Jeff Man
Information Security Evangelist
Online Business Systems
Respected Information Security advocate, advisor, evangelist, international speaker, keynoter, former host of Security & Compliance Weekly, co-host on Paul's Security Weekly, Tribe of Hackers, TOH Red Team, TOH Security Leaders, TOH Blue Team, and currently serving in a Consulting/Advisory role for Online Business Systems. Nearly 40 years of experience working in all aspects of computer, network, and information security, including cryptography, risk management, vulnerability analysis, compliance assessment, forensic analysis and penetration testing. Certified NSA Cryptanalyst. Previously held security research, management and product development roles with the National Security Agency, the DoD and private-sector enterprises and was part of the first penetration testing "red team" at NSA. For the past twenty-five years has been a pen tester, security architect, consultant, QSA, and PCI SME, providing consulting and advisory services to many of the nation's best known companies.
About Jeff Man
Follow Jeff Man
Information Security Evangelist
Online Business Systems
Sam Bowne
Instructor
City College San Francisco
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, Black Hat USA, HOPE, BSidesSF, BSidesLV, RSA, and many other conferences and colleges. He founded Infosec Decoded, Inc., and does corporate training and consulting for several Fortune 100 companies, on topics including Incident Response and Secure Coding.
About Sam Bowne
Follow Sam Bowne
Instructor
City College San Francisco
Tina Shakour
Senior Security Success Manager
AWS / Amazon
Tina has over 20 years in the tech world and been in sales, executive, and engineering roles. With a career that started in IT and Network Engineering, she now helps customers migrate to the cloud quickly and securely. She volunteers with the US Department of State Program - TechWomen - and coaches folks on how to gain a foothold or pivot in to a career in tech. She is a contestant and judge for the TraceLabs OSINT Global Search parties to help find missing persons. She is also currently a member of the staff on the Republic of Hackers.
About Tina Shakour
Follow Tina Shakour
Senior Security Success Manager
AWS / Amazon
Matt Scheurer
Host
ThreatReel Podcast
Matt Scheurer is a show host for the ThreatReel Podcast, and works on a Computer Security Incident Response Team (CSIRT) performing Digital Forensics and Incident Response (DFIR). Matt has more than twenty years of combined professional experience in Information Technology and Information Security. He is a "Hacking is NOT a Crime" Advocate, volunteers as a technical mentor for the Women's Security Alliance (WomSA), and is a 2019 comSpark “Rising Tech Stars Award” winner. Matt has presented on numerous Information Security topics at many technology meetup groups and prominent Information Security conferences across the country.
About Matt Scheurer
Follow Matt Scheurer
Host
ThreatReel Podcast
Micah Brown
Host
ThreatReel Podcast
By day, Micah K. Brown is a member of the IT Security Engineering team at the Munich RE Group focused on building out the next generation of IT security services and IT security controls. By night, Brown serves on the Greater Cincinnati ISSA Chapter as Vice President and has had the honor to present at many diverse and prestigious IT security conferences.
About Micah Brown
Follow Micah Brown
Host
ThreatReel Podcast
Amélie Koran
itinerant troublemaker and security loudmouth
webjedi
Sayer of things, do’er of stuff - itinerant troublemaker and security loudmouth - Amélie hails from multiple decades of living and dealing with tech and security in the private, public and academic sectors. Currently employed by both a large global digital entertainment company, but also a DC think tank, she’s trying to make sense of, and her own way through this technological mess we make for ourselves daily. Recovering systems engineer, public servant, and part-time policy wonk, she tries to bring the reality of having “done the thing” to larger discussions by those trying to help steer the ship. At best, throwing things around to see what sticks, typically on Twitter at @webjedi, but occasionally on a podcast, or at a conference near you.
About Amélie Koran
Follow Amélie Koran
itinerant troublemaker and security loudmouth
webjedi
CCC Staff
Staff
Circle City Con
About CCC Staff
Follow CCC Staff
Staff
Circle City Con
Rick Davis
Senior Customer Engineer
Microsoft
Rick Davis is currently a Senior Customer Engineer at Microsoft focusing on Cybersecurity. With over 20 years in the field he has worked in all industry verticals including public, private and federal sectors in roles ranging from architecture to red team as well as adjunct professor and guest lecturer in areas of statistics, number theory and cryptanalysis. In addition to proactively working with customers to deploy security tools, train staff and better defend their environments Rick works with Microsoft's global Incident Response team responding to some of the largest threats, ransomware outbreaks and other cybersecurity events. He is a subject matter expert on key technologies such as PKI, Active Directory and the Microsoft Defender ecosystem.
About Rick Davis
Follow Rick Davis
Senior Customer Engineer
Microsoft
Meag Lees
Pen Tester
Desert
Meag (@Witch_Sec,) is a pen tester from the desert. Pronouns are she/they. Chaotic Good. Let's be friends!
About Meag Lees
Follow Meag Lees
Pen Tester
Desert
Wolfgang Goerlich
Advisory CISO
Cisco
J. Wolfgang Goerlich is an Advisory CISO for Cisco. He has been responsible for IT and IT security in the healthcare and financial services verticals. Wolfgang has led advisory and assessment practices in cybersecurity consulting firms
About Wolfgang Goerlich
Follow Wolfgang Goerlich
Advisory CISO
Cisco
Ryan Thompson
Sr. Intrusion Researcher
Crowdstrike
Ryan Thompson is currently working as a Senior Intrusion Researcher at Crowdstrike. His primary functions include conducting post-mortem analysis on hands-on intrusions and researching attacker techniques and trends. Previously, Ryan has worked as an Instructor at Elastic teaching the Air Force, Navy, and Army to conduct threat hunting using open source tools such as Kibana, Suricata, and Zeek. Before that, he was a Senior Security Analyst at Alert Logic providing weekly recommendations to clients using packet analysis, IDS alerts, and log-based investigations. He currently holds several SANS certs and is a TA for SANS FOR508 (GCFA).
About Ryan Thompson
Follow Ryan Thompson
Sr. Intrusion Researcher
Crowdstrike
Kevin Jackson
CEO/Founder
Level 6 Cybersecurity
Kevin E. Jackson is founder and CEO of Level 6 Cybersecurity, a startup company committed to making outcome-based cybersecurity a reality. Kevin has 30+ years of technology experience including executive leadership roles in cybersecurity consulting, information security strategy, compliance management, enterprise architecture, IT infrastructure, business intelligence, and IT program management. Kevin is also an Adjunct Professor teaching online business intelligence/data analytics program management classes at Villanova University.
About Kevin Jackson
Follow Kevin Jackson
CEO/Founder
Level 6 Cybersecurity
Kurt Waller
Sr. Cyber Threat Intel. Analyst
UPS
Kurt currently works as a Sr. Cyber Threat Intel. Analyst at UPS and holds certifications such as his CISSP, GXPN, GPEN, GNFA, GMON, Recorded Future Analyst and others. Graduating from the University of Louisville's School of Business in Computer Information Systems in 2013 he got his first role as a Systems Security Admin. and has since worked as a Penetration Tester and in Cyber Threat Intelligence. Kurt is also the founder and CEO of threatABLE.io which is a free curated feed of cyber related news and intelligence. Located out of Louisville, KY he mainly focuses on his family life outside of work, with hobbies including playing video games and watching mixed martial arts.
About Kurt Waller
Follow Kurt Waller
Sr. Cyber Threat Intel. Analyst
UPS
Justin Spencer
Principal Software Enginee
Hellebore Consulting Group
Justin Spencer is a hacker and Principal Software Engineer at Hellebore Consulting Group where he provides training, solutions, and support across a variety of security focus areas, including application and system security, for multiple DoD clients. Mr. Spencer has a decade of experience performing software development, security assessments, reverse engineering, red team tool development, signal analysis, and SDR transceiver design. He was previously an adjunct Cyber Academy instructor and Manager of Cyber Software Engineering at Northrop Grumman. Mr. Spencer is also a USMC veteran and an alumnus of the Purdue University Computer Engineering program.
About Justin Spencer
Follow Justin Spencer
Principal Software Enginee
Hellebore Consulting Group
Nader Zaveri
Senior Manager - Incident Response & Remediation
Mandiant Inc.
Nader Zaveri has over 15 years of experience in IT security, infrastructure, and risk management.
Nader has assisted client’s incident response investigations to help investigate and understand the storyline of the attack for most allusive nation-state threat actors that are associated with infamous on-prem and cloud-based breaches. He also leads the remediation efforts with his knowledge and experience by providing strategic short, medium, and long-term remediation recommendations to directors and C-level executives. He also leads the efforts in providing tactical recommendations to specialists, to improve the security posture of an organization. Nader also has experience with leading transformational projects over infrastructure and processes with technical and organizational change components in response to rapidly evolving business needs and regulatory requirements.
Nader Zaveri conducted interviews and presentations for dozens of organizations and conferences regarding cloud and on-prem Incident Response and Remediation topics. He regularly provides security updates and briefings to C-Suite personnel during and after an incident, as well as assist with post-remediation and hardening efforts for the organization.
Prior to joining Mandiant, Nader Zaveri spent several years in leadership positions at major cyber security consulting firms. Before joining consulting, Nader worked as a lead practitioner for multi-national organizations.
About Nader Zaveri
Follow Nader Zaveri
Senior Manager - Incident Response & Remediation
Mandiant Inc.
Chris Culling
Senior Technical Success Manager
Gigamon
I currently work for Gigamon as a Senior Technical Success Manager. I’m retired U.S. Army (Military Intelligence), live in Stevensville, Maryland, and have been working as a government contractor for the last ten years in the areas of operations management, SOC operations, and CTI analysis. I’ve been married for 31 years to a very patient woman, have three adult children (two who are married and have yet to bless me with any grandkids), two cats, a dog, and a Vietnamese pot-bellied pig.
I'm also a recovering alcoholic. Once I finally received a diagnosis of severe ADHD, anxiety, and depression at age 48, I was able to stop self-medicating and receive the help I truly needed to overcome my addiction and begin understanding my neurodiversities.
About Chris Culling
Follow Chris Culling
Senior Technical Success Manager
Gigamon
Tyler Uffelman
Threat Hunter
Allegion PLC
Tyler W. Uffelman is a threat hunter at Allegion PLC with over 5 years experience working in security monitoring including the following industries: government contractor, MSSP, publicly traded OT/ICS organization. Additional experience includes a masters degree in cyber security, CySA+ certification, and a published IEEE IoT researcher.
About Tyler Uffelman
Follow Tyler Uffelman
Threat Hunter
Allegion PLC
Alex Martirosyan
Senior Penetration Tester
Wolf & Company, P.C.
Alex is a Senior Penetration Tester at Wolf’s IT Assurance Services group where he’s responsible for coordinating and conducting penetration testing services for clients in a variety of industries, including financial, healthcare, and software. His expertise consists of internal and external network penetration testing, threat emulation exercises, social engineering, vulnerability assessments, cloud security assessments, and Active Directory security reviews.
Additionally, he has experience working with standards from the National Institute of Standards and Technology (NIST), the Center for Internet Security (CIS), and leveraging the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework. Alex has over three years of experience performing security assessments and holds certifications from industry-recognized organizations such as Offensive Security and Global Information Assurance Certification (GIAC).
About Alex Martirosyan
Follow Alex Martirosyan
Senior Penetration Tester
Wolf & Company, P.C.
Doug Kras
Penetration Tester
N/A
With a background in penetration testing, I made the change to becoming an IoT pentester. With 0 hardware, IoT experience, reverse engineering experience, I quickly learned how to find critical risk vulnerabilities in products. Having a curious mindset, has allowed me to pose questions on what if I supplied this data to this program, what would happen. Sometimes that leads to gaining code execution on devices. I love learning new things, and continually am reading up on the latest hacking news!
About Doug Kras
Follow Doug Kras
Penetration Tester
N/A
Caitiln Kiska
Sr. CSIRT Analyst
Target
Caitlin has split her time in cybersecurity between IR and threat intel teams. She enjoys researching incident response procedures employed by other industries as a way to reduce duplication of effort. Outside of work she is an avid bird watcher and has seen over 1200+ species of birds.
About Caitiln Kiska
Follow Caitiln Kiska
Sr. CSIRT Analyst
Target
Ray Davidson
Program Manager
Michigan Cyber Civilian Corps
Ray Davidson served as dean at the SANS Technology Institute during its founding, and now leads the Michigan Cyber Civilian Corps, which is currently the only civilian state sponsored team of incident responders in the country. He continues to serve as a mentor, subject matter expert and technical reviewer for the SANS Institute, and for anyone else who will listen. He holds a doctorate in Chemical Engineering, and several infosec certifications. He has worked as a paperboy, gymnastics instructor, telephone information operator (in the days before Directory Assistance), research scientist and he has led global security projects for a major pharma company. He has been a college professor, and has cofounded a security startup. Mostly he is passionate about empowering others to do the right thing. And dance.
About Ray Davidson
Follow Ray Davidson
Program Manager
Michigan Cyber Civilian Corps
Catherine Ullman
Sr. Information Security Forensic Analyst
University at Buffalo
Dr. Catherine J. Ullman is a security researcher, speaker, and Senior Information Security Forensic Analyst at University at Buffalo with over 20 years of highly technical experience. In her current role, Cathy is a digital forensics and incident response (DFIR) specialist, performing incident management, intrusion detection, investigative services, and personnel case resolution in a dynamic academic environment. She additionally builds security awareness among faculty and staff via a department-wide program which educates and informs users about how to prevent and detect social engineering threats, and how to compute and digitally communicate safely. Cathy has presented at numerous information security conferences including DEF CON and BlueTeamCon. In her (minimal) spare time, she enjoys visiting her adopted two-toed sloth Flash at the Buffalo Zoo, researching death and the dead, and learning more about hacking things to make the world a more secure place.
About Catherine Ullman
Follow Catherine Ullman
Sr. Information Security Forensic Analyst
University at Buffalo
Solomon Sonya
Director Cyber Operations Training
Organization
Solomon Sonya (@Carpenter1010) is the Director of Cyber Operations Training at a large organization. He has a background in software development, malware analysis, covert channels, steganography, distributed computing, computer hacking, information protection paradigms, and cyber warfare. He received his Undergraduate Degree in Computer Science and has Master’s degrees in Computer Science and Information System Engineering. Before becoming Director of Cyber Operations Training, he was a university Computer Science Assistant Professor of Computer Science and Research Director. Solomon’s current research includes computer system exploitation, cyber threat intelligence, digital forensics, and data protection.
Solomon's previous keynote and conference engagements include: BlackHat USA, SecTor Canada, Hack in Paris, France, HackCon Norway, ICSIS – Toronto, ICORES Italy, BruCon Belgium, CyberCentral – Prague and Slovakia, Hack.Lu Luxembourg, Shmoocon DC, BotConf - France, DerbyCon Kentucky, SkyDogCon Tennessee, HackerHalted Georgia, Day-Con Ohio, and TakeDownCon Connecticut, Maryland, and Alabama, AFCEA – Colorado Springs.
About Solomon Sonya
Follow Solomon Sonya
Director Cyber Operations Training
Organization
woland @
Pentester
RedLegg
woland is a ex-investigative journalist turned bartender turned pentester. In her spare time she enjoys boxing, the outdoors, and tiki drinks
About woland @
Follow woland @
Pentester
RedLegg
Alyssa Miller
BISO
S&P Global Ratings
Alyssa Miller, Business Information Security Officer (BISO) for S&P Global, directs the global security strategy for the Ratings division, connecting corporate security objectives to business initiatives. She blends a unique mix of technical expertise and executive presence to bridge the gap that can often form between security practitioners and business leaders. Her goal is to change how we look at the security of our interconnected way of life and focus attention on defending privacy and cultivating trust.
A life-long hacker, Alyssa has a passion for technology and security. She bought her first computer herself at age 12 and quickly learned techniques for hacking modem communications and software. Her serendipitous career journey began as a software developer which enabled her to pivot into security roles. Beginning as a penetration tester, her last 15 years have seen her grow as a security leader with experience across a variety of organizations. She regularly advocates for improved security practices and shares her research with business leaders and industry audiences through her international public speaking engagements, online content, and other media appearances.
About Alyssa Miller
Follow Alyssa Miller
BISO
S&P Global Ratings
Joseph Sarkisian
Lead Penetration Tester
Wolf & Co., P.C.
Joe serves as the Lead Penetration Tester on Wolf & Company’s Information Technology (IT) Assurance Team. Joe is responsible for coordinating and conducting penetration testing services for clients in a variety of industries including financial, healthcare, and software. His expertise consists of internal and external network penetration testing, social engineering, vulnerability assessments, Microsoft Windows security and management audits, and general information security and controls. Joe has over 4 years experience conducting penetration testing audits and is pursuing ethical hacking certifications from industry-recognized organizations like the SANS Institute and Offensive Security.
About Joseph Sarkisian
Follow Joseph Sarkisian
Lead Penetration Tester
Wolf & Co., P.C.
Circle City Con Board
Board
Circle City Con
About Circle City Con Board
Follow Circle City Con Board
Board
Circle City Con
Stefani Goerlich
Founder & Clinical Director
Bound Together Counseling
Award winning author of The Leather Couch: Clinical Practice with Kinky Clients and it's advanced practice sequel, Kink-Affirming Practice: Culturally Competent Therapy from The Leather Chair, Stefani describes herself as an expert on the edges and a bridge builder between the margins and the mainstream.
Stefani is an expert in working with Gender, Relationship, and Sexually Diverse folks as well as religious minorities and has over 15 years experience in supporting survivors of domestic and sexual trauma. A Clinical Social Worker licensed in Michigan, Ohio, and Arizona, she has worked with high-risk young people, commercial sex workers, and survivors of human trafficking and currently owns and operates a boutique private sex therapy practice based in Michigan.
A Board Certified Diplomate of Sexology and Certified Sex Therapist, Stefani earned a Masters in Social Work from Wayne State University, where she specialized in Cognitive Behavioral Therapy, completed her Post-Graduate Certificate in Sex Therapy at the University of Michigan (where she is on the teaching faculty of the Sexual Health Certificate Program) and holds a PhD in Clinical Sexology.
She is an author, educator and an expert voice for Cosmopolitan, The New Yorker, The New York Post, Shape, Women's Health, Marie Claire, The American Spectator, and many more.
Stefani is currently writing her 4th and 5th books and completing a Graduate Certificate in Cyber Criminology with a special interest in cyber deviance and online sexuality.
About Stefani Goerlich
Follow Stefani Goerlich
Founder & Clinical Director
Bound Together Counseling
Brandon DeVault
Sr. Security Author
Pluralsight
Brandon DeVault is an Sr. Security Author focusing on general blue team operations, incident response, and threat hunting at Pluralsight. He is also a member of the Florida Air National Guard and works as a threat hunter on a Mission Defense Team (MDT) defending North America’s air tracks. Prior to joining Pluralsight, Brandon worked with Elastic as an Education Architect creating and delivering security content. He also worked with Special Operations Command where he had two deployments to Afghanistan on deployable communications teams. His experience spans satellite communications, radio technologies, system and network administration. Brandon is also passionate about hardware hacking, soldering, hiking, and currently holds the GCIA, GCED, and Elastic Engineering certifications.
About Brandon DeVault
Follow Brandon DeVault
Sr. Security Author
Pluralsight
Joe Schottman
Principal Security Engineer
Truist
Joe Schottman has worn most hats in IT and Security. He's spoken and given training on topics such as Purple Teams, API security, Web Shells, Web Threat Hunting, and more at AppSec Village at DEF CON, OWASP Global, SANS Summits, various BSides, Circle City Con, and other events.
About Joe Schottman
Follow Joe Schottman
Principal Security Engineer
Truist
Darryl Togashi
Cybersecurity Faculty
Purdue University Global
Professor Togashi worked in industry for over 20 years from cabling networks to managing international project teams. He has taught since 2005; his more recent focus on cybersecurity has allowed him to become a member of Indiana’s Governor’s Council on Cybersecurity and Vice-President of InfraGard Indiana working with the education sector. Professor Togashi is an AWS Certified Cloud Practitioner and a Computer Hacking Forensic Investigator. He is the Midwest Indiana State Director for CCDC (Collegiate Cyber Defense Competition) since 2016 and helping run the Midwest Regional CCDC competitions for the last few years.
About Darryl Togashi
Follow Darryl Togashi
Cybersecurity Faculty
Purdue University Global
Adrian Henry
Cybersecurity Analyst
Brotherhood Mutual
Cybersecurity student at Indiana Tech and recently got hired as a Cybersecurity professional at Brotherhood Mutual.
About Adrian Henry
Follow Adrian Henry
Cybersecurity Analyst
Brotherhood Mutual
