Presentations

Keynote

kane-narraway

Kane Narraway

Become A Better Security Engineer (By Not Doing Security)
richard-and-matt

Richard & Matt

Who The **** is Richard De Vere?

Speakers

Use the buttons below to jump to tracks

Blue track

Sophie McCall

Sophia McCall

Ctrl+Alt+Defeat: Using Threat Intelligence to Navigate the Cyber Battlefield

Sophia McCall works as a threat intelligence lead in the cyber security industry and is a founding member of Security Queens, a brand created to promote inclusion and diversity in tech. Sophia is also a chapter administrator for the Ladies of Cheltenham Hacking Society, captained Team UK at the European Cyber Security Challenge 2019 and is also a Cyber Hunter on Channel 4’s Hunted. With an additional interest in automotive security, her awards from industry include “Best Newcomer to Security”, “Best New Security Blog”, Highly Acclaimed “Rising Star”, “Cybersecurity Student of the Year” and most recently was a Top 21 winner of “Most Inspiring Women in Cyber”.

todd-gifford

Todd Gifford

Suppliers: Trust, but Verify

Todd has been working in IT since something called the 90’s, and specifically in Cybersecurity since 2005. Now leading the team at Cyber focussed MSP Optimising IT, Todd splits his time between getting the team what they need and helping customers with their approach to Cyber and Information Security. As a certified CISSP and ISO27001 Lead Auditor, with extensive experience in audit, training and technical, in particular network security.  On occasion, Todd is also known to stand up and chat to a room full of people about some of the things he as seen whilst auditing,……
Todd is also a big advocate for solar energy and storage and spends his off time at the beach or mountain biking across the many hills here in Devon.
chris-morgan

Chris Morgan

Tracking TTP changes of SocGhoulish

Chris Morgan is a Senior Cyber Threat Intelligence Analyst in the Photon team, and joined ReliaQuest in August 2020. Before this, he worked as a CTI analyst in telecommunications and the financial sector, and also has a background as an intelligence analyst in the British Army.
james-phillips

James Phillips

DFIR – Are we there yet

James is a Senior Cyber Security Advisor at Kudelski Security.

He has over 20 years experience in cyber security and investigations. His background includes former Manager for both KPMG a PwC forensic practices, Senior Forensic Analyst at Canadian Telco Telus, former Advanced Threat Protection specialist at Symantec and Senior Cyber Security Advisor at Thales.

James is a former professor teaching forensics and investigation techniques. He has experience with deep packet inspection, forensics and incident response. James has been an invited guest speaker at the Incident Response Consortium at Pentagon City USA and has been invited to speak at many conferences and media appearances.

He has experience in IT/OT environments at all levels of government agencies and corporations, including educational facilities, federal and provincial governments, manufacturing and transportation systems.

luke-weatherburn-bird

Luke Weatherburn-Bird

Digital Hostage: Navigating Ransomware Realities

A Principal Consultant at Unit 42 by Palo Alto Networks in the UK, specialising in Digital Forensics and Incident Response. After serving in the Royal Air Force for 12 years, with his final role being a member of the MOD’s Joint Cyber Unit, he transitioned to the private sector, focusing on incident response and security operations. He established and headed the cyber security function at Flybe Ltd, concentrating on cyber security operations, strategy, and management. Subsequently, he led the technical cyber incident response team at Deloitte LLP before assuming his current role at Unit 42.

justin-varner

Justin Varner

Honeypot Boo Boo: Better Breach Detection with Deception Inception

Justin Varner is a seasoned and passionate security professional with over 18 years of experience in the industry across a variety of security domains and disciplines.

His career started as a cryptographer at NASA where he spent time redesigning the cryptographic messaging system used to communicate from the mission control center to the International Space Station. During a focused and driven career, he has had the opportunity to work across a multitude of different industries in various roles that have ranged from security architecture to offensive security to DevSecOps and everything in between.

His most recent endeavors have been focused on helping others improve their ability to rapidly detect breaches and generally bolster their overall security posture with simple and pragmatic means and methods.

Justin embraces any opportunity to teach fundamental security concepts to those who need help but have no idea where to look, and he prides himself on being able to break down and articulate complex topics in a fun, interesting, and engaging manner that appeals to people from all backgrounds.

 

morgan-brazier
will-thomas

Morgan Brazier & Will Thomas

Lessons from the iSOON Leaks

Morgan Brazier
Morgan is the founding member of Lambda Group, specialising in close access and off-net operations with a taste for threat intelligence. He has also contributed content to the SANS-FOR589: Cybercrime Intelligence course and also helps run the Bournemouth 2600 group.

Will Thomas
Currently working as a CTI Researcher and Threat Hunter at the Equinix Threat Analysis Center (ETAC). Prior to this, I worked for Cyjax, a UK-based CTI vendor. My other main commitment is as the co-author of the SANS FOR589: Cybercrime Intelligence course. I have also volunteered my spare time to run the Bournemouth 2600 group and use OSINT to assist in missing person cases with the NCPTF as well as being the co-founder and main organiser of the Curated Intelligence trust group. Some of my proudest achievements include appearing on Darknet Diaries (Ep 126: REvil), contributing to the MITRE ATT&CK framework, earning the GIAC GCTI cert, receiving awards from the Aviation ISAC, and having my research shared by national CERTs and CISA.

Purple track

ricardo-sueiras

Ricardo Sueiras

Cedar, an open source project to help you decouple your authorisation logic

Ricardo is a principal developer advocate at Amazon Web Services; he works with builders, technology leaders and enterprise executives to help them transform their businesses.

Prior to joining AWS Ricardo worked for one of the largest professional services firms.

He has over twenty years of experience leading open source, emerging technology and innovation programmes. He has been working with cloud technologies since 2008.

Ricardo is passionate about cloud, innovation and open source and is excited about how cloud accelerates and amplifies customers’ ability to innovate.

(he/him)

ben-helliwell

Ben Helliwell

Exercise Army Cyber Spartan

24 years of experience across a spectrum of technical defensive disciplines that span Electronic Warfare, to Technical Surveillance Countermeasures, through to development of the Army Cyber Information Security Operations Centre. My electronics background, combined with work in simulation (MSc), makes me a “muggle” compared to the true bloods in this field, but brings a unique perspective when it comes to problem solving many of the traditional challenges the military face.

ian-thornton-trump

Ian Thornton-Trump CD

Is Beige the Colour of Death?

Ian Thornton-Trump CD is an ITIL certified IT professional with 25 years of experience in IT security and information technology. From 1989 to 1992, Ian served with the Canadian Forces (CF), Military Intelligence Branch; in 2002, he joined the CF Military Police Reserves and retired as a Public Affairs Officer in 2013. After a year with the RCMP as a Criminal Intelligence Analyst, Ian worked as a cyber security analyst/consultant for multi-national insurance, banking, and regional health care verticals.

Today, as Chief Information Security Officer for Cyjax Ltd. (UK) & Chief Technical Officer of Octopi Managed Services Inc. (Canada), Ian has deep experience with the threats facing small, medium and enterprise businesses. His research and experience have made him a sought-after cyber security consultant specializing in building security operations, working as a vCISO, and sharing his passion for building effective cyber threat intelligence programs for small, medium, and enterprise organizations.

richard-foster

Richard Foster

Navigating the Ransomware Negotiation Dilemma: Unveiling the Pros and Cons of Negotiation Strategies

Richard Foster is a Company Director, Security Consultant, Ransomware Negotiator, Social Engineer, Physical Penetration Tester, Tech lover and Motivational speaker.

He has nearly three decades experience as a police officer, having investigated a wide range of serious and organised criminality, from murders and kidnaps, to investigating robberies, cybercriminals, firearms offences, drug supply and sex offenders. He is an expert investigating Dark Web crime, and is a qualified trainer who provides training to law enforcement, lecturing at universities and previously at the College of policing.

Richard was instrumental in creating a small, specialist pro-active investigation team, targeting online offending which was so successful, it was replicated around the country. He sat on National working groups within the police to share and promote best practice in tackling online offending. Having worked with teams of national police negotiators for real world “crimes in action”, his in-depth understanding about online offending and cryptocurrency led to him training police negotiators in the pros & cons, for using cryptocurrencies in these critical incidents. Following this training, his skills were then used to negotiate in numerous ransomware negotiations and national critical infrastructure incidents that proved successful.

Since leaving the police, Richard has founded his own company ‘Brainstorm Security’ that specialises in Ransomware Negotiation, Social Engineering, Physical Penetration Testing, Dark Web investigations and Training. The company has completed many ransomware negotiations on behalf of independent companies, and incident response companies working with clients, who have suffered a ransomware attack. He is a life long learner, continually staying up to date with the latest thinking, and tactics by reading books, blogs, academic papers, attending talks, conferences and networking with industry specialists.

When delivering talks, Richard brings unique perspectives and humour, gained from his own personal journey learning to overcome adversity. Using real-world examples, he sheds light on how to defend against social engineers and human hackers. He has spoken at many policing and corporate events, sharing his passion and knowledge for all things cyber crime related.

liam-follin

Liam Follin

Tales of DOMinica

Liam is an App CHECK Team Leader and Senior Penetration Tester at KPMG, but really just a nerd with a love of hacking web apps. He loves writing tools, training pentesters, and nice scotch whisky. Not necessarily in that order.

ross-bevington

Ross Bevington

Turning the Tables: Using Cyber Deception to hunt Phishers at scale

Ross is a security researcher and software engineer who specialises in computer security and bespoke system development.

He works in Microsoft’s Threat Intelligence Center. This part of Microsoft that is responsible for delivering timely threat intelligence, assisting with the engineering response to security issues/incidents as well as occasionally assisting with government policy outreach for the company.

Ross leads on Cyber Deception technology. You might have seen him presenting at BSides, HITB or BlueHat. In his spare time, he enjoys camera hacking, lock picking, building home automation systems and trying to not blow up his boiler. Some of these hobbies are successful, the boiler one not so.

Red track

Achim Brucker

Attacking AI: A Primer

Achim Brucker is a full Professor Cyber Security and Trustworthy Systems at the University of Exeter, UK. He is an expert in secure software engineering, cybersecurity, and formal methods. Previously, he was a Research Expert (Architect), Security Testing Strategist, and Project Lead in the Global Security Team of SAP SE, where he defined the risk-based security testing strategy of SAP. He was involved in rolling out static and dynamic application security testing tools to the world-wide development organization of SAP.

His research interests include information security, software engineering, security engineering, and formal methods. In particular, he is interested in tools and methods for modeling, building and validating secure and reliable systems, i.e., software assurance or, more broadly, system assurance. He currently focuses on the development of methods and tools for the verification of AI/ML-based systems and the verification and certification of cyber-physical systems

anthony-flemmer

Anthony Flemmer

Spotted In The Wild

Join us at “Spotted in the Wild,” an eye-opening cybersecurity talk hosted by the seasoned experts at Defence Logic. Dive into the front lines of digital defense as we recount our riveting experiences from the past few years. From negotiating multi-million pound ransoms to encountering some of the most egregious cybersecurity blunders, our journey has been nothing short of extraordinary. This is not just a presentation; it’s our story of resilience, innovation, and the relentless pursuit of security in an ever-evolving cyber landscape. Don’t miss out on this tale of triumph and tribulation in the world of cybersecurity.

ben-folland

Ben Folland

Cloaked in Pixels: Concealing payloads with steganography

Ben is massive cyber-nerd, originally from Exeter but now in Cheltenham, with a passion for creative defence-evasion techniques, reverse-engineering malware and fighting adversaries! In 2023 he went to 3 BSides events and is looking forward to going to many more this year. He currently works as a SOC Analyst at Accenture/Context IS but in his spare time you’ll find him dissecting malware captured in his honeypots, pwning boxes and recording his solutions for his YouTube, or enjoying a pint in the pub

Gary Cox

Cybercrime central: vextrio operates massive criminal affiliate program

Currently leading the technical team for UK and Ireland, Gary joined Infoblox in 2010 and has held a variety of UK and International roles over the years.   Gary is a regular speaker at cyber security events of all sizes and formats and has over 25 years of IT/Security experience working across multiple verticals including finance, public sector, media and service providers. Gary is an active member of several ISC2 Chapters and held the CISSP qualification since 2016.

tom-stacey

Tom Stacey

Empowering Junior Testers: Strategies for Uncovering Critical Vulnerabilities in Web Applications

Thomas is as penetration tester, security researcher and full-time Lego enthusiast. He has a passion for exploring and applying new (and far too complicated…) attack techniques, and is constantly searching for opportunities to continue his personal development and contribute to the wider cyber security community. His latest work is focused on web application security, where he spends most of his time attempting to discover and push the criticality of new attack vectors to their absolute maximum potential.

cory-turner

Cory Turner

OfCORS! How to do Cross Origin Resource Sharing (im)properly

Cory is a senior penetration tester who has worked across infrastructure, appsec, and cloud, focusing primarily on the Defence & National Security space. He became a penetration tester after reading War Studies at King’s College London, during which he exchanged at Yonsei University, South Korea, where a budding love of all things tech began.

Outside of the pentesting world, he volunteers with health and care organisations, does some (very) amateur sound design, and has developed a passion for teaching generally. He does most of this armed with several cups of coffee, which has rapidly become a cornerstone of his toolset.

rccu

Sam P & Stephen H

On-line of Duty: How police are cracking down on global cyber crime 

Cyber crime is a global threat but is impacting local organisations here in the South West every day (as well as the rest of the UK). Join Sam P and Stephen H as they talk you through a deep dive of one of the unit’s recent investigations. They will discuss what happened, the repercussions for organisations, and what you can do to help protect against this threat. We will also cover the importance of reporting and how cooperation between the private and public sector is essential in tackling this prominent threat.