Skip to content


yo mama

Thursday Morning Keynote

Kevin Johnson

Guardians of Reality: Countering Hype in InfoSec


In an era where attention-grabbing headlines and flashy marketing campaigns dominate the landscape, InfoSec finds itself at a crossroads. Kevin Johnson of Secure Ideas will dive deep into the prevailing trend that is steering the industry away from its core mission – to ensure cybersecurity and protect sensitive data.

In an age where clicks and views reign supreme, the industry has been seduced by the allure of quick attention, leaving genuine security concerns languishing in the shadows. This keynote will shine a spotlight on the pressing issue of marketing-driven sensationalism that overshadows the pressing need for substantive solutions.

From the smoke and mirrors surrounding “automated penetration testing” to the proliferation of AI-powered miracle solutions, we will dissect the myths and unveil the truths. Our journey will underscore the fact that genuine penetration testing requires the human touch, the artistry of experts who understand the intricacies of security challenges and the dynamic nature of cyber threats.

As Guardians of Reality, we’ll explore strategies to realign the industry’s focus with its fundamental mission. We’ll navigate through the storm of misinformation, tackling head-on the dangers of sacrificing genuine security solutions for mere attention. It’s time to strip away the veneer of hype and rediscover the essence of InfoSec – protecting our digital world from real-world threats.




Thursday Afternoon Keynote

Zach Hanley and James Horseman

New Isn’t Always Novel: Grep’ing Your Way to $20K at Pwn2Own, and How You Can Too

Join Chief Attack Engineer Zach Hanley and Exploit Developer James Horseman for an eye-opening keynote session where they’ll discuss in detail how the hacker mindset can be applied to seemingly daunting tasks in order to make them more approachable.

Zach and James will show how they approached their first Pwn2Own contest and how they discovered a command injection RCE vulnerability affecting nearly every Lexmark printer. They’ll also share why they think it went unnoticed in previous research and why current open-source static analysis tools can miss this simple bug.

Finally, they’ll release the exploit POC and an additional POC to dump credentials during engagements..




Friday Morning Keynote

Nathan Ruehs

June 12th: My Ransomware Breach Story

We’ve all heard case studies regarding organizations that were hit by ransomware, but this is a little different. This is my story about the incident I lived through while working at a MSP that was hit by REvil ransomware. Now working in DFIR, I’ll tell the story of the day it happened and the weeks that followed from the perspective of an incident responder. You can expect to hear lessons learned, the personal toll an incident takes, and the different impact it had on all affected organizations.





yo mama

Friday Wrap Up Keynote

Chris Roberts

Topic to be determined by number of Feds in the audience.