Announcing #GRIMMCon 0x2, our second in a series of FREE VIRTUAL Conferences for the community! We’ll have two tracks, one especially for First Time Speakers who we’ll pair with an expert. Talks will be a mix of tech and personal fun.
New Speaker Coach
Steven has worked in Cybersecurity for 11 years. Prior to joining the field he served in the 2-14 Infantry Regiment 10th Mountain Division completing two tours to Iraq and a tour to Kosovo. Steven has worked in vulnerability management, incident response, governance and policy, regulatory compliance, and emergency management. He has worked on multiple efforts focused on critical infrastructure protection. He is currently working with Tom Alrich on a supply chain security book that is planned to be published in October of 2020. You can follow him on Twitter @TNvolsfan29
Inside the Galaxy Brain
Sherrod is the Senior Director of Threat Research and Detection at Proofpoint where she leads a worldwide malware research team to advance Proofpoint threat intelligence and keep organizations safe from cyberattacks. She accepts dog pics as currency and has a folder full of screenshots you wouldn’t believe. Twitter: https://twitter.com/sherrod_im LinkedIn: https://www.linkedin.com/in/sherroddegrippo/
The Noobs Guide to Virtual Box
Determining Your Attack Vector To Build Your Career
Shannon "Snubs" Morse is the owner and founder of Morse Code Media Network. Shannon is known for her work on Morse Code on her Youtube Channel, ThreatWire on Hak5, and her Sailor Moon fandom show, Sailor Snubs. She is an online content producer with an emphasis on security and privacy, consumer technology, and travel. She has reviewed hundreds of consumer tech products and helped multiple businesses as a show host, event speaker, and brand ambassador. She is an entrepreneur whose goal is to inspire others to live life to the fullest while not sacrificing their identity, ethics, or privacy. Shannon has been a keynote speaker at notable events such as Texas Cyber Summit, Linux Conf Au, The Diana Initiative, and AusCERT and she uses her platforms to promote diversity in information security and technology sectors, and advocates for women in the industry. She aims to inspire and educate those new to information security by sharing her own experiences in the genre and community. Twitter: @snubs LinkedIn: https://www.linkedin.com/in/snubs/ YouTube: https://www.youtube.com/shannonmorse
Pushing the SOC Left To Achieve Nash Equilibrium
O'Shea Bowens is a 12 year cyber security enthusiast. He’s the founder of Null Hat Security, which focuses in the areas of incident response, threat hunting, SOC operations and cloud security. Null Hat Security also addresses workforce issues with skills and gap assessments via cyber security training. His background is incident response, security architecture and security analytics. He’s an international speaker and has presented at conferences such as Defcon, ITWeb Security Summit, Qubit-Prague, Texas Cyber Summit, and SANS Blue Team Summit. O'Shea is also the co-founder of Intrusion Diversity System Podcast, founder of SkiCon Conference, board member of ISSA- New England, board member and board member for Cyber Security Non Profit(CSNP), advisor to SANS Blue Team Summit and advisor to Layer8 Conference. Twitter: @sirmudbl00d @hatnull LinkedIn: www.linkedin.com/in/o-shea-bowens-52344915 INSTAGRAM: sir_oshea, nullhatsecurity WEBSITE: nullhatsecurity.org
ATT&CK on C-Suite: Cheat Codes
Nicole Hoffman is a Threat Research Analyst at Shadowscape, an intelligence-driven cyber security analytics and operations company. Nicole has a passion for security research, threat hunting. She considers herself an analytics nerd as well as a MITRE ATT&CK enthusiast. In her personal time, Nicole enjoys kayaking, reading comic books, and spending as much time with her children as possible. Twitter: @threathuntergrl
Live off the Land and Crack the NTLMSSP Protocol
Mike Gualtieri is a technologist and entrepreneur who is passionate about Linux, Free/Open Source Software, digital privacy, and cybersecurity. He is the President of the software development firm Eris Interactive Group, Co-Founder of SAVIO Information Security, and a founding instructor for the University of Pittsburgh School of Computing & Information, Professional Institute. Previously, he was the innovator of Kiddix, a Linux-based OS for kids with integrated parental controls. Mike has two decades of experience in software architecture and security, working in both business and technical roles. For the University of Pittsburgh, he has developed and teaches the two capstone technical courses for the Professional Institute, the Offensive Boot Camps, that teach students vulnerability discovery and penetration testing. Mike's enthusiasm for security was also apparent at a young age, as he decided to write a program to (weakly) password protect some of his 5.25" floppy disks, only to discover that 20 years later he had to hack into his own files and find that the secret password was 'ninja'. Twitter: https://twitter.com/mlgualtieri LinkedIn: https://www.linkedin.com/in/mlgualtieri/
New Speaker Coach
Matt is a Technical Manager on the Offensive Security team for Capital One. He has worked in multiple spaces prior, from federal to healthcare, in a security capacity focusing on tasks ranging from penetration testing, application security, hardware hacking, and red teaming. He regularly supports and assists with local and internal security meetups and mentorships to share knowledge and foster growth in the community. When he isn't working on security related research, Matt enjoys spending time with his family, exercising, and the occasional good iced latte. LinkedIn: https://www.linkedin.com/in/matthew-mullins-2800a8b8/
How to build a SOC in reality
Lauren Rogers has been working in IT and security in some form for the last *cough* twenty years. Lauren has worked in multiple highly regulated industries such as Finance, DoD and Healthcare. Most recently she has spent her time building defensive security programs. Superpowers include ability to understand FISMA, PCI and occasionally HITRUST audit controls, corgi herding, log comprehension and unicorn collecting. Even though she is in management now she can actually occasionally exit VI without google or yelling HELP! Twitter: @Lil_lost
New Speaker Coach
Kyle O'Meara is a Sr. Member of the Technical Staff at the Software Engineering Institute (SEI) CERT Coordination Center (CERT/CC) and an Adjunct Faculty member at Carnegie Mellon University. His past jobs include roles at FireEye and the National Security Agency. Kyle has spoken at national and international cyber security conferences to include DEF CON, ShmooCon, and BlackHat Arsenal. He is also one of the creators and organizers of the annual BSidesPGH Capture the Flag event. Much of his current work focuses on understanding and analyzing the threat landscape of malicious software. When he isn't in front of his computer, you can find him on the mats doing Jiu Jitsu and Muay Thai. Twitter: @cool_breeze26
Inciting the Imagination: How we can help students see their future in cybersecurity
Keith Chapman lives in Ohio with his wife, two sons, and animal friends. He has 5 years of experience in information security and works as a senior cybersecurity analyst. He seeks to innovate defense by increasing collaboration, automation, and the context of threat intelligence. He enjoys engineering home labs with Raspberry Pis and virtual machines. Keith invests in the community by mentoring, speaking at, and attending conferences. He is an art enthusiast and fuses what he has learned from a lifetime of creating art with the domains of cybersecurity. You can reach him at email@example.com or on Twitter: @S1lv3rL10n LinkedIn: https://www.linkedin.com/in/keithrchapman/ GitHub: https://github.com/S1lv3rL10n
Advice I wish I had gotten...
Joshua Corman is a Founder of I Am the Cavalry (dot org). He previously served as CSO for PTC, Director of the Cyber Statecraft Initiative for the Atlantic Council, CTO for Sonatype, Director of Security Intelligence for Akamai, and in senior research, analyst and strategy roles. He co-founded RuggedSoftware and IamTheCavalry to encourage new security approaches in response to the world’s increasing dependence on digital infrastructure. His approach to security in the context of human factors, adversary motivations and social impact has helped position him as one of the most trusted names in security. He is adjunct faculty for Carnegie Mellon’s Heinz College, a Cyber Safety Innovation Fellow for the Atlantic Council, and was a member of the Congressional Task Force for Healthcare Industry Cybersecurity. Twitter: @joshcorman @iamthecavalry Linked: https://www.linkedin.com/in/joshcorman BLOG: https://blog.cognitivedissidents.com/
CyberPhunk 2020: How to kick off your Cyber Journey
JoeB is an InfoSec enthusiast with 15 years of experience with making and breaking things. He runs DeadPixelSec, a growing infosec and learning community which sponsors other organizations and raises funds for multiple causes. He spends his free time mentoring members of the infosec community and completing resume reviews. Twitter: @TheBlindHacker LinkedIn: https://www.linkedin.com/in/brinkleyjoseph/ Twitch: https://www.twitch.tv/theblindhacker
Jorge Orchilles is the Chief Technology Officer of SCYTHE and co-creator of the C2 Matrix project. He is a SANS Certified Instructor and the author of Security 564: Red Team Exercises and Adversary Emulation. He was a founding member of MITRE Engenuity Center of Threat-Informed Defense. He is a Fellow at the Information Systems Security Association (ISSA) and National Security Institute. Prior, Jorge led the offensive security team at Citi for over 10 years. Twitter: https://twitter.com/jorgeorchilles Medium: https://medium.com/@jorgeorchilles YouTube: https://www.youtube.com/jorgeorchilles SlideShare: https://www.slideshare.net/jorgeorchilles
New Speaker Coach
Mr. Stoner has over 20 years of experience in the national security and intelligence community. He is a cyber security and cyber threat intelligence analyst serving in a leadership role who is looking for challenging opportunities that utilize his critical thinking, analytics, and leadership skills in the intelligence world. He has experience in intelligence ops, cyber threat support, SIGINT, instructional design, teaching, PenTesting, cyber counterintelligence, public speaking, APT analysis, and leadership. LinkedIn: https://www.linkedin.com/in/johnstoner123/ Twitter: @1MrStoner
Introducing pwncat: Automating Linux Red Team Operations
John Hammond is a cybersecurity instructor, developer, red teamer, and CTF enthusiast. Cyber Training Academy curriculum developer and teacher for the Cyber Threat Emulation course, educating both civilian and military members on offensive Python, PowerShell, other scripting languages and the adversarial mindset. He personally developed training material and infosec challenges for events such as PicoCTF and the "Capture the Packet" competition at DEFCON US. John speaks at security conferences such as BsidesNoVA, to students at colleges such as the University of North Carolina Greensboro, and other events like the SANS Holiday Hack Challenge/KringleCon. He is an online YouTube personality to showcase programming tutorials, cyber security guides, and CTF video walkthroughs. John currently holds the following certifications: Security+, eJPT, eCPPT, CEH, PCAP, OSWP, OSCP, OSCE, and OSWE. Caleb Stewart is a US Coast Guard officer recently assigned to US Cyber Command. Previous experience in both Red and Blue Team roles at CG Cyber Command. Blue Teams Leader in government and military exercises such as Cyber Guard, Cyber Flag, as well as Red Team Leader for events like CyberForce & HackWarz. Caleb currently holds the following certifications: OSCP, OSCE, OSWP, OSWE, eCPPT and CISSP.
Embedded Device ROP Tips and Tricks - Netgear
Jeffball is a senior researcher at GRIMM, where he conducts vulnerability assessments, exploit development, tool development, and other security research. Jeffball has presented at numerous security conferences, such as DEF CON, BSidesLV, LayerOne, and MTEM, and has written several security tools and papers. Before working at GRIMM, Jeffball worked at MIT Lincoln Laboratory, where he received an MIT Excellence Award for his work. He holds a BS degree in computer science and applied mathematics and a MS degree in computer science from East Stroudsburg University. Twitter: https://twitter.com/jeffball55
New Speaker Coach
Jason is a Senior Security Consultant and COO at Pulsar Security, specializing in penetration testing and red teaming, and a SANS instructor for Network Penetration Testing & Ethical Hacking. Equally passionate about enabling others in their journeys as he is about security and technology, Jason is an organizer of the BSides NH conference, a frequent speaker and trainer at both local and national events, and a founder of TechRamp, a nonprofit which aids in the transition to technical careers. He is a three-time Core NetWars Tournament champion and one of just 23 people in the world named by the SANS Institute as both a Red Team and Blue Team Cyber Guardian for both offensive and defensive security expertise. Jason is all the host of the ""Trust Me, I'm Certified"" podcast produced by GIAC Certifications. Jason has earned a long list of technical certifications including GIAC Security Expert (GSE), Offensive Security Certified Expert (OSCE), GXPN, GWAPT, GPEN, GREM, GCIA, GMON, GMOB, GNFA, GCUX, GCIH, GCWN, GCCC, GAWN, GSEC, GPYC, GSNA, GDAT, GCFA, GCDA, GCFE, GLEG, Certified Ethical Hacker, Security+, Network+, and OSCP. Twitter: @chm0dx LinkedIn: linkedin.com/in/jasonnickola
PKI & Us
I started working for the Department of Defense (DoD) fresh out of college as a programmer, then transitioned over into infrastructure hardware & software, and then got to work on the Computer Network Defense (CND) team. I've been hooked on all things security ever since. I've been a Security Engineer or a senior one for more than a decade now.
New Speaker Coach
Franklin Diaz is a Consulting Engineer on the SecOps team at Palo Alto Networks. He is a 20+ year technology professional whose background includes work in Telecommunications, Networks, Software, and Information Security. Franklin is the lead organizer for the annual BSides Indy security conference. He holds two Masters Degree’s as well as a BS in Computer Science. Twitter: @thedevilsvoice LinkedIn: https://www.linkedin.com/in/franklin-diaz/
(Almost) Free Adversary Emulation
Dave is a Security Consultant who specializes in Red Teaming and offensive testing. Previously he has led the Red Team for a global financial organization where he performed Red Team engagements, internal and external penetration tests, and product testing. Prior to that he worked within healthcare as an Information Security generalist. Dave graduated from State University of New York at Plattsburgh with a Bachelors in Computer Science. Dave currently holds the following certifications: GIAC GSE, GSEC, GSNA, GCIA, GCFE, GPEN, GXPN, GCIH, GWAPT, GAWN and OSCP.
Cynthia Moore is currently Sr. Director, Information Security Operations for BlackLine Systems, Inc., a Gartner Magic Quadrant global, strategic, leader in Financial Technology Software-as-a-Service. Multilingual, having conversational level proficiency in Italian, French, and Mandarin, Cynthia led several multinational organizations to build first-time or evolutionary / revolutionary technology solutions-- most recently building a from-the-ground-up cybersecurity practice for both traditional and industrial systems for the Walt Disney Company in China, Cynthia's drivers are: solving difficult problems, destroying silos, leading distributed teams and doing 6 impossible things before breakfast. Known for building highly adaptable teams to overcome challenging odds, Cynthia was recognized for building cohesive, highly skilled teams and reducing cyber security risk by over 50% in each of her last 3 positions as measured by reporting tools and external audit. Over 22 years of leadership experience and just as many being a student of others. Cynthia's values include candor, loyalty, and contagious curiosity. She drives high-functioning, resilient, organizations who solve problems objectively and effectively. Outside of work, Cynthia is a potter, a painter, and a writer - Sci-fi and fantasy - who enjoys weekend trips to far-flung places in search of the perfect latte (78 countries and counting). LinkedIn: https://www.linkedin.com/in/cynthia-moore-0bab8a16/
CISO - Restaurant Brands International (BK, Popeyes, Louisiana Kitchen, and Tim Hortons)
Shawn M Bowen is the Global Head of IT Security & Compliance (CISO) for Restaurant Brands International (parent company of Burger King, Popeyes Louisiana Kitchen, and Tim Hortons). He has over 20 years of experience in information technology, primarily in cybersecurity. Bowen is regarded as a highly passionate, transformative, thought leader in IT Security, with a record of leading successful strategies in various environments. He is enthusiastic to share his knowledge and approach to digital empathy-based cybersecurity with all levels of users.
CISO - National Geospatial-Intelligence Agency
Mr. Matt Conner is the Chief Information Security Officer (CISO) and Director of the Cybersecurity Office at the National Geospatial-Intelligence Agency. Named to the position in June 2017, Mr. Conner is responsible for the day-to-day operations of the cybersecurity program, overseeing a $120 million-plus budget to protect and secure NGA’s critical missions and information enterprise. Mr.Conner also serves as the Occupation Manager for the Cybersecurity Workforce, guiding the tradecraft for more than 120 civilian cybersecurity personnel. He leads a combined civilian, contractor and military workforce of approximately 400 cyber professionals serving at multiple NGA operating locations across the country. Prior to his current assignment, Mr. Conner served for 17 years with General Dynamics. He most recently served as a Senior Technical Manager leading more than 60 security engineers and officers deployed worldwide in support of NRO operations as the Principal Cybersecurity Engineer for the National Reconnaissance Office’s Enterprise Security Services Contract. Mr. Conner has more than 20 years of experience in the cybersecurity field, and has conducted risk management activities, penetration tests, vulnerability assessments and social engineering exercises for commercial customers in the healthcare, financial and manufacturing sectors as well as Intelligence Community organizations, the National Aeronautics and Space Administration and Department of Defense organizations. Mr. Conner is an accomplished technical trainer, previously certified to deliver advanced training in securing operating systems, engineering and administering multiple vendor firewalls and conducting social engineering. Mr. Conner earned his bachelor’s degree in Information Technology in 2006 and his master’s degree in Information Security in 2010 from the University of Maryland Global Campus. He maintains numerous industry-recognized certifications, including CISSP-ISSEP, CISM and CISA. He and his wife, Lauren, are raising two children in Northern Virginia.
CISO - Edelman Financial Engines
Brett Conlon is Vice President & Chief Information Security Officer for Edelman Financial Engines, one of the largest independent financial planning firms in the nation. Brett is responsible for establishing and driving the strategy for Edelman Financials information security, business resiliency and emerging technologies. Brett is directly responsible for setting the procedures, guidelines and direction for information security policies that protect Edelman Financials organization and customers from both internal and external threats. Prior to joining Edelman Financial, Brett had an extensive career at the Federal Bureau of Investigation. Brett's responsibilities included overseeing all operational technology programs and investments at the FBI. The technologies Brett oversaw the components responsible for infrastructure, malicious code analysis, computer exploitation tools, reverse-engineering, digital intelligence, cloud, advanced analytics and visualization to all FBI investigative and intelligence gathering programs. These technologies focused on the U.S. government's efforts to combat cyberterrorism, hostile intelligence activities, and crime.
New Speaker Coach
I help businesses tackle their cybersecurity risks while minimizing friction resulting in increased resiliency. I focus on helping to secure people and process with a solid understanding of the technology involved. I have 10+ years as an experienced Information Security Manager, Professor and Cybersecurity Strategist with a passion for customer service, process improvement and information security.
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club. Twitter: @ChloeMessdaghi LinkedIn: https://www.linkedin.com/in/messdaghi/ Instagram: https://www.instagram.com/chloemessdaghi/ Website: https://www.chloemessdaghi.com
New Speaker Coach
Dr. Catherine J. Ullman is a security researcher, speaker, and Senior Information Security Forensic Analyst at University at Buffalo with over 20 years of highly technical experience. In her current role, Cathy is a data forensics and incident response (DFIR) specialist, performing incident management, intrusion detection, investigative services, and personnel case resolution in a dynamic academic environment. She additionally builds security awareness among faculty and staff via a department-wide program which educates and informs users about how to prevent and detect social engineering threats, and how to compute and digitally communicate safely. Cathy has presented at numerous prestigious information security conferences including DEF CON and Hacker Halted. In her (minimal) spare time, she enjoys visiting her adopted two-toed sloth Flash at the Buffalo zoo, researching death and the dead, and learning more about hacking things to make the world a more secure place. Twitter: @investigatorchi
Threat Hunting on the Dark Web
Apurv Singh Gautam currently works as a Security Research Intern at International Computer Science Institute (ICSI), UC Berkeley, performing research on Threat Intelligence. He is pursuing his Master's in Cybersecurity from Georgia Tech. He commenced work in Threat Intel/Hunting 2 years ago. Throughout his professional career, he worked on hunting threats from both clear web and dark web and is also involved in performing HUMINT on the d2web. He is very passionate about giving back to the community and has already conducted several talks and seminars in local security meetups, schools, and colleges. He loves volunteering with Cybrary and Station X to help students make their way in Cybersecurity. He looks forward to the end of the day to play and stream one of the AAA games Rainbow Six Siege. Twitter: @ASG_Sc0rpi0n LinkedIn - https://www.linkedin.com/in/apurvsinghgautam/
Technical Lessons Learned from Emulating Adversaries
Jamie is an engineer at the MITRE Corporation where he works on various exciting efforts involving security operations and research, specializing in adversary emulation and behavior-based detections. He also leads teams that help shape and deliver the “adversary-touch” within ATT&CK and ATT&CK Evaluations. Twitter: https://twitter.com/jamieantisocial GitHub: https://github.com/jwillyamz LinkedIn: https://www.linkedin.com/in/jamie-williams-108369190
GRIMMCon 0x2 CTF:
Violent Python 3
Even if you have never programmed before, you can quickly and easily learn how to make custom hacking tools in Python. Python is among the top three programming languages in the world, for good reason: it's the easiest language to use for general purposes.
This workshop is structured as a CTF, so each participant can proceed at their own pace. The techniques will be briefly demonstrated, and we will provide tips and help as needed to make sure everyone is able to solve at least some of the challenges.Participants need only a computer and a Web browser.
To participate go to https://samsclass.info/
Virtual Lobby Con
GRIMMCon Discord https://discord.gg/SkYJsUb
Please read/follow Code of Conduct
Need a little help...
reach out to the GRIMMCon-Support channel in Discord for support
or email GRIMMCon@grimm-co.com
Since we are an all volunteer community CON our volunteers
will do their best to support you, we appreciate your patience
GRIMMCON Keynote - Shannon Morse: Determining Your Attack Vector To Build Your Career
See Track 1
Track 1 Keynote: John Hammond / Caleb Stewart: Introducing pwncat: Automating Linux Red Team Operations
Track 2 Keynote: Josh Corman- Advice I wish I had gotten...
Sherrod DeGrippo: Inside the Galaxy Brain
Joe Brinkley: CyberPhunk 2020: How to kick off your Cyber Journey
Mike Gualtieri: Live off the Land and Crack the NTLMSSP Protocol
Nicole Hoffman: ATT&CK on C-Suite: Cheat Codes
Jamie Williams: Technical Lessons Learned from Emulating Adversaries
Jason Foster: PKI & Us
Chloé Messdaghi: Burnout
Apurv Singh Gautam: Threat Hunting on the Dark Web
David Mayer: (Almost) Free Adversary Emulation
Richard Scott: The Noobs Guide to Virtual Box
O'Shea Bowens: Pushing the SOC Left To Achieve Nash Equilibrium
Lauren Rogers: How to build a SOC in reality
Jeffball: Embedded Device ROP Tips and Tricks - Netgear
Keith Chapman: Inciting the Imagination: How we can help students see their future in cybersecurity
Jorge Orchilles: Purple Teaming
Cynthia Moore: Social Butterflies
GRIMMCon Closing - CISO Panel
See Track 1
Virtual Happy Hour (See Discord for details)
Virtual Happy Hour (See Discord for details)