Speakers « BSidesROC



Silas Cutler
Big Game Hunting: Internet Scan Data and You

Silas Cutler is a well-known security researcher with a focus on malware analysis and botnet tracking. He is currently a Sr. Security Researcher at CrowdStrike, where he analyzes malware developed by nation states and organized cybercrime groups. He has been invited to speak at the RSA Conference, OWASP and other industry conferences. In the past, he has been interviewed by SC Magazine, CNET and Security Week.

Prior to joining CrowdStrike, he worked at Dell SecureWorks and Global Crossing. He earned his Bachelor of Science from Rochester Institute of Technology

Rockie Brockway
Enterprise Class Vulnerability Management like a Boss

Rockie Brockway serves Black Box as Information Security and Business Risk Director and Senior Engineering Director. With over two decades of experience in InfoSec/Risk, he specializes in Information Security Risk Management and the inherent relationship between assets, systems, business process, and function. He offers perspectives on how adversaries may find value in business data, highlights the business impact and ramifications of the theft, disruption, and/or destruction of that data, simulates the adversarial data breach/theft to gauge the organization’s detection and reaction capabilities, and provides rational and reasonable business risk mitigation recommendations. He is a recovering cynic, zero FUDs given.

Steve Stasiukonis
Pretending To Be A Terrorist

Steve Stasiukonis – Managing Partner of Secure Network. Secure Network is an Information Security Consultancy and has been in business since 1997. Steve has worked in the industry for over 20 years and has performed hundreds of Social Engineering efforts. Steve served as a columnist for Information Week and Darkreading.com, and currently serves as a speaker to numerous financial institution associations on the topic of Information Security.

Ronny Bull
Exploring Layer 2 Network Security in Virtualized Environments – DHCP Attacks

Ronny Bull is a Computer Science Ph.D. graduate student at Clarkson University focusing on Layer 2 network security in virtualized environments. He presented his preliminary research involving MAC flooding attacks against virtualized networks at the DerbyCon 4.0 computer security conference held in Louisville, KY in September 2014. He is also a full time Lecturer for the Computer Science department at SUNY Polytechnic Institute in Utica, NY teaching undergraduate and graduate courses in both the Network and Computer Security and Telecommunications programs, and also serves as an advisor to the SUNY Poly Network and Computer Security club. Mr. Bull also co-founded and is one of the primary organizers of the Central New York Intercollegiate Hackathon event which brings together local cybersecurity students from colleges in Central New York to compete against each other in offensive and defensive cybersecurity activities.

Robert Olson
Tackling the Hard Problem of Surveillance: Toward Privacy Protecting Protocols

Robert Olson is an instructor at the State University of New York at Fredonia in the Department of Computer and Information Sciences. He frequently teaches courses including, but not limited to, computer security, data mining, and mobile programming. He holds two graduate degrees, an active CEH, and is currently pursuing the CISSP and OSCP certs.

Mike Lisi
Accidentally Awesome: How You Might Already Be an Effective Pentester

Mike Lisi (@mikehacksthings) is a Penetration Tester for HALOCK Security Labs. Prior to popping boxes full time, he has worked as a help-desk tech, network admin, system analyst, and software developer. He enjoys pointless puzzles and challenges, crypto, CTFs, gadgets, and anything else infosec.

Catherine (Kate) Pearce
Multipath TCP – Breaking Today’s Networks with Tomorrow’s Protocols

Catherine (Kate) Pearce (@secvalve) is a Senior Security Consultant at Neohapsis (Now a part of Cisco). Kate spends half her time breaking applications and networks, half her time working to secure systems being built, half her time tinkering with standards to find where the designer missed something, and the other half figuring out where she got four halves from. So far, her work has been presented at BlackHat USA and TROOPERS, among others.

Bred, born, and raised in New Zealand, Kate’s a Kiwi who was temporarily pulled all the way from Middle Earth to New England a while back. She loves crossed-protocols, exotic failure modes, and long talks on the breach (sorry). While in the USA, she will tolerate a single sheep joke per person – as long as it’s targeted at Australians.

Chaim Sanders
Know Thy Enemy – Web Attacker Attribution

Chaim Sanders graduated from the Rochester institute of technology and is now a Security Researcher at Trustwave Spiderlabs. He is responsible for the development and maintenance of Trustwave WAF and ModSecurity. His day to day research (both professionally and personally) typically focus around new novel web application security issues.

Nathan Gibbs
IPLOG? A beginner’s IDS for the WIN!

CEO of Christ Media.
Audio Technician.
Print, Web, Software, and Network Designer.
Tech Consultant.

Has been hacking since age 2 when he tried to own the household power grid with a screwdriver and got owned instead. :-)

Nolan Ray
Hacking Embedded Devices

Nolan Ray is a security engineer at iSEC partners. He enjoys hardware hacking, reverse engineering, CTFs, the occasional webapp RCE, robots, beer, and of course robots that bring him beer. As a child Nolan enjoyed taking apart everything he could get his hands on in a quest to figure out how it worked (his parents did not always appreciate this). He could never figure out what the green rectangles with the black rectangles on them did and often resorted to smashing them with a hammer to see what was inside. Since then he has learned more effective waya to go about discovering the secrets those black things are hiding and even how to make them do different things.

His current research projects include attacking embedded devices based on the rabbit 2000/3000 CPUs and hardware side channel/fault injection attacks. You can find him on the tweeter-verse as @trixr4skids because he’s not the best at deciding on names.