|0100-0200||Back to the future: Computer science and systems biology||Noa Novogroder & Dr Lorenz Adlung|
|0215-0315||Modern Red Team Tradecraft||Sajal Thomas|
|0330-0430||Executing Red Team Scenarios with Built-in Scenario Place||Gokberk Gulgun and Erdener Uyan|
|0445-0545||OU having a laugh?||Petros Koutroumpis|
|0600-0700||All of the threats: Intelligence, modelling and hunting through an ATT&CKers lens||Tim Wadhwa-Brown|
|0715-0815||Catch Me if You Can||Eduardo Arriols|
|0830-0930||Mechanizing the Methodology: Automating Discovery, Testing, and |
Alerting using Recon/Testing Tools and Amazon SES
|0945-1045||Y'all Tryna Bypass Python 3.8 Audit Hooks or Nah?||Leron Gray|
|1100-1200||Initial Compromise through Web Side||Walter Cuestas|
|1215-1230||Inside the Mind of a Threat Actor: Beyond Pentesting||Phillip Wylie|
|1245-1345||The Student Roadmap to Becoming A Penetration Tester||Jonathan Helmus|
|1400-1500||The Art of Balancing: A Burnout Talk||Chloe Messdaghi|
|1515-1615||APTs <3 PowerShell and Why You Should Too||Anthony Rose & Jake Krasnov|
|1630-1730||Indicators of Emulation: Extra Spicy Adversary Emulation||Ch33r10 & haydnjohnson|
|1745-1845||Emulating an Adversary with Imperfect Intelligence||Adam Pennington|
|1900-2000||Automating Threat Hunting on the Dark Web and other nitty-gritty things||Apurv Singh Gautam|
|2015-2115||Bypassing in Mobile Network From Red-Team Points of View||Ali Abdollahi|
|2130-2230||Sounds Legit: Why you shouldn't trust that speaker||Mauro Eldritch & Luis Ramírez|
|2245-midnight||Weaponized XSS - Moving Beyond Alert(1)||Ray Doyle|
Noa Novogroder (@noanovo) graduated from the first round of the Israeli cyber security academy and is currently a master student at the Weizmann Institute of Science in Israel. Before turning into biology, she’s worked for several years at Checkpoint, an Israeli high-tech company in the field of cyber security. In her free time, she likes to swim and offer cure to obese mice.
Dr. Lorenz Adlung (@lorenzadlung) obtained his PhD from Heidelberg University in Germany. Since 2017 he's a visiting scientist at the Weizmann Institute of Science in Israel working in the field of computational biology, with strong emphasis on both, the computation and the biology. Besides his profession, his main passion is science communication, preferably through poetry and performance.
Sajal Thomas is a Senior Consultant at FireEye Mandiant. He works with the Mandiant Red Team in the Asia Pacific region. Sajal has simulated adversaries and helped secure customers in India, Singapore, Malaysia, Thailand, Japan, Indonesia, Philippines, Hong Kong, Taiwan, Australia, New Zealand, United Kingdom, Germany and the United States which provides him a unique insight into the diverse landscape of the challenges faced by attackers and defenders. In his free time, Sajal enjoys brewing coffee, watching football and reading about nation-state cyber espionage tradecraft.
Gökberk Gülgün has worked in the field of information security for over 6 years as an engineer, researcher, practitioner and educator. Currently, Offensive security engineer at an industry-leading bank based in the Turkey. Plans and conducts full-scope Red Team engagements that simulate realistic, targeted, attacks. Responsible for performing host infrastructure penetration testing, physical security assessments, web and mobile application testing, social engineering engagements, source code reviews, embedded device assessments, and wireless penetration tests.In the past, he has given several presentations on Malware Analysis, Red Team Operations, discovered 0days and IoT security.
Petros Koutroumpis is a security consultant and has delivered multiple red and purple team engagements. His research is mainly focused on Active Directory and Windows post-exploitation. He likes to spend his free time developing new tools and contributing to open-source projects.
Tim Brown joined Cisco as part of their acquisition of Portcullis for whom he worked for almost 12 years. He is equally happy performing white box assessments with access to source code or where necessary diving into proprietary binaries and protocols using reverse engineering methodologies. Tim has contributed to a number of Cisco’s bespoke methodologies covering subjects as diverse as risk and compliance, secure development and host hardening. Tim has looked at targets as varied as risk, mainframes, MPLS, power stations, cars, banking middleware and devops as well as supporting Cisco's SOC and incident response capability. Outside of the customer driven realm of information assurance, Tim is also a prolific researcher with papers on UNIX, KDE, Vista, Active Directory and web application security to his name. Tim is credited with almost 150 vulnerability advisories covering both kernel and userland, remote and local. Most recently Tim spoke at to the ATT&CK community on some of his use of ATT&CK for data science and threat hunting research. Tim particularly like to bug hunt enterprise UNIX solutions.
Eduardo Arriols is RootPointer's Founder, a Cybersecurity Startup. Previously, he has worked for 6 years as head of Red Team teams in different organizations, coordinating and developing only advanced intrusion exercises (Red Team) at the international level (America, South America and Europe). Undergraduate and postgraduate university professor at U-tad University, where he teaches in the different courses of the Software Engineering degree. Likewise, he also teaches in different postgraduate courses at other Spanish Universities like UCLM and URJC. Author of the book "The Company's Red Team" by the 0xWord publisher (Spanish), which describes the Red Team concept, and how to run intrusion simulations on an organization at a technical level. Security researcher and speaker at national and international conferences such as RootedCON, Navaja Negra, STIC Conference (CCN-Cert) or 8.8 Security Conference (Chile and Bolivia).
Daniel Miessler is a recognized cybersecurity expert and writer with 20 years in Information Security. His experience ranges from technical assessment and implementation, to executive level advisory services consulting, to building and running industry-leading security programs. His 20 years of experience in security ranges from the vibrant startup ecosystem in his birthplace of Silicon Valley, to working with many of the top 100 worldwide companies. He frequently gives talks and participates in panels around the world, and his work and commentary have been featured in dozens of the world’s leading publications.
Leron Gray is a ten year Navy veteran and former NSA operator with six years of offensive security experience. He's currently works on the Azure Red Team at Microsoft, loves winning all the CTFs, and enjoys writing things in Python and Pythonic languages. Also a dope rapper. #BARS
Walter Cuestas - Pentester and Red Teamer for Open-Sec LLC and Cobalt Labs Inc with more then 15 years of experience focused on infrastructure and web applications pentesting and red team operations.
Speaker at Ekoparty (several years) and instructor at DEF CON 26 (Lateral Movement workshop).
Phillip Wylie is the Senior Red Team Lead for a global consumer products company, Adjunct Instructor at Richland College, and The Pwn School Project founder. Phillip has over 22 years of experience with the last 8 years spent as a pentester. Phillip has a passion for mentoring and education. His passion motivated him to start teaching and founding The Pwn School Project a monthly educational meetup focusing on cybersecurity and ethical hacking. Phillip teaches Ethical Hacking and Web Application Pentesting at Richland College in Dallas, TX. Phillip is a co-host for The Uncommon Journey podcast. Phillip holds the following certifications; CISSP, NSA-IAM, OSCP, GWAPT.
Jonathan Helmus - Security engineer and educator who has been working in engineering, security, and information technology for 10 years. Specializations in Penetration Testing, Threat and Adversarial Assessments, Vulnerability Management, Cloud Technology (AWS), and experience as a Technical Educator and University Level Professor.
Evan Anderson is the Director of Offense at Randori. He has over 15 years of experience in red teaming, vulnerability research and exploit development and is a founding member of the NCCDC Red Team. Prior to co-founding Randori, he worked at Kyrus Technologies supporting commercial and federal projects.
Anthony “Cx01N” Rose, CISSP, is the Chief Operating Officer of BC-Security and Lead Pentester at Merculite Security. He has more than a decade’s worth of experience in digital communications, working with Red and Blue teams, and as an electrical engineer. His research has focused on wireless networks and embedded systems security. Anthony leveraged his research at DEF CON 24, where he published his work revealing wide-spread vulnerabilities in Bluetooth locks and brought awareness to the masses. His workshop at DEF CON 27 resulted in the reboot of the post-exploitation framework, Empire, which he actively develops and maintains. Jake “Hubbl3” Krasnov is the Chief Executive Officer of BC-Security. He spent the first half of his career as an astronautical engineer overseeing rocket modifications for the Air Force. He then moved into offensive security, running operational cyber testing for fighter aircraft and operating on a red team. His most recent focus has been on developing cybersecurity testing tools for embedded systems. He was an instructor at DEF CON 27, where he taught AMSI evasion techniques and his most recent efforts contributed to the resurrection of the post-exploitation framework Empire.
@ch33r10 works for a Financial Services Fortune 500 Company. She is a graduate of the SANS 2017 Women’s Academy, has an MBA in IT Management, and currently holds the GSEC, GCIH, GCFE, GMON, GDAT, GPEN and GCTI certifications. She is a member of the Financial Services Information Sharing and Analysis Center (FS-ISAC), YaraExchange, and FuzzySnugglyDuck. @ch33r10 is a doctoral student at Marymount University and has served on multiple CFP review boards.
@haydnjohnson has over 7 years of information security experience, including network/web penetration testing, vulnerability assessments and Cyber Threat Intelligence. He was on the 2019 SANS Purple Team CFP review board and currently holds the OSCP, GXPN and eCIR certifications. @haydnjohnson has gained both red and blue team experience.
Adam Pennington (@_whatshisface) leads ATT&CK at The MITRE Corporation and collected much of the intelligence leveraged in creating ATT&CK’s initial techniques. He has spent much of his 11 years with MITRE studying and preaching the use of deception for intelligence gathering. Prior to joining MITRE, Adam was a researcher at Carnegie Mellon's Parallel Data Lab and earned his BS and MS degrees in Computer Science and Electrical and Computer Engineering as well as the 2017 Alumni Service Award from Carnegie Mellon University. Adam has presented and published in a number of venues including FIRST CTI, USENIX Security and ACM Transactions on Information and System Security.
Erdener Uyan has worked in the field of information security for over 10 years as an engineer, researcher, practitioner and educator. His wide-ranging career has spanned many areas of information security, including research and development of very high-assurance, multi-level secure systems for use in government and the military, research and development of cryptographic systems, and general IT security and compliance for commercial organizations in the industries. Uyan earned his PhD degree in Cryptography at the Middle East Technical University.
Apurv Singh Gautam is pursuing his Master's in Cybersecurity from Georgia Tech. He commenced work in Threat Intel/Hunting 2 years ago. Throughout his professional career, he worked on hunting threats from both clear web and dark web and is also involved in performing HUMINT on the d2web. He is very passionate about giving back to the community and has already conducted several talks and seminars in local security meetups, schools, and colleges. He loves volunteering with Cybrary and Station X to help students make their way in Cybersecurity. He looks forward to the end of the day to play and stream one of the AAA games Rainbow Six Siege.
Ali Abdollahi is a cyber security expert with over 8 years of experience working in a variety of security fields. Ali is a full-time consultant helping clients with product security testing, reverse engineering, penetration testing, exploit developing, red-teaming, secure coding, and more, giving him ample opportunity to use his skills in a diversity of ways. In addition, He is instructor, author and board of review at Hakin9 company. Ali is a self-confessed bug hunter, publisher of many vulnerabilities and CVEs. Ali is a regular speaker and trainer at industry conferences.
Mauro Cáseres (@mauroeldritch) is an argentine hacker and speaker. He spoke at DEF CON 26 Las Vegas (Recon & Data Duplication Villages), DevFest Siberia, DragonJAR Colombia, Roadsec Brasil, and DC7831 Nizhny Novgorod. Currently working as SecOps for the Argentine Ministry of Production.
Luis Ángel Ramírez Mendoza (@larm182luis) is a colombian electronic engineer, hacker and speaker. He spoke at DragonJAR Colombia (Biggest hacking spanish speaking conference in LATAM) and is currently working as a Cybersecurity and Artificial Intelligence Professor at University of Guajira in Colombia.
Adam Mashinchi is SCYTHE's VP of Product Management where he leads the project management, design, and quality assurance departments for SCYTHE's product portfolio. Before SCYTHE, Adam defined and managed the development of enterprise security and privacy solutions with an emphasis on usable encryption at a global scale and led numerous technical integration projects with a variety of partners and services.