BSides Greenville on October 9th is all virtual and FREE for everyone to attend!

To register, please visit https://tinyurl.com/3b7tt4rd.

Links to all virtual tracks & sessions will be emailed to registered participants.

Questions? Email us at BSidesGreenville [at] gmail.com

Follow us on Twitter: @BsidesGVL    Hashtag: #BSidesGVL

Location:     Online - Register to receive the links prior to the start of the event - https://tinyurl.com/vwe9tu5

We now have four talks filled with great talks - something for everyone!  Check out all four tracks below!!!

2021 SCHEDULE

2021 PROGRAM

(Sorted by Presenter's Last Name Alphabetically)

Streamlining Report Writing (Ben Acord)
Common methodologies exist for penetration testing but are lacking for the note taking and documentation process involved. Each one of us is left to our own devices. Several popular certifications require submission of a report with content gleaned from our own notes and a plethora of tool output. The tools for note taking and report writing vary in functionality, financial cost, and workflow. Time constraints during a certification exam put our documentation workflow to the test in addition to completing objectives. If we are lucky some exam bodies provide a report template document. So how does this play out during an exam? Some of us keep a document editor open throughout the engagement pouring everything we find onto the provided template. Others write each section of the report as it is completed. The worst part of any approach is the clean up. Moving the rough content from all the rabbit trails and flags to a polished report suitable for grading is no small undertaking. In this session we’ll take a look at AutoRpt, an open source tool that streamlines the process of taking notes during training or an exam and then automates the report generation process. If you have a certification exam on the horizon and your documentation workflow needs some improvement, join me for a deep dive into using AutoRpt.

Ben Acord goes by Overcast in DC864.  I was introduced to IT during his pre-teen years by several mentors who gave him tours of their employer's data centers and offices.  He doesn't think they ever signed in.  He is passionate about helping others be more secure.



Cyber Security in Space (Adam Anderson)
Local Greenville entrepreneur extraordinaire will make his 2021 return to the BSides Greenville virtual stage to talk about cyber security and space, yes the Final Frontier.

Adam is a long-time small business owner and one of the leading authorities on small business cyber security. He is a serial entrepreneur, author, and founder of Element Security Group, a cyber security and education firm focused on the unique problems of small business owners. With over 20 years experience in cyber security and more than a dozen years as a small business owner, Adam can talk to business owners without having to use “tech speak.”

Adam’s previous books “Small Business Cyber Security” and “Built to Survive” have helped to position him as the leading expert in the field. His new book, “The Monster Within” takes that knowledge to the next level, helping businesses around the world combat cyber crime.

Lessons Learned from Security Operations (Ryan Baisley)
"Ever worked in security operations. For some people it is the first stop in their security journey. For others, it is the mystical and fascinating world of screens, command centers,  blinky lights, and pew pew maps. For those new to SecOps, come learn some of the lessons I learned starting out. For managers and leaders, see what processes and strategies may be missing from your toolkit. For the new person to cyber, hear about what SecOps is like and get insight on if you want this to be a stop on your security journey.

We'll cover lessons learned from my time in security operations at two global life sciences organizations - how they worked, what they did, and how they did it. "

Ryan is a husband, father, and security consultant who's worked in legal and professional services.

Cybersecurity Maturity Model Certification (Mark Funderburk)
Join Mark Funderburk, Director of Project Automation for Fluor and Update ISSA Treasurer, for an overview of the new Department of Defense Cybersecurity Maturity Model Certification (CMMC) program.   Mark will review why the new program is being implemented, the types of companies impacted, how companies will become certified, and why the Security professionals at impacted companies must align with departments outside of the IT department to be successful.

Mark Funderburk is the Director of Project Automation for the Fluor Mission Solutions Group.  In this role, he manages a team responsible for implementing technology solutions for projects for the DOD, DOE, FEMA, and Intelligence Community.    Mark has over 30 years of experience in information security and technology.  He is a co-founder and Treasurer of the Upstate SC Information Systems Security Association (ISSA).  

Anatomy of a Ransomware Attack (Chris Furtick)
A frank discussion from the front line of a ransomware incident.  We'll discuss a recent incident from discovery to decryption. Find out what you need to know about weathering a ransomware attack and why simply paying the ransom may not be the solution.  You'll learn how to avoid what one client called the ""worst day"" of their 20 year career.  A ransomware attack can be devastating, but there are mitigating controls we can leverage to lessen the impact.

Chris is the Director of Incident Response and Security Engineering at Fortalice Solutions.  Passionate CyberSecurity advocate with over 10 years experience.

Global Thermonuclear Cyberwarfare (Michael Holcomb)

As the cyber attacks between nation states continue to escalate, companies and private citizens around the world are continually caught in the cross fire.  Portrayed against a background of Industrial Control Systems (ICS) environment attacks from Stuxnet to Trisis as well as global impacting malware outbreaks like WannaCry and NotPetya, the threat to civilization from cyber attacks has not been greater.  While the fallout from these different types of attacks can lead to more cyber security jobs (which we don't mind as industry professionals), we hope that our story doesn't end with the fallout of another kind.   

Michael Holcomb is the Technical Director & Fellow of Cyber Security for Fluor, one of the world's largest construction, engineering and project services companies. In his role at Fluor, Michael is responsible for vulnerability management, incident detection/response, penetration testing and industrial controls for the global organization. He also teaches cyber security as an adjunct instructor at Greenville Technical College. 

Getting Started in GRC (Kurt Kapperman)
I would like to provide attendees with information to guide them into: the creation of cyber policies and procedures, point them to resources, and hopefully get them over the "fear of getting it wrong hump" and move them into a known pathway.

Kurt is the Security Compliance Officer at Anderson University.  He has a desire to help people become more aware of cyber-security and wants to encourage people to get involved in the GRC side of cyber-security.  




PCI DSS as a General Cyber Framework (Steven Kirby)
Major security frameworks, such as ISO 27001 and the NIST Cybersecurity Framework (CSF), are often better tuned to the needs of large organizations than they are to the needs of Small and Medium Businesses (SMB). These frameworks can seem complex and cumbersome to organizations with limited financial resources and minimal (if any) trained security staff. This session will discuss how a small logistics company is making use of the Payment Card Industry-Data Security Standard (PCI-DSS) as a general security framework. PCI-DSS is well known in both business and security circles. It is not targeted at organizations of any particular size. PCI-DSS easily can be adapted use by small business units, even if they are not involved in the processing or storage of payment card data. Used as a security framework, PCI-DSS can help SMB prioritize their efforts and ensure that no essential steps are missed in the development of their security program.

Steven Kirby is a systems administrator/information security specialist for a small logistics company located in Jackson, Tennessee. He previously has worked as a security engineer, Unix administrator, reference librarian, and graduate student in history.

Better Way to Threat Matrix (Cody Martin)
Threat matrices are essential to providing an accurate assessment of organizational risk. They serve as a vehicle for the creation and analysis of attack scenarios that an organization is most likely to face. They also provide defenders with a “heat map” to inform and guide remediation efforts when faced with limited resources. Regardless of the numerous benefits, threat matrices are often criticized for the data they present. Inaccuracies typically stem from a lack of standardized key metrics and as a result the risk ratings for the attack scenarios within the matrix appear to be random. In this presentation we will cover methods for assessing risk and a new, free, and open-source application, Enter_The_Matrix (ETM), for creating, analyzing, and rating attacker scenarios.

ETM is a free and open-source software application designed to support enterprise risk assessments. ETM's logic and functionality are based on the NIST SP 800-30r1 standards as the recommended approach for delivering threat matrices to a client organization. The MITRE ATT&CK Framework v9.0 provides attacker tactics, techniques, and procedures (TTPs) and is the basis for attacker events and scenarios. ETM is a C# web application that can be quickly deployed through Docker and is intended to help users move away from passing around spreadsheets and into an environment that fosters teamwork. ETM reporting includes directed attack graphs, threat trees, and a spreadsheet-based threat matrix. The main objective for ETM is to provide organizations with a standardized approach for assigning risk to attacker activities by creating attack scenarios from “templated” events. Event templates improve consistency and accuracy across attack scenarios and assessments, and improve efficiency by reducing the time needed to produce a threat matrix. ETM allows operators and analysts to quickly develop, analyze, and illustrate threat matrices for a wide range of organizations. "

Cody is a dad, husband and red team operator with Black Lantern Security (BLSOPS). His time is spent mostly on tool dev, enterprise risk assessments and exploit R&D.

Security Awareness Lessons from Dr. Bonnie (Rob Slade)
Dr. Bonnie Henry, as BC's Chief Medical Health Officer, has demonstrably saved over 5,000 lives in just a few months.  With the regular CoVID press briefings, she has also provided a MasterClass in effective communication of complex technical subjects.  This reference provides real-world examples of the most significant points in designing and implementing an effective security awareness program.  It
also conclusively proves, with mathematical certainty, the importance of a security awareness training.

Rob Slade may be an information security and management consultant from North Vancouver, British Columbia, Canada, or he may be an artificial intelligence program gone horribly wrong, and hooked up to various email addresses.

Pretty Easy Threat Hunting (Nick Sweet)
Threat hunting is the most talked about subject in security operations. The concept of proactively looking for threats is nothing new. This talk is meant to help organizations that are already performing routine threat hunts to maximize their capabilities. We will look at how to leverage Python, Jupiter notebooks, and other tools to not only make threat hunting easier but also “pretty”. As one of the biggest gaps we see in threat hunting is how to show value to executives and others with in their organizations. We will provide examples how to create templates and reporting to easily build a repeatable process to high light the efforts of your internal teams.

Nick Sweet is a Certified Information Systems Security Professional (CISSP) with more than 10 years’ experience in public and private sector cyber security and risk management. His areas of expertise are in security operations, penetration testing, network security, and risk management.

Sponsors include: