Announcing #GRIMMCon 0x5, our fifth in a series of FREE VIRTUAL Conferences for the community! We’ll have two tracks, one especially for First Time Speakers who we’ll pair with an expert. Talks will be a mix of tech and personal fun.
Tricia Howard is an artist gone rogue who ended up in the wonderful world of security. With a B.A. in Theatre Arts and interests ranging from Star Wars to Opera, she brings a unique and artistic perspective to infosec. When she’s not creating content for Guardicore, you can find her playing with her pomsky Darth, singing, painting, dramatically reading cold sales emails, and doing copious amounts of jigsaw puzzles.
Maril Vernon, @SheWhoHacks, is a Red Team Operator for Zoom Communications, Threat hunter for Dark Rhino Security, and PluralSight author, specializing in Red Teaming tools, Purple Team methodology, MITRE, and Cloud Security strategies. Maril’s expertise on VPN exploits was featured on the Cyber Security Forum Initiative, and she is a contributing editor of the latest CIS AWS Foundation Benchmark for cloud security. She broke into information security a year and a half ago after a successful career in marketing; and is an example of what you can achieve in a short time.
Wade has been working in cybersecurity for the past five years. He has performed analyst, threat hunting, and intelligence roles. He is currently going to Georgia Tech in the pursuit of a master's degree in cybersecurity. He loves the continuous hunt for knowledge, the thrill of falling down the rabbit hole, and most of all knowing that he is helping others. Wade currently works for Mandiant in Research and Development.
Track 1: Jinkies! This Email Looks Suspicious 12:30 PM ET
Nicole Hoffman is currently serving as an Intelligence Analyst at GroupSense, a digital risk protection company delivering customer-specific intelligence. She recently created the analytic framework the Cognitive Stairways of Analysis. Nicole has her Bachelor’s in Information Technology with a minor in Cyber Security and is Security + certified. While pursuing a degree in the medical field, Nicole became the unofficial helpdesk for many of her professors and decided to pivot into a career in technology. While struggling to break into infosec, Nicole worked as a financial fraud analyst and fell in love with threat hunting and behavioral analytics. Her diverse background has made her the well-rounded analyst she is today. Nicole has a passion for helping those starting out in the field and gives back to the community through her blog as well as her various speaking engagements. She hopes to inspire and educate others by sharing her own experiences as well as the results of her in depth research. Nicole recently moved to Texas with her family and spends a lot of free time exploring. When she is not exploring, she enjoys reading comic books, playing video games, and watching as many medical dramas as possible.
Track 1: CEH & The Current Dumpster Fire 11:45 AM ET
I served for 10 years in the US Army as a SIGINT analyst, getting out in 2010 and then focusing in cybersecurity. I have 21+ years in the national security, intelligence industry, and defense sector, with 11+ in cybersecurity. I’ve worked as a cyber threat intelligence analyst, cyber counterintelligence analyst, chief of analytics, deputy director, an instructor, cyber bard, and a cyber strategist. I hold A+, Net+, CISD, CASP, FITSP-M-NG and CISSP certifications.
Track 1: Groundhog Day- Living with the same bad legislation for Critical infrastructure Security over, and over….. 5:00 PM ET
Ms. Skelly has twenty years’ experience in providing security and management solutions across a wide array of platforms to include personnel, physical, and cyber security. She brings more than ten years in government service with a focus on National and Homeland Security. Ms. Skelly served in the US Army as an Explosive Ordnance Disposal Technician and went on to work for the Department of Homeland Security in the Office for Infrastructure Protection. In this capacity she ran vulnerability assessments and exercises on Critical Infrastructure assets throughout the Nation and helped to develop the first systems assessment approach for Critical Infrastructure and Key Resources. In addition to government service, Skelly has ten years’ experience with the private sector in Technology & Security Business Management. Her former roles include Cybersecurity PM, Director of Strategic Partnerships, VP of Sales and Marketing, VP of Global Partnerships, Chief Revenue Officer, CEO, and Board Member. Her expertise in business management, crisis management, cybersecurity, intelligence analysis, and Homeland Security make her an admired and respected leader among her colleagues. Skelly has been recognized as one of the Top 25 Women in Cybersecurity by Cyber Defense Magazine, by The Software Report in the Top 25 Women Leaders in Cybersecurity 2019, and one of the Top Female Executives by Women World Awards in 2019. Skelly is also a mentor and coach for Cyber Patriot, Girls Who Code and, was awarded the Women’s Society of Cyberjutsu Mentor of the Year for 2019, and Top Women in Cybersecurity 2020 by Cyber Defense Magazine.
Track 1: Go Purple! Adopt purple team strategy to augment Application Security Programs 2:00 PM ET
Trupti Shiralkar is an entrepreneur, a seasoned product security leader and a frequent AppSec speaker at leading security conferences. As a former developer turned security professional she has successfully led “shift-to-left” transformations of security programs to solve challenges in open-source software security, application security, cloud security and applied cryptography domains. She has a strong passion for security and privacy and believes in influencing security by creating a mutual win for all involved parties. She enjoys diving deep on challenging, hard security problems and building technical solutions in collaboration with development and security engineering teams. She holds a Master of Science degree in Information Security from Johns Hopkins University Information Security Institute (JHUISI) and several security certifications. In her quest to enhance and scale product security, she has worked at Amazon, Illumio, Hewlett Packard, Q2ebanking and ATSEC Information Security.
Track 1: Cybersecurity Education: Without Behavior Change, What Is The Point? 2:45 PM ET
Sidd Chopra is an entrepreneur, veteran IT professional, author, award-winning speaker and the CIO of a medical practice. In his career, he developed critical systems for the Neurotoxicology Department of the U.S. Environmental Protection Agency, SAS Institute, the U.S. Army, and several Fortune 100 companies. He was a finalist in a national public speaking contest and, in 1999, Toastmasters International awarded him the Distinguished Toastmaster Award, its highest award. In 2010, the Project Management Institute (PMI) Global declared him a Subject Matter Expert. He is a founding member of the Indus Entrepreneur (TiE) Carolinas. He served 6 years on a Strategic Advisory Board at N.C. State University and on an advisory board at Wake Technical Community College. Sidd leverages his knowledge of technology and communication to help safeguard the US workforce from cybercriminals as a volunteer Project Lead with the National Initiative for Cybersecurity Education (NICE). In response to a Presidential Executive Order, NICE was created under the US Department of Commerce’s National Institute of Standards & Technology in cooperation with the US Department of Homeland Security. In his quest to understand and reinvent the science of presentations, he has worked with over 170 leading scientists, inventors, investors, professional public speakers, top military generals, thought leaders and government officials to develop cutting edge systems to make presentations more efficient, effective and reliable. He has traveled to over 35 countries on six continents.
Track 1: A Pitmaster's Guide To Practical Security Programs 1:15 PM ET
Alyssa Miller, Business Information Security Officer (BISO) for S&P Global, directs the security strategy for the Ratings division, connecting corporate security objectives to business initiatives. She blends a unique mix of technical expertise and executive presence to bridge the gap that can often form between security practitioners and business leaders. Her goal is to change how we look at the security of our interconnected way of life and focus attention on defending privacy and cultivating trust. A life-long hacker, Alyssa has a passion for technology and security. She bought her first computer herself at age 12 and quickly learned techniques for hacking modem communications and software. Her serendipitous career journey began as a software developer which enabled her to pivot into security roles. Beginning as a penetration tester, her last 15 years have seen her grow as a security leader with experience across a variety of organizations. She regularly advocates for improved security practices and shares her research with business leaders and industry audiences through her international public speaking engagements, online content, and as co-host of The Uncommon Journey podcast on ITSP Magazine.
Track 1: Star Wars: How an ineffective Data Governance Program destroyed the Galactic Empire 4:15 PM ET
By day, Micah K Brown is a member of the IT Security Engineering team at the Munich Re Group focus on building out the next generation of IT Security services and IT Security controls. By night, Micah serves on the Greater Cincinnati ISSA Chapter as Vice President, co host of the ThreatReel podcast, and has had the honor to present at many diverse and prestigious IT Security Conferences.
Track 1: Tropical Spy: tricks and tales of a Brazilian social engineer 3:30 PM ET
Marina Ciavatta is a Social Engineer from Brazil. She may be an innocent looking girl but she specializes in breaking and entering into some of the biggest companies in her country. She is an international speaker and Security Awareness instructor, and also CEO and Co-Founder of Hekate, Inc.
Track 2: Side Hustles: Your Entry Into Tech 3:30 PM ET
Hello from Houston! I literally woke up last year and decided I wanted to officially work in the Cloud as an Engineer and rekindle my love for Tech when I was a child. In my off time, I spend time with my family and friends, help people get into Tech through https://www.NewsIn.IT and other organizations I volunteer with, and explore the world.
Track 2: Utilizing native functionality in Industrial Control Systems to improve Security & better Incident Response 2:00 PM ET
Vivek Ponnada works for GE as a Service Manager and is responsible for GE's Gas Power transactional customers (Utilities and Co-generation) across Canada. Prior to this role, he was in Sales & Business development (Control system upgrades and Cybersecurity solutions), and started his career as a Field Engineer, commissioning turbine controls systems in Europe, Africa, Middle-East and South East Asia. Vivek is passionate about industrial controls cybersecurity and enjoys learning & contributing to the security community.
Track 2: Solving Web Security Vulnerabilities with pentesting 1:15 PM ET
Gabrielle Botbol is a pentester, cyber security blogger, and podcaster (CS by GB - Cybersecurity By Gabrielle B https://gabrielleb.fr/blog/ ) Gabrielle Botbol focuses her efforts on democratizing information security for all, especially women, by introducing them to cybersecurity. She is also the leader of the Paris chapter of Women of security, which won the first prize in the spying challenge at the 2019 Le Hack Paris convention. She is Vice President Communications at NorthSec Conference. She was honoured for her career and contribution to the cyber community by being named one of the top 20 women in cyber security in Canada. She recently joined the offensive security Team of Desjardins.
Track 2: IPv6. Does size matter? 12:30 PM ET
Cyber security analyst, who has fun doing her job.
Track 2: Zero Trust Model : Impostors Among us! 11:45 PM ET
"Despite all my rage, I'm still just an analyst in a cage." Sarthak Taneja, Security Engineer, you can find him volunteering behind the curtains at various infosec conferences.
Track 2: Notable ICS Cybersecurity Events/Topics 2:45 PM ET
Jason has been studying cybersecurity with a particular focus on ICS for the last two years. He received his electrical engineering degree with a concentration in power systems from the University of Pittsburgh. Jason's career has provided him opportunities to be involved with various technologies including power generation, RF, distributed energy resources and synchrophasors. He is currently a program manager with the IEEE Conformity Assessment Program (ICAP) where he works directly with volunteers and industry stakeholders to assist with the adoption of standards. When Jason isn't working he enjoys studying cyber security, comic books and hiking with his wife, Alison, and their dog Remi.
Track 2: Rebuilding Trust after a Cyber or Disinformation Attack 5:00 PM ET
Devi Nair is a program manager with the Defending Democratic Institutions Project (DDI) at the Center for Strategic and International Studies (CSIS). Among other things, the DDI team primarily looks at how cyber and disinformation operations undermine trust in institutions like the Justice System. DDI is also engaged in an initiative that brings together public and private sector national security and civics leaders to elevate civic education as a national security imperative. Ms. Nair holds an A.B. in government and comparative religion from Harvard College, and an M.T.S. degree in religion, ethics and politics from Harvard Divinity School.
Track 2: When Opposites Attract: Making Privacy Trend on TikTok 4:15 PM ET
Ghufran Salih is a full-time privacy enthusiast and part time TikToker who focuses on explaining basic concepts in technology and data to young people. She previously worked in data privacy product management at a biotech company and now works in risk management.
The Fail Horsemen 5:45 PM ET
Tim is a Senior Instructor and course author (SEC560) at SANS, the most trusted and largest source for information security training and security certification in the world. Throughout the course of his career, Tim has performed penetration tests on a wide range of organizations and technologies. He has gained information security experience in a variety of industries including previous positions in control systems, higher education, financial services, and manufacturing. Tim is an experienced international speaker, having presented to the largest conventions and organizations around the world. He is the creator of the Kerberoasting, a widely utilized Red Team penetration test technique to extract kerberos tickets in order to offline attack the password of enterprise service accounts. Tim earned his MBA from the University of Texas and is the Founder and CEO of Red Siege Information Security, which is rapidly becoming a well-known and respected company in the offensive services and penetration testing space.
The Fail Horsemen 5:45 PM ET
Christopher Truncer (@ChrisTruncer) is a co-founder and red team lead with FortyNorth Security. He is a co-founder and current developer of the Veil-Framework, a project aimed to bridge the gap between advanced red team and penetration testing tools, WMImplant, EyeWitness, and other open-source software. Chris began developing tools that are not only designed for the offensive community, but can enhance the defensive community's ability to defend their network as well.
The Fail Horsemen 5:45 PM ET
Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a boutique cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a Senior Fellow for Cybersecurity and National Security at R Street and the National Security Institute and an Advisor to the Army Cyber Institute. Prior, Bryson led an elite offensive capabilities development group. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. Bryson received his Bachelor of Science in Computer Science with honors from the United States Military Academy at West Point. He holds a Master’s Degree in Telecommunications Management from the University of Maryland, a Master’s in Business Administration from the University of Florida, and completed graduate studies in Electrical Engineering and Computer Science at the University of Texas.
The Fail Horsemen 5:45 PM ET
A graduate of the U.S. Air Force Academy with a B.S. in computer science and the SANS Technology Institute with an M.S. in information security engineering, Matthew has served as the senior cyber tactics development lead for the U.S. Air Force (USAF) and worked as a security analyst for Black Hills Information Security. In 2014, he started Open Security, which performs full-spectrum vulnerability risk assessments. He is co-author of SEC460: Enterprise and Cloud | Threat and Vulnerability Assessment and has created numerous popular penetration testing tools. Matthew is also a Grand Champion of NetWars Tournament of Champions and holds 10+ security certifications.
Diversity is Security 11:00 AM ET
Tatyana Bolton is the Policy Director for R Street’s Cybersecurity Emerging Threats team. She crafts and oversees the public policy strategy for the department with a focus on secure and competitive markets, data security and data privacy, and diversity in cybersecurity. Most recently, Bolton worked as the senior policy director for the U.S. Cyberspace Solarium Commission focusing on U.S. government reorganization and resilience portfolios. She received an award for exceptionally meritorious service from the Cyberspace Solarium Commission. From 2017-2020, Bolton also served at the Cybersecurity and Infrastructure Security Agency as the cyber policy lead in the Office of Strategy, Policy and Plans where she developed strategies for strengthening the cybersecurity of our nation’s critical infrastructure.
GRIMMCon Discord Channels
Please read/follow Code of Conduct
Check out our Virtual Swag!
Workshops & Villages
Four "Texas Cyber Summit" Learning Stations
Cognitive Science Approach for Teaching Cybersecurity
By: Duane Dunston
12:00 PM EST
Hacking is Not a Crime
Virtual Lobby Con
Need a little help...
reach out to the GRIMMCon-Support channel in Discord for support
or email GRIMMCon@grimm-co.com
Since we are an all volunteer community CON our volunteers
will do their best to support you, we appreciate your patience.
GRIMMCON 0x5 SPEAKER SCHEDULE:
GRIMMCON Opening Keynote Diversity is Security - Tatyana Bolton
See Track 1
John Stoner -
CEH & The Current Dumpster Fire
Sarthak Taneja -
Zero Trust Model : Impostors Among us!
Nicole Hoffman - Jinkies! This Email Looks Suspicious
Anastasiia Mytrofanovska -
IPv6. Does size matter?
Alyssa Miller -
A Pitmaster's Guide To Practical Security Programs
Gabrielle Botbol -
Solving Web Security Vulnerabilities with Pentesting
Trupti Shiralkar -
Go Purple! Adopt purple team strategy to augment Application Security Programs
Vivek Ponnada -
Utilizing native functionality in Industrial Control Systems to improve Security & better Incident Response
Sidd Chopra -
Cybersecurity Education: Without Behavior Change, What Is The Point?
Jason Allnutt -
Notable ICS Cybersecurity Events/Topics
Marina Ciavatta -
Tropical Spy: tricks and tales of a Brazilian social engineer
Elyse Robinson -
Side Hustles: Your Entry Into Tech
Micah Brown -
Star Wars: How an ineffective Data Governance Program destroyed the Galactic Empire
Ghufran Salih -
When Opposites Attract: Making Privacy Trend on TikTok
Keenan Skelly -
Groundhog Day- Living with the same bad legislation for Critical infrastructure Security over, and over…..
Devi Nair -
Rebuilding Trust after a Cyber or Disinformation Attack
GRIMMCon Closing Keynote - The Fail Horsemen
Bryson Bort, Christopher Truncer, Tim Medin, and Matt Toussain
See Track 1