Hacking is NOT a Crime and Red Team Village "The HackerCON" on Saturday, March 27, 2021.
All times below are in U.S. Pacific Time
All presentations will be streamed at the Red Team Village Twitch and YouTube Channels.

08:00Vulnerability Discovery For AllKelsey Fulton and Chloé Messdaghi
08:15Why Good Samaritan Laws are Needed featuring (Panel)Justin Wynn and Gary De Mercurio - Moderated by Chloé Messdaghi
0900Wild Web Warriors Web App Hacking the Next GenerationCharles Shirer
0930Hacking is Not (always) a Crime - Upcoming Changes to Hacking LawsHarley Geiger
1000Totally Free Hacker Media Training!Fahmida Y Rashid
1100Seeking The UpsideAmélie E. Koran
1130The Evolving Cybersecurity Policy Landscape and How It Impacts YouAmit Elazari
1200Security Researcher's Guide to the GalaxyJohn Jackson
1300An Introduction to and the Current State of Hacker SafetyCasey Ellis
1330Dos and Don’ts for Security Research and DisclosureKurt Opsahl
1430Why you should build a community!Stu (cybersecstu)
1500Cult of the Dead Cow and Hacktivism TodayJoseph Menn
1530Saving Lives through Security ResearchBeau Woods
1600Frustrations and Joys of Responsible DisclosureSeanWrightSec
1630The Year of the Vulnerability Disclosure PolicyJack Cable
1700Hacking is NOT a CrimeChloé Messdaghi
1730Hacking PublishingJennifer Jin and Marcus J. Carey
1830Closing RemarksOmar Santos, Chloé Messdaghi, and cedoXx
Showing entries (filtered from total entries)

Vulnerability Discovery For All

Speakers: Kelsey Fulton and Chloé Messdaghi

Abstract: A quick talk about the lack of diversity in vulnerability discovery and why it's important to conduct further research to understand the depth of the problem. This talk also shares details of the Vulnerability Discovery for All research project sponsored by Tufts, University of Chicago, UMD's SP2 Lab. 

Kelsey Fulton is a computer science Ph.D. student at the University of Maryland. Her research explores the human factors of information security with a focus on software developers and security professionals and understanding their processes and mental models. Specifically, she aims to explore the hurdles and difficulties to secure development for professionals to provide evidence-based recommendations for policy, education, and programming language and tool changes. Her most recent work focuses on the barriers to adoption of secure programming languages, the best methods for studying software developers and security professionals, and understanding the barriers faced by underrepresented groups in security.


Why Good Samaritan Laws are Needed featuring (Panel)

Speakers: Justin Wynn and Gary De Mercurio - Moderated by Chloé Messdaghi

Abstract: In September 2019, the Iowa state asked cybersecurity firm Coalfire to conduct a penetration test to see if its staff could gain access to sensitive data or equipment. Two Coalfire employees found a door to the Dallas Courthouse open, and when they closed the door to see if it would lock and then attempted to open it, an alarm was set off. Following protocol, the employees waited for police to arrive and showed them their paperwork. Initially, they were told they were "good to go," but moments later, a local sheriff showed up and arrested them; they spent the night in jail. This panel shares their story, their experience of the day and afterwards. 

Justin Wynn is a Senior Security Consultant with Coalfire who specializes in physical security and regularly performs network, application, wireless, and social engineering penetration tests. He's conducted over 300 penetration tests and numerous physical engagements - where style is everything. Recent events have inspired Justin to become more involved with security awareness and community outreach in addition to spending time on covert entry training, physical 0-day research, and inventing new tools and techniques for physical security. Other interests include radio/SDR, entrepreneurship, inventing, shooting, martial arts, and other cliche hobbies. Please like and subscribe. @redteamwynns

As a Managing Senior, Mr. De Mercurio is focused on running the Red Team and Social Engineering offerings at Coalfire. Mr. De Mercurio and his teams specialization adds multiple attack vectors such as physical intrusion, social engineering and a network attack aspect to the evaluation process of companies security infrastructure. Mr. De Mercurio served seven years in the USMC as both a UH1-N Pilot and Building and Maintenance officer. His technical background in the USMC included desktop support, SIPR system set up and repair as well as hardware troubleshooting. Following his military career, Mr. De Mercurio gained 6 years of auditing experience as an international Quality Engineer for a major aerospace company where he specialized in Systems and Special Processes improvement for international clients.


Wild Web Warriors Web App Hacking the Next Generation

Speaker: Charles Shirer

This talk is going to discuss issues that hackers face, how to get started in web application hacking the current state of web application hacking along with the tools and techniques that are in use as well as nextgen web app hacking what will the attack surface look like.

Charles Shirer is a Senior Security Consultant for Red Siege. In his spare time, Charles does retro gaming and works on the SECBSD open source project which is a penetration testing distro based on the OpenBsd Operating System. He currently works as Staff at several Security Conferences, Podcast(GrumpyHackers)(Positively Blue Team Cast) and isa part of the MentalHealthHackers DeadPixelSec NovaHackers and HackingisNotaCrime Family.(CEH,OSCP,OWSP)


Hacking is Not (always) a Crime - Upcoming Changes to Hacking Laws

Speaker: Harley Geiger

If hacking is not a crime, when will the laws catch up? This 25-minute talk will give an overview of upcoming legal and policy changes that affect the security research community. We will cover potential changes to the CFAA, the DMCA, and new vulnerability disclosure requirements in the US and EU. 

Harley Geiger is Senior Director for Public Policy at Rapid7, where he leads the company's policy engagement on cybersecurity, encryption, computer crime, exports, and digital trade issues. Prior to working at Rapid7, Geiger was Advocacy Director at the Center for Democracy & Technology (CDT), where he worked on government surveillance, privacy, and computer crime issues. Prior to that, Geiger was Senior Legislative Counsel for U.S. Representative Zoe Lofgren of California, serving as lead staffer for technology policy. Geiger is an attorney and is CIPP/US certified.


Totally Free Hacker Media Training!

Speaker: Fahmida Y Rashid

In this talk, we'll walk through the basics of pitching, briefing, and relationship-building with the press. We'll cover how to craft a story and translate your supersmart technical info into something relevant and interesting to a reporter and their readership. We'll also cover dos and don't for the briefing itself so you can hopefully land your message, get it in print, and build a lasting relationship with the reporter. 

As an information security journalist, Fahmida Y Rashid has spent over a decade analyzing news events and demystifying security technology for IT professionals, business managers, and consumers. As the executive editor of VentureBeat, she leads the newsroom and a team of contributors to cover the intersection of AI and data technology for enterprise technology decision makers. At VentureBeat, she looks at the intersection of security with AI and data. She co-founded Decipher, an online security magazine dedicated to making sense of current events. She believes that security requires an interdisciplinary approach and draws on ideas from various fields, including psychology, economics, and political science, to explain important concepts. She focuses on network operations and application development because they require in-depth understanding of the relevant technologies and workflows. Before becoming a journalist, she spent ten years in tech, as a network administrator, a software developer, a management consultant, and a product manager. Prior to launching Decipher, she wrote for various business and tech trade publications, including CSO Online, InfoWorld, eWEEK, Dark Reading, CRN, PC Magazine, and Tom's Guide.


Seeking The Upside

Speaker: Amélie E. Koran

It has been relatively easy to “bag” on the public sector when it comes to the news about how well (or not) they’ve handled putting the messaging about improving security into actual action. However, from this inside, the challenge remains with not only overcoming getting all the right people to consider the path they must follow, but aligning all the right resources in order to mark the minimum of accomplishments. This talk will provide a short discussion on the challenges people tend to face within the public sector, primarily Federal, when it comes to initiating, planning and delivering security solutions to the Federal government and where new ways of executing them may result in greater successes and wider public support. 

Amélie is a Senior Technology Advocate at Splunk, focused on helping organizations transform, grow and secure themselves in the ever evolving world of technologies and their accompanying challenges. She arrives at Splunk after nearly 25 years as a technologist, from systems administration and engineering to executive technology leadership in various industries, academia, NGOs, and the government. In the last decade, she’s supported various Federal agencies, leading various projects and initiatives, including modernization activities, cybersecurity policy, and security architecture and operations. Amélie E. Koran served as the Deputy Chief Information Officer and most recently as Chief Technology Officer for the U.S. Department of Health and Human Services, Office of the Inspector General. However, Amélie’s path prior to today took her the long way around − through multiple industry sectors, academia, and the public sector. Her professional experience includes time spent at The Walt Disney Company, Carnegie Mellon University’s CERT/CC, Mandiant, The World Bank, Constellation Energy (now Exelon) and The American Chemical Society. She began her time in the public sector as Lead Enterprise Security Architect for the U.S. Department of the Interior, eventually moving on to lead Continuous Diagnostics and Mitigation implementation for the U.S. Treasury Department. Amélie later spent time on a leadership development rotation as part of the President’s Management Council Fellowship serving the Federal CIO in supporting cybersecurity policy analysis and legislative review, where she took an active role in the government-wide Open Data Initiative and helped in giving “birth” to the United States Digital Service (USDS). She’s an ardent advocate for innovative approaches to hiring talent and rationally applying security strategies and technologies for the public and private sector. Often seen “soapboxing” about technology workforce development, training and recruiting policies, practices and techniques, she’s mostly observed providing measured guidance to InfoSec Twitter at @webjedi.


The Evolving Cybersecurity Policy Landscape and How It Impacts You

Speaker: Amit Elazari

Security is one of the most evolving and impactful landscapes in the regulatory sphere. Proposed initiatives in the areas of Internet of Things and Coordinated Vulnerability Disclosure (CVD) are among the most active and developing areas of proposed security regulation around the world. With the potential for marked impact to the researcher community, this evolving landscape also serves as an opportunity for technology innovation and collaboration. This talk, policy expert, Dr. Amit Elazari, will introduce the audience to a variety of regulatory concepts and baseline proposals shaping the future of Coordinated Vulnerability Disclosure and researchers’ collaboration.

Dr. Amit Elazari is a Director, Global Cybersecurity Policy at Intel Corporation (Governments, Market, Trade) and a Lecturer at UC Berkeley’s School of Information Master in Information and Cybersecurity. She holds a Doctoral Degree in the Law (J.S.D.) from UC Berkeley School of Law and graduated summa cum laude three prior degrees. She currently serves as one of the editors of ISO/IEC 27402 on IoT Device security and privacy baseline requirements, at JTC1 SC27. Her work on security law, computer crime, privacy and intellectual property has been published in leading law and computer science journals and presented at top conferences such as RSA, Black Hat, USENIX Security, IEEE Security & Privacy, and featured at leading news sites such as The Wall Street Journal, The Washington Post and the New York Times. Among others her work was awarded the USENIX Security Distinguished Paper Award, the Annual Privacy Papers for Policymakers (PPPM) Award Academic Paper Honorable Mention and the Casper Bowden PET award for Outstanding Research in Privacy Enhancing Technologies. In 2018, she received a Center for Long Term Cybersecurity grant for her work on private ordering regulating information security, exploring safe harbors for security researchers, and she is the co-founder of She practiced law in Israel.


Security Researcher's Guide to the Galaxy

Speaker: John Jackson

Navigating the Security Research landscape is difficult. Identifying vulnerabilities and sorting them into various categories can seem daunting. Is it a CVE or is it a fairly regular vulnerability?

The Security Research cycle is difficult and hackers need to be on their toes to understand the various methods involved in direct and ad hoc exploitation processes. Not to mention, disclosure; Informing the public is a necessary evil and laws may not always be on your side.

Topics covered

1. Understanding CVEs and Regular Vulnerabilities

2. Bug Bounty, VDP, Nothingness

3. Reporting and Biting the Bullet [Ocassionally]

4. Legal Implications

5. Writeups and Disclosure

6. Press and Consent

7. Lessons Learned

John Jackson is a cybersecurity professional, application security engineer, author, hacking advocate, security researcher, bug bounty hunter, and the founder of the Hacking Group Sakura Samurai 桜の侍, a security research group dedicated to ethical research.

He is known for multiple CVE and Enterprise Security Research contributions. Jackson currently resides in Denver, Colorado. He spends much of his time hacking, but also enjoys reading and writing -- especially poetry.

Jackson has contributed to the threat and vulnerability space, disclosing several pieces of cyber vulnerability research and assisting in resolution for the greater good. He continues to work on several projects and collaborates with other researchers to identify major cyber vulnerabilities. John is a champion for the Information Security Research space and believes that there should be better protection in place for hackers.

In 2020, he was invited to join Hacking is NOT a crime, an organization centered on rights for hackers to conduct ethical research without fear of retaliation. Jackson currently serves as an “Advocate” and assists in helping the public understand the difference between hackers and threat actors.


An Introduction to and the Current State of Hacker Safety

Speaker: Casey Ellis

After 40 years of hard-fought battles, the Internet has finally reached a place where it knows that hackers aren’t always burglars… Many of us are locksmiths. We think bad, but do good, view technology and often the world in a very different way to the people who build it; and form the immune system for our digitally-connected society.

Of all the problems the internet has, there seems to be one that rules them all: It doesn’t understand how to work with its immune system. 

In this session, I’ll run through the past/present/future of vulnerability disclosure, and give a run-through of an open-source and vendor-agnostic initiative to make conversations between builders and breakers safe, standardized, and simple. I’ll close with a Call To Action for all participants with simple ways to help and get involved.

Casey is the Chairman, Founder and CTO of Bugcrowd. He is an 20+ year veteran of information security as a career, and has been inventing stuff and generally getting technology to do things it isn't supposed to since childhood.

Professionally, he has worn a variety of hats, working as a pentester, security and risk consultant and solutions architect, CSO, and then most recently as a career entrepreneur and company leader. Casey pioneered the Crowdsourced Security as a Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the vulnerability disclosure standardization project in 2014.

Casey is a sought after industry visionary, media commentator, and public speaker, and has presented at DEF CON, Black Hat USA, RSA Conference, Techcrunch DISRUPT, Shmoocon, ENISA Incibe, Usenix ENIGMA, Derbycon, SOURCEConf, AISA, AusCERT, and many more.

A proud ex-pat of Sydney, Australia, Casey lives with his wife and two kids in the San Francisco Bay Area. He is happy as long as he is pursuing potential.


Dos and Don’ts for Security Research and Disclosure

Speaker: Kurt Opsahl

Kurt Opsahl, Deputy Executive Director and General Counsel of the Electronic Frontier Foundation, will discuss the best and worst practices, both from a legal and pragmatic perspective, for research and reporting of vulnerabilities with a focus on useful, positive and negative advice. He will also introduce the Electronic Frontier Foundation, EFFF”s Coders' Rights project and how yours right to freedom of expression can help protect you while reporting vulnerabilities.

Kurt Opsahl is the Deputy Executive Director and General Counsel of the Electronic Frontier Foundation. In addition to representing clients on civil liberties, free speech and privacy law, Opsahl counsels on EFF projects and initiatives. Opsahl is the lead attorney on the Coders' Rights Project, and is representing several companies who are challenging National Security Letters. Before joining EFF, Opsahl worked at Perkins Coie, where he represented technology clients with respect to intellectual property, privacy, defamation, and other online liability matters, including working on Kelly v. Arribasoft, MGM v. Grokster and CoStar v. LoopNet. For his work responding to government subpoenas, Opsahl is proud to have been called a "rabid dog" by the Department of Justice. Prior to Perkins, Opsahl was a research fellow to Professor Pamela Samuelson at the U.C. Berkeley School of Information Management & Systems. Opsahl received his law degree from Boalt Hall, and undergraduate degree from U.C. Santa Cruz. Opsahl co-authored "Electronic Media and Privacy Law Handbook." In 2007, Opsahl was named as one of the "Attorneys of the Year" by California Lawyer magazine for his work on the O'Grady v. Superior Court appeal. In 2014, Opsahl was elected to the USENIX Board of Directors.


Why you should build a community!

Speaker: Stu (MHAC)

Stu (cybersecstu), discusses why community is important for fostering collaboration, forming important connections, mentoring, and the great things that can happen from this. 

Stu shares his experience of building an infosec community The Many Hats Club, the highs and lows, but ultimately why this is something we should all strive to do. The talk will cover the following:

- Why communities are vital in infosec

- How to start out

- Platforms

- Pitfalls and things to avoid (from my many mistakes)

- Mentoring

- Key achievements - 2 x cons, CTF's, Podcasts, community projects, research, responsible disclosures etc.

- Mods/Admins, COC etc things you cannot live without.

- Why you should all build a community right now!

- Q&A

Stuart Peck heads up Cyber Security Strategy for ZeroDayLab. Stuart has over 13 years’ experience in the information security industry, including delivering threat intelligence, social engineering, and incident response projects. He is also an expert on Open Source Intelligence, and regularly is asked to deliver talks on the latest attacker trends facing organizations today.

Stuart has been featured in many leading news sites including Security Affairs, The State of Security, ZDnet, Bleeping Computer, The Daily Mail, and in the Tribe of Hackers Blue Team Book. He is the 3 times Black Badge winner for TraceLabs global OSINT Search party competition for finding missing people and volunteers for the National Child Protection Task Force using his skills to find missing children and organized criminals globally. Stuart founded the Many Hats Club in 2017- a large community that has organized 2 conferences (raising over $30k for non profits), hosted CTF's and a podcast.


Cult of the Dead Cow and Hacktivism Today

Speaker: Joseph Menn

More than 20 years have passed since the seminal hacking group Cult of the Dead Cow coined the term hacktivism, which it defined as security work in service of human rights. Since then, the concept has become even more critical, and it is playing out across a stage that includes nonprofits, the most valuable companies and the most powerful countries in the world. This is the story of how we got there.

A security journalist for more than two decades, Joseph Menn is the author of the bestseller "Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World," first published in 2019. It revealed that then-presidential candidate Beto O'Rourke had belonged to the oldest surviving and most influential group of U.S. hackers and explained the origins of hacktivism and ethical security work. The New York Times Book Review called it "a hugely important piece of the puzzle for anyone who wants to understand the forces shaping the internet age.” It was named one of the 10 best nonfiction works of the year by Hudson Booksellers, one of the five cybersecurity books everyone should read by the Wall Street Journal, and inducted into the Cybersecurity Canon project’s Hall of Fame.

Menn is an investigative technology reporter for Reuters, having previously worked at the Financial Times and the Los Angeles Times, where he began writing about cybersecurity in 1999. Menn also wrote the 2010 bestseller "Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet," a real-life thriller that brought the modern face of cybercrime to a mainstream audience. Fatal System Error revealed collaboration between major governments and organized crime, and was placed on the official reading list of the US Strategic Command, while the New Yorker magazine compared it to the novels of Stieg Larsson. Before that, he wrote the definitive inside account “All the Rave: The Rise and Fall of Shawn Fanning’s Napster,” named one of the best three books of the year by Investigative Reporters & Editors Inc.

Menn speaks regularly at security conferences including Def Con, Black Hat and RSA and tweets as @josephmenn.


Saving Lives through Security Research

Speaker: Beau Woods

Our dependence on connected technology has grown faster than our ability to safeguard ourselves - cybersecurity failures impact human life and public safety. I Am The Cavalry is a global grassroots initiative from the security research community collaborating with others to avoid harm, where “bits-and-bytes meet flesh-and-blood”. Over the past eight years, we have helped shape international laws and practices toward better outcomes, as well as to introduce security researchers into significant industry and government conversations. This talk will introduce I Am The Cavalry, demonstrate achievements and methods, and show the audience what they can do to help make the world safer, sooner, together.

Beau Woods is a Senior Advisor with CISA, Cyber Safety Innovation Fellow with the Atlantic Council, a leader with the I Am The Cavalry grassroots initiative, Founder/CEO of Stratigos Security, and sits on the board of several non-profits. His work bridges the gap between the security research and public policy communities, to ensure connected technology that can impact life and safety is worthy of our trust. He formerly served as Entrepreneur in Residence with the US FDA, and Managing Principal Consultant at Dell SecureWorks. Over the past several years in this capacity, he has consulted with the energy, healthcare, automotive, aviation, rail, and IoT industries, as well as cyber security researchers, US and international policy makers, and the White House. Beau is a published author, frequent public speaker, often quoted in media, and is often engaged for public or private speaking venues.


Frustrations and Joys of Responsible Disclosure

Speaker: SeanWrightSec

This session will cover some of the frustrations which researchers can face when attempting to perform responsible disclosure. The talk will also focus on some possible approaches which a researcher can take should they face a situation in which they do not get the appropriate results which they had hoped for. Finally the talk will also look to some of the better sides of responsible disclosure and the joys which it can bring.

SeanWrightSec: Lead Application Security SME at Immersive Labs with an origin as a software developer. Primarily focused on web based application security with a special interest in TLS related subjects. Experienced in providing technical leadership in relation to application security, as well as engaging with teams to improve the security of systems that they develop. Passionate to be a part of the community and giving back to the community. Additionally, enjoy spending personal time performing personal security-related research.


The Year of the Vulnerability Disclosure Policy

Speaker:  Jack Cable

It’s an exciting time for vulnerability disclosure. Thousands of companies now offer vulnerability disclosure policies (VDPs), and that number is increasing every day. With such policies, not only are hackers better protected in disclosing vulnerabilities, but the public can stay better informed about security practices across organizations. 2020 proved to be a breakout year for vulnerability disclosure policies, with vulnerabilities launched across every U.S. federal civilian agency, the elections industry, and more. Yet with these advances comes an increased need to ensure such policies are effective and protect both organizations and hackers. As evidenced by past legal disputes, the process of building and abiding to a VDP is nontrivial. In this talk, learn about the history of the VDP, ongoing legal troubles, and best practices moving forward to ensure the efficacy of VDPs. Case studies of action by the United States and Netherlands governments demonstrate that VDPs can be implemented as a standard in order to increase public security. By structuring VDPs in the right way, such policies can be implemented to offer transparency critical to increasing public trust around security.

Jack Cable is a security researcher and student at Stanford University. Jack formerly worked for the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to help secure the 2020 election. Jack is a top ranked bug bounty hacker, having identified over 350 vulnerabilities in companies including Google, Facebook, Uber, Yahoo, and the U.S. Department of Defense. After placing first in the Hack the Air Force challenge, Jack began working at the Pentagon’s Defense Digital Service. Jack was named one of Time Magazine’s 25 most influential teens for 2018. At Stanford, Jack studies computer science and launched Stanford’s bug bounty program, one of the first in higher education.


Hacking is NOT a Crime

Speaker: Chloé Messdaghi

'Hacking is NOT a Crime' is a grass-rooted movement that is trying to change how the hacker community is viewed by the public and partnering with organizations to assist with hacker rights. By challenging socially constructed beliefs of what and who is a hacker, we have the ability to change the current landscape and update legislation.

 At this time, 1 out 4 hackers do not report a vulnerability if the organization doesn't have a vulnerability disclosure. This is due to the fear of being prosecuted because the public holds biases that negatively impact the hacker community. Even when good faith research is shared, it can be ignored or misunderstood. This is also the reason why legislation needs changes. No representation of the hacker community has been part of any laws being created and enacted. 

This talk discusses what we can do together to change the situation, what actions are needed immediately, and the mission of Hacking is NOT a Crime. 

Chloé Messdaghi is passionate about keeping people safe and empowered both on and offline, she is also interested in increasing the number of marginalized genders in information security. She is the co-founder of Women of Security (WoSEC) and Hacking is NOT a Crime, and the founder of WeAreHackerz. She is a keynote speaker at major information security conferences and events, and serves as a trusted source for national and sector reporters and editors. She holds a Master of Science (M.S.) from The University of Edinburgh, and a BA in International Relations from University of California, Davis, as well as a Certificate in Entrepreneurship from Wharton and other professional certificates.


Hacking Publishing

Speakers: Jennifer Jin and Marcus J. Carey

Information that can be easily accessed and shared benefits everyone in the community. Many people dream of being able to publish a book but don’t know where to start. It has never been easier to self publish a book. Many people don’t know that Tribe of Hackers started off as a self-published book after the concept for the book was rejected by publishers.

Tribe of Hackers started with an idea: to inspire folks of all ages and backgrounds to learn more about cybersecurity and to get their foot in the door. In this talk, we will explain how we took that idea and turned it into a physical book that has been shared with thousands of people globally. The series has allowed hundreds of contributors to share their resources and experiences with those inside and outside the hacker community.

You don’t need to be an expert writer to publish your own book. There is so much knowledge to share and hopefully this session will inspire and equip the attendees to go out and share their skills and information through publishing.

Jennifer Jin is a Product Marketing Manager at Mio where she works with sales, engineering, and marketing teams to launch products to market. Prior to Mio, Jennifer was the Head of Marketing at Threatcare and helped bring the Tribe of Hackers from idea to physical book in hand. She loves learning about new tech tools, translating hard concepts into easy-to-understand ideas, and being a leader in various organizations.    

Marcus J. Carey is an Enterprise Architect at ReliaQuest where he does security research and product development. Prior to joining ReliaQuest, Marcus was the founder and CEO at Threatcare (acquired by ReliaQuest) and has 20 years of cybersecurity experience. Marcus has worked in penetration testing, incident response, and digital forensics with federal agencies such as NSA, DC3, DIA, and DARPA. Enterprise Architect, ReliaQuest 


(c)2021, Red Team Village