RVAsec 2022: Full Schedule

Streaming: https://mssvideo.vcu.edu/RVAsec

8:00am EDT

Breakfast

After you get registered, come upstairs and enjoy breakfast!
Make sure you are in the ballroom by 9am for the welcome session.

Menu:

Sausage & Egg on Fresh Made Buttermilk Biscuits (individually wrapped)
English Muffins w/ Cage-Free Egg Whites, Spinach & Mushroom (individually wrapped)
Seasonal Fruit Cups
Cheese, Chocolate & Apple Danishes and Assorted Donut Holes
Apple and Orange Juice

Thursday June 16, 2022 8:00am - 9:00am EDT
James River Foyer

Food

8:00am EDT

Registration

Registration starts on Thursday morning at 8 AM and will be on the 1st Floor (bottom), in a room called Magnolia. This room in on the left when you walk into the main entrance of the hotel.

We ask that you form a line with space between people. We will then call you into the room to register using our electronic contactless registration. Please have your EventBrite email and QR code available to speed up the process.

Once you register you will then proceed to receive a bag, T-shirt, and badge from the nearby tables. You will exit the room and then come back into the hotel lobby.

Please have patience with this process.

WiFi sponsored by Infolock: Omni Meeting Password: Infolock4RVAsec

Thursday June 16, 2022 8:00am - 10:00am EDT
1st Floor, Magnolia Room

Informational

9:00am EDT

Welcome to RVAsec 2022

Welcome to RVAsec 11!

Remarks will be provided about what to expect at the conference and many thanks to our volunteers and sponsors for making it possible.

Speakers

Jake Kouns

CEO, Risk Based Security

Jake Kouns is the founder of RVAsec and the CEO and CISO for Risk Based Security, providing vulnerability intelligence and breach data. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSDVB.org) and DataLossDB. Kouns has presented at many well-known... Read More →

Thursday June 16, 2022 9:00am - 9:10am EDT
Ballroom

Informational

9:10am EDT

Keynote by Dorsey Levens

Dorsey will share how having the proper mindset is more essential than ever. As we are constantly bombarded with information, news, and social media, it has never been more important how this information is received and processed. With stress, worry, fear, and uncertainty at an all time high, Dorsey will discuss the necessary tools to help you navigate through this unpredictable journey we call life.

Speakers

Dorsey Levens

Thursday Keynote for RVAsec 2022

Dorsey Levens is a retired All Pro running back who played in the NFL for 11 seasons from 1994-2004. Levens spent 8 seasons with the Green Bay Packers, winning Super Bowl 31 and appearing in Super Bowl 32. He was inducted into the Green Bay Packers Hall of Fame in 2009. Levens also... Read More →

Thursday June 16, 2022 9:10am - 10:10am EDT
Ballroom

Keynote

10:00am EDT

HackRVA Badge Training & Repair

Come learn about your badge, get it fixed if there are any issues and talk to HackRVA!

HackRVA is a member-run and organized non-profit makerspace in Richmond, Virginia. HackRVA is a space filled with tools, computers, and people who like to build, invent, tinker, expand their minds, and learn and share new skills. You’ll find a diverse group of individuals who are into electronics, woodworking, embedded software, metalworking, programming, music, art, video, photography, 3D printing, sewing, textiles, and virtual reality—and that’s for starters. HackRVA members have access to the makerspace, tools, community and learning opportunities through member-lead workshops, events and projects.

Thursday June 16, 2022 10:00am - 4:30pm EDT
Rappahannock

Village, Badge

10:00am EDT

Registration

After the initial rush of registration in the moving, it will be relocated to the "Top of the Grand".
If you have any questions or issues please stop by for help.

This is also where you can turn in your Passport for Prizes.

WiFi sponsored by Infolock: Omni Meeting Password: Infolock4RVAsec

Thursday June 16, 2022 10:00am - 5:00pm EDT
Top of The Grand

Informational

10:00am EDT

Lock Picking Village and Contest

A variety of example locks, from simple to extremely hard, along with a picks of all shapes and sizes will be available in our lock pick village.

Stop by and have some fun testing your skills! Provided hand sanitizer will be required to help reduce the modern risks while we explore the oldest security mechanism on earth!

If you fancy yourself a strong picker or have a competitive streak, we are planning to have a time contest of a series of locks, with the fastest through them all taking home something epic.

Thursday June 16, 2022 10:00am - 5:00pm EDT
Rappahannock

Village, Lock Picking

10:10am EDT

Vendor Break

Menu:

Warm Mini Cinnamon Buns (served)
Individual Seasonal Greek Yogurt & Fruit Parfaits Layered with Granola

Thursday June 16, 2022 10:10am - 10:30am EDT
James River Foyer

Vendor Break

10:30am EDT

CTF Intro

Come learn about the RVAsec 11 CTF run by our friends at MetaCTF. This session will discuss both the training session on Day 1, and what to expect for the competition on Day 2!

MetaCTF's goal is to make cybersecurity education accessible and fun. We create hands-on, interactive, and educational capture-the-flag (CTF) events that make it easy to learn new cybersecurity skills by breaking down complex cybersecurity concepts into engaging challenges that simulate real world scenarios. Since 2014, we have held over 50 events and trainings globally for clients such as Wild West Hackin’ Fest, RVASec, and Terminix.

Speakers

Roman Bohuk

CEO, MetaCTF

Roman Bohuk is co-founder and CEO of MetaCTF, a corporate cybersecurity training and recruiting company that runs hands-on competitions and labs for various organizations. While at UVA, he interned for Black Hills Information Security and served as the Linux Captain of the NCCDC team... Read More →

Thursday June 16, 2022 10:30am - 10:40am EDT
Ballroom

CTF

10:40am EDT

Badge Intro

Learn about the RVAsec 11 Badge!

HackRVA is a member-run and organized non-profit makerspace in Richmond, Virginia. HackRVA is a space filled with tools, computers, and people who like to build, invent, tinker, expand their minds, and learn and share new skills. You’ll find a diverse group of individuals who are into electronics, woodworking, embedded software, metalworking, programming, music, art, video, photography, 3D printing, sewing, textiles, and virtual reality—and that’s for starters. HackRVA members have access to the makerspace, tools, community and learning opportunities through member-lead workshops, events and projects.

Speakers

Peter Warasila

Badge Designer, HackRVA

Embedded engineer working professionally in the automotive controller and telematics space. Personal projects include some audio gear and the RVASec Badge project.

Allison Sands

Banner analyst, VCU

Thursday June 16, 2022 10:40am - 10:50am EDT
Ballroom

Informational

10:50am EDT

Vendor Break

Menu:

Warm Mini Cinnamon Buns (served)
Individual Seasonal Greek Yogurt & Fruit Parfaits Layered with Granola

Thursday June 16, 2022 10:50am - 11:00am EDT
James River Foyer

Vendor Break

11:00am EDT

Honeypot Boo Boo: Understanding Adversaries with Deception Technology

Breaches continue happening at unprecedented rates with huge financial impact to the global economy year after year that take a massive toll on the psychological well being of the security professionals tasked with constantly defending against threats from all angles.

Our traditional approach to breach detection that is focused on triaging alerts generated by massive amounts of aggregated data from disparate sources is not working. Adversaries know this fact and regularly benefit from it.

The average breach goes unnoticed for 212 days. That’s an exorbitant amount of time for anyone to surreptitiously run off with an organization's crown jewels and inflict significant damage with ramifications that include consumer privacy violations, loss of trust, steep financial penalties, and irreversible reputational damage.

We need a new approach if we’re ever going to stop the madness.

This talk discusses this new approach to breach detection that is intended to improve alert fidelity, reduce time-to-detection, mitigate the blast radius of a breach, and prevent the massive level of burnout affecting the security community.

We will cover multiple methods for easily deploying effective breach detection technology right now regardless of the size and scope of your environment.

- JV

Speakers

Justin Varner

Security Philosopher, Thinkst Canary Authorized Partner

I started my InfoSec career as a cryptographer at NASA, and 16 years later after exploring nearly every domain available, I’ve never been more excited to teach people how to use security to make their lives better.

[RVAsec 2022] Honeypot Boo Boo Understanding Adversaries with Deception Technology pptx

Thursday June 16, 2022 11:00am - 11:50am EDT
Ballroom

Business

11:50am EDT

Lunch

Step 1: Enter the line and pick up a box - THEY ARE ALL THE SAME - inside you will find: Individually Wrapped Roll, Coleslaw, Route 11 Chip, Brownies, Utensil Packets w/ Napkins

Step 2: Select either Shredded BBQ Chicken Breast or Diced Portobello Mushroom in BBQ Sauce - and add it to your box, pickup condiments, including Texas Pete Hot Sauce Packets

Step 3: Make your way to a beverage station and find a place to enjoy lunch.

Thursday June 16, 2022 11:50am - 1:00pm EDT
James River Foyer

Food

1:00pm EDT

Slippery SOP: Edge Cases in the Same Origin Policy

Why is the web full of cross-site scripting and cross-site request forgery even through browsers enforce the Same Origin Policy? Can we use the Same Origin Policy to mitigate these attacks? In this talk, we'll answer these questions and more, including uncovering some shortcomings of the Same Origin Policy that can allow attackers to scrape sensitive information from internal websites without authorization.

Speakers

Collin Berman

Pentester, Capital One

Collin Berman is a pentester at Capital One Financial, focusing on web, cloud, and cryptography. After getting his start playing CTFs in high school, Collin went on to found the University of Virginia's Computer and Network Security Club. When not on the Internet, Collin enjoys hiking... Read More →

Thursday June 16, 2022 1:00pm - 1:50pm EDT
Ballroom

Technical

1:00pm EDT

CTF Prep

Thursday June 16, 2022 1:00pm - 4:00pm EDT
Shenandoah Room

CTF

1:50pm EDT

Vendor Break

Go see our vendors in the Expo!

Thursday June 16, 2022 1:50pm - 2:00pm EDT
James River Foyer

Vendor Break

2:00pm EDT

Bootstrapping Your First AppSec Program

Application / product security is a massive challenge. From the technical to the social it can seem overwhelming. I want to help you get started in a seemingly overwhelming problem. It's not, just like eating an elephant we will start one bite at a time. No budget....No problem.

Speakers

David Girvin

Senior Product Security Engineer, Red Canary

Husband, Dad, Missionary, BJJ, Surfing, Hydrofoiling, Traveler, Hacker of all things. I am just a weirdo trying to fix interesting problems and raise up everyone around me through servant leadership.

Thursday June 16, 2022 2:00pm - 2:50pm EDT
Ballroom

Business

2:50pm EDT

Vendor Break

Menu:

Warm Salted Pretzels with Hot Cheese Sauce and Mustard
Warm Cinnamon Sugar Pretzels
Fresh Vegetable Crudite with Housemade Ranch Dip

Thursday June 16, 2022 2:50pm - 3:00pm EDT
James River Foyer

Vendor Break

3:00pm EDT

Talk the Talk: Communicating Business Risk During Cyber Incidents

It's one thing to investigate and remediate a cyber incident with your team. It's an entirely different beast to manage your organization's leadership at the same time. Communicating about how an attack can disrupt business as usual is a critical piece of managing the incident response lifecycle. In this talk we'll look at:

Methods for effectively communicating about the types of cyber attacks;
Shine a light on how business priorities may compete with incident response (including legal implications, crisis communications, and reputational risk); and
Outline strategies to help you receive additional resources following a cyber incident.

Including your organization's leaders will help, not hinder, your response in the long run. Add these tricks to your tool belt to conquer your next incident response.

Speakers

Alex Nette

CEO and Co-Founder, Hive Systems

Alex started Hive Systems in 2018 with his passion for cybersecurity and the role it plays in today’s interconnected world. He brings executive-level expertise in the establishment and continuous improvement of preeminent cybersecurity programs and applies his work from various... Read More →

Thursday June 16, 2022 3:00pm - 3:50pm EDT
Ballroom

Technical

3:50pm EDT

Vendor Break

Menu:

Warm Salted Pretzels with Hot Cheese Sauce and Mustard
Warm Cinnamon Sugar Pretzels
Fresh Vegetable Crudite with Housemade Ranch Dip

Thursday June 16, 2022 3:50pm - 4:00pm EDT
James River Foyer

Vendor Break

4:00pm EDT

Warning: This Message Originated from Outside of Your Organization

This talk is meant to highlight how end users have become desensitized to the ominous warning banners atop external emails, and can fall victim to phishing emails that abuse the trust in large, well-known organizations. The talk will run through examples of how threat actors can anonymously utilize built-in functionality to send phishing emails that originate from trusted, big-name, companies. These malicious emails genuinely originate from the large service provider’s email servers, and pass SPF, DMARC and DKIM security checks. The end-goal of this discussion that the risk is given more attention, and user awareness campaigns, technical email monitoring controls, and corporate communication strategies can take these risks into account.

Speakers

Nicholas Popovich

Wrangler, BeepBoop

Nick Popovich's passion is learning and exploring technology ecosystems, and trying to find ways to utilize systems in unexpected ways. He works as a Red Team operator, trying to raise the overall security posture of organizations through adversarial simulation. Nick's mission is... Read More →

Thursday June 16, 2022 4:00pm - 4:50pm EDT
Ballroom

Technical

4:50pm EDT

Day 1 - Closing

Remarks will be provided on Day 1, and what to expect for the rest of the evening and Day 2.

Speakers

Chris Sullo

Founder, RVAsec

Chris is the founder of RVAsec and Head of Innovation at Project Discovery, Inc. Chris has been in the security industry for 27 years, working in various research and security roles with Focal Point, HP (SPI Dynamics) and Capital One. He is the author of the “Nikto” web server... Read More →

Thursday June 16, 2022 4:50pm - 5:00pm EDT
Ballroom

Informational

5:00pm EDT

After Party - Illusions, Comedy, Mentalism

The RVAsec 2022 after party, brought to you by GuidePoint Security, Sumo Logic and RVAsec, will be in the main Ballroom on Thursday, June 16th, right after the conference ends!

5:00 pm to 7:30pm: Heavy hors d'oeuvre (new menu!) and beverages
The show will be starting between 5:30-5:45 in the Ballroom.

Chris Michael…Illusions, comedy, mentalism, music, and endless fun—all wrapped into one magical show that makes any event extra special. Chris’ unique blend of light-hearted but POWERFUL magic and humor have been dazzling audiences like yours for 10+ years! Chris has been blessed to travel the world bringing fun and happiness to Fortune 500 companies, colleges and universities, and even major sporting events - he’s done shows for GE, US Army, Marriott International, Amazon, facebook, the FBI and multiple conferences and events.

Menu:

Crispy Fried Chicken Sliders with Chipotle Mayo & Country Slaw
Burger Sliders with Aged Cheddar Cheese & Secret Sauce
Low Country Fried Catfish Sliders with Lettuce and Meyer Lemon Mayo
Herb Roasted Fingerling Potatoes
Housemade Mac & Cheese
Mini Apple Brown Betty Tarts & Mini River City S’mores
Beer, Wine and Nonalcoholic Beverages

Thursday June 16, 2022 5:00pm - 7:30pm EDT
Ballroom

Social

8:00am EDT

Breakfast

Come upstairs and enjoy breakfast before the Day 2 welcome session!

Menu:

Breakfast Burrito - Flour Tortilla, Egg, Potatoes and Bacon(individually wrapped)
GF Breakfast Wraps with Egg Whites, Spinach, Peppers & Onion(individually wrapped)
Seasonal Fruit Cups
Coffee Cake & Assorted Muffins (no nuts)
Apple and Orange Juice

Friday June 17, 2022 8:00am - 8:50am EDT
James River Foyer

Food

8:00am EDT

Registration

If you were not able to attend Day 1, please proceed upstairs to register.
If you have any questions or issues please stop by for help.

This is also where you can turn in your Passport for Prizes.

WiFi sponsored by Infolock: Omni Meeting Password: Infolock4RVAsec

Friday June 17, 2022 8:00am - 5:00pm EDT
Top of The Grand

Informational

8:50am EDT

Welcome Day 2

Welcome to Day 2 RVAsec 11!

Remarks will be provided about what to expect at the conference and many thanks to our volunteers and sponsors for making it possible.

Speakers

Jake Kouns

CEO, Risk Based Security

Friday June 17, 2022 8:50am - 9:00am EDT
Ballroom

Informational

9:00am EDT

Working With The FBI

FBI cyber agents from the Richmond field office will discuss current cyber threat trends and provide information on working with the FBI when you are the victim of a cyber incident.

Speakers

Michael P. French

Special Agent, Federal Bureau of Investigation

SA French has been with the FBI since 2004 and specializes in conducting investigations into criminal and national security computer intrusions.

Chris Cope

Special Agent, Federal Bureau of Investigation

Chris Cope is the Supervisor Special Agent of FBI Richmond’s Cyber Squad. He joined the FBI in 2009 and was assigned to the FBI New York field office, working criminal cyber intrusions. In 2015, Chris accepted a promotion to Cyber Division headquarters to work nation state cyber... Read More →

Friday June 17, 2022 9:00am - 9:50am EDT
Ballroom

Keynote

9:00am EDT

HackRVA Badge Training & Repair

Friday June 17, 2022 9:00am - 4:00pm EDT
Rappahannock

Village, Badge

9:00am EDT

Lock Picking Village and Contest

Friday June 17, 2022 9:00am - 4:00pm EDT
Rappahannock

Village, Lock Picking

9:50am EDT

Vendor Break

Menu:

Mixed Berry Smoothies & Freshly Baked Cookies

Friday June 17, 2022 9:50am - 10:00am EDT
James River Foyer

Vendor Break

10:00am EDT

Digital Forensics: Reconstructing an Attack in Modern Web Apps

Application security struggles to keep up with modern development. Attacks against applications will only continue to grow. Web3? DevOps? Pipeline? Supply chain? With so many buzz words amidst a myriad of undiscovered vulnerabilities, where does your incident response team start after an incident?

Speakers

Kris Wall

CTO, Critical Fault

Kris serves as the Chief Technology Officer and penetration testing lead for Critical Fault. After 10 years as a network administrator, Kris freelanced as a web developer for 2 years. Obsessing over the vulnerabilities within Kris' own codebase, Kris began giving talks detailing the... Read More →

Friday June 17, 2022 10:00am - 10:50am EDT
Ballroom

Technical

10:00am EDT

CTF Competition

Friday June 17, 2022 10:00am - 3:00pm EDT
Shenandoah Room

CTF

10:50am EDT

Vendor Break

Menu:

Mixed Berry Smoothies & Freshly Baked Cookies

Friday June 17, 2022 10:50am - 11:00am EDT
James River Foyer

Vendor Break

11:00am EDT

Basslines and Baselines: The role of Anomaly Detection in Cloud Security

Cloud adoption continues to accelerate and to changes our industry, enabling new business models, new ways to accelerate innovation, but also bringing new challenges to security practitioners. Scale, complexity, limited visibility, communication silos, all impede our ability to maintain velocity while ensure our businesses and customers remain safe.

This session will present and explore Anomaly Detection, an approach that many believe will be essential in our efforts towards better, more automated Cloud Security.

You will leave this vendor-neutral, accessible session with a better understanding of the promise and challenges of Anomaly Detection, focusing on public cloud, multi-cloud environments, and carry back to your work valuable insights and information.

Speakers

Andre Pitanga

Principal Solutions Architect, Lacework

Andre collaborated with and delivered projects for some of the world's most technically advanced technology organizations, including many of the largest investment banks.Focused on bringing the benefits of public cloud to highly regulated and secure environment, Andre has over ten... Read More →

Friday June 17, 2022 11:00am - 11:50am EDT
Ballroom

Business

11:50am EDT

Lunch

Menu:
All Box Lunches Include: Potato Salad, Fruit Cup, Lemon Bar, Condiments & Utensil Packet

Please select one of the following:

Market Chicken Salad with grapes, celery & green leaf lettuce on a butter croissant
Club Sandwich: Layered Edwards Country Baked Ham, Herbed Roasted Turkey Breast, Crispy Bacon, Cheddar, Green Leaf Lettuce, Roma Tomato on a Potato Roll w/ honey mustard
Vegetarian & Gluten Free Garden Wrap: Grilled Asparagus, Roasted Bell Pepper, Baby Spinach, Tomato, Red Onion and Garlic Hummus on a Gluten Free Tortilla Wrap

Friday June 17, 2022 11:50am - 1:00pm EDT
James River Foyer

Food

1:00pm EDT

Threat Intelligence 2022 Actionable?

In the early days of threat intelligence feeds we were swamped with domains, IP Addresses, and Hashes that we directly fed into our appliances and hoped that the feed we subscribed to updated IP addresses, etc. appropriately. Today we still have Domains, IP Addresses, Hashes, as well as a plethora of other data. Join me in an interactive session that showcases all the datatypes that fall under Threat Intelligence in 2022 and lets make a determination whether this data is actionable or not. The results may surprise you.

Speakers

Peter Partyka

Senior Vice President Engineering, Flashpoint

Peter Partyka leads Flashpoint’s engineering teams. Peter previously worked in the quantitative hedge fund space in New York City, implementing security and technical solutions around proprietary trading platforms, high-availability cloud deployments, and hardening of applications... Read More →

Friday June 17, 2022 1:00pm - 1:50pm EDT
Ballroom

Technical

1:50pm EDT

Vendor Break

Menu:

Warm Spinach Artichoke Dip with Pita Chips and Assorted Crackers
Assorted Mini Desserts: Cheesecakes, Chocolate Tarts and Key Lime Tarts

Friday June 17, 2022 1:50pm - 2:00pm EDT
James River Foyer

Vendor Break

2:00pm EDT

To Err is Human: Combating Human Error in the Future of Healthcare Cybersecurity

Healthcare data breaches are on average the most expensive breaches to date and are often caused by human error. The future of cybersecurity must focus on addressing the leading cause of data breaches while not burdening the everyday user. This talk benefits security professionals from all industries while it deep-dives healthcare to highlight the effect of human error on data breaches, how they’re getting worse, why they’re so expensive, what’s being done today, and where we need to go to fix it in the future.

Speakers

Ian Y. Garrett

CEO & Co-founder, Phalanx

Ian Y. Garrett is the CEO and co-founder of Phalanx, which provides human-centric data security through seamless, secure file transfers & storage.Ian knows that the best security strategy starts with helping the users it will affect. Ian has gained this insight through his experience... Read More →

Friday June 17, 2022 2:00pm - 2:50pm EDT
Ballroom

Business

2:50pm EDT

Vendor Break

Menu:

Warm Spinach Artichoke Dip with Pita Chips and Assorted Crackers
Assorted Mini Desserts: Cheesecakes, Chocolate Tarts and Key Lime Tarts

Friday June 17, 2022 2:50pm - 3:00pm EDT
James River Foyer

Vendor Break

3:00pm EDT

Malware: Where Does It Come From?

We analyzed more than 100 thousand HTTP/HTTPS malware downloads from the past two years to answer one seemingly straightforward question: Where does malware come from? More specifically, we want to understand exactly what kicked off the chain of events that led to the malware download. Did the malware download originate from social media, phishing emails, compromised websites, unsavory websites, or somewhere else? Was the URL of the malware download somewhere unsavory or seemingly innocuous? Do different malware families tend to come from different places on the web? We will answer these and other related questions and wrap up the presentation by discussing what we can do with all of this information to reduce our own risk as we browse the web.

Speakers

Ray Canzanese

Director of Threat Research, Netskope

Ray is the Director of Netskope Threat Labs, which specializes in cloud-focused threat research. His background is in software anti-tamper, malware detection and classification, cloud security, sequential detection, and machine learning. He holds a Ph.D. in Electrical Engineering... Read More →

Friday June 17, 2022 3:00pm - 3:50pm EDT
Ballroom

Technical

3:50pm EDT

Closing Reception

Prizes, CTF awards, beverages & Hors d'oeuvres

Menu:

Veggie Pot Stickers with Ginger Teriyaki Dipping Sauce
Veggie Eggs Rolls with Sesame Soy Dipping Sauce
Meatballs in a Sweet Chili BBQ Sauce
Traditional Fried Rice
Mini Cheesecake Egg Rolls and Mini Coconut Sticky Rice Balls with Caramelized Mango Coulis
Beer, Wine and Nonalcoholic Beverages

Speakers

Chris Sullo

Founder, RVAsec

Friday June 17, 2022 3:50pm - 5:30pm EDT
Ballroom

Social