Sessions

Keynote

8:45 - 9:30 | My Career's a Circle: Old Threats Made New, 30 Years of Threat Hunting Revisted
Kenneth Bechtel, Malware/Threat Researcher

A recap of 30 years of hunting and fighting the malware threat. examining how many tools and threats are rediscovered older ideas with new labels. How we can leverage this knowledge to improve defenses and predict coming trends.

Kenneth (Ken) Bechtel first discovered malware in August of 1988 when he read a paper on the subject while serving in the US Army. Upon reading the paper he understood the impact of the matter and started researching the subject and how to defend against malicious codes and attacks. Ken’s expertise in Anti-virus has been influential in founding organizations such as the Anti-Virus Information Exchange Network (AVIEN), which brings corporate researchers and administrators together to share information on malware threats; and Team Anti-Virus, which serves as an umbrella organization for like-minded independent anti-virus researchers. Ken also co-authored the AVIEN Malware Defense Guide. An established IT industry professional, Ken has spoken at well-known conferences such as Virus Bulletin and has appeared on more than 30 local Television news shows. His work has been published in trade magazines and specialized web sites such as Security Focus. Ken was also invited to join the WildList Organization as a reporter in 1998. With more than30 years of IT experience, Ken’s ideas have been widely adopted in the corporate arena and are respected in the security and malware research circles. He is a strong advocate for education, maintaining that education remains one of the best defenses in the fight against malware.

Track 1: Red Teaming or Offensive Security

10:00 - 10:45 | Building Your First Malware Analysis Lab

Joel Prentice, Security Engineer, Appalachia Technologies

This talk will cover the basics of setting up a malware analysis lab using physical and virtual targets. Participants will learn how to configure their target machines in a way that will allow them to quickly return them to a clean and uninfected state. Participants will also learn why it is important to use both physical and virtual targets. Various honeypots and their functions will be covered. I will also discuss how through the use of honeypots you can find the directive of malicious software. I will conclude by discussing the importance of staying anonymous when researching malware. I will cover what services and protocols will keep you anonymous so that malicious authors are not able to track and focus attacks on you or your business. The goal of this talk will be to give individuals enough knowledge to begin building a beginner’s level malware analysis laboratory.

Joel is a self-declared cybersecurity enthusiast. He has his bachelors degree in cybersecurity operations from Utica College.

11:15 - 12:00 | Building a Home-Hacking Lab for Testing & Fun

James Lloyd, CISSP, CEH, GPEN, GWAPT, Principal Information Security Analyst, BNYMellon

I have built and rebuilt many hacking lab setups throughout my career.  This talk will describe the best way to set up vulnerable systems and any caveats in certain builds.  I will discuss the benefits and negatives of using true Virtual Machines or Docker images.  The discussion will have a strong focus on web applications testing.  I will also share my experience in building injects for cyber exercise and how to  build/test those injects in a home lab while being mindful of the legal ramifications.

I have been working in Information Security for over 15 years.  I started working as a contractor for the Department of Defense and moved into a security administrator role.  I then joined the DISA Red Team/Penetration testing team where I was involved in countless application/network appliance and full network penetration tests.  I also coordinated the DISA cyber exercise from the Cyber Range in Quantico VA.  I then moved on to work for a startup in CA where I coordinated the DevSecOps movement at the company.  I automated security testing in the development process and helped security become a part of qa testing for the main application.  I am currently a Penetration Tester for BNYM.  I specialize in web application pen testing and full site application/infrastructure testing.

1:00 - 1:45| Open Source Intelligence 101: Finding Information on Anyone

Rae Baker, SRA Student, Penn State Cyber Security Analyst Intern, IACI

Rae will introduce Open Source Intelligence (OSINT) and discuss who uses it and why.  Then she will demo some basic OSINT situations to illustrate how to find information. Finally, she will discuss how to protect your own information from being found.

Rae Baker is a third-semester student at Pennsylvania State University studying Information Systems Technology with a focus on Cybersecurity. Rae specializes in Open Source Intelligence and currently works as a Cyber Security Analyst Intern with IACI at NASA-Kennedy Space Center. Rae is also the current President of the Penn State World Campus Technology club and is very active in organizing speaking engagements, networking, planning events, and presenting education to the club on current vulnerabilities and foreign and domestic threats. In addition, she is an Open Source Intelligence volunteer with Operation Safe Escape, which is a 501c3 non-profit comprised of security professionals tasked with keeping domestic violence victims hidden from their abusers.

2:15 - 3:00 | Is Your Security Team Going Red?

Stephen Schneiter, Program Manager, CompTIA

Just because you secure your network, it does not mean the network is secure. It is increasing more important that security teams test the security of the network. Join us as we look at the true power of the Red side!  In this session we will discuss the various issues today’s security teams face protecting data. We will discuss how cyber threats are changing and the different tactics that are used to access a network. Security teams have an abundance of frameworks to use in order to implement sound security practices and help counter the hacker lifecycle. The problem is that while checking off our security check boxes it is possible to overlook a viable security threat. Providing examples of security and breach practices we will show the importance of implement Red team tactics in pen testing the security on our network once the security practices are in place. We will highlight several tools security practitioners may choose to implement for Red and Blue team strategies and show how some may interchangeable. We will discuss how the security team is able to analyze the data from the pen test report and adjust the security implementation. It is possible to meet all of our security check boxes and actually have a secure network.

A lifetime technology enthusiast with a passion for helping others succeed, Stephen Schneiter has built his career at the crossroads of IT and education. After years learning the tricks of the trade as a network administrator and security specialist, Schneiter pivoted into roles focused on guiding and developing IT instructors and emerging IT professionals. As the product manager for CompTIA Security+ and leader of the CompTIA Instructor Network, Schneiter leverages his extensive IT education background to help instructors from around the world create successful IT training programs. Schneiter holds bachelor’s and master’s degrees from the University of Tennessee and is CompTIA Security+ certified.

3:15 - 4:00 | From The Outside In: What The Internet Knows About Your Digital Footprint

Sean Smith, Senior Software Engineer

For large organizations, it can be hard to understand, let alone minimize your digital footprint. Whether it be mergers and acquisitions, spun up cloud environments, or any other assets forgotten/not properly decommissioned over the years, it can be a challenge to put together a comprehensive and accurate inventory. This talk will go over a number of publicly available datasets that one can use to view what everyone else on the internet can find out about your digital footprint and passively monitor for changes.

Sean is a security enthusiast, particularly focused on recon and drawing relationships between organizations from public data sets.

Track 2: Blue Teaming or Defensive Security

10:00 - 10:30 | WANTED – People Committed to Solving Our Information Security Language Problem

Evan Francen, CISM, CISSP, Founder & CEO, SecurityStudio

Our industry has plenty of problems to solve. The language we use shouldn’t be one of them, and now it’s not. Evan Francen is committed to solving information security problems for our industry has developed a common, easily-understood information security risk assessment that’s comprehensive, foundational, and completely free for all to use. Today, more than 1,500 organizations are speaking the language.  We invite you to do the same.

Learn:

  • The common information security language used by 1,500 organizations (and growing fast).
  • The definition and difference of “information security” and “risk”.
  • How to translate information security into business language, resulting in common understanding, clear objectives, and well-defined budgets.
  • How you can use the common language at no cost.
  • How you can participate in the future and have an impact industry-wide.
  • Apply what you learn now.

Evan Francen is an information security expert with more than 25 years of “practical” information security experience. He has an ambitious mission; fix the broken industry.

Highlights of Evan’s career (thus far) include:

  • Founded FRSecure in 2008, an expert-level information security consulting company with more than 1,000 clients across the United States.
  • Founded SecurityStudio in 2017, a software as a service (SaaS) company dedicated to building a community of information security practitioners who speak the same “security language”.
  • Co-inventor of SecurityStudio™, the platform for managing information security risk.
  • Co-inventor of FISA™, the Fiducial Information Security Assessment. FISA™ is used by more than 800 companies across 28 industries to assess and manage information security risk.
  • Co-inventor of FISASCORE®, the definitive measurement of information security and vendor risk.
  • Developed and leads the FRSecure CISSP® Mentor Program. The Mentor Program was established in 2010 with six (6) student and has grown to more than 350 students in 2018.
  • Prior to establishing FRSecure, Evan spent more than 15 years as a leading information security professional and corporate leader in both private and public companies.
  • Advised legal counsel in high-profile breaches including Target and Blue Cross/Blue Shield.
    • 2014/2015 – Consultant to the Special Litigation Committee of the Board of Directors of Target Corporation; derivative action related to the “Target Breach”.
    • 2015/2016 – Consultant to legal counsel and Blue Cross/Blue Shield related to remediation efforts (post-breach).
    • Served as an expert witness is multiple federal criminal cases, mostly involving alleged stolen trade secrets
  • Served 100s of companies; big (Wells Fargo, Target, US Bank, UnitedHealth, etc.) and small.
  • Dozens of television and radio appearances; topics included the Target Breach, vendor risk management, artificial intelligence, and others.
  • Delivered dozens of information security talks at dozens of conferences; audiences ranging from less than 10 to more than a 1,000.
  • Written more than 750 published articles about a variety of information security topics.

Evan is an “information security evangelist,” thought leader and specialist in advising Boards of Directors, legal counsel, and executive management. His keen ability to explain technical information to non-technical personnel in all levels throughout an organization, his unique sense of humor, and his “tell it like it is” demeanor, gets the point across and produces results for all audiences.

11:15 - 11:35 | Practical Defense in Depth

Danny Mardis, Owner, The Ironbear Group

Join us while we take an in-depth look at several real life case studies of penetration tests done against companies and dissect them to determine what could have been done at each stage to prevent the attacks from being successful.

Danny Mardis holds over a decade of experience within the cybersecurity industry. As a cybersecurity consultant, and owner of The Ironbear Group, Danny has built a career on his ability to attack any obstacle and provide an actionable solution. Danny’s work experience spans multiple vital industries and has contributed to his expertise and unique skillset. In addition to his cybersecurity work, Danny spends his time participating in the Games Done Quick Video Game Speedrun Charity Events to raise money for Cancer research.

11:40 - 12:00 | The Effect and Future of Machine Learning Technologies on Cyber Security Tools
Nathalie Baker, SOC Engineer, Appalachia Techonologies, LLC

 

In this presentation Nathalie will be deliberating the effect of machine learning technologies on cyber defense tools. She will begin the presentation comparing traditional cyber defense tools to machine learning tools, discussing how cyber security professionals can evaluate these tools and evaluating the role that machine learning tools will play in the future of cyber defense. Nathalie will present the good, the bad and the ugly about incorporating machine learning tools into an environment and will provide some insight about tuning various machine learning security tools. The presentation will conclude with a discussion about whether switching to a machine learning toolset is in the best interest of the cyber security field and how to best combat the ever-evolving cyber criminals utilizing machine learning tools.

Nathalie started her technical career in the U.S. Army as an Assistant System Administrator for the III Corps Office of the Staff Judge Advocate. Nathalie has taken on various technical roles over the past 9 years, including Technical Support, System Administration, Linux System Administration and now Security Administration.  Nathalie joined the Appalachia Technologies team as a Systems Engineer in 2018 and is currently a SOC Engineer.

Nathalie has an Associates of Specialized Technology degree from YTI Career Institute in Computer Technology and Internet Security and she is also CompTIA A+ certified as well as Cisco CCENT certified.

1:00 - 1:45 | Overview of Apache Metron, an Open Source SIEM

Justin Klein Keane, MCIT, Senior Manager, SOC, Security Risk Advisors

After Cisco abandoned OpenSOC the Apache Foundation took over the project and rebranded it as Metron.  Metron is an open source SIEM tool designed to compete with more common commercial offerings.  For organizations that can’t necessarily afford a commercial SIEM product, Metron may be an attractive alternative.

This session will go over the foundations and components of Metron.  We will cover installation and setup requirements as well as briefly run through the resources needed to run Metron.  The session will touch on the major features of Metron and provide attendees with an overview of what Metron is capable of.  Finally, the session will cover relative advantages/disadvantages of Metron compared to common commercial SIEM solutions to help attendees determine if Metron might be right for their environment.

Trained as a software developer with a focus on application security, Justin holds a Masters degree from the University of Pennsylvania in Computers and Information Technology.  Justin can program in a dozen different languages and is fluent in all major operating systems.  Justin’s career has maintained a constant focus on software, development, and emerging technologies including cloud, DevOps, IoT, and embedded devices.

Justin has worked as a security engineer and architect, helping to bootstrap and scale security operations teams.  Justin focuses on the intersection of software and security practice, applying principles from Agile, Scrum, and automation, to the practice of information security.  Justin focuses on the problems of security at scale, including building effective security teams utilizing computer science and engineering to maximize effectiveness, provide consistency, and improve quality.

Prior to working for Security Risk Advisors Justin worked in health care and higher education as well as participating in a number of Open Source projects and initiative.  Justin has also worked as a trainer and adjunct professor.  Justin is a frequent presenter at regional and international security conferences.

2:15 - 3:00 | Tune-up Your Security Operations Center (SOC)

Stanley Hanke, Manager, Cyber Risk, Deloitte

Organizations are investing a significant amount of financial resources to strengthen their security posture to prevent cyber-attacks. Continuous monitoring and security operations is a proactive approach to enhance the capabilities of organizations to detect cyber threats. An efficient SOC leverages;  

  • Processes that help standardize investigation methods, communications and collaboration;
  • Technology that fosters collaboration while maintaining operational security; and
  • People who require specialized skills and training that will be front line in dealing with a barrage of security data.

In this session, Deloitte’s cyber security specialist will discuss the people, process and technology ‘lessons learnt’ while operating a security operations center.

Stanley Hanke is a manager within Deloitte & Touche LLP’s Cyber Risk practice in the Fusion Managed Services division. Stanley holds several degrees in electrical engineering including a B.S. from Georgia Institute of Technology and a M.S. from University of South Florida. While at USF, he worked as a research assistant with the iWINLAB where he was helping to solve communications and security challenges with medical IOT devices by using FPGA systems to model and emulate hardware devices used to assist with in-vitro surgery. At Deloitte he has spent the past five years working within the Fusion MSSP offering, initially as a threat analyst, then as shift lead, and most recently solving security engineering problems for an array of private and public sector clients. Stanley holds several GIAC certifications, including GCIH, GCIA, GCFA and GNFA. He is also involved with the SANS Institute as a Mentor instructor.

3:15 - 4:00 | Remediate Your Company's Greatest Vulnerability: Social Engineering

Matt Mahoney, CySA+, Information Security Analyst, Penn National Insurance

Social Engineering is a weapon capable of delivering any number of payloads. We must learn how to wield it to change the culture of our organizations. We know how to patch computers, but patching users requires an educational approach. At this session, a new curricular paradigm will be presented modeled on the work of Carol Dweck and her work on “Growth Mindset.” This session is meant to be a conversation and conversation-starter. Participants will walk away with plenty of practical next-steps to educate and empower their coworkers.

Matt began teaching people how to securely use technology in 1999 as a weekly volunteer tutor at the library. Since then, he has led educational technology transformations in private schools, taught Coding in the Classroom, and developed multiple workshops, curriculums, and trainings for Security Awareness initiatives as a teacher, trainer, and consultant. Matt is a full-stack information security management professional and an ITIL Practitioner.

Track 3: Software Development

10:00 - 10:45 | How to Get Started as Metasploit Contributor

Michael Cyr, OSCP, Owner, St. Cyr Security

A tales from the trenches talk which covers building a cheap lab to help make contributing to the largest open-source Ruby project in existence easier, as well as how to get started with submissions. We’ll explore the fun and follies of becoming a member of the geographically disperse Metasploit contributors team. Why join? We’ll lay out all of the benefits to contributing for attackers, defenders, the companies they work for and with, and the world itself.

Mr. Cyr holds a masters degree in cyber security from Towson University.  He is currently the owner of St. Cyr Security, LLC a single employee penetration testing shop for the past 9 years, conducting assessments for commercial and government clients.   Previously he helped start Exploit-DB as one of the original staff moderators for submissions and quality control experts.  He is currently one of the few non-rapid7 employees entrusted as a commiter for the Metasploit framework, volunteering to create new module, peer review submissions, and keep the framework awesome.

11:15 - 12:00 | Good Apps, Cheap

Nathan Starner, CISSP, Master’s Information Management, Manager, Vulnerability Governance, Highmark Health
Abner Vargas, Manager Platform Quality Engineering, Highmark Health

There are many security tools and techniques that can be used to ensure a secure application, each having its own costs and benefits.  As we look at application security through the lens of the business, how can we secure our applications in a cost-effective manner with as little of friction as possible?  How can security personnel and developers not just co-exist, but partner to achieve a common goal?  Controls implemented throughout the software development life cycle (SDLC) must be strategically assessed and implemented to account for a wide array of business and security objectives.

 

Nathan Starner is a Pennsylvania native, growing up on an apple orchard in South Central PA.  His love for IT took him away from the apple farm and into the server farm early in his career.  Today, Nate manages the application security governance team for Highmark Health, focusing on building secure apps and medical devices.

 

 

 

 

 

 

Abner Vargas is an IT Manager at HMHS with over 12 years of experience in the field. His area of focus is centered around Security, Performance/Load, and Parallel Testing. He is part of HU’s Pioneer graduating class of 2008 and ISEM masters degree graduate.

1:00 - 1:45 | Beneath the Surface: Keeping up with Modern Application Security

Rushabh Shah, Manager, Cyber Risk, Deloitte

With constant technological innovation, it’s more difficult than ever to keep up with a rapidly evolving landscape of web technologies and the threats that come with them. The ability to deploy applications keeps improving in both scale and speed while security considerations are often overlooked in favor of meeting business demands quickly. While organizations have started to consider integrating security in the development lifecycle, it is imperative to adopt a ‘secure by design’ principle. It enables continuous identification and remediation of findings from early stages of development to post production monitoring and maintenance. In this session, Deloitte’s Cyber Vigilant Services specialist will discuss how organizations can improve the application security posture by tightly integrating security processes early on.

 

Rushabh Shah is manager in Deloitte’s Cyber Risk practice with seven years of cyber security experience in managing and delivering cyber threat, vulnerability & risk management enagagements for large public sector organizations. Rushabh has implemented process automation and integrated security processes within the existing application development process to enable a secure software developemnt lifecycle (SSDLC).

Rushabh has been involved in vulnerability management and penetration testing, developing and implementing security policies and controls, network security, regualtory risk assessments, social engineering assessments, and security awareness trainings. Rushabh holds a B.E. in Information Technology from Mumbai University and M.S. in Information Systems from Pace University, NY.

2:15 - 3:00 | Undressing Ping

Terrill Frantz, PhD, EdD, Professor of eBusiness and Cybersecurity, Harrisburg University of Science and Technology

In this session we uncover the workings of the ping utility.  How exactly does it work?  We will dig into ICMP and create our own custom ping utility in Python and — out of respect for those techs going before us — in Perl.  We’ll watch the ICMP echo  traffic using Wireshark as our magical microscope.

 

Professor Frantz began writing computer software in 1974, as a teenager. Within a year, he was challenging a computer’s security at a local university. Gradually, he built a consulting business developing for and supporting dozens of business clients.

After completing college, he coded his way to working on Wall Street for some of the largest global investment banks in several countries. While in industry, he managed several, broader information-technology teams and development projects. His work experience spans computers from micros to mainframes, jobs from support to development, to management, and includes programming using scores of languages. He started developing for the Internet in 1992.

Dr. Frantz reoriented his professional career from industry to academics beginning in 2001 and has published numerous journal articles and book chapters since. Presently, he is Co-chief Editor of the journal Computational and Mathematical Organization Theory (CMOT). Over the past decade, he has taught technology- and business-related courses in universities in Europe and Asia, as well as the USA.

Dr. Frantz’s passionate desire is to mentor those students who oppose being slave to the technology and instead seek to become a master over that technology….nerds, geeks, or normal people, alike.

3:15 - 4:00 | Open Workshop Time

Track 4: Cybersecurity Workshops

10:00 - 10:45 | Tools of the Chain: Part 1

Charles Sgrillo, M.S. CISSP C|EH, Chief Learning Officer, Security Shell

Both theory and hands on demos will be used throughout the presentation to provide real world examples of:

  • Reconnaissance – What can adversary’s find out through both passive and active information gathering techniques.
  • Weaponization – A hands on overview of the tools & techniques used to create weaponized payloads.
  • Delivery – An overview of popular social engineering and phishing frameworks
  • Exploitation – Attendees will follow along as we complete the diskless exploitation of a victim machine
  • Installation – Overview of techniques used to install malware and bypass egress controls for C2 communication
  • Command & Control – Popular C2 frameworks will be discussed and demonstrated
  • Exfiltration – An overview of steganography and a demo of a DLP bypassing data exfil technique.

With 10+ years’ experience in Information Technology, Charles has held positions in the field such as Red Team Analyst, Security Systems Specialist, and Red Team Penetration Tester. Charles is a Certified Ethical Hacker, a Certified Information Systems Security Professional, and has extensive experience in offensive security techniques and defensive strategies. Charles is currently a professor at Drexel researching & teaching cyber and information security. His research has explored topics such as digital forensics, red team penetration testing, deep learning, IoT, and software defined radio. His graduate research thesis demonstrated the effects physical security systems can play in penetration testing and security assessments.

11:15 - 12:00 | Tools of the Chain: Part 2

Charles Sgrillo, M.S. CISSP C|EH, Chief Learning Officer, Security Shell

Both theory and hands on demos will be used throughout the presentation to provide real world examples of:

  • Reconnaissance – What can adversary’s find out through both passive and active information gathering techniques.
  • Weaponization – A hands on overview of the tools & techniques used to create weaponized payloads.
  • Delivery – An overview of popular social engineering and phishing frameworks
  • Exploitation – Attendees will follow along as we complete the diskless exploitation of a victim machine
  • Installation – Overview of techniques used to install malware and bypass egress controls for C2 communication
  • Command & Control – Popular C2 frameworks will be discussed and demonstrated
  • Exfiltration – An overview of steganography and a demo of a DLP bypassing data exfil technique.

With 10+ years’ experience in Information Technology, Charles has held positions in the field such as Red Team Analyst, Security Systems Specialist, and Red Team Penetration Tester. Charles is a Certified Ethical Hacker, a Certified Information Systems Security Professional, and has extensive experience in offensive security techniques and defensive strategies. Charles is currently a professor at Drexel researching & teaching cyber and information security. His research has explored topics such as digital forensics, red team penetration testing, deep learning, IoT, and software defined radio. His graduate research thesis demonstrated the effects physical security systems can play in penetration testing and security assessments.

 

1:00 - 1:45 | Hacking Yourself First, Penetration Testing for the Blue Team: Part 1

Brandon Keath, MS Cyber Security, Cyber Security Practice Lead, Appalachia Technologies

In this fast-paced interactive presentation/workshop Brandon will reveal everything a defender might want to know about Penetration Testing and then some. This presentation will start with an introduction to what really is a hacker? What is a penetration test? Why is it important for Blue Team members to understand these skillsets? What is a hacking methodology and why is it important? Then we will dive into various technical demo’s involving various tools including Metasploit, Burp Suite, Bloodhound, CrackMapExec, HashCat, and more! Participants will be able to follow along with many of the demos via your own virtual machines. We will conclude with additional attack vectors, and how blue teamers can use this knowledge to make their organization safer by hacking yourself first.

Brandon joined Appalachia in 2018 as a Cyber Security Practice Lead.  With prior experience in both private and public-sector IT consulting, Brandon has served in various roles in cyber security over the past 11 years specializing in ethical hacking, cyber security strategy, regulatory compliance, and cyber defense.

Brandon has taught cyber security classes for a world leading Cyber Security Bootcamp based out of Chicago and is active in the local Cyber Security community currently chairing the PAHackers Cyber Security group that meets monthly to discuss various issues facing the industry and holding various cyber security related workshops and events. Brandon has most recently presented at the Harrisburg University of Science and Technology 2018 Cybersecurity Summit, and the Security BSides Delaware and BSides Long island conferences.

Brandon has a Master’s degree in Cyber Security and Information Assurance from Western Governor’s University and a Bachelor’s of science from Central Penn College in Information Technology along with numerous security related certifications such as EC-Council’s Certified Ethical Hacker (CEH) and Certified Hacking Forensics Investigator (CHFI) certifications.

2:15 - 3:00 | Hacking Yourself First, Penetration Testing for the Blue Team: Part 2

Brandon Keath, MS Cyber Security, Cyber Security Practice Lead, Appalachia Technologies

In this fast-paced interactive presentation/workshop Brandon will reveal everything a defender might want to know about Penetration Testing and then some. This presentation will start with an introduction to what really is a hacker? What is a penetration test? Why is it important for Blue Team members to understand these skillsets? What is a hacking methodology and why is it important? Then we will dive into various technical demo’s involving various tools including Metasploit, Burp Suite, Bloodhound, CrackMapExec, HashCat, and more! Participants will be able to follow along with many of the demos via your own virtual machines. We will conclude with additional attack vectors, and how blue teamers can use this knowledge to make their organization safer by hacking yourself first.

Brandon joined Appalachia in 2018 as a Cyber Security Practice Lead.  With prior experience in both private and public-sector IT consulting, Brandon has served in various roles in cyber security over the past 11 years specializing in ethical hacking, cyber security strategy, regulatory compliance, and cyber defense.

Brandon has taught cyber security classes for a world leading Cyber Security Bootcamp based out of Chicago and is active in the local Cyber Security community currently chairing the PAHackers Cyber Security group that meets monthly to discuss various issues facing the industry and holding various cyber security related workshops and events. Brandon has most recently presented at the Harrisburg University of Science and Technology 2018 Cybersecurity Summit, and the Security BSides Delaware and BSides Long island conferences.

Brandon has a Master’s degree in Cyber Security and Information Assurance from Western Governor’s University and a Bachelor’s of science from Central Penn College in Information Technology along with numerous security related certifications such as EC-Council’s Certified Ethical Hacker (CEH) and Certified Hacking Forensics Investigator (CHFI) certifications.

3:15 - 4:00 | Open Workshop Time

Track 5: Capture the Flag

10:00 - 4:00 | Capture the Flag

BSides Harrisburg’s CTF is powered by Point3 Security’s ESCALATE Challenge Ecosystem. Competitors will compete against one another to showcase their talent to Harrisburg’s most talented cyber community.  The competition consists of hands-on challenges showcasing simple and complex vulnerabilities and operations through gamified learning. The competitor with the most point on ESCALATE’s leader board wins the competition.

Requirements

  • All competitors will need a laptop that connects to the internet.

Disclaimer: ESCALATE provides an advanced web-based Kali VM. Using the Kali VM will reduce hardware requirements.