SecureWV
Lucky 13
October 21-22, 2022
SecureWV
Lucky 13
October 21-22, 2022
Friday Keynote:
James McQuiggan
Ransomware, Ransom-war
& Ran-some-where
& Ran-some-where
Saturday Keynote:
Mick Douglas
Defending Against
Advanced Adversaries
Advanced Adversaries
Friday Keynote:
James McQuiggan
Ransomware, Ransom-war
& Ran-some-where
& Ran-some-where
Saturday Keynote:
Mick Douglas
Defending Against
Advanced Adversaries
Advanced Adversaries
2022 Sponsors
2022 Villages
IT / Tech Book Swap
ALL BOOKS MUST BE IT RELATED.
Bring a book, take a book.
If you are anything like us you have a full bookshelf of IT books that you no longer are going to pick up, since you have already passed the cert. Rehome it at SecureWV.
Bring a book, take a book.
If you are anything like us you have a full bookshelf of IT books that you no longer are going to pick up, since you have already passed the cert. Rehome it at SecureWV.
LockPick Lair
THERE WILL BE LOCKS!
The Lockpick Village is a physical security demonstration and participation area. Learn about the vulnerabilities of various locking devices and practice on locks of various levels of difficulty to try it yourself.
The Lockpick Village is a physical security demonstration and participation area. Learn about the vulnerabilities of various locking devices and practice on locks of various levels of difficulty to try it yourself.
Resume Workshop
HEY YOU! YOUR RESUME SUCKS!
Is your resume not getting noticed? Let our resident expert give you real world tips and advice on your resume. Stop by the Resume Workshop and signup early, spots will fill up quick.
Is your resume not getting noticed? Let our resident expert give you real world tips and advice on your resume. Stop by the Resume Workshop and signup early, spots will fill up quick.
Friday – Oct 21
{Track 1}
[Track 2]
Saturday – Oct 22
{Track 1}
[Track 2]
{Track 1}
[Track 2]
{Track 1}
[Track 2]
10:00
KEYNOTE Ransomware, Ransom-war & Ran-some-where
We’ve all heard about ransomware and its impact on organizations as they suffer an attack almost every 11 seconds. What if we could learn how one of these cybercriminal organizations operated, their business models, and the level of experience needed to work for them?
Last year, the Conti ransomware group was a victim of their own style of operations when their playbook and other sensitive information ended up online.
James McQuiggan
Security Awareness Advocate, KnowBe4
11:00
Women in Tech Round Table
Emily Wall
VP, Global Ethics & Compliance
Francine Hammond
Compliance Training Specialist
13:00
Amateur Radio 101
An introduction to Amateur radio and why it’s fun and useful! We will discuss what amateur radio is (and what it’s not!), why it exists, who can be licensed and how they can do it.
Brandon Curnutte
Cyber Security Operations Analyst
13:00
Introduction to PowerShell
You have Windows – now what? The older command processor did have a limited batch language which left much for utility vendors to provide. Now PowerShell offers access to the OS from the command line.
In this talk we will cover some PowerShell history but will mostly focus on the tool itself – both the IDE and basic command-line version.
We will see what you get “out of the box”, how we can add more function by downloading modules, and how we can create aliases and if we have to broach the subject of PowerShell programming.
All are encouraged to follow along and try the examples.
Eric Schultz
Cyber Security Professional
14:00
Capture the Flag with PowerShell
Continuing on from the first class, we will use PowerShell to work our way through the web-based CtF challenges.
Student participation is encouraged – all are welcome to follow along on their own computers.
If there is space and time, I may be willing to be available for students who continue on their own and have questions or problems.
Eric Schultz
Cyber Security Professional
15:00
Boning Vulnerabilities with Greenbone Security Assistant
This presentation provides a illustration of the Linux-based, free and open-source Greenbone Security Assistant (formerly OpenVAS) and its uses. A detailed dive into installation, operation, maintenance, reporting and interpreting, tips, and tricks will be covered.
Jason Shirley
Tier I Engineer, Cardinal Technology Solutions, Inc.
15:00
I Got 99 Problems but a WAF ain’t one
Deploying a WAF is the hardest IT Security projects I ever completed. It requires implicit trust and support between IT Security and App Dev. A WAF project demands networking, traditional IT Architecture, Cloud Architecture, and App Development skills. Join us to learn how be successful.
Micah Brown
16:00
AI Assurance for system operators
Whether we like it or not (and personally I’m skeptical), the adoption and deployment of AI/ML systems is transforming the computing landscape. The mating of complex statistical models to cloud computing infrastructure fed by data from ever more instrumented environments has led to a veritable arms race/gold rush (arms rush?) to deploy these systems. But the Data Scientists that develop these systems aren’t experts on deploying code or building infrastructure which means, that just like in any good gold rush, someone has to ride shotgun. If it’s your job to maintain and validate systems long term then you need a framework for how to think about AI/ML in a way that allows you to prioritize and act. This talk will use examples from our team’s work testing ML systems to give you the beginnings of that framework as well as equip you with some tools and techniques to help you customize it to your unique needs.
09:00
KEYNOTE – Defending Against Advanced Adversaries
Attendees of this talk will learn how organized crime and nation state level adversaries approach and attack your network. Most importantly, this talk is filled to bursting with actionable items you can implement at your home and work networks to bring attackers of all skill levels to tears. You can make resilient and tamper evident networks. In this talk, you’ll learn how, and walk away with some scripts and tools to use to make this all happen!
10:00
Demystifying Zero Trust
Zero Trust isn’t just another cyber buzzword. This presentation aims to break down Zero Trust or ZT into its various parts and to explain how each of the smaller parts works together to implement a Zero Trust Framework.
Bill Gardner
11:00
Hillbilly Storytime (2022 Edition) – Pentest Fails
Whether or not you are just starting in InfoSec, it is always important to remember that mistakes happen, even to the best and most seasoned of analysts. The key is to learn from your mistakes and keep going. So, if you have a few minutes and want to take a load off for a bit, come and join in as this hillbilly spins a yarn about his, and sometimes other peoples’, misadventures in pentesting. All stores and events are true (but the names have been changed to prevent embarrassment).
Adam Compton
Principal Security Consultant, TrustedSec
13:00
Open Source and Data Intelligence
Investigations don’t have to be one boring page after another. Using tools like Maltego, Traffic analysis and other open source tools, we can create a compelling and informative analysis which gets us where we need to be.
Daniel Efaw
13:00
Career Arcs
Information security and forensics are fundamentally technical disciplines and we rely on education and certification to identify people to fill roles, along with personal capabilities. As we get better, we get promoted. These promotions affect our responsibilities and dictate what new capabilities we need to add to maintain proficiency and utility.
This discussion covers how to get into the fields from a zero starting point and how to pursue initial employment. It then delves into promotion paths and escalating responsibilities to identify career paths and help viewers identify goal setting opportunities.
In this global, competitive marketplace, understanding where you are going and how you need to get there is essential to knowing what your career path is and how it relates to your personal preferences and objectives.
Brian Martin
Liticode
14:00
Threat Hunting For Dummies
You do not need to be skilled to track, hunt and exterminate bad actors from a network. This talk will provide you the guideposts and know how to start your own threat hunting program while avoiding the common pitfalls and mistakes new threat hunters come across.
Nate Hicks
Hacker, Husband, and Internet Introvert.
14:00
An Overview of Quality Framework Assessments
Whether you are delivering one or buying one, understanding what goes into a framework assessment for any compliance area is essential to cost-effective, high-quality outcomes. Whether it is privacy, security, SDLC, or regulatory, all framework assessments should be conducted using the same methodology to provide consistency and assure consumers they are worth more than the paper they are printed on.
Using the NIST CSF and CMMI frameworks, we will walk through all the steps in an assessment process including determination, purchasing, execution, reporting, and certification. We will examine what goes into the maturity ratings, and how to conduct the assessment in a diplomatic manner to provide value and be efficient.
Attendees will obtain an solid understanding of what constitutes a quality framework assessment and what garbage looks like using examples drawn from 30 years of work at some of the largest, most exacting companies in the world.
Brian Martin
Liticode
15:00
Star Wars: How an ineffective Data Governance Program destroyed the Galactic Empire
The Galactic Empire in Star Wars Episode 4 was destroyed not by a farmboy from Tatooine, but by an ineffective Data Governance Program. This talk will be 100% vendor agnostic and will focus on tools, techniques, and strategies that attendees may take back and implement effective Data Governance.
Micah Brown
15:00
Bashing into Forensics
This talk will show attendees how to use bash shell scripting to perform some forensics tasks, such as file carving. Comparisons will be made to using Python and compiled tools to perform similar tasks. Only a basic understanding of Linux is required to get something from this talk.
Philip Polstra
16:00
An open sourced approach to network segmentation
How we have approached network segmentation testing utilizing common tools for both an on premise and AWS environments. This talk will go in-depth on our “Quadrant 42” project, to include a release of the github project for others to take a look, a review of the methods, and a proposed release chart that is current at the time of the conference. Also, we would like to have a open forum for TTPs and development ideas.
Josephus Malone
Panda
Jaia Williams
BAMFF
16:00
Becoming an IR Superstar
Are you an aspiring Incident Responder? Perhaps looking to advance from a career as a Security Operation Center (SOC) analyst? Or simply intrigued by the technical aspects around being an Incident Response (IR) professional? IR analysts and engineers conduct investigations to answer the classic “Who, What, When, Where, Why, and How” questions in responding to security alerts and incidents. Incident Responders utilize a working knowledge of Defensive Security, Offensive Security, and Digital Forensics to conduct their investigations. During this presentation, we cover the technical skills and baseline knowledge required on the roadmap to becoming an IR Superstar!
Matt Scheurer
Select date to see events.
*this is a work in progress and will be update, without notice.
