2019 Talks

Classes

Villages

    Talks

    Classes

    Amateur (Ham) Radio Examination

    Speaker(s): Hackers for Charity (hackersforcharity.org)

    Audience:

    Anyone interested in getting/upgrading an Amateur Radio license

    Description:

    Want to get an Amateur Radio license or upgrade? Want to help others get licensed or teach using ham radio? Looking for public service training or serving as part of ARRL’s ARES field training team? You can even arrange an Amateur Radio contact for your students with the International Space Station! Before you go on air, you need to be licensed and know the rules. You can do all this and more by getting your license. Exam testing material is available for on various websites (e.g. http://www.arrl.org and https://www.w5yi.org), various apps for your phone (e.g. Ham Radio Exam – all levels), and great review books/PDFs (e.g. https://www.kb6nu.com/study-guides).

    Bio:

    This event is sponsored by Hackers for Charity (https://www.hackersforcharity.org) with great support from Robbie McCray (W3RSM), volunteer examiner and Northern Delaware coordinator for the VE Testing Team. More info: http://ndvett.org

    Let’s work together Zeekers!

    Speaker(s): @fatemabw

    Audience:

    Everyone because it’s always cool to learn new tool and technology!
    The 1st session (2hrs on Friday) will be an Introductory session and will also go over the major changes beside the name!
    The second session (2hrs on Saturday) will be an advanced Zeek session where we will learn more about advance script writing and different frameworks used in Zeek.

    Description:

    Zeek and You shall find! BRO is now Zeek! it is an open source free tool that is used by many big and small organizations. It’s a great Network Security Monitoring tool and provide human digestible ASCII log files for the network activity, and seen as a portable full pcap solution by many. This talk/session is going to get attendees feet wet in Zeek-land, with what and how’s of Zeek, some hands on exercises to get familiar with the Zeek scripting language and signature creation, as well as some advance use-cases of Zeek which would help people get an idea of it’s powerful logging and scripting framework. And if time permits, could share some real world use-cases of Zeek to get the value right from the bat.

    VM images of the system are already configured with the required tools, so students can prepare by bringing their laptops with either VMware Fusion (if macOS) or VMware workstation/ VMplayer.

    Bio:

    Fatema Bannat Wala is a Security Engineer at the University of Delaware where her responsibilities include monitoring network traffic for intrusions and malicious activities. Fatema has held prior roles in security research and software engineering and she holds CISSP certification and GIAC security certifications in intrusion analysis, incident handling and penetration testing.

    JHDigital Capture the Flag (JHDCTF)

    Speaker(s): JHDigital (John Hammond)

    Audience:

    CTF players, hackers and friends! The game is geared towards both beginners and intermediate/advanced players. Everyone is welcome and encouraged to play!

    Description:

    Yet another Jeopardy-style Capture the Flag! Challenges for web exploitation,
    reverse engineering, binary exploitation, steganography, forensics, cryptography and more! This competition is BYOD, “bring your own device.” Play to learn, and play to win! The game is geared towards both beginners and intermediate/advanced players. We will showcase and offer plenty of resources and learning material to get every player up to speed.

    Bio:

    We are hacker friends are fellow CTF players, engaged in the cybersecurity community and presenters at local conferences. We are instructors, pentesters, and security professionals who train both civilian and military members across the Department of Defense and Department of Homeland Security. On YouTube, we showcase programming tutorials, CTF video walkthroughs, and cybersecurity guides. We offer challenges that have been incorporated in PicoCTF, CyberPatriot, and even DEFCON — all with the goal to sharpen your skills and foster a love of learning in cybersecurity!

    Got a Con Tee….what to do with it?

    Speaker(s): Jenny @tr0phywifehacks

    Audience:

    None technical or no experience in crafting

    Description:

    A hands on demo of what can be done with conference shirts. Little to no crafting experience needed. Many different way to use a shirt other then wearing them. Options for wall art, pet toys,shopping bags other options. Showing how to from start to finish a project. Demo how to use a sewing machine. Also demo no sew options. Would recomend attendee bring a shirt they would like to use.

    Bio:

    Like to create things. love to show people how to repurpose and reuse all that is around them. I Take care @l0stknowledge and my furkids.

    3, 2, 1, GO! From Noob to Pro with Golang

    Speaker(s): @iDigitalFlame

    Audience:

    Students to InfoSec professionals with some programming and/or security background. Some programming knowledge is recommended.

    Description:

    Learning Golang is a great opportunity for everyone, from programmers to red teamers to increase their skills. From automation to potential exploitation, this class introduces you to the Golang programming language and dives into examples of how it could be used create cool utilities and potential offensive programming capabilities.

    This condensed class with teach you how to build and compile Golang applications and will provide useful examples from simple to complex.

    We will cover many of the basics of the Golang programming language and advance into more complex labs through the duration of the class. The class will be broken out into self-paced labs that will increase in complexity.

    Knowledge of any programming language is a plus and it is recommended to read the “Effective Go” documentation (https://golang.org/doc/effective_go.html) although it is not necessary.

    Class Requirements:
    – Device that can run Visual Studio Code / VSCodium (recommended due to the Go plugin integration).
    – Any OS is fine if you can run a Windows 10 VM with any virtualization software.
    – RAM to run the required VM.
    What to Expect:
    – Learning!
    – Coding!
    – Fun!
    What not to Expect:
    – The Spanish Inquisition

    Bio:

    iDigitalFlame works for Booz Allen’s Dark Labs team helping to find more creative ways to develop offensive techniques while assisting defenders in detecting it. While he’s never one to turn down an opportunity to annoy Blue teams, iDigitalFlame ensures that passing on knowledge is one of the primary goals and that players walk away with a greater understanding of what happened to their Windows servers.

    Using his experience from over 7 years in the InfoSec field along with the knowledge gained from the community, iDigitalFlame helps solve the “weird” technical issues that make us want to throw computers out the window.

    Villages

    Talks

    Words with Janitor

    Speaker(s): @infojanitor

    Audience:

    This is intended for a general audience and can be applicable to any industry I just happen to see it from the point of view of ours.

    Description:

    What if I told you some of the words we use in infosec/computer security are all wrong? Would you believe me? How about the fact that we haven’t been able to make a significant change in the narrative of our industry even though we are the engine that drives it. Simply because what we say is not what the decision makers hear and we keep saying the same words no matter the technology. Also in many cases we are our own worst enemies when interacting with our fellow security professionals. I can tell you that all of those statements are fairly accurate and I can prove it. Come have words with me and I will tell in a way you can understand.

    Bio:

    A senior security systems engineer with 25+ years’ experience currently employed at a fortune sixty company in the Washington DC area. He is responsible for world-wide evaluation, certification and integrity testing of a variety of current and emerging technologies, network architectures, and devices. Takes pleasure in monitor major trade shows like the Consumer Electronics Show (CES) in Las Vegas. But, not like most individuals looking for the cool factor or next generation technology. He is more into the train-wreck factor as new technology seems to be developed and deployed with existing vulnerabilities, bugs, and issues of today. Some of these issues dating back more than twenty years. Supports multiple security conferences (ShmooCon, DefCon, Bsides, etc). Active member of the Northern Virginia Hackers (NoVaH) association in good standing. NoVaH is a collective of security professionals, authors, makers, and tool developers.

    Matching Your SOCs: A Discussion of Joint IT/OT Operating Models for Monitoring and Response

    Speaker(s): Trevor Houck, Revolutionary Security

    Audience:

    This session is geared towards CISO’s, cybersecurity directors, and site managers.

    Description:

    Traditional security monitoring and response operations are not sufficient to combat the evolving cybersecurity threat landscape for Operational Technology (OT). While the advancement in tools and technology is helpful, the tools alone will not enable effective monitoring and response.

    There are key elements common across many SOC programs: tools and technology, threat intelligence sources, and talented staff. For many organizations, however, the ultimate success factor is a well-structured joint SOC operating model. This model matches IT and OT SOCs together, which feature a holistic view of IT and OT environments from a single dashboard. These environments are then monitored and managed by teams trained to recognize anomalies and identify exposure, with the appropriate context of the operating environments, across all systems and devices. The aggregation of OT and IT data sources help streamline security incident resolution, reduce duplicated efforts, and assist in future collaboration efforts. By centralizing your security monitoring program, seemingly disparate security events are correlated and focus is increased on monitoring and response capabilities across the enterprise.

    This session will explore the benefits of joint operations for cybersecurity monitoring across both IT and OT networks and includes real-world case studies of integration efforts. We also will discuss joint operations playbooks and handoff procedures, and lessons learned and procedural requirements for joint SOC operating models. We will discuss the benefits and drawbacks of each approach, common misconceptions when addressing IT/OT convergence, the need for strong relationships, and how the rewards that stem from holistic cybersecurity monitoring can outweigh the risks.

    Bio:

    Trevor is a Senior Security Consultant and the OT Network Defense Services Lead for Revolutionary Security. His experience includes comprehensive cybersecurity consulting services across a myriad of industry verticals. He is primarily responsible for assisting clients improve their network defense capabilities within their Operational Technology environments. Activities include unifying SOC functions within IT and OT environments, improving and aggregating logging and monitoring capabilities, defining incident response activities, reviewing architecture design, and performing other security related functions.

    Trevor holds a Master’s degree in Cybersecurity from the University of Maryland, as well as a Bachelor’s and Associate’s degree in Information Sciences & Technology from the Pennsylvania State University. His certifications include SANS GRID, SANS GICSP, Certified Ethical Hacker (C|EH), Security+, and BOSIET.

    What I Wish I Knew About Password Auditing: Cracking User’s Password Before the Bad Guys

    Speaker(s): Ben Tice

    Audience:

    The intended audience is blue team and IT staff, and anyone interested in password cracking. No prior password cracking knowledge is assumed.

    Description:

    The goal of the talk is to give blue teamers and IT staff the knowledge they need to do internal audits of their Active Directory credentials and to dramatically increase the difficulty of attacks that abuse passwords such as password spraying and credential access. Password auditing (Aka cracking your own passwords) is presented as one part in a larger strategy to reach the desired goal. This talk puts all the knowledge required in one place with both high level strategy and low level specifics of the cracking techniques used.

    Bio:

    Ben Tice is a full-stack, full-scope blue (Purple?) teamer of many hats. He enjoys long walks on the dark web, pushing vendor tools to their limits, and finding new solutions to problems in cyber security.

    Preaching to more than just the choir: Working with developers to improve security

    Speaker(s): Mr. Glass (@MisterGlass)

    Audience:

    Infosec professionals who need to communicate & work with engineering teams

    Description:

    If we want to deliver secure products, security professionals need to learn to work closely with engineering teams & tools.
    In this talk I will discuss how engineering teams work, what motivates developers, and how to raise security concerns in ways developers will understand. I’ll go into often overlooked opportunities presented by processes & tools where infosec can accomplish some big wins. I’ll also cover some areas where security can help engineering teams achieve their goals while also delivering better security at the same time.

    Bio:

    I’m a web application developer with a passion for infosec. I spend my days doing dev, sec, and ops yet I think DevSecOps is stupid. Definitely not a super villain.

    Neighborhood Watch with Kismet

    Speaker(s): Efrain Ortiz @ortizonline

    Audience:

    Audience must have some experience installing operating systems and software on linux. Also must have a passion for learning and tinkering.

    Description:

    In this presentation I’ll show how I setup devices running Kismet to monitor neighborhood metadata for intelligence collection. Want to ensure your WiFi traffic is connecting to the correct WiFi? Want to ensure others aren’t attempting to brute force into your WiFi?
    Want to have evidence of a criminals presence in your neighborhood at the time of a burglary or other crime? Come to this presentation to hear the basic steps to setup your neighborhood watch system.

    Bio:

    Efrain is a local cybersecurity professional based out of Conshohocken, PA. Efrain recently started his own independent consulting company after 16 years at Symantec.
    At Symantec he started as a systems engineer and concluded as a Director in the Office of the CTO where he worked in the Technology Innovation team and Ventures.
    He worked with partners on API integration work and he is a big advocate of open standards in the security community. He is a big fan of OpenC2.

    Putting the Love into your DLP

    Speaker(s): David Phillips, CISSP

    Audience:

    Anyone charged with protecting regulated data or intellectual property

    Description:

    Over the last 13 years of being involved with Data Loss Prevention DLP I have seen many brilliantly deployed DLP solutions fail because of the human element. This is totally understandable because I as many in the industry naturally gravitate to the bits, bytes, technical capabilities and data but tend to hate the messy human part. However, success with DLP is all about the humans: what they need, who they are, what their intent is and detecting when they go off the rails crossing the line from good corporate citizen to bad actor. To be successful with DLP you must embrace the human equation in a passionate way vis-a-vis “Love” it. In this talk I will walk through five simple steps to rollout a DLP Program that is impactful and relevant to your organization.

    Bio:

    David Phillips has 23 years of Information Technology experience with the last 19 years in Security. He has been involved with Data Loss Prevention since 2006 in professional services beginning as a consultant and later building practices from the ground up for industry leaders McAfee & Optiv. He personally architected and deployed DLP at 3 of the largest pharmaceuticals, multiple chip fab and high-tech manufacturers well as numerous healthcare organizations. He is passionate about using his skills to protect data whether it be personal information or intellectual property.

    CPE Sources. How to make your life easier

    Speaker(s): Bruce Dennis

    Audience:

    Any level with Certs or looking to obtain them

    Description:

    Obtaining your Certification is the first step. ISC2, ISACA, PMI all want you to continue learning. How many times have you gotten to October and realized you are struggling for CPEs? This is designed to help make your life easier by giving you options to check the box.

    Bio:

    Bruce Dennis is an InfoSec Professional with over 20 years IT experience. Currently he is employed for a company outside Washington DC working in the Federal space. His list of certifications includes: CISSP, CISA, CISM, ITIL v3, CAP among others.

    Our Adventure with an Awareness Training Escape Room

    Speaker(s): Bob Hewitt

    Audience:

    Anyone of any technical level that may be looking for fun ways to train users.

    Description:

    Are you as tired of Annual Awareness Training as your users are? It might be time to change up your approach to Security Awareness Training with some gamification. Escape Rooms can be fun and a great opportunity for team building while demonstrating your Information Security Awareness objectives. Participants are faced with a series scenarios that require actions that reflect your organization’s policies, procedures and best practices.

    We will walk through our Escape Room as well as the planning and logistics to provide participants ideas and discuss what went well as well as what went wrong and how we will address them in the future.

    Bio:

    Bob works for a Software as a Service provider that services charitable foundations and financial institutions where he is responsible for program management, compliance, SOC operations, penetration testing, and privacy. He consults several organizations on beginning and managing their information security programs and is a SANS Community Instructor.
    He is an advocate that defenders must be capable of blue team functions as well as red team to be successful and has earned GCIH, GPEN and GWAPT certifications. He has also achieved other certifications including the CISSP, GSEC, and CIPP/E.

    Dissecting Carbanak

    Speaker(s): Hristo Asenov @h_asenov

    Audience:

    People that are interested in seeing how Command-and-Control malware works in a Windows Environment.

    Description:

    Even though the Carbanak Source Code dump has been around for a while, not much information has come out that breaks down the compilation steps and source code analysis of the dump. In this talk, I will walk through my journey of getting Carbanak to run in a contained environment, and will show some of the features of Carbanak.

    Bio:

    Software Engineer

    Cloud Sec aaS Expansions

    Speaker(s): @zuphzuph

    Audience:

    Information security professionals with entry/mid level experience.

    Description:

    Overview of 3rd party and aaS products for improving security posture. Covering APIs, analysis, compliance, and optimization insight for improving nearly every aspect of your existing infrastructure. This talk will cover tools designed to give you recommendations and services to use for improving and hardening your AWS posture.

    Bio:

    I’m a cloud architect who specializes in the study and implementation of AWS services. I’ve worked with both UNIX/Windows stacks for the past 10 years professionally. I’m well versed in multiple scripting languages and focus on automation/reporting for clients.

    Exploiting IoT – An Introduction to BLE

    Speaker(s): libertyunix

    Audience:

    Anyone with a passion for wifi and learning

    Description:

    BLE is one of the most common wireless protocols used in IoT devices today. This talk will follow the BLE protocol and apply a 4 phases approach to assessing the security of these devices: Reconnaissance, Sniffing and Capturing, Extracting Sensitive Data, and Exploitation. This talk will demo exploits of IoT devices and walk attendees through the tools and processes to testing similar devices and creating their own CTF to practice on.

    Bio:

    With 10+ years’ experience in Information Technology, Charles has held positions in the field such as Red Team Analyst, Security Systems Specialist, and Red Team Penetration Tester. Charles has extensive experience in offensive security techniques and defensive strategies and is currently a professor at Drexel teaching cyber and information security. His research has explored topics such as digital forensics, red team penetration testing, deep learning, IoT, and software defined radio. His graduate research thesis demonstrated the effects physical security systems can play in penetration testing and security assessments.

    How to Get Started as Metasploit Contributor

    Speaker(s): h00die

    Audience:

    Students looking to learn, and practitioners looking to automate

    Description:

    A tales from the trenches talk which covers building a cheap lab to help make contributing to the largest open-source Ruby project in existence easier, as well as how to get started with submissions. We’ll explore the fun and follies of becoming a member of the geographically disperse Metasploit contributors team. Why join? We’ll lay out all of the benefits to contributing for attackers, defenders, the companies they work for and with, and the world itself.

    Bio:

    Mr. Cyr, h00die, holds a masters degree in cyber security from Towson University. He is currently the owner of St. Cyr Security, LLC a single employee penetration testing shop for the past 9 years, conducting assessments for commercial and government clients. Previously he helped start Exploit-DB as one of the original staff moderators for submissions and quality control experts. He is currently one of the few non-rapid7 employees entrusted as a commiter for the Metasploit framework, volunteering to create new module, peer review submissions, and keep the framework awesome.

    Upside Down: Surviving in a Breached World

    Speaker(s): Menachem

    Audience:

    Beginners can benefit from practical steps they can take to improve their opsec. Everyone can benefit from changing their perspective from preventing identity compromise to damage control.

    Description:

    As the world moves from a paradigm of potential personal identity compromise to definite compromise, individuals need to understand their personal risk and how to mitigate it. This presentation provides the practical steps and knowledge necessary to maintain manageable risk levels and reduce individual attack surface in a world of breaches, leaks, and attacks.

    Bio:

    Information security professional working in the federal government.

    What should a mobile security program look like? YMMV…

    Speaker(s): Jeff Hague

    Audience:

    Anyone interested in defensive mobile security

    Description:

    So, you want the perfect mobile security program for your company/organization? Great! Just know that your set of threats, priorities and limitations will ensure that it probably won’t look like the one created by the person next to you. In this talk, we’ll cover mobile threats that may or may not apply to you and an overview of the tools, controls and methods you could use to counter them.

    Bio:

    Jeff has worked at multiple levels of scale over the past 20+ years from a large international bank to a small family farm to a midsize life sciences company. Starting with a server-side development background, he shifted to architecture, mobile and cybersecurity. A proud member of the Oregon Trail Generation, he gladly uses analogies where needed.

    Augmented Reality: A New Potential For Security Risks

    Speaker(s): Peter Clemenko

    Audience:

    everyone

    Description:

    Augmented reality is here, and the future is here with it. With a new presentation platform and medium we face challenges we didn’t have before, and attacks no longer just target data, but the humans behind the devices. This talk will cover new attack classes that have been demonstrated that target the human, and not just the data, as well as the new potential for security risks. Your data is no longer the target, you are. Welcome to our brave new world.

    Bio:

    Peter is a virtual and augmented reality security specialist and dev. He developed the first attack class targeting XR users, Malicious Entity Injection, and has a long history of working with the VR and AR community.

    Your Security Career- getting in and climbing the ladder

    Speaker(s): Alex Muentz and Ty Tucker

    Audience:

    If you’re interested in starting your cybersecurity career, moving up or recovering from a mistake, you’ll learn a thing.

    Description:

    Cybersecurity is a booming market. What does it take to get that first job and what do you need to move up? What pitfalls and mistakes should you avoid? An experienced cybersecurity recruiter and a cybersecurity practitioner will discuss the job market, hot skills and ways to move forward in your career

    Bio:

    Ty Tucker is an experienced IT and Cybersecurity recruiter in the Philadelphia region. Alex Muentz is the M&A Practice Lead at Leviathan Security. They’ve both been in the industry for a bunch of years.

    A Poor Man’s Pentest: Automating The Manual

    Speaker(s): John Hammond

    Audience:

    This talk is geared towards penetration testers, red teamers, hackers and fellow CTF players! Ultimately, it is for everyone that has an interest in cybersecurity and it is looking for interesting ways to automate some manual interaction!

    Description:

    So you have popped a shell, and now you have to deal with the same tedious boilerplate and manual interaction on your target that you always do. You run the same commands to stabilize your shell, you setup the same persistence implants as usual, and you exfiltrate the same sensitive files every single time you get on a new box. It is the same stupid, time-consuming, and annoying keyboard dance. This presentation will walk you through techniques to automate that boring and constant process, so you can spend more time doing what is really important in your engagement. The tricks presented are nothing new – just a poor man’s means to automate what is manual, and get back to the engagement.

    Bio:

    Cybersecurity instructor, red teamer, and CTF enthusiast. Department of Defense Cyber Training Academy curriculum developer and teacher for the Cyber Threat Emulation course, educating both civilian and military on offensive Python, PowerShell, other scripting languages and the adversarial mindset. Personally developed training material and infosec challenges for events such as PicoCTF and the Wall-of-Sheep “Capture the Packet” competition at DEFCON. Online YouTube personality to showcase programming tutorials, cyber security guides, and CTF video walkthroughs.

    Retro Video Game Reverse Engineering

    Speaker(s): @Theyflower and stump (@StumpSpeedruns)

    Audience:

    Anyone who wants to see what we can learn from exploits in retro video games, with cool demos!

    Description:

    This talk will go over some results of reverse engineering certain retro video game software and hardware and what we can learn from the oversights of the past, as made on such constrained systems. On the software side we will look at how the speedrunning community was able to reverse engineer early generation Pokémon games and leverage vulnerabilities in them to create routes to quickly beat the game in otherwise impossible times, as well as practical usage of exploits on slightly newer systems simply as the way certain things are done. On the hardware side we will demonstrate an Arduino program that reads and writes savefiles to Game Boy cartridges by bit-banging the Nintendo 64 controller protocol and a way to use virtually any USB input device to control an Atari 2600 by using a Raspberry Pi running open source scripts to emulate a joystick using the GPIO pins.

    Bio:

    We are two video game speedrunners who are also into infosec and all the various fun that can be had at sufficiently low levels of abstraction.

    Security and Compliance Adventures in Startup-land

    Speaker(s): Joshua Marpet @quadling

    Audience:

    People who work in or are interested in Startups

    Description:

    We should all secure our systems, our companies, our data. The methods we use to secure these things should be compliant with the standards relevant to our products and/or services. This isn’t hard to understand….Well, I thought it wasn’t. Let’s talk about the ways it can be screwed up, and some tips and tricks to make it simple for you, with your new startup!

    Bio:

    Joshua Marpet is an international digital forensics expert witness, has built out military and gaming audio, video, and defensive protection systems, and was a police officer onsite for Hurricane Katrina. His background spans the financial, healthcare, and national security world for risk assessment and management.

    Joshua’s original research and writing has covered multi-cloud maturity, facial recognition, digital forensics, and the linguistic translation from technology to business to strategy. Joshua has also evaluated companies’ products for M&A activity, and has his name on a blockchain based patent.

    Josh is a co-director of Security BSides Delaware, and was on the board of Hackers For Charity, BSidesLV, and the Cloud Security Alliance, Delaware Valley chapter. He is staff at multiple industry conferences, and speaks on a regular basis at conferences around the world. Currently, he’s the COO of Red Lion, LLC.

    Exploring Penetration Testing

    Speaker(s): @Brandon_Keath

    Audience:

    Beginner

    Description:

    Hacking Yourself First, Penetration Testing for Blue Teamers
    In this fast-paced interactive presentation Brandon will reveal everything a defender might want to know about Penetration Testing and then some. This presentation will start with an introduction to what really is a hacker? What is a penetration test? Why is it important for Blue Team members to understand these skillsets? What is a hacking methodology and why is it important? Then we will dive into various technical demo’s involving various tools including Metasploit, Burp Suite, Bloodhound, CrackMapExec, HashCat, and more! Participants will be able to follow along with many of the demos via your own virtual machines. We will conclude with additional attack vectors, and how blue teamers can use this knowledge to make their organization safer by hacking themselves first.

    Bio:

    Brandon has over 11 years of Cyber Security experience in various roles focusing on offensive and defensive security tactics across multiple industries.

    Brandon is active in the local Cyber Security community currently chairing the PAHackers Cyber Security group that meets monthly to discuss various issues facing the industry and holding various cyber security related workshops and events. Brandon is an adjunct cyber security professor for Harrisburg University of Science and Technology and University of Phoenix teaching cyber security-based classes.
    Brandon has most recently presented at the Harrisburg University of Science and Technology 2018/2019 Cyber Security Summits, and a number of BSides events including Delaware, Harrisburg, and Long island.

    Brandon has a Master’s degree in Cyber Security and Information Assurance from Western Governor’s University and along with numerous security related certifications.

    Basic Chess tactics for Fun and Bragging Rights

    Speaker(s): @Brandon_Keath

    Audience:

    Beginner

    Description:

    Learn the basics of chess including basic tactics that you can try on your friends and family. In this session we will go beyond various piece movement and explore concepts such as forks, pins, skewers, removing the defender, and central control. While there is always more to learn this will give the inquisitive a solid foundation in chess tactics to build their skill set and enjoy the game at a higher level.

    Bio:

    Brandon S. Keath is a cyber security professional who has played chess for over a decade. Captain of his high school chess team and founder of various chess clubs over the years Brandon enjoys teaching new players chess as it teaches many important life lessons and sharpens analytical skills.