Keynote - Marcelle Lee
Marcelle Lee is the lead for threat research and operations at Equinix, and is also an adjunct professor and training consultant. She specializes in security research and digital forensics. She has been involved with many industry organizations, working groups, and boards, including the Women’s Society of Cyberjutsu, the NIST Cyber Competitions Working Group, and the Cybersecurity Association of Maryland Advisory Council. She also both builds and participates in cyber competitions.
Marcelle has earned the CISSP, GCFA, GCIA, GCIH, GPEN, GISF, GSEC, GCCC, C|HFI, C|EH, CSX-P, CCNA, PenTest+, Security+, Network+, and ACE industry certifications. She holds four degrees, including a master’s degree in cybersecurity. She has received the Chesapeake Regional Tech Council Women in Tech (WIT) Award and the Volunteer of the Year award from the Women’s Society of Cyberjutsu. Marcelle frequently presents at conferences and training events, and is an active volunteer in the cybersecurity community.
info.marcellelee.com
medium.com/@marcellelee
linkedin.com/in/marcellelee
twitter.com/marcellelee
infosec.exchange/@marcelle
Gary Freas
Gary Freas is a senior cyber threat intelligence analyst at Mandiant (Now part of Google Cloud). He has 15 years experience in security operations, spending the better part of the last seven tracking nation-state level threat actors, focusing primarily on the DPRK problem.
Olivia Gallucci
Olivia Gallucci is an offensive security engineer, freelance penetration tester, and security researcher. She is an undergraduate student at the Rochester Institute of Technology—double-majoring in Cybersecurity and Computer Science, and minoring in Free and Open Source Software and Freedom Culture—and ranks in the top 1% of her class. In addition, Olivia maintains a blog on security, open source software, and productivity. Outside of cybersecurity, she enjoys competitive sailing, political debate clubs, and biographies of famous computer nerds.
Jack Hatwick
Jack has been an infosec professional for almost 10 years. Lately he has been a vulnerability management leader for a fortune 1000 company.
Qasim Ijaz
Qasim Ijaz is a Director of Offensive Security at Blue Bastion Security and specializes in healthcare security and penetration testing. He has conducted hundreds of penetration tests in small to large environments with a focus on networks and web applications testing. His areas of interest include healthcare security, Active Directory, cybersecurity policy, and the “dry” business side of hacking. Qasim is a penetration test lead during the day and a teacher in the after-hours. Qasim has presented and taught at cybersecurity conferences, including BSides and Blackhat, on offensive security topics.
Jeff Man
Jeff is a respected Information Security advocate, advisor, evangelist, mentor, teacher, international speaker, keynoter, former host of Security & Compliance Weekly, co-host on Paul’s Security Weekly, Tribe of Hackers (TOH) contributor, Certified National Security Agency Cryptanalyst, and a member of the Cabal of the Curmudgeons. Jeff currently serves as a PCI QSA and Trusted Advisor for Online Business Systems. He previously held security research, management and product development roles with NSA, the DoD and private-sector enterprises, and was a pioneering member of the first penetration testing “red team” at NSA. For the past twenty-eight years has been a pen tester, security architect, consultant, QSA, and PCI SME, providing consulting and advisory services to many of the nation’s best known companies.
Christopher Maulding
Chris is the CTO of AlchemyCore LLC, he has been working in information security for 10 years and continues to love the changes and challenges he faces in the industry. When he is not learning or working he is spending time with his family and friends.
Dan Megalo
Dan is the head of cybersecurity for a biotech company. He is a seasoned professional with extensive experience in safeguarding digital landscapes across both public and private sectors. His dedication to practical and innovative strategies underscores his forward-thinking leadership style. He likes the challenge of navigating the complexities of cyber defense while delivering robust cybersecurity solutions that align with organizational goals.
Matt Scheurer
Matt Scheurer is a show host for the ThreatReel Podcast, and also works as an Assistant Vice President of Computer Security and Incident Response in a large enterprise environment. Matt has many years of hands-on technical experience, including Digital Forensics and Incident Response (DFIR). He volunteers as a “Hacking is NOT a Crime” Advocate and as a technical mentor for the Women’s Security Alliance (WomSA). He has presented numerous Information Security topics at many technology meetup groups, prominent Information Security and Hacker conferences, including keynotes at the Information Security Summit and Queen City Con. Matt is also a 2019 comSpark “Rising Tech Stars Award” winner and was named a “Top 12 Hacking Influencer” by Bishop Fox in 2023.
Richard Smith
Richard Smith is a Senior Consultant with Security Risk Advisors, working primarily on security data pipeline efficiency and onboarding clients into SRA’s XDR solution, SCALR. This is his third year presenting at BSidesROC.
Justin Taft
Justin Taft is a hacker at heart, starting back in the Window 95 days. He initially broke into the scene by writing video game trainers, exploiting file inclusion bugs in PHP, and reversing with Soft Ice to make keygens. Over 20+ years, he focused his skills on software development & exploitation. A few achievements he’s proud of include gaining RCE by attacking shared memory through a GPU, and gaining RCE by Fragging Players in Counter-Strike via memory corruption. x
Michael Weiskopff
Mr. Weiskopff is the Division Chief of the Extended Offerings and Projects Division of the DoD Defense Collaborative Information Sharing Environment (DCISE), operating within the Department of Defense Cyber Crime Center (DC3). DCISE is the action arm of DoD CIO’s Defense Industrial Base (DIB) Cyber Security – which helps protect Controlled Unclassified Information (CUI) on DIB networks. Michael Weiskopff is an adjunct professor at Utica University teaching cybersecurity for both graduate and under graduate students. Mr. Weiskopff holds a BS in IT from RIT and an MS in Cybersecurity from Utica University as well as COMPTIA A+, Net+, Sec+, GIAC GPEN certifications and a general class amateur radio license. Mr. Weiskopff has earned the Meritorious Civil Service Award, Joint Service Commendation Medal, National Intelligence Meritorious Unit Citation, Bronze Star medal, Iraqi Campaign Medal (with two campaign stars), Overseas Tour Ribbon (with a numeral three device), Army Commendation medal (with one oakleaf cluster), Combat Action Badge, Global War on Terror Service Medal, National Defense Service Medal, Retired Officer Association Award, and Boy Scouts of America Eagle Scout Award.
Eric Woodruff
Throughout his 23-year career in the IT field, Eric has sought out and held a diverse range of roles, including technical manager in the public sector, Sr. Premier Field Engineer at Microsoft, and Security and Identity Architect in the Microsoft Partner Ecosystem. Currently he serves as a Product Technical Specialist at Semperis, focusing on ITDR and cloud identity resilience. Eric is a Microsoft MVP for security, recognized for his expertise in the Microsoft identity ecosystem. Outside of work, Eric supports the professional community, providing his insights and expertise at conferences, participating on the IDPro Body of Knowledge Committee, and blogging about Entra and related cloud security topics.