|Matt Findley – Father, Tinkerer, Red Teamer, and a Lieutenant…||Introduction to Malware C2 Development|
A crash course to design and create a simple C2 toolset. This will include defining the agent requirements, constructing a simple HTTP server, creating agent checks, and adding other various functions to your created toolset.
– Intro to programing concepts
– Overview of Python Flask
– Using C# Libraries
– Building .net projects
– Debugging Code in Visual Studio Code
– Expanding Project Objectives
– Visual Studio Code will be used for the demo
– .net SDK for building Agent
– Python3 for the server
VS Code link
Stand Alone Install
Windows OS or a Windows VM will be required for testing.
Michael Burch – An Ex-Army Green Beret turned application security engineer. Currently, he serves as the senior enlisted Cyber Network Defender for the North Carolina National Guard. In his civilian career, he is the Director of Application Security and content team lead for a SaaS based application security training platform. He leverages his security knowledge and experience as a developer to educate and challenge other developers to be a part of the security team.
|Security Threat Modeling Workshop|
Threat modeling – everyone from security teams to CISOs wants to ingrain it across the organization, but how can threat modeling be taught at scale? In this two-hour security threat modeling workshop, participants will learn by doing threat modeling through real-world, hands-on exercises, reviewing data flow diagrams, identifying threats and mitigations, and sharing results.
Torry Crass – Torry Crass currently serves as the Agency CISO at the North Carolina State Board of Elections and member of the CISO team at Woodstar Labs, a division of Associated Universities, Inc. Torry has more than 25 years of experience in the IT field and over 10 years of cybersecurity experience. Prior to joining Woodstar Labs, Torry was a CISO at LEO Cyber Security based in Fort Worth, TX, assisting a variety of clients with all aspects of planning, implementing, and improving cybersecurity programs in manufacturing, industrial, utility, and financial sectors. Prior to LEO Cyber Security, he spent 14 years with SPX Corporation and finished his time there as the Manager of Information Security. Torry also serves as the chair of the InfraGard National Cyber Camp Program, an advisory board member for the Cyber Crime Technology Program at SPCC, a co-chair of BSides Charlotte security conference, and a member of the South Carolina State Guard cyber unit regularly participating in cybersecurity related activities and exercises with the National Guard and other organizations. In addition to his organizational involvement, he regularly presents at industry conferences and contributes to industry publications such as InfoSec Magazine and PenTest Magazine.
|Careers and Hiring Workshop|
This workshop will cover the ins and outs of both building a resume and interviewing as well as guidance for employers seeking to hire talent from the information security/cybersecurity field. Following a roughly 1-hour presentation, the instructor and any additional facilitators will assist workshop attendees with resume suggestions and conducting mock interviews. Senior level staff with experience hiring will be available for at least limited resume reviews and “mock” interview questions. Total session runtime will be 2 hours.