2021

    Speaking Engagments

    Please note that the year got away from me, so this page will be updated soon with October to December events.

    2021 Talks

    Talks have now been retired, however are available upon request.

    APT Transition to the Cloud

    Abstract: Every day, wars are being waged on an invisible battlefield. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn’t an opposing army. Instead, it may very well be a single malicious actor or a state-sponsored group of hackers. Attackers are now investing more time and effort into creating malware tailored to Linux environments. The best-case scenario outcome of a successful attack is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business. This presentation will focus on the techniques attackers use to transition traditional tools and create malware tailored to Linux and cloud environments. And, of course, the solution to how to change our security approaches to address the continuously changing threat landscape.

    Without a Trace: The Dangers of Fileless Malware in the Cloud

    Abstract: Every day, wars are being waged on invisible battlefields. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn’t an opposing army. It may very well be a single malicious actor, or a state-sponsored group of hackers. Without a trace of their tools left on the disk, attackers are storing the code in memory–resulting in infamous Fileless Malware. If successful, the best case scenario outcome is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business.

    "The call is coming from inside the house."

    Abstract: Migrating to the cloud brings a new set of challenges, from new vulnerabilities to a constantly changing attack surface. These challenges are a juicy target for attackers. After all, an attackers' goal is simple: establish where our weaknesses are and exploit them.

    Companies have to successfully defend themselves from hundreds, if not thousands, of attacks. They now face the need to understand which of the dozens of cloud security solutions can best be implemented to keep attackers out of their data's home. But what happens when an attacker has breached our defenses? What happens when the call [attack] is coming from our data's home?

    How Hackers Saved My Life

    Abstract: Starting in Security, the motto that got me through was, "It's Okay To Be New." Though I’ll tell you a secret, which is that I didn't always believe it. I was new at Dev, Sec, and even Ops! I felt the motto should have been, "The impostor is strong in this one."

    Although the journey has not been easy, the more I learn, the stranger the journey becomes. Why? Because the principles I am learning: visibility, code reuse and yes, even social engineering, helped me see beyond the unknown and find my path. Even more surprising, the help I needed most came from those who we have been taught to fear.

    While "How Hackers Saved My Life" may sound like an exaggeration, the truth is that it may be an understatement. Join us as we explore how our lives are a series of functions that we execute in an endless loop. And how you can hack the code for a better life, a better career, and a better community. You don’t have to get unplugged to be Neo.

    First Contact with Container Security

    Abstract: Every day, wars are being waged on invisible battlefields. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn’t an opposing army. It may very well be a single malicious actor, or a state-sponsored group of hackers. Without a trace of their tools left on the disk, attackers are storing the code in memory–resulting in infamous Fileless Malware. If successful, the best case scenario outcome is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business.

    In the cloud companies are transitioning to the use of microservices at a rapid pace. While this model decreases time to market, it also increases supply chain security risk and lowers visibility. According to the Cloud Native Computing Foundation, 92% of companies surveyed are using containers in their production environments. It seems that when it comes to transitioning part of your cloud ecosystem, resistance is futile.

    To the Left, To the Left. Now Dip Baby Dip.

    Abstract: The emergence of the cloud era has resulted in significant changes in the application development process. Traditional monolithic application architectures have given way to more agile cloud-native applications. With this transformation, developers have a greater responsibility to own their code in development and production. However, as DevOps shifting left, the “roll” of security teams begins to dip.

    The "Shift Left" movement is believed to ensure that security concerns are considered throughout the entire development process, not just before deployment. However, this transition's success is questionable at best.

    Have we shifted too far left?

    Join Ell Marquez to explore the relationship between development, operations, and security teams. Discussing how increased visibility from development onto runtime can help us all boot scootin’ boogy together.

    A Muggles Guide to Security In The Cloud

    Abstract: In the security and technology world, we rely so heavily on buzz words to explain our work that others feel like we are magicians working spells that they will never be able to do.

    Saying, "Due to issues with our security posture, the APT manipulated a well-known CVE to breach our cloud-native-applications." Might as well be: "The Death Eaters were able to use a port key to enter our environment and effectively cast the Avada Kedavra spell."

    Instead, we could say, "An attacker used a known flaw to gain access to our environment and brought down our servers."

    In this session, we will come to understand that security for our cloud environments can be simple to understand, yes even for muggles. That is, if we focus on the root cause of all cyber attacks: unauthorized spells, wait, I mean unauthorized code.

    A Wizards Guide to Security in the Cloud

    Abstract: A Horcrux is a powerful object in which a Dark wizard or witch [attacker] has hidden a fragment of his or her soul [code] for the purpose of attaining immortality [persistence.]

    Creating a Horcrux gives one the ability to anchor their own soul [code] to earth [environment], if the body [process]* is destroyed.

    In this session, we will come to understand how attackers are able to not only compromise our cloud environments but also maintain persistence—while our security teams are distracted by a mountain of false alerts. If we focus on the root cause of all cyber attacks: unauthorized spells, wait, I mean unauthorized code.

    Is Linux Secure by Default?

    Abstract: The Linux operating system is secure by default because Windows is the most used operating system globally. Thus attackers create viruses and malware to target Windows systems. While cringe-worthy to read, these are all real statements being touted in the technology sector. This is a false narrative that is still frequently touted in the technological world.

    This talk will highlight the common myths proliferated around the Linux operating system. As well as how they are endangering companies' production environments, and steps companies can take to mitigate the new techniques attackers are using to benefit from these myths.

    Back to previous projects.