RVAsec 14: Full Schedule

Streaming: https://mssvideo.vcu.edu/RVAsec

7:59am EDT

Registration

Tuesday June 3, 2025 7:59am - 5:00pm EDT

For Day 1, please line up as volunteers direct the crowd.

If you have any questions or issues please stop by for help.

This is also where you can turn in your Passport for Prizes.

WiFi sponsored by RVAsec:

Network is "RVAsec"
Password is "RVAsec2025"

Tuesday June 3, 2025 7:59am - 5:00pm EDT
Upstairs, Desk

Informational

8:00am EDT

Breakfast - Day 1

Tuesday June 3, 2025 8:00am - 9:00am EDT

Downstairs, Foyer

After you get registered, come downstairs and enjoy breakfast!
Make sure you are in the ballroom by 9am for the welcome session.

Go see our vendors in the Expo!

Menu:

Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.

Tuesday June 3, 2025 8:00am - 9:00am EDT
Downstairs, Foyer

Food

9:00am EDT

Welcome Day 1

Tuesday June 3, 2025 9:00am - 9:30am EDT

Upstairs, Grand Ballroom D/E/F/G

Welcome to RVAsec 14!

Remarks will be provided about what to expect at the conference and many thanks to our volunteers and sponsors for making it possible.

We will also have short presentations on CTF, Badge, and Lock Picking.

Speakers

Roman Bohuk

CEO, MetaCTF

Roman Bohuk is co-founder and CEO of MetaCTF, a cyber skills platform that helps companies assess, recruit, retain, and upskill cyber talent. We specialize in competition-based exercises, such as on-demand labs, traditional jeopardy-style CTFs, and attack & defense CTFs that can be... Read More →

Jake Kouns

Organizer, RVAsec

Jake is the founder of RVAsec and was previously the CEO for Risk Based Security that provides vulnerabilities and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSVDB.org) and DataLossDB. Kouns has presented at many well-known... Read More →

Peter Maxwell Warasila

Powertrain Control Solutions, LLC

Tuesday June 3, 2025 9:00am - 9:30am EDT
Upstairs, Grand Ballroom D/E/F/G

Informational

9:30am EDT

Hoff - Keynote

Tuesday June 3, 2025 9:30am - 10:30am EDT

Upstairs, Grand Ballroom D/E/F/G

Christofer Hoff joined LastPass as Chief Secure Technology Officer in 2022, bringing more than 29 years of experience in high-profile global roles in network, application and information security architecture, software development, engineering, operations, and management. Before joining LastPass, Christofer had multiple cyber security leadership roles at Bank of America. His previous roles include Chief Information Security Officer at Citadel, Vice President and Security CTO at Juniper Networks, and Director of Cloud & Virtualization Solutions at Cisco Systems, among other security-focused roles.

In addition to his professional leadership responsibilities, Chris takes an active role in engaging youth in the impact of technology, privacy and security on society and culture as founder of HacKid, an interactive STEAM conference for parents and kids from diverse backgrounds. Chris was a founding member of and technical advisor to the Cloud Security Alliance and serves as an advisor to numerous companies and organizations.

Speakers

Christofer Hoff

CSTO, LastPass

Tuesday June 3, 2025 9:30am - 10:30am EDT
Upstairs, Grand Ballroom D/E/F/G

Keynote

10:30am EDT

Vendor Break & Room Change

Tuesday June 3, 2025 10:30am - 11:00am EDT

Downstairs, Capital Ballroom

Break and room change.

We need all attendees to leave the ballroom quickly as possible so we can split the room for sessions.

Go see our vendors in the Expo!

Menu:

Tuesday June 3, 2025 10:30am - 11:00am EDT
Downstairs, Capital Ballroom

Vendor Break

10:30am EDT

HackRVA Badge Training & Repair

Tuesday June 3, 2025 10:30am - 4:30pm EDT

Downstairs, Dominion

Come learn about your badge, get it fixed if there are any issues and talk to HackRVA!

HackRVA is a member-run and organized non-profit makerspace in Richmond, Virginia. HackRVA is a space filled with tools, computers, and people who like to build, invent, tinker, expand their minds, and learn and share new skills. You’ll find a diverse group of individuals who are into electronics, woodworking, embedded software, metalworking, programming, music, art, video, photography, 3D printing, sewing, textiles, and virtual reality—and that’s for starters. HackRVA members have access to the makerspace, tools, community and learning opportunities through member-lead workshops, events and projects.

Tuesday June 3, 2025 10:30am - 4:30pm EDT
Downstairs, Dominion

Village

10:30am EDT

Lock Picking Village and Contest

Tuesday June 3, 2025 10:30am - 5:00pm EDT

Downstairs, Shenandoah

A variety of example locks, from simple to extremely hard, along with a picks of all shapes and sizes will be available in our lock pick village.

Stop by and have some fun testing your skills! Provided hand sanitizer will be required to help reduce the modern risks while we explore the oldest security mechanism on earth!

If you fancy yourself a strong picker or have a competitive streak, we are planning to have a time contest of a series of locks, with the fastest through them all taking home something epic.

Tuesday June 3, 2025 10:30am - 5:00pm EDT
Downstairs, Shenandoah

Village

11:00am EDT

It's Not All Ninjas and Anonymous Masks

Tuesday June 3, 2025 11:00am - 11:50am EDT

Downstairs, Madison / Jefferson / Monroe

In this talk, I'll give you an insider’s look at what the day-to-day reality of working in cybersecurity really entails. We'll dive into the typical tasks you’ll face, from scoping and executing the test to long-term security strategy. I’ll also share how to bridge the gap between technical jargon and business language, making complex concepts understandable for non-technical stakeholders. Of course, we can’t forget about reporting—a crucial yet often challenging part of the job. I’ll discuss the complexities of crafting reports that not only communicate risks but also drive action. Along the way, we'll touch on the unique challenges posed by timelines and the tools we rely on. What makes this talk unique is my perspective from both sides of the fence: working on an internal team and as a consultant. This experience allows me to highlight the key differences and offer insights into how each role shapes your approach to cybersecurity.

Speakers

David Young

Security Consultant, Secure Ideas

David Young has worked in the I.T. industry for over 27 year with specializing in Cybersecurity for the last 16 years. David has worked in several different areas from healthcare, government, financial, utility and consulting. David really enjoys helping organizations find and resolve... Read More →

Tuesday June 3, 2025 11:00am - 11:50am EDT
Downstairs, Madison / Jefferson / Monroe

101

11:00am EDT

CISO of 2030 (a sequel of CISO of 2025)

Tuesday June 3, 2025 11:00am - 11:50am EDT

Upstairs, Grand Ballroom D/E

The role of the CISO has never been more critical—or more complex. Six years after my original predictions, the cybersecurity landscape has shifted under the weight of evolving regulatory scrutiny, rising boardroom expectations, and the explosion of third-party risks. But there’s a new force at play: businesses are driving security forward through peer accountability, applying market pressure to elevate standards across the ecosystem.

In this session, we’ll explore the major forces shaping modern security programs, revisit past predictions to uncover lessons learned, and share insights into how CISOs are influencing strategy at the highest levels of organizations. Looking ahead to 2030, we’ll discuss how leaders must balance compliance, operational resilience, and innovation to meet the challenges of a hyper-connected world. Join me as we reflect on where we’ve been and chart a path toward the next era of cybersecurity leadership.

Speakers

Dan Holden

CISO, BigCommerce

Dan Holden is an accomplished cybersecurity leader with almost 30 years of experience in IT and cybersecurity. As CISO at BigCommerce, he oversees the company’s global cybersecurity strategy, balancing risk management with business enablement while aligning with public company governance... Read More →

Tuesday June 3, 2025 11:00am - 11:50am EDT
Upstairs, Grand Ballroom D/E

Business

11:00am EDT

Internal Domain Name Collision 2.0

Tuesday June 3, 2025 11:00am - 11:50am EDT

Upstairs, Grand Ballroom F/G

The proliferation of new Top-Level Domains (TLDs) has sparked security concerns primarily around phishing and social engineering attacks. However, the emergence of these new TLDs has broadened the attack surface, making it easier for threat actors to exploit other domain-related vulnerabilities. Our research explored another critical but often overlooked vulnerability: Internal Domain Name Collision. During our research, we examined how legacy systems configured before the TLD boom can become susceptible to these collisions, potentially allowing threat actors to redirect or intercept sensitive internal traffic. This vulnerability can have a ripple effect, impacting even newly installed systems that rely on configurations from those legacy systems (e.g. DHCP, DNS Suffix, etc.). This presentation will showcase our methodology for identifying vulnerable domains and present real-world examples of high-value targets at risk, including a major European city, a US Police Department, and critical infrastructure companies.

Speakers

Philippe Caturegli

Chief Hacking Officer, Seralys

Philippe has over 25 years of experience in building, defending, and attacking across all areas of Information Security. He's been performing penetration tests since the early 2000s, gaining deep expertise across diverse security landscapes. In 2012, he founded Seralys, a boutique... Read More →

Tuesday June 3, 2025 11:00am - 11:50am EDT
Upstairs, Grand Ballroom F/G

Technical

11:50am EDT

Lunch

Tuesday June 3, 2025 11:50am - 1:00pm EDT

Downstairs, Foyer

TBD

Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.

Seating: You are welcome to take your lunch to any area of the hotel. Banquet tables & chairs can be found on both sides of the Grand Ballroom upstairs. There is also seating downstairs in the Capital Ballroom (Expo). Please note these tables on Day 2 are reserved for the CTF. Various locations downstairs in the Foyer are also available.

Tuesday June 3, 2025 11:50am - 1:00pm EDT
Downstairs, Foyer

Food

1:00pm EDT

Hacker, Hipster, Hustler, Humanist: Establishing the Government's Role in Public Interest Cybersecurity

Tuesday June 3, 2025 1:00pm - 1:50pm EDT

Downstairs, Madison / Jefferson / Monroe

Public interest cybersecurity is the application cybersecurity measures and strategies to protect critical infrastructure, non-profits, state & local governments, schools, healthcare facilities, and other institutes that primarily seek to serve the public good.

Speakers

Christopher Cruz

Cyber Program Manager, Virginia Fusion Center

Christopher Cruz is the Cyber Program Manager for the Virginia Fusion Center, which provides a vital conduit for intelligence collection and information exchange throughout the Commonwealth. He is responsible for the development, management, and integration of cybersecurity capabilities... Read More →

Tuesday June 3, 2025 1:00pm - 1:50pm EDT
Downstairs, Madison / Jefferson / Monroe

101

1:00pm EDT

Leveraging AI in Surveillance for Public Safety Amid Privacy Concerns

Tuesday June 3, 2025 1:00pm - 1:50pm EDT

Upstairs, Grand Ballroom D/E

During this session, we'll explore the dual-edged role of artificial intelligence (AI) in enhancing public safety through surveillance while navigating the complex landscape of privacy and legislation. As AI transforms law enforcement and emergency responses with its advanced monitoring and threat detection capabilities, it also prompts critical questions about privacy rights and ethical considerations. This talk will dissect the balance between leveraging cutting-edge AI technologies and adhering to evolving privacy laws. We’ll delve into the latest trends, discuss the implications of facial recognition and behavior prediction, and examine how legislation is adapting to these rapid technological advancements. Whether you're a tech professional, policy maker, or privacy advocate, this session will equip you with the insights needed to responsibly implement AI in surveillance, ensuring public safety enhancements do not compromise individual privacy.

Speakers

Vennard Wright

CEO, PerVista AI

Vennard Wright is the President & CEO of PerVista, an award-winning AI-weapons detection firm headquartered in National Harbor, MD. Prior to founding PerVista, his professional experience was comprised of multiple executive leadership roles including serving as the Chief Information... Read More →

Tuesday June 3, 2025 1:00pm - 1:50pm EDT
Upstairs, Grand Ballroom D/E

Business

1:00pm EDT

The Lazy Pentester's Guide to Coasting Through Internals

Tuesday June 3, 2025 1:00pm - 1:50pm EDT

Upstairs, Grand Ballroom F/G

It's been said that nobody wants to work anymore, and pentesters are certainly no exception to this rule. Internal pentests can be hard, time consuming drudgery. Pentesters may spend hours scanning hosts, looking for open ports and exploitable services only to find themselves with little time left to exploit anything, and a lack of focus on where to begin.

What if there was a better more efficient way? What if there was an 80% solution that will have you traipsing around the network with elevated privileges and creds in hand requiring a fraction of the time and effort using tools you're already using?

In this talk we'll cover multiple proven methods for obtaining creds, gaining footholds, and just generally wrecking up the place that are quick, relatively painless, and will leave you owning a client's network fast.

Speakers

Matthew Fisher

Penetration Tester, STACKTITAN

Matt Fisher is a security consultant at STACKTITAN, with an emphasis on the penetration testing and red team disciplines. Matt is a US Army veteran who spent 14 years working in various roles within the DOD Intelligence Community before being drawn to the field of cyber security... Read More →

Tuesday June 3, 2025 1:00pm - 1:50pm EDT
Upstairs, Grand Ballroom F/G

Technical

1:00pm EDT

CTF Prep

Tuesday June 3, 2025 1:00pm - 4:00pm EDT

Downstairs, Capital Ballroom / Middle

Come prep and learn more about the CTF contest!

Tuesday June 3, 2025 1:00pm - 4:00pm EDT
Downstairs, Capital Ballroom / Middle

CTF

1:50pm EDT

Vendor Break

Tuesday June 3, 2025 1:50pm - 2:00pm EDT

Downstairs, Capital Ballroom

Go see our vendors in the Expo!

Menu:

Tuesday June 3, 2025 1:50pm - 2:00pm EDT
Downstairs, Capital Ballroom

Vendor Break

2:00pm EDT

Linux Kernel Exploitation for Beginners

Tuesday June 3, 2025 2:00pm - 2:50pm EDT

Downstairs, Madison / Jefferson / Monroe

My talk is focused on teaching people how to get into Linux kernel exploitation using Kernel based CTFs as an entry point.

Speakers

Kevin Massey

IT Engineering Manager, Winebow

I am an IT Engineering Manager and Independent Security Researcher. I am focused primarily on vulnerabilities, binary exploitation, and network protocols.

Tuesday June 3, 2025 2:00pm - 2:50pm EDT
Downstairs, Madison / Jefferson / Monroe

101

2:00pm EDT

Vendor Management 2025 - How to Make Better Vendor Management Decisions

Tuesday June 3, 2025 2:00pm - 2:50pm EDT

Upstairs, Grand Ballroom D/E

Although vendor management has evolved, the core process remains the same: gathering and reviewing documentation to decide whether to continue business with a vendor. The key question now is how to ensure that vendors are genuinely protecting your data!

Speakers

Jon Waldman

President, SBS CyberSecurity

Jon Waldman is a co-founder and President of SBS CyberSecurity and the SBS Institute. Over the past 20 years, Jon has helped hundreds of organizations identify and understand cybersecurity risks to allow them to make better and more informed business decisions. Jon is incredibly passionate... Read More →

Tuesday June 3, 2025 2:00pm - 2:50pm EDT
Upstairs, Grand Ballroom D/E

Business

2:00pm EDT

Following The JSON Path: A Road Paved in RCE

Tuesday June 3, 2025 2:00pm - 2:50pm EDT

Upstairs, Grand Ballroom F/G

Dive into researching JavaScript implementations of JSON path libraries, breaking out of JavaScript sandboxes, achieving code execution, and examining the blast radius of impacted components. This talk covers both the research process for the discovery of these novel vulnerabilities and footguns, as well as the process for identifying the blast radius, weaponizing the vulnerabilities against actual targets, and engaging impacted stakeholders. Join me to hear a harrowing tale of remote code execution in several widely used products, CVE assignments, and critical bounty payouts.

Speakers

Nick Copi

AppSec Engineer, CarMax

Nick Copi is an application security engineer at CarMax who in his spare time immerses himself in security research and bug bounty. With a background spanning from building full stack web applications to pioneering application security initiatives at CarMax, he brings a wealth of... Read More →

Tuesday June 3, 2025 2:00pm - 2:50pm EDT
Upstairs, Grand Ballroom F/G

Technical

2:50pm EDT

Vendor Break

Tuesday June 3, 2025 2:50pm - 3:00pm EDT

Downstairs, Capital Ballroom

Go see our vendors in the Expo!

Menu:

Tuesday June 3, 2025 2:50pm - 3:00pm EDT
Downstairs, Capital Ballroom

Vendor Break

3:00pm EDT

Look Ma, No IDA! Malware Analysis Without Reverse Engineering

Tuesday June 3, 2025 3:00pm - 3:50pm EDT

Downstairs, Madison / Jefferson / Monroe

Do you think malware analysis is out of your reach because assembly code looks like reading the matrix? Fear not, this talk will convince you that learning assembly code is not the best place to start your malware analysis journey. For starters, the modern malware landscape is diverse and malicious code isn’t always compiled into assembly. Not every use case for malware analysis requires a deep dive and there are many great tools and services that provide information about a malware sample you can build your analysis on.

If you work as an incident responder, detection engineer, threat hunter, or intel analyst, you probably already do some malware analysis but don’t realize it. And if you don’t but would like to, this talk will discuss the tools and knowledge you should focus on first before embarking on groking the intel x86 manual.

Speakers

Christina Johns

Principal Malware Analyst, Red Canary

Christina Johns is a Principal Malware Analyst at Red Canary with 15 years experience. Prior to becoming a malware analyst she worked in a variety of areas including web application assessment, android forensics, and incident response. Her research interests lie at the intersection... Read More →

Tuesday June 3, 2025 3:00pm - 3:50pm EDT
Downstairs, Madison / Jefferson / Monroe

101

3:00pm EDT

AI: Who's Watching Whom?

Tuesday June 3, 2025 3:00pm - 3:50pm EDT

Upstairs, Grand Ballroom D/E

Artificial Intelligence (AI) has intersected with cybercrime and cybersecurity that forces organizations to leverage the technology in order to benefit the industry while at the same time understanding how to protect against AI based threats. How will your organization use AI safely and securely?

Speakers

Kyle King

Security Engineering Manager, Check Point Software Technologies Ltd

Kyle King has designed, implemented, managed, and secured information systems and networks for various industries throughout his 28+ year career, including construction, financial, and healthcare. A native of Hickory, NC, he has been employed by Check Point Software Technologies for... Read More →

Tuesday June 3, 2025 3:00pm - 3:50pm EDT
Upstairs, Grand Ballroom D/E

Business

3:00pm EDT

Defending Entra ID and Office 365 Using the Prism of GraphRunner

Tuesday June 3, 2025 3:00pm - 3:50pm EDT

Upstairs, Grand Ballroom F/G

For organizations using Microsoft Entra ID and O365, it’s important to understand the landscape of the Graph API, how data is accessed and the logs available to gain visibility into probes and attacks that are targeting users and their information stores.

To drive this awareness, I’ve chosen to use a red team toolkit called GraphRunner that empowers offensive cyber practitioners an easy to use method to get started probing Microsoft Entra ID and Office 365 tenants. On the flip side of this, we are going to take a look at the logs generated by GraphRunner in a simulated attack chain to better understand what a blue teamer might see and how they can build detections and hunt, not just for GraphRunner, but for suspicious activities occurring within their Entra ID and Office 365 tenant.

Speakers

John Stoner

Principal Security Strategist, Google Cloud

John Stoner is a Global Principal Security Strategist at Google Cloud and leverages his experience to improve users' capabilities in Security Operations, Threat Hunting, Incident Response, Detection Engineering and Threat Intelligence. He blogs on threat hunting and security operations... Read More →

Tuesday June 3, 2025 3:00pm - 3:50pm EDT
Upstairs, Grand Ballroom F/G

Technical

3:50pm EDT

Vendor Break

Tuesday June 3, 2025 3:50pm - 4:00pm EDT

Downstairs, Capital Ballroom

Go see our vendors in the Expo!

Menu:

Tuesday June 3, 2025 3:50pm - 4:00pm EDT
Downstairs, Capital Ballroom

Vendor Break

4:00pm EDT

Why There is No Casino Night at RVAsec This Year (Sorry)

Tuesday June 3, 2025 4:00pm - 4:50pm EDT

Downstairs, Madison / Jefferson / Monroe

Every year, RVAsec hosts an after-party to close out the first day of talks at the conference. For the last two years, that nightly entertainment has been CASINO NIGHT, an opportunity to bet fake money on games of chance in order to win some very real prizes. Unfortunately, through some fault of my own, Casino Night will not be returning this year.

Join me for a retrospective of the last two Casino Nights: what went right, what went wrong, how systems (and people) can be gamed, how to adapt to new information, how I managed to win numerous prizes, and more. We will discuss how to harness game theory, social engineering, statistics, and other things that will get you kicked out of a normal casino.

Speakers

Ben Haynes

Data Scientist, Flashpoint

Ben Haynes is a data scientist at Flashpoint, leveraging analytics and his cybersecurity expertise to solve practical problems in the industry. Previously, he worked at Risk Based Security, where he dedicated his time to enhancing and implementing the organization’s cybersecurity... Read More →

Tuesday June 3, 2025 4:00pm - 4:50pm EDT
Downstairs, Madison / Jefferson / Monroe

101

4:00pm EDT

Large Language Models for Hackers

Tuesday June 3, 2025 4:00pm - 4:50pm EDT

Upstairs, Grand Ballroom F/G

Wield your own AI agents, for fun and profit, with open-weight Large Language Models. In this talk, the audience will learn the foundational data science that empowers LLMs to help…and hallucinate, before diving into a tutorial on “agentic” LLM techniques. Along the way, key concepts and methods are related to NIST’s AI Risk Management Framework (NIST AI 600-1) and their adversarial machine learning taxonomy (NIST AI 100-2e2023). Cut through the hype - see the limitations and attack surfaces for yourself, and explore ways you could incorporate these tools into your own practice.

Speakers

Morgan Stuart

Data scientist and engineer

Morgan is an independent consultant who helps teams identify and implement data science solutions. However, unsatisfied with the ivy walls of the tech oligarchy, he also researches and experiments with today’s latest AI trends for issues related to offline use, trust, and data privacy... Read More →

Tuesday June 3, 2025 4:00pm - 4:50pm EDT
Upstairs, Grand Ballroom F/G

Technical

4:50pm EDT

Day 1 - Closing

Tuesday June 3, 2025 4:50pm - 5:00pm EDT

Remarks will be provided on Day 1, and what to expect for the rest of the evening and Day 2.

Speakers

Jake Kouns

Organizer, RVAsec

Chris Sullo

Founder, RVAsec

Chris is the founder of RVAsec and Head of Innovation at Project Discovery, Inc. Chris has been in the security industry for 27 years, working in various research and security roles with Focal Point, HP (SPI Dynamics) and Capital One. He is the author of the “Nikto” web server... Read More →

Tuesday June 3, 2025 4:50pm - 5:00pm EDT

Informational

5:00pm EDT

Vendor Break & Room Change

Tuesday June 3, 2025 5:00pm - 5:30pm EDT

Downstairs, Capital Ballroom

Grab a drink and go see the vendors one more time in the Expo downstairs before the after party starts!

Bars open in Foyer while you wait for the After Party to be ready!

Tuesday June 3, 2025 5:00pm - 5:30pm EDT
Downstairs, Capital Ballroom

Vendor Break

5:30pm EDT

RVAsec After Party

Tuesday June 3, 2025 5:30pm - 9:00pm EDT

Upstairs, Grand Ballroom D/E/F/G

TBD

Menu

Bar

Tuesday June 3, 2025 5:30pm - 9:00pm EDT
Upstairs, Grand Ballroom D/E/F/G

Social

7:59am EDT

Registration

Wednesday June 4, 2025 7:59am - 5:00pm EDT

Upstairs, Desk

If you were not able to attend Day 1, please proceed upstairs to register.
If you were able to register no need to go back to registration.

If you have any questions or issues please stop by for help.

This is also where you can turn in your Passport for Prizes.

WiFi sponsored by RVAsec:
Network is "RVAsec"
Password is "RVAsec2025"

Wednesday June 4, 2025 7:59am - 5:00pm EDT
Upstairs, Desk

Informational

8:00am EDT

Breakfast

Wednesday June 4, 2025 8:00am - 8:50am EDT

Downstairs, Foyer

Come downstairs and enjoy breakfast before the Day 2 welcome session!

Reminder the session starts earlier on day 2, be in your seats by 8:50am!

Menu:

Wednesday June 4, 2025 8:00am - 8:50am EDT
Downstairs, Foyer

Food

8:50am EDT

Welcome - Day 2

Wednesday June 4, 2025 8:50am - 9:00am EDT

Upstairs, Grand Ballroom D/E/F/G

Welcome to Day 2 RVAsec 13!

Remarks will be provided about what to expect at the conference and many thanks to our volunteers and sponsors for making it possible.

Speakers

Jake Kouns

Organizer, RVAsec

Wednesday June 4, 2025 8:50am - 9:00am EDT
Upstairs, Grand Ballroom D/E/F/G

Informational

9:00am EDT

Bruce Potter - Keynote

Wednesday June 4, 2025 9:00am - 10:00am EDT

Upstairs, Grand Ballroom D/E/F/G

Bruce Potter has been doing cybersecurity for 30 years, which makes him kind of old. Bruce is currently the CEO and founder of Turngate, a SaaS audit log analysis company. Prior to that Bruce served as CISO at several companies including Clear Street, Expel, and the KeyW Corporation.

Bruce is the founder of The Shmoo Group and assisted with running ShmooCon, a cybersecurity conference that ran for the last 20 years in Washington DC. Bruce has done DARPA research, led red teams, broken large networks (in good and bad ways), and even helped bring Internet service to remote parts of Alaska in the mid-90’s.

Wednesday June 4, 2025 9:00am - 10:00am EDT
Upstairs, Grand Ballroom D/E/F/G

Keynote

10:00am EDT

Vendor Break

Wednesday June 4, 2025 10:00am - 10:30am EDT

Downstairs, Capital Ballroom

Go see our vendors in the Expo!

Menu:

Wednesday June 4, 2025 10:00am - 10:30am EDT
Downstairs, Capital Ballroom

Vendor Break

10:00am EDT

CTF Competition

Wednesday June 4, 2025 10:00am - 3:00pm EDT

Downstairs, Capital Ballroom / Middle

As many of you know, we pride ourselves with this CTF being an all-inclusive learning CTF and not just a ‘stump the chump / who’s the best engineer in the room’ kind of CTF. That said, we need volunteers to come up with fresh ideas, challenges, and setups that are both fun and informative. Additionally, we do want to provide a challenge for those who show up looking for one, so if you are a more advanced user or admin and have some killer challenges that can stump someone, we’ll need those too for the higher tiers.

You’ll need a laptop to participate. Teams can have up to 4 people, or you may compete as an individual.
For those who like to come prepared, we suggest that you have a VM or two ready. You can download Kali Linux here (https://www.kali.org/downloads/) or get a free Windows VM here (https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/). Some tools that might be helpful include CyberChef, BurpSuite, Ghidra, Pwntools, and Wireshark.

The MetaCTF team has been involved with the RVAsec CTF since 2016.

Thanks to RVAsec for sponsoring!

Wednesday June 4, 2025 10:00am - 3:00pm EDT
Downstairs, Capital Ballroom / Middle

CTF

10:00am EDT

HackRVA Badge Training & Repair

Wednesday June 4, 2025 10:00am - 4:00pm EDT

Downstairs, Dominion

Wednesday June 4, 2025 10:00am - 4:00pm EDT
Downstairs, Dominion

Village

10:00am EDT

Lock Picking Village and Contest

Wednesday June 4, 2025 10:00am - 4:00pm EDT

Downstairs, Shenandoah

Wednesday June 4, 2025 10:00am - 4:00pm EDT
Downstairs, Shenandoah

Village

10:30am EDT

The Importance of an Incident Response Plan

Wednesday June 4, 2025 10:30am - 11:20am EDT

Downstairs, Madison / Jefferson / Monroe

An incident response plan (IRP) is important because it helps organizations respond to and recover from security incidents and other disruptions. A cyber security incident isn't a matter of if but when. Being prepared is critical. Organizations can and should customize their incident response plan according to their unique business needs and compliance requirements.

Speakers

Stacy Aitken

Security Program Manager, Dragnet

I didn't intend to be in the Cyber Security space but so glad I am. I initially wanted to be a pediatrician, but while attending a conference for the government I was recruited for the Recombinant DNA cloning project with NIH that went on to clone the first sheep "Dolly". Seeing... Read More →

Wednesday June 4, 2025 10:30am - 11:20am EDT
Downstairs, Madison / Jefferson / Monroe

101

10:30am EDT

What the Scope? Sh** my Consultant | Client Says

Wednesday June 4, 2025 10:30am - 11:20am EDT

Upstairs, Grand Ballroom D/E

Scoping a penetration test shouldn’t feel like negotiating a hostage situation—but here we are. In this engaging, no-holds-barred session, two seasoned cybersecurity professionals take the stage in a hilarious and painfully relatable discussion, showcasing the absurd, frustrating, and all-too-common conversations between consultants and clients.
Expect real stories, plenty of laughs, and insights that will make you rethink how you approach penetration testing and security assessments. Whether you're a consultant, security leader, or someone who’s just tired of hearing "We don’t need a pentest", this talk is for you.

Speakers

Luke McOmie

Offensive Security – Blue Bastion, Ideal Integrations, Inc.

Luke McOmie started in offensive security in 1994 and is a trusted advisor, security leader and mentor. With a career focus in offensive security and a strong technical background, he is recognized for his excellence in developing and executing enterprise security strategies and leading... Read More →

Qasim Ijaz

Director of Cybersecurity, Aveanna Healthcare

Qasim Ijaz is the Director of Cybersecurity at a leading healthcare organization, overseeing detection, incident response, vulnerability management, purple teaming, and cybersecurity engineering. With a strong background in offensive security and risk management, he has helped organizations... Read More →

Wednesday June 4, 2025 10:30am - 11:20am EDT
Upstairs, Grand Ballroom D/E

Business

10:30am EDT

Attacking & Defending ServiceNow: A Hands-on Lab for Red & Blue Teams

Wednesday June 4, 2025 10:30am - 11:20am EDT

Upstairs, Grand Ballroom F/G

ServiceNow is a critical enterprise platform, often integrated with sensitive systems and privileged access. This talk explores how attackers can exploit misconfigurations and privilege escalation paths within ServiceNow to gain a foothold in an environment. We’ll walk through real-world attack techniques, from initial access to lateral movement, and demonstrate how defenders can detect and mitigate these threats.

In addition to offensive tradecraft, we’ll cover how to set up a dedicated lab to safely test these attack vectors, fine-tune detections, and improve defensive strategies. Whether you’re a red teamer looking to sharpen your tactics or a blue teamer aiming to strengthen your defenses, this talk will provide actionable insights and practical steps for securing ServiceNow.

Speakers

Mike Bailey

Smither of Locks, ROTAS

Mike Bailey has almost 2 decades of varied experience working in private industry, academic institutions, US government and every aspect of the financial industry. Mike's focus is all things security. He brings a robust subject matter expertise within the areas of adversarial threat... Read More →

Nicholas Popovich

Principal, Rotas Security

Nick Popovich's passion is learning and exploring technology ecosystems, and trying to find ways to utilize systems in unexpected ways. His career has focused on adversarial threat simulation, offensive and defensive security, and advanced technical security assessments. He is a hacker... Read More →

Wednesday June 4, 2025 10:30am - 11:20am EDT
Upstairs, Grand Ballroom F/G

Technical

11:20am EDT

Vendor Break

Wednesday June 4, 2025 11:20am - 11:30am EDT

Downstairs, Capital Ballroom

Go see our vendors in the Expo!

Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.

Wednesday June 4, 2025 11:20am - 11:30am EDT
Downstairs, Capital Ballroom

Vendor Break

11:30am EDT

Unlocking macOS Internals: A Beginner's Guide to Apple's Open Source Code

Wednesday June 4, 2025 11:30am - 12:20pm EDT

Downstairs, Madison / Jefferson / Monroe

Have you ever wondered how macOS works under the hood? For researchers, learning how to navigate Apple's open source code is a game-changer. This talk demystifies macOS internals through its open source ecosystem, giving you everything you need to start hacking these machines!

Speakers

Olivia Gallucci

Senior Security Engineer, SECUINFRA

Olivia Gallucci is a Senior Security Engineer at SECUINFRA and a blogger: oliviagallucci.com. She is the founder of two companies—Offensive Services (security consulting) and OG Health & Fitness (personal training). Graduating at the top of her university, Olivia is passionate about... Read More →

Wednesday June 4, 2025 11:30am - 12:20pm EDT
Downstairs, Madison / Jefferson / Monroe

101

11:30am EDT

Data Breach Management and Legal Issues for Information Technology Professionals

Wednesday June 4, 2025 11:30am - 12:20pm EDT

Upstairs, Grand Ballroom D/E

Please join us for a practical discussion (without the legalese!) about data breach management and minimizing the risk to your organization. In this discussion, we’ll talk through what it's like to be in a breach situation, and we'll cover some practical and legal considerations and suggestions that will help your organization achieve a better outcome.
Learning Objectives:
1. Gain a better understanding of what it's like to be in a data breach situation.
2. Increase awareness of risks to your organization.
3. Increase awareness of the various people and workstreams involved in working through a data breach.
4. Increase knowledge of proactive measures to improve the outcome and minimize risk to the organization.

Speakers

Bobby N. Turnage, Jr.

Attorney - Cybersecurity and Technology, Sands Anderson PC

Bobby Turnage is a business-minded attorney with more than 25 years of experience advising organizations dealing with technology and data-related matters, including cybersecurity, data security, data privacy, technology contracts, and conducting business on the web. Bobby advises... Read More →

Wednesday June 4, 2025 11:30am - 12:20pm EDT
Upstairs, Grand Ballroom D/E

Business

11:30am EDT

SPF Shadowing: Give Old Services a Chance to Shine

Wednesday June 4, 2025 11:30am - 12:20pm EDT

Upstairs, Grand Ballroom F/G

In a world where Sender Policy Framework is meant to provide a first or second line of defense against impersonation and phishing, we instead find ourselves barely paying attention to it. Even after the MailChannels vulnerability was disclosed and thousands of companies found they could be impersonated via email through a service they paid thousands of dollars for, word really didn't spread like it should have. Many domains are set and forget, from personal domains to fortune 500s, and I am going to take you on a journey where we use the forgotten for fun and profit.

Speakers

Caleb Crable

Staff Security Engineer - Red Team, Bill.com

From reverse-engineering malware to simulating attacks on critical financial infrastructure, Caleb’s career has always been centered on staying one step ahead of adversaries. With 7 years of Red Team experience, he currently serves as a Staff Security Engineer on the Bill.com Red... Read More →

Wednesday June 4, 2025 11:30am - 12:20pm EDT
Upstairs, Grand Ballroom F/G

Technical

12:20pm EDT

Lunch

Wednesday June 4, 2025 12:20pm - 1:00pm EDT

Downstairs, Foyer

TBD

** Reminder this is a shorter lunch, talks start back up at 1pm **

Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.

Seating: You are welcome to take your lunch to any area of the hotel. Banquet tables & chairs can be found on both sides of the Grand Ballroom upstairs. There is also seating downstairs in the Capital Ballroom (Expo). Please note these tables on Day 2 are reserved for the CTF. Various locations downstairs in the Foyer are also available.

Wednesday June 4, 2025 12:20pm - 1:00pm EDT
Downstairs, Foyer

Food

1:00pm EDT

Key Management and Basic Key Usage for Encryption 101

Wednesday June 4, 2025 1:00pm - 1:50pm EDT

Downstairs, Madison / Jefferson / Monroe

Raise your awareness of cybersecurity encryption with a simple analogy: house keys. This presentation breaks down key management and encryption basics, from creation to destruction, using relatable examples.

Speakers

Alain Petit

Cyber Security Architect, Capital One

Alain is a seasoned Enterprise Security Architect at Capital One, bringing over 22 years of experience to his roles in restricted perimeter, governance, risk, compliance, and data protection. His career reflects a deep expertise in designing and implementing robust security architectures... Read More →

Wednesday June 4, 2025 1:00pm - 1:50pm EDT
Downstairs, Madison / Jefferson / Monroe

101

1:00pm EDT

How to Win Budgets and Influence Stakeholders: Articulate Cyber Value to Non Technical Audiences

Wednesday June 4, 2025 1:00pm - 1:50pm EDT

Upstairs, Grand Ballroom D/E

Limited budgets are a reality we all must live with. Security tools are getting pricier, and management is demanding stronger justifications for every dollar spent. Often, we in cyber struggle to explain the return on investment for all this security technology. Risk management frameworks and heat maps are not the saving grace they are made out to be. We as cyber professionals need to be fluent in financial discussions to guide the business toward informed decisions. I'll walk you through some proven methods to bridge the communication gap between security and the business.

Speakers

Jeremy Dorrough

Client Director, Consortium

Jeremy has built his career around protecting assets in the most critical IT sectors. He started his career working in a Network Operations Security Center for the US Army. He then went on to work as a Network Security Engineer defending Dominion’s North Anna Nuclear Power Station... Read More →

Wednesday June 4, 2025 1:00pm - 1:50pm EDT
Upstairs, Grand Ballroom D/E

Business

1:00pm EDT

Running A Proper Purple Team

Wednesday June 4, 2025 1:00pm - 1:50pm EDT

Upstairs, Grand Ballroom F/G

Some folks within cybersecurity have probably heard the concept of purple teaming but what is it like to actually execute or leverage this type of service? What value does it provide? Where should it exist within the organization? What other challenges might you face when performing purple teaming?

This talk will dive into details on how to go from the concept or infancy of purple teaming to executing at a higher level of maturity and everything in between. I’ll walk thru specific examples of purple team exercises then debrief outcomes and values of those engagements. I’ll also walk thru variations of purple teaming (e.g., simulation vs emulation) and describe when a certain variation might be appropriate and when. Last but not least I’ll explain how to perform purple teaming in various environments (e.g., endpoint, cloud, network) and considerations for operating in those conditions.

Speakers

Travis Altman

Cybersecurity Leader, Company

Travis Altman has been a leader in the cybersecurity field for decades. He’s worked in various cybersecurity roles such as info sec engineer, application security, incident response, red teaming, and many more. Travis now focuses his energy on leading organizations to implement... Read More →

Wednesday June 4, 2025 1:00pm - 1:50pm EDT
Upstairs, Grand Ballroom F/G

Technical

1:50pm EDT

Vendor Break

Wednesday June 4, 2025 1:50pm - 2:00pm EDT

Downstairs, Capital Ballroom

Go see our vendors in the Expo!

Menu:

Wednesday June 4, 2025 1:50pm - 2:00pm EDT
Downstairs, Capital Ballroom

Vendor Break

2:00pm EDT

Oh Hotel No!: How A Helpless Hooligan Helped A Homie From Homelessness To Homeownership In 9 Months

Wednesday June 4, 2025 2:00pm - 2:50pm EDT

Downstairs, Madison / Jefferson / Monroe

This is the story of a hooligan and his fascination with exploiting physical and digital vulnerabilities in hotels for the purposes of persistent access, living off the land, and surreptitiously housing homeless people.

Speakers

Justin Varner

Chief of Innovation, RadZen Inc

Justin Varner is a seasoned security enthusiast with 19 years of experience dating back to his work with NASA on the ISS in 2006 to his current physical security shenanigans.His last talk called “Honeypot Boo Boo” debuted at RVASec 2022 and his since then been presented at 9 international... Read More →

Wednesday June 4, 2025 2:00pm - 2:50pm EDT
Downstairs, Madison / Jefferson / Monroe

101

2:00pm EDT

Cybersecurity is Ready for Local Models

Wednesday June 4, 2025 2:00pm - 2:50pm EDT

Upstairs, Grand Ballroom D/E

This talk explores how a custom, local AI/ML model can be built internally at an enteprise for cybersecurity decision support. We'll walk through data, methods, and pitfalls of building your own models rather than using off the shelf or vendor solutions.

Speakers

Michael Roytman

Co-Founder, CTO, Empirical Security

Michael is the CTO of Empirical Security. Previously, he was the Chief Data Scientist of Kenna Security, and a Distinguished Engineer at Cisco. He served on boards for the Society of Information Risk Analysts, Cryptomove, and Social Capital. He was the co-founder and executive chair... Read More →

Wednesday June 4, 2025 2:00pm - 2:50pm EDT
Upstairs, Grand Ballroom D/E

Business

2:00pm EDT

Using Volatility 3 to Combat Modern Malware

Wednesday June 4, 2025 2:00pm - 2:50pm EDT

Upstairs, Grand Ballroom F/G

Volatility 3 is the latest version of the Volatility Memory Analysis framework, which has been the most widely used open-source framework for memory forensics since its creation in 2007. This new version of the framework is a complete rewrite starting from the first line of code. In this presentation, attendees will learn about Volatility 3’s new features while also seeing how many brand-new plugins can be used to detect a wide range of sophisticated, modern malware. This will include detection of the techniques currently deployed by ransomware and APT groups to evade EDR detection, inject code in a stealthy manner, and perform lateral movement. Examples of the covered techniques will include process hollowing, module unhooking, and privilege escalation. Attendees will leave understanding how to detect modern malware and attacker toolkits along with how to integrate Volatility 3 and its new features into detection workflows suitable for production use.

Speakers

Andrew Case

Director of Research, Volexity

Andrew Case is the Director of Research at Volexity and has significant experience in incident response handling, digital forensics, and malware analysis. Case is a core developer of Volatility, the most widely used open-source memory forensics framework, and a co-author of the highly... Read More →

Wednesday June 4, 2025 2:00pm - 2:50pm EDT
Upstairs, Grand Ballroom F/G

Technical

2:50pm EDT

Vendor Break & Room Change

Wednesday June 4, 2025 2:50pm - 3:10pm EDT

Downstairs, Capital Ballroom

Room change!

We need all attendees to leave both sides of the ballroom quickly as possible so we can open the room for the final session and reception..

Go see our vendors in the Expo!

Beverages: Starbucks Regular and Decaf Coffee, Assorted Pepsi Sodas, Hot Water with Assorted TAZO Herbal Teas, available throughout the day. Water stations will be located in all rooms upstairs and downstairs.

Wednesday June 4, 2025 2:50pm - 3:10pm EDT
Downstairs, Capital Ballroom

Vendor Break

3:10pm EDT

The Security Professionals Guide To The Linux Desktop

Wednesday June 4, 2025 3:10pm - 4:00pm EDT

Upstairs, Grand Ballroom F/G

Want to learn how running Linux as your desktop OS can make your life BETTER? This talk is for you! Every year the Linux nerds say, “This will be the year of the Linux desktop!”. If we put Android and ChromeOS aside for a moment, there has never been such a year. However, I switched to Linux on my laptops in 2016 and fully converted all my desktops in 2019. I’m never looking back. Many of you reading this are already thinking/voicing your opinions. I’ve heard for so many years, “I don’t want to run Linux as my desktop because [blank]”. This talk will dispel the myths and hopefully getting you on team Linux desktop! If you are open-minded about Linux as a desktop, haven’t tried it in a while, worried about Windows 10 going end-of-support in 2025, and want to learn about the benefits of the Linux desktop, this talk is for you. Maybe you even use Linux as your desktop OS and just want some tips and tricks; this is the talk for you. If you’ve already decided that Windows or MacOS is perfectly fine and Linux is just annoying, this talk may not be for you.

Speakers

Paul Asadoorian

Conference Speaker (Keynote), rihackers

Paul Asadoorian is currently a Principal Security Researcher for Eclypsium, focused on firmware and supply chain security. Paul’s passion for firmware security extends back many years to the WRT54G hacking days and reverse engineering firmware on IoT devices for fun. Paul and his... Read More →

Wednesday June 4, 2025 3:10pm - 4:00pm EDT
Upstairs, Grand Ballroom F/G

Technical

4:00pm EDT

Closing Reception & Awards

Wednesday June 4, 2025 4:00pm - 5:30pm EDT

Upstairs, Grand Ballroom D/E/F/G

The closing will take place right after the final talk. We will have a short break for attendees to get their beverages & Hors d'oeuvres, and then we will do Passport and Lockpick Prizes and CTF awards.

Menu:

Bar:

Speakers

Chris Sullo

Founder, RVAsec

Wednesday June 4, 2025 4:00pm - 5:30pm EDT
Upstairs, Grand Ballroom D/E/F/G

Social