G
Wield your own AI agents, for fun and profit, with open-weight Large Language Models. In this talk, the audience will learn the foundational data science that empowers LLMs to help…and hallucinate, before diving into a tutorial on “agentic” LLM techniques. Along the way, key concepts and methods are related to NIST’s AI Risk Management Framework (NIST AI 600-1) and their adversarial machine learning taxonomy (NIST AI 100-2e2023). Cut through the hype - see the limitations and attack surfaces for yourself, and explore ways you could incorporate these tools into your own practice.
Speakers
avatar for Morgan Stuart

Morgan Stuart

Data Scientist, Canopy Nine
Morgan is an independent consultant who helps teams identify and implement data science solutions. However, unsatisfied with the ivy walls of the tech oligarchy, he also researches and experiments with today’s latest AI trends for issues related to offline use, trust, and data privacy... Read More →
Tuesday June 3, 2025 4:00pm - 4:50pm EDT
Upstairs, Grand Ballroom F/G
  Technical

4:50pm EDT

Day 1 - Closing
Tuesday June 3, 2025 4:50pm - 5:00pm EDT
Remarks will be provided on Day 1, and what to expect for the rest of the evening and Day 2.
Speakers
avatar for Jake Kouns

Jake Kouns

Founder, RVAsec
Jake is the founder of RVAsec and was previously the CEO for Risk Based Security that provides vulnerabilities and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSVDB.org) and DataLossDB. Kouns has presented at many well-known... Read More →
avatar for Chris Sullo

Chris Sullo

Founder, RVAsec
Chris is the founder of RVAsec and Head of Innovation at Project Discovery, Inc. Chris has been in the security industry for 27 years, working in various research and security roles with Focal Point, HP (SPI Dynamics) and Capital One. He is the author of the “Nikto” web server... Read More →
Tuesday June 3, 2025 4:50pm - 5:00pm EDT
  Informational

5:00pm EDT

Vendor Break & Room Change
Tuesday June 3, 2025 5:00pm - 5:30pm EDT
Downstairs, Capital Ballroom
Grab a drink and go see the vendors one more time in the Expo downstairs before the after party starts!
  • Bars open in Foyer while you wait for the After Party to be ready!
  • Food service will begin at 5:30pm inside the Ballroom; bars move inside as well. 
  • Menu
    • Mac and Cheese Bar: Bacon, Green Onion, Hot Sauce, Salsa, Shredded Cheese, Roasted Red Peppers, Caramelized Onion
    • All Beef Meatballs w/Italian Herbs & Romano Cheese
    • Ham Jam: Southern Biscuit Made Fresh, Country Ham, Fig Jam
    • Dessert: Apple and Berry Tarts @ 6:30pm
  • Bar
    • Premium Wines: Trinity Oaks - Cabernet Sauvignon, Pinot Noir, Pinot Grigio, Chardonnay
    • Domestic Beer: Yuengling, Michelob Ultra
    • Import Beer & Seasonal Crafts: Corona, Stella, Blue Moon, Local IPA, Local Cider
    • Premium Liquor: Titos Vodka, Citadelle Gin, Cruzan Rum, Jose Cuervo Tequila, Jim Beam Bourbon, Dewar's White Label Scotch, Jack Daniels Whiskey
    • Assorted Pepsi Products, Water and Non-Alcoholic Juices/Punch

Tuesday June 3, 2025 5:00pm - 5:30pm EDT
Downstairs, Capital Ballroom
  Vendor Break

5:30pm EDT

RVAsec After Party
Tuesday June 3, 2025 5:30pm - 9:00pm EDT
Upstairs, Grand Ballroom D/E/F/G
TBD

Menu
  • TBD


Bar
  • TBD
Tuesday June 3, 2025 5:30pm - 9:00pm EDT
Upstairs, Grand Ballroom D/E/F/G
  Social
 
Need help? View Support Guides
Event questions? Contact Event Planner
©2025 Sched About Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Tuesday, June 3
Wednesday, June 4
Downstairs, Capital Ballroom
Downstairs, Capital Ballroom / Middle
Downstairs, Dominion
Downstairs, Foyer
Downstairs, Madison / Jefferson / Monroe
Downstairs, Shenandoah
Upstairs, Desk
Upstairs, Grand Ballroom D/E
Upstairs, Grand Ballroom D/E/F/G
Upstairs, Grand Ballroom F/G
  • 101
  • Business
  • CTF
  • Food
  • Informational
  • Keynote
  • Social
  • Technical
  • Vendor Break
  • Village
  • Popular