I’ve presented talks on a number of cybersecurity related topics. If you’d like me to present any of these talks at your conference or meetup, feel free to DM me on Twitter Twitter @airman604

Securing Managed Kubernetes

Talk covering basics of managed Kubernetes security, including:

You’ll come out equipped with understanding of the Kubernetes security landscape and actionable recommendations for securely running workloads in Kubernetes.

Attacking and Securing JWT

Overview of JWT tokens, how they’re abused and how to use them securely in your applications.

Docker Basics for Security Use Cases (workshop)

Practical introduction to Docker, with labs covering security use cases.

Practical Threat Modelling

Practical threat modelling workshop with focus on applicability to Agile teams of various scales. We’ll spend a bit of time on threat modelling overview, but the majority of the workshop will be dedicated to going through an example threat modelling session and creating a sample threat model.

“Invisible Source Code” Vulnerabilities

Overview of “invisible source code” vulnerabilities and implications.

Metasploit 101 (4+ hour workshop)

Beginner-friendly, hands-on workshop on Metasploit Framework. In addition to the Metasploit, we cover the basics of the offensive security mindset. The workshop covers:

The labs in the workshop are done with a fully custom intentionally vulnerable boot2root machine that allows us to demonstrate the concepts as they are explained, as well as practice pivoting in a realistic environment.

Demystifying Cryptography

Talk covering basics of cryptography and how the foundational building blocks are combined in modern cryptographic protocols.

CBC Padding Oracle Attacks Explained

Overview of the CBC (cipher block chaining) padding oracle attacks with demo.

JSON Parsing with jq (workshop)

Workshop with labs focused on parsing JSON-formatted security logs.

XXE Explained

Overview of XML External Entities attacks with demo.