Hotel Update

As we mentioned previously, RVAsec continuously looks for ways to improve the conference and this year we decided to move the official conference hotel.  We picked a place called The Graduate, which is scheduled to be a brand new hotel closer to the conference location.

Well, due to some unforeseen issues, they will not be open in time for RVAsec, and we have had to make some last minute changes!

The official conference for RVAsec 2017 is now the Quick Hotel.

We have moved all existing reservations over and were able to honor the initial price.  We only have a few rooms remaining as part of the block at the Quirk Hotel for out of town guests or anyone that would prefer to stay downtown. The rate is $179/night (which does NOT include parking).

You can either book online or call the hotel.

HILARY LAWHON, DIRECTOR OF RESERVATIONS, 703-729-4011

201 W Broad Street
Richmond, Virginia 23220


 

The Quirk hotel does NOT have a shuttle to the event.  It is about a 5 minute taxi/Uber ride or 15 minute walk to the conference.  Several other hotels in the area such as Crowne Plaza have a shuttle which may be used in the morning and evening for transportation to the conference. Please confirm when making your reservations and note that you must coordinate directly with the hotel for transportation.

If for any reason you are unable to get the RVAsec rate or the block of rooms has been filled, please let us know and we can try to assist.

Make sure you check out information on getting to the conference.


Silver Sponsor Feature: Checkpoint

www.checkpoint.com

@CheckpointSW

AAEAAQAAAAAAAAffAAAAJDc2ZDA1MmZmLWRkNzQtNDhiOC1iMDdhLWE1NDNjZDBjN2M0Ng.png (200×200)

Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.

Come see us at RVAsec! Register now.


Terry McAuliffe, Governor of Virginia To Provide Remarks At RVAsec 2017!

We are pleased to announce that Virginia Governor McAuliffe will once again be providing remarks at RVAsec 2017!

Terry McAuliffe is the 72nd Governor of Virginia. Since being sworn-into office, Governor McAuliffe has aggressively focused on building a new Virginia Governor Elect Terry McAuliffeeconomy.

Whether traveling to Bedford or Beijing, Governor McAuliffe has made it clear that his number one priority is economic development and he is working hard to create and maintain jobs throughout the Commonwealth.

The Governor is also working to restore trust in government. On his first day in office, he signed an executive order imposing a $100 gift ban on himself, his family, and members of his administration and their families. He established through executive order the Commission on Integrity and Public Confidence in State Government, which will focus on ethics oversight and enforcement, limits on gifts and loans, rules on conflicts of interest, disclosure requirements and post-public service restrictions.

McAuliffe has proven that his administration will be smart stewards of Virginia’s transportation dollars. Demonstrating his commitment to bipartisanship, he worked with Republican leadership on House Bill 2 to prioritize transportation projects based on what is best for Virginia’s commuters not politicians.  He followed through on his commitment to lowering the downtown/midtown tunnel tolls to alleviate the burden on Hampton Roads residents, commuters, and businesses. He eliminated the EZ Pass maintenance fee for all Virginia commuters, and suspended work on Route 460, because he does not believe that Virginia taxpayers should be spending hundreds of millions of dollars on a road when we don’t have permits to ensure its completion. Governor McAuliffe also worked with the Governor of Maryland and the Mayor of the District of Columbia to invest $75 million in our regional metro system – taking cars off the roads and relieving congestion.

Governor McAuliffe understands that in order to compete for the jobs of tomorrow, it is essential that we make key investments today. The Governor signed legislation increasing the amount of Virginia qualified research and development expenses that can now be claimed as a tax credit. This legislation is important because it encourages private companies to invest in the jobs of the future.

In order to ensure that Virginia continues to have the best workers in the world, Governor McAuliffe understands that Virginia must continue to have a world-class education system. This year, he was proud to sign standards of learning reform legislation, to make Virginia’s education system work better for students, teachers, and our schools.

Virginia is home to approximately 800,000 veterans, and the Governor is committed to fighting for those who have so bravely served our country. He expanded the Virginia Values Veterans initiative, which encourages employers to recruit, hire, train, and retrain our veterans. He also signed legislation to provide unemployment compensation to military spouses who leave their job to accompany their spouse to a new military assignment in another state, as well as legislation that will expand access to higher education for eligible veterans’ family members.

In July 2014, Governor McAuliffe signed Executive Order 23 Establishing the New Virginia Economy Workforce Initiative.  With a goal of an additional 50,000 credentials, aligning the workforce supply with demand and giving experience credit to our veterans, Governor McAuliffe wants to redesign our current workforce system to work with the needs of our communities and businesses.

The Governor’s administration has made unprecedented progress on the restoration of rights to rehabilitated felons who have served their time. People who have paid their debt to society should be able to work, pay taxes and vote.

Governor McAuliffe ran for office to fight for uninsured Virginians and that is why he took bold executive action to expand health care. His plan, A Healthy Virginia, will help improve the lives of more than 200,000 Virginians by expanding access to care, improving care for veterans and for those with severe mental illness, and enhancing value and innovation across our health system.

Governor McAuliffe previously served as Chairman of the Democratic National Committee from 2001 to 2005, was co-chairman of President Bill Clinton’s 1996 re-election campaign, and was chairman of Hillary Clinton’s 2008 presidential campaign.

He and his wife Dorothy were married in 1988 and have five children.

The Governor attended Catholic University and Georgetown Law School.


Hospitality Sponsor: FireEye

We are pleased to welcome FireEye as a Hospitality Sponsor! All the food and drink served on Friday 9th will be sponsored by them, so be sure to stop by their table to say hi and thank them for feeding everyone!

www.FireEye.com          @FireEye

FireEye

Register Now!


Silver Sponsor Feature: Qualys

www.qualys.com/

@qualys

Qualys

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).

Come see us at RVAsec! Register now.

 


Speaker Feature: Robert Mitchell

rrmitch@sandia.gov

Robert Mitchell is currently a member of technical staff at Sandia National Laboratories. He received his Ph.D, M.S. and B.S. from Virginia Tech. Robert served as a military officer for six years and has over 10 years of industry experience, having worked previously at Boeing, BAE Systems, Raytheon and Nokia. His research interests include linkography, moving target defense, computer network operations, network security, intrusion detection and cyber physical systems. Robert has published 19 peer reviewed articles.

Recent Developments in Linkography Based Cyber Security

Cyber attacks on critical cyber systems are not decreasing in frequency or complexity. Aggressors choose the time and place of these engagements; protectors must identify, research and develop defensive techniques that provide an asymmetric advantage. A static, data-driven, preventative, automated defense is a losing strategy; an effective defense must be dynamic, behavioral, responsive and capitalize on a human in the loop. We propose human and machine performed linkography to detect, correlate, attribute and predict attacker behavior and present a moving, deceptive target. Recently, our team generated a technology transfer strategy for linkography based cyber security, proposed algorithms to extract and refine linkograph ontologies and subsessionize our input stream and completed our previous related machine learning work. Linkography has been in the literature for decades, and our investigation indicates it is an open, fertile topic for basic and applied cyber security research.

Come see me at RVAsec 2017. Register Now!


Speaker Feature: Robert Wood

bwood@nuna.comIMG_-jj4umt-3.jpg (2197×2197)

robertwood50

Robert Wood runs the security team at Nuna Health, whose core directive is to protect one of the nation’s largest collective healthcare data sets. Previously, Robert was a Principal Consultant at Cigital where he founded and led the red team assessment practice and worked with strategic clients across the United States in an advisory capacity.

Maintainability + Security = <3

The security and devops culture craze is all around us, even with all this talk though there are differences between security features and the maintainability of a system. This talk will focus on some real world examples of what can go wrong when a system isn’t built with maintainability in mind in a security minded culture. We will cover the political positioning battles that emerge, how security leaders can manage risk in these situations, and of course the technical challenges that creep into the picture over time.

Come see me at RVAsec 2017. Register Now!


Speaker Feature: Dan Holden

dan.holden@r-cisc.org

@desmondholden

Dan Holden is the CTO and Intelligence Director at R-CISC, the retail ISAC, where he focuses on new technology and service development as well as threat intelligence production and exchange. Previously he was the Chief Technology Strategist and Director of ASERT, Arbor’s Security Engineering and Response Team at Arbor Networks. There he was responsible for future product direction and security threat intelligence integration. He also led the team who oversees the ATLAS global security intelligence database, and are responsible for threat landscape monitoring and Internet security research including the reverse engineering of malicious code. He also managed the development and delivery of security content and countermeasures for Arbor’s industry leading DDoS technologies. Prior to Arbor, Dan was director of TippingPoint’s DVLabs and a founding member of IBM/ISS X-Force. While at TippingPoint, Dan grew the DVLab’s organization into a mature security research and development team delivering security content, intelligence portals, and reputation technology as well as overseeing the Zero Day Initiative (ZDI) program. Dan also helped build and define X-Force over the course of 12 years in various capacities ranging from development to product management. Dan has been in the security industry for over two decades specializing in vulnerability analysis, security research, and technology incubation. Dan is a frequent speaker at major industry conferences and has been quoted and featured in many top publications, radio and television.

Retailing Another Threat Landscape Story

Over the last several years, retail breaches have become some of the highest profile stories, but just like any other vertical target, the day-to-day offense and defense continues to evolve. The ebbs and flows of attackers and defenders don’t always make the news, which is a good thing, but what does the daily routine look like on the retail front? And, why should you care? You should care because at some level or another, we are the potential defenders, or consumers of these organizations, and retail has now become part of the modern attacker infrastructure.

Come see me at RVAsec 2017. Register Now!


Speaker Feature: Troy Marshall

troy.marshall@ellucian.comRTM.JPG (897×1173)

@rtroymarshall

How do you answer when someone asks what you do for a living? Troy Marshall’s answer—“I don’t make software, I make software better”—explains his career helping organizations build and scale programs to improve the quality, security, and performance of their software and systems. Troy is currently the Director, Application Security and Reliability in the Ellucian DevOps group where he focuses on helping development teams rapidly deliver highly secure and reliable SaaS solutions. Connect with Troy on LinkedIn and Twitter.

RoboCop- Bringing law and order to CICD

In the movie, RoboCop is given three primary directives: “Serve the public trust, Protect the innocent, and Uphold the law”. We built our own RoboCop in order to bring law and order to our CICD pipeline. DevOps practices are all about enabling fast and frequent delivery of new software. In order to keep pace in a DevOps culture, application security must be reliably integrated into the CICD pipeline.
In this talk, we will show how our small AppSec team combined automated tools along with human oversight in order to achieve our directives at scale, while winning the hearts and minds of our development teams.

Come see me at RVAsec 2017. Register Now!


Speaker Feature: Daniel Bohannon

daniel.bohannon@mandiant.com

@danielhbohannon

Daniel Bohannon is a Senior Incident Response Consultant at MANDIANT with over six years of operations and information security experience. His particular areas of expertise include enterprise-wide incident response investigations, host-based security monitoring, data aggregation and anomaly detection, and PowerShell-based attack research and detection techniques.
As an incident response consultant, Mr. Bohannon provides emergency services to clients when security breaches occur. He also develops new methods for detecting malicious PowerShell usage at both the host- and network-level while researching obfuscation techniques for PowerShell-based attacks that are being used by numerous threat groups.
Prior to joining MANDIANT, Mr. Bohannon spent five years working in IT operations and then leading the incident response team for an organization in the private retail industry.
Mr. Bohannon received a Master of Science in Information Security from the Georgia Institute of Technology and a Bachelor of Science in Computer Science from The University of Georgia.

Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@(‘Tech’,’niques’) -Join ”)

PowerShell is increasingly being used by advanced attackers and script kiddies alike in targeted attacks, commodity malware, and even ransomware. The most common usage involves PowerShell remotely downloading and running payloads entirely in memory, rendering many traditional detection mechanisms useless.
Detection has increasingly shifted to monitoring for this malicious activity via process command line arguments and parent-child process relationships. While this is a significant improvement there are numerous evasion techniques of which the Red Team and Blue Team should be aware.
For the past 1.5 years I have researched PowerShell obfuscation, evasion and advanced detection techniques. Picking up from where I left off in my recent presentations on Invoke-Obfuscation, in this presentation I will highlight my new tool Invoke-CradleCrafter. Additionally, I will introduce a new family of PowerShell obfuscation techniques and show how they can be applied to several new and obscure families of remote download cradles.

Come see me at RVAsec 2017. Register Now!