Tim Nordvedt

Jacob has a long-standing background in vulnerability research and exploit development across both the public and private sectors. Nine (and counting) of the vulnerabilities he discovered have been added to the CISA Known Exploited Vulnerabilities (KEV) list. He has presented multiple times at DEF CON and Black Hat, and has contributed to widely used security tools including Metasploit, ysoserial, and YARA. Jacob is currently the Chief Technology Officer at VulnCheck.

Tod Beardsley is VP of Security Research at runZero, where he "kicks assets and fakes frames." Prior to 2025, he was the Section Chief for the Vulnerability Response section for CSD/VM/VRC at CISA, the Cybersecurity and Infrastructure Security Agency, part of the US government, and a seasonal Travis County Election Judge in Texas. He's also a founder and CNA point of contact for AHA!.

Tod spends much of his time involved in vulnerability research and coordinated vulnerability disclosure (CVD). He has over 30 years of hands-on security experience, stretching from in-band telephony switching to modern ICS/OT implementations. He has held IT ops, security, software engineering, and management positions in large organizations such as the US Government, Rapid7, 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Tod is a CVE Board member, has authored several research papers. He is also an internationally-tolerated horror fiction expert.

‍

Andrew Boyd has spent his career safeguarding national security interests, serving in senior intelligence roles across the CIA. As Director of CCI, he led intelligence collection, analysis, and operations targeting foreign threats to U.S. national interests.

‍

Prior to his tenure at the CIA, Boyd served as the Chief of Operations for the Counterterrorism Mission Center and as a U.S. State Department Foreign Service Officer at U.S. Embassies in Saudi Arabia, Lebanon, Tunisia, Iraq, and Syria. He is also a combat veteran and a recognized authority in geopolitics, cyber operations, and threat mitigation.

‍

Doug Britton is Chief Strategy Officer at RunSafe Security. As founding CTO, he drove the company’s technology strategy, patent portfolio, and world-class security research. Previously, Doug founded Kaprica Security, selling its Tachyon business to Samsung, and led cybersecurity programs at Lockheed Martin. A computer scientist and former US Army Russian Linguist, Doug began his career at NCSA, earned an MBA from the University of Maryland, and mentors aspiring entrepreneurs.

MacKenzie Brown, VP of the Adversary Pursuit Group, Blackpoint Cyber’s threat intelligence and threat research division, focuses on driving Blackpoint’s security vision and strengthening security postures for BlackPoint partners and the community as whole. Based out of Boise, Idaho, MacKenzie has spent much of her career immersed in Incident Response, more recently supporting global Microsoft customers in Incident Management for Microsoft's Incident Response team, navigating global campaigns and advanced adversary investigations. MacKenzie is an advisory board member for the Idaho Women in Technology organization, as well as maintains a deep connection to her local tech community and cybersecurity groups. With studies in theater and cyber operations resilience through Boise State University, MacKenzie brings a unique approach to the industry, with hopes of graciously disrupting the industry for a better tomorrow.

Arkaprabha is a tinkerer by passion. He is an avid open-source enthusiast and has contributed to multiple open-source projects and security tools

Craig has seen things you people wouldn't believe - attack ships on fire off the shoulder of Orion, C-beams glittering in the dark near the Tannhäuser Gate. He has traveled back through time to warn us about a world where there the vulnerability management dashboards no longer render and there is an odor of something burning in the air. He is currently A co-founder at OpenDR where he continues work on ML (and yes, AI) applications to threat hunting and detection. He is a member of the review board at CAMLIS, a policy attaché at DEFCON and a mentor at BSides Las Vegas. He has presented at numerous conferences including the SANS Threat Hunting Summit, RSA 2024, DEFCON 2024, CactusCon, SOURCE Boston, Cloud Security World, BASC, AWS Community Days in Boston and New York, and six BSides conferences.

Globally recognized as a cybersecurity and national security leader, Jen Easterly transformed CISA into a $3 billion powerhouse with over 10,000 personnel, establishing the agency as a cornerstone of U.S. cyber defense.

‍

Before CISA, she was Head of Firm Resilience at Morgan Stanley, where she built and led the Firm’s Cybersecurity Fusion Center. Her public service includes two tours at the White House, over a decade at the National Security Agency, and multiple combat deployments in the U.S. Army.

‍

Patrick Garrity is a security researcher at VulnCheck where he focuses on vulnerabilities, vulnerability exploitation and threat actors. Patrick has spent the last decade helping building Cybersecurity companies including Duo Security, Censys, Blumira, Nucleus Security and VulnCheck.

Matthew Hand is a cybersecurity leader with over 10+ years of experience across threat hunting, cyber threat intelligence, and incident response. He serves as a Technical Director and Senior Technical Advisor supporting innovation and modernization efforts for the Department of Defense, leading cross-functional teams and shaping solutions that bridge tactical operations with strategic objectives. His work spans AI integration, infrastructure-as-code, and partnerships focused on advancing innovative solutions through integrated technologies.

Benjamin is the CEO & Founder of watchTowr, the Preemptive Exposure Management capability trusted by Fortune 500 companies and critical infrastructure providers. By combining proactive threat intelligence, real attacker telemetry, and automated red teaming, watchTowr continuously identifies and validates real exposure, so security teams can outrun real-world threats. With over a decade of experience building and leading elite offensive cybersecurity teams worldwide, Ben brings deep expertise in helping some of the world's most targeted organizations and industries prepare for, and defend themselves from, sophisticated cyber attacks. Recognized for his work, he was named within Forbes' 30 Under 30 for Enterprise Technology in 2022 and Prestige's 40 Under 40 in 2023.

Craig Heffner is a Senior Staff Engineer at NetRise and the creator of the popular open source tool, Binwalk. He has over 20 years experience analyzing wireless and embedded systems, and has presented at prominent security conferences including Black Hat and DEFCON. His former employers include the NSA, Microsoft, various government contractors, and multiple successful cyber security start-ups.

Kevin Hoganson serves as a Senior Threat Hunter at iVerify, Inc. where he leverages a broad skill set across cyber threat intelligence, digital forensics, and incident response. Self-described as a "jack of all trades", Kevin comes from a predominantly offensive background shaped by years of experience in both government service and the broader defense industry.

Kevin has enjoyed time as a consultant within the unique domains of cyber operations and cyber threat intelligence, having supported large analytic efforts with a practiced approach to reverse engineering complex systems and malware samples proliferating in the wild.

Justin has worked with Linux and open source in industry and government for over 25 years, and brings a wealth of knowledge about how to manage security and compliance for commercial, federal and state IT systems and applications. He is a multiple-time early-stage startup veteran, advisor and investor. After escaping DC in 2013, he lives in North Carolina with his wife, two kids, and doodle.

Paul Novarese is a Principal Solutions Engineer at Hunted Labs. He has been working in open source software for over 25 years, specializing in enterprise infrastructure/operations, security and containers. Recently, he has been studying the industry response to Log4Shell, particularly examining how application developers, security teams and DevOps practitioners in the trenches responded, looking for what worked and what didn’t. In his spare time, he enjoys amateur mycology and hiking with his dog, Bella.

Cale is an Initial Access Exploit Developer who conducts N-day reproduction and 0-day research with a focus on external internet exposure. Previously, he worked as a lead security engineer and spent 10 years as penetration tester, with a focus on UNIX-like systems and network exploitation.

Thomas is the co-founder and CEO of NetRise, a cybersecurity company focused on providing visibility into the software supply chain to identify vulnerabilities and risk via binary analysis. Prior to NetRise, Thomas served as the Global Vice President of Enterprise Solutions at Cylance where his responsibilities ranged from conducting incident response investigations, product marketing, public speaking and analyst relations. Thomas was also responsible for ICS security at the DOE for 3 years and served in the United States Marine Corps serving in both Iraq and Afghanistan. Thomas has spoken at Black Hat, DEFCON, RSA, and was interviewed on 60 Minutes and Last Week Tonight with John Oliver for his efforts related to ransomware.

‍

With a background in cybersecurity focused on automation and investigations, Nick helps organizations optimize their security configurations and improve overall security posture. When he's not working, Nick lives in Boston with his wife and two cats, enjoys solving math problems on college chalkboards at night, runs a website dedicated to the city's best dive bars, and writes a blog exploring OSINT and technology in North Korea.

Presentation Title: Tools of the Trade: Infrastructure Behind DPRK IT Workers

Mike Summers is a Senior Solutions Engineer with over a decade of experience in the cybersecurity industry, including nearly four years at ThreatConnect.

Zach is a co-creator of osquery and co-founder of Fleet, where he builds open source tools for defenders to secure their endpoints. He brings the vision and experience of working with osquery since the earliest design documents at Facebook in 2014 and has served on the Linux Foundation osquery Technical Steering Committee since its inception in 2019. Prior to Fleet, Zach founded open-source security consultancy Dactiv, and co-founded endpoint security company Kolide. Zach graduated Summa Cum Laude with a BSE in computer science from the University of Pennsylvania where he conducted wireless security research and lectured on the Python programming language.

With over 20 years of experience in IT, security, and development, Cory Wolff leads the offensive security practice at risk3sixty, a consulting firm based in Atlanta, GA. He holds multiple certifications, including the Offensive Security Certified Professional (OSCP) and the Certified Information Systems Security Professional (CISSP), and has a proven track record of building and breaking various technologies since his first computer in 1988.

Cory also contributes to the cybersecurity community as a core team member of Red Team Village, a platform that fosters collaboration, learning, and innovation among red teamers and security professionals.