Future Tech DC

Workshops Powered By:

Hosted By:

Real World Hype-Free AI in the Cybersecurity Enterprise

Presenter: Dave Hoelzer (SANS)

Enterprises today are fixated on adopting AI solutions, yet few have clearly defined the business problems they hope that AI will solve. What’s the reality of the applicability of AI to cybersecurity? What knowledge should someone with a GRC focus have to understand what vendors are selling and how this aligns with an enterprise’s controls? How can AI be leveraged to enhance a SOC or expand the threat-hunting capabilities of a security organization? David Hoelzer, COO of a managed security provider and SANS fellow will answer these questions, in addition to showing how his enterprise and his customers are leveraging machine learning and AI to identify previously unknown zero-day malware, find compromised hosts at scale, identify anomalous log entries without writing rules, and more. These demonstrations will include clear explanations of how these solutions work that anyone with Python and TensorFlow or PyTorch knowledge can implement!

Learning Objectives:

• How AI and ML can be defined in a way that benefits the vendor, not the enterprise, and how to know what they’re saying.
• Understand how to articulate the role of AI/ML in a security operation/threat hunting operation in a way that is aligned with objectives.
• Have a better understanding of precisely what types of problems in security benefit from the application of AI/ML techniques.

Dave Hoelzer
SANS Fellow

David Hoelzer, a SANS Fellow and author of more than twenty days of SANS courseware, is an expert in a variety of information security fields, having served in most major roles in the IT and security industries over the past twenty-five years. Currently, David serves as the principal examiner and director of research for Enclave Forensics, a New York/Las Vegas based incident response and forensics company. He also serves as the chief information security officer for Cyber-Defense, an open-source security software solution provider. David is the author of SANS SEC495: Leveraging LLMs: Building & Securing RAG, Contextual RAG, and Agentic RAG, SANS SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals, and a seasoned instructor and author for myriad other SANS courses.

What to Expect When You’re Expecting Your GenAI Baby

Presenter: Sounil You (Knostic)

Many of us are scrambling to leverage GenAI, but it’s hard to anticipate the risks, challenges, and controls. Using various mental models, we can get a clearer understanding of what to expect in the next stages of the AI revolution and start building governance processes and security capabilities to get ahead of potential challenges.

Learning Objectives:

• Learn about tools for thinking about AI-related problems
• Apply these tools towards specific AI-related problems
• Anticipate future needs using these thinking tools

Sounil Yu
Co-Founder and Chief AI Security Officer @ Knostic

Sounil Yu is the author and creator of the Cyber Defense Matrix and the DIE Triad, which are reshaping approaches to cybersecurity. He’s a Board Member of the FAIR Institute; fellow at GMU Scalia Law School’s National Security Institute; guest lecturer at Carnegie Mellon; and advisor to many startups. Sounil is the co-founder and Chief AI Safety Officer at Knostic and previously served as the CISO at JupiterOne, CISO-in-Residence at YL Ventures, and Chief Security Scientist at Bank of America. Before BofA, he helped improve information security at several Fortune 100 companies and Federal Government agencies. Sounil has over 20 granted patents and was recognized as one of the most influential people in security by Security Magazine, Influencer of the Year by SC Awards, and a Top 10 CISO by Black Unicorn Awards. He is a recipient of the SANS Lifetime Achievement Award and was inducted into the Cybersecurity Hall of Fame. He has an MS in Electrical Engineering from Virginia Tech and a BS in Electrical Engineering and a BA in Economics from Duke University.

Ask Questions

Presenter: Terry Grafenstine (IIA and PenFed)

Join Terry Grafenstine, Chair of the Global Board of Directors, 2024-2025, for an inspiring session centered on her IIA Global Board Chair theme: “Ask Questions.” To provide strategic insights, Internal Audit must help their organizations prepare for disruption. Disruption can be an opportunity, like Artificial Intelligence, or a threat, such as Covid or cyber. While many disruptive technologies and events will push Internal Auditors out of their traditional comfort zones, to avoid auditing these topics is to miss some of the greatest threat (and opportunities) our organizations face. Instead, internal auditors should rely on an area where they are experts and ask questions about controls. She will explore how fostering a culture of curiosity can support organizational innovation while also creating a stronger control environment and building enterprise resilience.

Adapt or Be Breached: Why Outdated Third-Party Risk Models Are Failing SaaS Security

Presenter: Vishal Chawla (BluOcean Cyber)

Your annual third-party risk management (TPRM) checklist is a hacker’s favorite loophole. While you audit once, attackers exploit SaaS misconfigurations daily. Legacy TPRM frameworks can’t track live configuration drifts, data sprawl, data exfiltration, shadow APIs, or “Snowflake-style” breaches. We’ll dissect how TPRM models fail—and equip you with continuous monitoring, zero-trust SaaS governance, and proactive threat defenses. Evolve or be breached. Your move.

• “97% of Third-Party SaaS Breaches Start Where Vendor Audits End” Why paper-based vendor reviews fail—and how continuous SaaS threat detection closes the gap.
• “Snowflake’s 243-Day Breach Window: Why Compliance ≠ Security” Unpacking the preventable Snowflake breach and how real-time SaaS monitoring slashes detection time by 90%.
• “90 Days to Modern TPRM: From Annual Audits to Always-On SaaS Defense” A proven roadmap to harden critical third-party SaaS apps, automate controls, and turn compliance into an advantage.

Exploring the Intersection of Cybersecurity and Artificial Intelligence

Presenter: Dr. Kellep Charles (Capitol Technology University)

Dominated by technological advancements, Artificial Intelligence (AI) with cybersecurity stands out as a key component for the future of our digital defense. This talk will discuss the impact of AI on cybersecurity, by examining the challenges, opportunities, and the role it plays in safeguarding our digital world.

The session will briefly discuss the historical roots of AI, to its projected surge to $135 billion by 2030. The session will also discuss the relationship between AI and cybersecurity, first by explaining how AI benefits the defense against cyber threats as well as examine the dark side of this technological alliance in cybersecurity. The presentation concludes by providing practical insights for staying secure in the AI-driven landscape. A call to action is issued to review and update cybersecurity practices, incorporating best practices in password management, data privacy, and personal cybersecurity. In conclusion, the presentation portrays the intersection of cybersecurity and AI as a dynamic and evolving landscape, urging cybersecurity leaders to embrace AI’s potential, understand its risks, and adapt to ensure a secure and resilient digital world.

Learning Objectives:

• Explore the challenges and opportunities of AI as it relates to safeguarding the digital world.
• Understand the impact of AI on cybersecurity including the benefits and the dark side.
• Learn practical insights for cybersecurity in the AI era.

MITRE ATLAS: Community Driven Tools for AI Security & Assurance

Presenter: Dr. Christina Liaghati (MITRE)

MITRE ATLAS (atlas.mitre.org) is a public knowledge base of adversary tactics and techniques based on real-world attack observations and realistic demonstrations from artificial intelligence (AI) red teams and security groups. There are a growing number of vulnerabilities in AI-enabled systems as the incorporation of AI increases the attack surfaces of existing systems beyond those of traditional cyberattacks. We developed ATLAS to raise community awareness and readiness for these unique threats, vulnerabilities, and risks in the broader AI assurance landscape.

Christina will speak to the latest MITRE ATLAS community efforts focused on capturing and sharing cross community data on real world AI incidents, expanding the community’s data on vulnerabilities that can arise when using open-source AI models or data, especially for vulnerabilities that fall outside of the scope of CVE/CWE, and developing mitigations to defend against these AI security threats and vulnerabilities.

In the age of AI, getting to the “who” is your biggest threat advantage

Presenter: Ryan LaSalle (Nisos®)

AI is making the landscape less human. Yet people are both a significant enterprise vulnerability, and the key to protecting your organization. And cyber’s remit is getting larger, not smaller. As companies take on greater digital risk, cybersecurity accountability extends to include protecting executives from physical harm, keeping insider threats out, and surfacing signs of employment fraud. It’s your job to stay a step ahead by detecting emerging threats online and to action quickly. Beyond the day to day compliance and cyber defense, security teams need to grow with the business and tackle the emerging challenges to people presented by the innovative attacks powered by AI, the fomenting discord targeting your people and brand, and the new vulnerabilities and exploits to hiring and ways of working. Getting to the “who” behind these threats empowers you to take real-world action to move upstream from the techniques employed and address the people at the root of the campaign or attack.

Learning Objectives:

• Better understand human risk threats and TTPs for executive protection, employment fraud, and insider threat.
• Develop strategies on how getting to the “who” behind human risk threats can drive real-world consequences, including shutting down the threat.
• Learn about practical ways you and your teams can detect and prevent human risk threats.

Accelerating Innovation with AI Security & Responsibility

Presenters: Alexis Appollonia Robinson (Amazon) and Diya Wynn (AWS)

For innovation to thrive, teams need the freedom to operate quickly. Yet many organizations slow development for governance with restrictive controls. In this session, learn how to implement 100 controls that empower teams to ship rapidly without compromising reliability, security, or compliance. Additionally, learn from AWS experts as we breakdown AWS’s Responsible AI Strategy and AWS Audit Manager’s generative AI framework. In this session, explore how to incorporate controls as we build AI with AWS.

Learning Objectives:

• Understand how to accelerate innovation by embedding security controls and responsible AI guardrails from day one.
• Consider AWS’s Responsible AI Strategy as a way to build trust while maintaining development velocity.
• Implement AWS Audit Manager’s Generative AI Framework to automate compliance and strengthen governance.

Terry Grafenstine
2024–25 Chair of the Global Board of Directors of The Institute of Internal Auditors (IIA) and Chief Audit Executive with Pentagon Federal Credit Union (PenFed)
CIA, CPA, CISSP, CISA, CRISC, CGEIT, CGAP

Terry Grafenstine is the 2024–25 Chair of the Global Board of Directors of The Institute of Internal Auditors (IIA) and Chief Audit Executive with Pentagon Federal Credit Union (PenFed). She was recognized by The IIA as one of the “Top Ten Audit Thought Leaders of the Decade” and inducted into The IIA’s Hall of Distinguished Audit Practitioners. She has served on both the IIA’s North American and Global Boards of Directors.

Terry has over 25 years of experience in the internal auditing and information technology profession. As CAE at PenFed, Terry is responsible for leading internal audit teams covering all aspects of operations at the second largest federal credit union in the U.S. Prior to joining PenFed in May 2023, Terry was the global chief auditor for Operations & Technology at Citi where she led audits covering technology, cyber, business continuity, enterprise resilience, and third party risk management across the 155 countries in which Citi operated.

Before joining Citi, Terry was a Managing Director in Deloitte’s Risk and Financial Advisory practice, where she provided strategic advisory services to Chief Audit Executives across all commercial industries and IT audit, risk, and governance advisory services to first line executives in the defense and national security space. Prior to joining Deloitte, Terry served for eight years as the bi-partisan appointed Inspector General of the U.S. House of Representatives, where she designed, managed, and delivered audit and investigative services, including the annual financial statement audit and a comprehensive cyber assurance program.

Terry has held numerous leadership roles to support the auditing, accounting, and information technology profession, including serving as ISACA’s Global Chair (2017-2018) and a member of the AICPA board of directors (2014 – 2018). Terry speaks globally on a wide range of subjects, including cyber security, internal auditing, accounting standards, resilience, leadership, and risk.

Terry earned a Bachelor’s degree in Accounting from Saint Joseph’s University. She is a Certified Internal Auditor (CIA), Certified Public Accountant (CPA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified In Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), and Certified Government Auditing Professional (CGAP).

Vishal Chawla
Founder & CEO BluOcean Cyber

Vishal brings 30 years of cybersecurity expertise, combining his Big 4 experience as global cybersecurity leader and senior partner serving global fortune 100 clients in the financial services and healthcare industry.

He is now the founder and CEO of BluOcean Cyber (located in Northern Virginia), where he created RiskGPS, a Cyber Risk Governance platform that helps companies dominate their competition by redefining cybersecurity as a critical strategic business asset. The groundbreaking approach revolutionizes cybersecurity for mid-sized companies by bridging the gap between technical cybersecurity measures and business mission-based objectives. By connecting specific actions to threats and business processes, RiskGPS protects, sustains, and amplifies critical outcomes with verifiable ROI. Vishal’s work has been published in The Wall Street Journal, NACD Directors, RMA, MIT Review, and many other publications.

Dr. Kellep Charles
Department Chair of Cybersecurity programs and Professor of Computer Science @ Capitol Technology University

Dr. Kellep Charles serves as Department Chair of Cybersecurity programs and Professor of Computer Science at Capitol Technology University. Dr. Charles’ research areas encompasses Digital Forensics, Threat Detection, OSINT, Machine Learning and Malware Analysis. He completed his Doctorate in Cybersecurity at Capitol Technology University. He also holds a Master of Science in Telecommunication Management from the University of Maryland University College and a Bachelor of Science in Computer Science from North Carolina Agricultural and Technical State University.

Dr. Charles also worked as a government contractor in the Washington, DC area as an information security analyst for over 25 years in the areas of incident response, computer forensics, security assessments, malware analysis, and security operations.

Dr. Christina Liaghati
Trustworthy & Secure AI Department Manager and MITRE ATLAS Lead @ MITRE

Working across a collaborative global community of industry, government, and academia, Dr. Liaghati leads MITRE’s Trustworthy & Secure AI Department and MITRE ATLAS, where she passionately drives research and developments in trustworthy and secure AI for everyone working to leverage AI-enabled systems. Leading her department of 50+ scientist and engineers and serving the community with the not-for-profit, objective, MITRE perspective, she is dedicated to working together to create and openly share actionable tools, capabilities, data, and frameworks for trustworthy and secure AI like ATLAS, an ATT&CK-style framework of the threats and vulnerabilities of AI-enabled systems.

As Dr. Liaghati has worked across the community to improve the common understanding of AI security concerns, her work quickly started overlapping with broader AI assurance concerns, which includes AI equitability, interpretability, reliability, robustness, safety, and needs for privacy enhancement. As a result of this expansion beyond AI security into more of these elements of trustworthy AI and AI assurance, her current focus under ATLAS and across the international community is to build a protected mechanism for increased knowledge and incident sharing across government and industry in both AI security and the broader areas of AI assurance.

Dr. Liaghati also chairs the NATO Science and Technology Organization Research Task Group on the AI Assurance and Security, focused on fostering an enduring collaborative community of NATO organizations and industry partners, leveraging the Science and Technology Organization to shape future interoperable capability developments in AI security and assurance.

Ryan LaSalle
Chief Executive Officer @ Nisos®

Ryan LaSalle is the Chief Executive Officer of Nisos®, the Managed Intelligence Company®. For over 25 years, Ryan has been a trusted advisor to business leaders and their boards within Fortune 500 and National Security organizations. His expertise has helped drive business growth, secure and protect critical infrastructure, and allow organizations to overcome unique business and technology challenges. Prior to joining Nisos, Ryan was a senior executive and serial intrapreneur at Accenture, leading one of the largest cybersecurity organizations in North America. During his tenure he spearheaded global enterprise through reinvention, facilitated new revenue sources, managed acquisitions, and developed patented solutions spanning cybersecurity, information management, and analytics. Ryan has run high-growth cyber services organizations and led over 1,600 people. He balances business acumen with technical expertise, enabling Fortune 500 companies to articulate and implement action in the face of disruptive competition, technologies, and cyber risk. Ryan holds patents in human resource management, knowledge discovery, and establishing trust between entities online. He frequently speaks at international security conferences and has authored numerous articles on cybersecurity.

Alexis Appollonia Robinson
Principal Program Manager @ Amazon
CISA, PMP

Alexis Appollonia Robinson is a Principal Program Manager for Amazon in the Washington, DC area. For the past 15 years, she has served buyers of the cloud, retail sellers, policy makers, compliance organizations, engineering leaders, and security teams by developing and implementing security strategies, collaborating for thought leadership, solving problems, building products, and conducting cybersecurity, engineering, and financial assessments. She graduated with double Bachelors of Science degrees in Accounting and Information Systems from the Robert H. Smith School of Business at University of Maryland, College Park and an Executive Masters of Business Administration (MBA) from the Quantic Program. She has worked at several companies including CGI Federal and Ernst & Young before finding her way to Amazon. She is a Certified Information Systems Auditor (CISA) and a Project Management Professional (PMP).

Alexis is the former Co-Chair of EY’s Black Professional Network of Greater Washington, an affinity group that hosts several networking events, career development workshops, partner and executive director relationship breakfasts and dinners, and community service outreach programs within the Washington D.C. metropolitan area for over 150 members in the community. Through this effort, she served on the Americas BPN Steering Committee as the Northeast Representative and Communications Lead. To continue her diversity initiatives at Amazon, Alexis is currently on the Inclusiveness, Diversity & Equity Counsel of AWS Security and involved with IDE Inclusive Recruiting.

On her free time, she is playing video games, watching “Only Murders in the Building”, “Real Housewives of “, “Demon Slayer”, and “Abbott Elementary”. She lives with her husband and son in Maryland.

Diya Wynn
Principal, Responsible AI Lead @ AWS

Diya Wynn is a technology leader who has been at the forefront of every major digital transformation over the past 25 years. With a deep breadth of expertise spanning the internet, ecommerce, social media, mobile, cloud, and now AI, she brings that breadth of expertise to the intersection of emerging technology and humanity. As a Principal, Responsible AI Lead at AWS, she is a champion for ethical, safe, inclusive AI development and empowers organizations to build trust in AI. Earlier in her career, Diya worked in startups, scaling products for acquisition, and in consulting roles. She is an author and international speaker; serves on non-profit boards; volunteers with multiple organizations; and guest lectures on responsible and inclusive technology.

In 2023, she was named one of Business Insider’s top 15 people in Enterprise AI and top 100 people in AI and one of 100 Brilliant Women in AI EthicsTM among other industry awards and recognition. When she isn’t working hard on the future of AI, she’s working hard to influence the future. This starts at home with her two sons but extends to her dozens of mentees, whom she encourages to color outside the lines, defy the odds, and redefine boundaries.

Diya studied Computer Science at Spelman College, the Management of Technology at New York University, and AI & Ethics at MIT Sloan School of Management and Harvard University Professional School.

The NIST Risk Management Framework: More Than Just Compliance and an ATO

Presenter: Victoria Yan Pillitteri (NIST)

Did you know the NIST Risk Management Framework (RMF) goes far beyond meeting compliance requirements and getting an ATO for your system? The NIST RMF provides a repeatable, flexible and customizable approach to managing risk supported by a portfolio of technical implementation guidance and can be used by any size and type of organization.

In this session, we’ll dispel common misnomers as you learn more about the NIST RMF and its supporting resources, how it is designed to identify, understand, and manage cybersecurity, privacy and cybersecurity supply chain risks and support organizational resilience, and the path forward for NIST’s work in risk management.

Learning objectives:

• Gain a deeper understanding of the NIST Risk Management Framework (RMF).
• Learn how the NIST RMF can be used by your organization manage risk.
• Gain insights into what’s upcoming for risk management from NIST.

Emerging Threats in Space

Presenters: Fireside Chat with Renee Wynn (Former NASA CIO, Axonius) and Dr. Diane Janosek (Janos LLC)

We rely on space every day! Emerging threats in space pose significant challenges to global security and technological infrastructure. These include the development of anti-satellite weapons (ASATs) that can disable critical satellites used for communication, navigation, and defense. Space debris from past missions and collisions increases the risk of damaging active satellites, creating a cascade of potential disruptions. Additionally, cyberattacks targeting satellite systems and ground control networks highlight the vulnerability of space-based assets to digital threats. As space becomes increasingly crowded and contested, international cooperation and policy frameworks will be essential to mitigate risks and ensure the sustainable use of this vital domain.

Learning objectives:

• Learn how space impacts your daily life
• Learn about the emerging threats in space and the impact that these risks can have on security and technology infrastructure
• Explore what’s needed to mitigate risk in space

Shifting Left Security Automation with Open Security Controls Assessment Language (OSCAL)

Presenter: Dr. Michaela Iorga (NIST/ITL)

The exponential increase in the complexity of information systems has been a challenging task to date, compelling organizations to leverage risk management strategies that are tightly coupled with the dynamic nature of their systems. In an era of multiple competing regulatory frameworks which often trigger conflicting priorities, opinions, and claims, security and privacy practitioners could miss vital actions while performing labor-intensive, paper-based compliance work. NIST developed Open Security Controls Assessment Language (OSCAL) – a standard of standards that provides a normalized expression of security requirements across standards, and a machine-readable representation of security information from controls to system implementation and security assessment. This bridges the gap between antiquated approaches to IT compliance and innovative technology solutions. Imagine a future where security documentation builds itself, and security management tools from different vendors integrate seamlessly. Security practitioners will spend less time on security documentation, assessments, and adjudication, yet the results of those activities will be more accurate and more easily monitored. OSCAL enables this and more.

Learning objectives:

• Understand the driving factors behind the creation of OSCAL, a machine-readable representation of security control implementations and assessment.
• Learn how OSCAL can be used to modernize the approach to compliance to reduce manual processes and increase accuracy of compliance results.
• Explore how OSCAL can enable reciprocity among frameworks.

Fireside Chat – Securing the Future: NIST NCCoE, AI, and Emerging Tech

Moderator: Jim Wiggins (Securible and FITSI)
Panelists: Cherilyn Pascoe (NIST)

The NIST National Cybersecurity Center of Excellence (NCCoE) is a collaborative hub where industry, government, and academic experts work together to tackle the nation’s most urgent cybersecurity issues of today and tomorrow. In this keynote, NIST NCCoE Director Cherilyn Pascoe will delve into the center’s collaborative strategies and initiatives to solve security and privacy challenges associated with emerging technologies such as AI, post-quantum cryptography, and more. Join us for this engaging presentation to learn how organizations can leverage NIST guidance to effectively mitigate and manage risk, discover future project considerations, and explore areas for collaboration.

Victoria Yan Pillitteri (NIST)
Supervisory Computer Scientist and Security Engineering and Risk Management Group Manager @ the National Institute of Standards and Technology (NIST)
CISSP

Victoria Yan Pillitteri is a supervisory computer scientist and manager of the Security Engineering and Risk Management Group at the National Institute of Standards and Technology (NIST). The group conducts the research and development of the suite of risk management, systems security engineering, and cybersecurity risk analytics and measurement guidance used for managing cybersecurity risk. She is the co-author of multiple NIST publications that are foundational for cybersecurity risk management, including the security and privacy controls, control assessment procedures, the Risk Management Framework, and the CUI security requirements and assessment procedures (Special Publications (SP) 800-53, SP 800-53A, SP 800-53B, 800-37, 800-171, and 800-171A).

Ms. Pillitteri holds a B.S. in Electrical Engineering from the University of Maryland, a M.S. in Computer Science, with a concentration in Information Assurance, from the George Washington University, completed the Key Executive Leadership Program at American University, and is a Certified Information Systems Security Professional (CISSP).

Renee Wynn
Former NASA Chief Information Officer and Board Member for Axonius

Renee Wynn is a leader with over 30 years of experience in environmental policy, global information technology and cybersecurity operations, supply chain risk management, and ESG. She led programs at the Environmental Protection Agency (EPA) and served as the CIO at an iconic agency, National Aeronautics and Space Administration (NASA).

Renee currently serves as an independent board member for Axonius, a cybersecurity company, and she is seeking additional Board roles. She serves on the Board of Advisors at MITRE, Interos, Dataminr, Adobe, and Level6 Cybersecurity. She serves as a Strategic Advisor at Attain Capital to their portfolio companies.

To continue a lifetime in service to others, Renee serves on the Board at The Women’s Center, a Virginia and Washington, DC-based non-profit organization dedicated to improving the community’s mental health and well-being through counseling, education, support, and advocacy. She also serves on the Board of the Virginia Tech – Applied Research Corporation (VT-ARC). Renee earned a bachelor’s degree in economics from DePauw University.

Dr. Diane Janosek
CEO of Janos LLC

Diane M. Janosek is the CEO of Janos LLC. Leveraging her law degree and PhD, she focuses on the intersection of law, policy, and technology to provide advisory services on data policy, cybersecurity law, compliance, governance, leadership, and privacy. Previously served as Defense Intelligence Senior Executive Service (SES) for 12 years, to include leadership roles at the National Security Agency, to include Commandant National Cryptologic University, Deputy Director Compliance and Chief Information Security Officer. She also served as Chief Legal Officer for the Privacy and Civil Liberties Oversight Board, and as Legal Counsel at both the White House and the Pentagon.

Dr. Janosek has published dozens of articles and is a multiple international award-winner. In addition to having a Juris Doctorate, she has a Master’s in Strategic Intelligence, a PhD in Cyber Leadership, is admitted to the United States Supreme Court and is certified in information and network security (CISSP) and ethics and compliance (LPEC). She has been inducted into the Hall of Fame by the Information Systems Security Assoc Inter’l. Dr. Janosek is passionate about giving back and advocating for the global cyber community.

Learn more at dianejanosek.com

Dr. Michaela Iorga
Supervisory Computer Scientist at the National Institute of Standards and Technology (NIST/ITL)

Dr. Michaela Iorga is a supervisory computer scientist at the National Institute of Standards and Technology (NIST/ITL). She serves as the Strategic Outreach Director for the Open Security Controls Assessment Language (OSCAL) program, and as the senior security technical lead for cloud computing, chairing the NIST Cloud Security and Forensics Working Groups.

Dr. Iorga, a subject matter expert in cybersecurity, risk assessment, and information assurance, collaborates with industry, academia, and other government stakeholders on developing and disseminating high-level, vendor-neutral cybersecurity and forensics guidelines that meet national priorities and promote American innovation and industrial competitiveness. Dr. Iorga received her Ph.D. from the Duke University/ Pratt School of Engineering, in North Carolina, USA.

Jim Wiggins
CISSP, ISSEP, CISM, CISA, CRISC, CDPSE, CGRC, CySA+, SCNA, SCNP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, and MCSE: Security and FITSP-M

Jim has over 28 years of direct experience in the design, operation, management, and auditing of information technology systems, with the past 23 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients.

Today, Jim is the Founder and Principal of Securible, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible, Jim has taught IT security certification courses such as CISSP, CISM, CISA, Ethical Hacking, RMF, Security+, and other courses requested by Securible’s clients. Currently, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com.

Jim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org.

Additionally, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org.

In 2020, Jim launched a TV show on cybersecurity called “Cybersecurity Today,” which can be viewed in the Washington, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org.

In 2019, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government.

In 2011, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce.

Jim holds the following IA/IT security certifications: CISSP, ISSEP, CISM, CISA, CRISC, CDPSE, CGRC, CySA+, SCNA, SCNP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, and MCSE: Security and FITSP-M.

Cherilyn Pascoe
Director, NIST NCCoE

Cherilyn Pascoe is the Director of the NIST National Cybersecurity Center of Excellence (NCCoE). She provides strategic direction and technical leadership for the NCCoE, aligns the NCCoE’s work with the industry, government, and NIST priorities, and builds relationships with key stakeholders. Prior to her role as Director of the NCCoE she served as the Senior Technology Policy Advisor, advising NIST leadership on technology policy and strategy, including cybersecurity, privacy, and artificial intelligence. She also led the NIST Cybersecurity Framework program and was a team member of the NIST AI Risk Management Framework. Prior to joining NIST in 2021, she served more than a decade in staff leadership roles on the US Senate Committee on Commerce, Science, and Transportation. Most recently, she served as Deputy Policy Director managing the Committee’s Space and Science Subcommittee, which has jurisdiction over science, technology, standards, and civil space policy.

Presented by SANS – Build a Machine Learning Neural Network for Anomaly Detection on Logs

Presenter: Christopher Crowley (SANS)

GPTs (Generative Pretrained Transformers) based on Large Language Models are great for a lot of challenges. But they’re not trained to find outliers within your log data.

In this brief, informative, and useful session, Christopher Crowley will discuss the concept of a variational autoencoder, then show how you could implement this to train an autoencoder based on your logs.

After training on your log information, you would then implement the concept to look for outliers within your log data, to surface weird things to analysts for review. The session will include theory, a practical demonstration using a jupyter lab notebook, python, and tensorflow; and the material to enable you to build the neural network. Even if you’re not a programmer, this session will enable understanding what’s possible in building your own machine learning neural network.

Learning Objectives:

• Fundamental concepts associated with use of tensorflow, a machine learning development library
• Concepts associated with deep learning and variational autoencoder
• Observe the data cleaning (extract, transform, load) and training of a deep learning neural network

System Requirements

Participants should bring a computer with the following requirements to participate in the workshop. It is critical that you back-up your system ahead of time. It is also strongly advised that you do not bring a system storing any sensitive data. Your system should meet these requirements:

• Modern 64-bit processor (ARM/AMD/Intel) running Linux (Ubuntu or similar recommended, Linux kernel version 6 or higher), Windows 10 or later, or MacOS 11.x or later
• A minimum of 16 GB RAM
• 10 GB Free Hard Drive Space
• Your account must have the necessary rights to install Anaconda or Anaconda must be preinstalled.

Presented by SANS – Reverse Engineering Malware: A Hands-On Introduction

Presenter: Anuj Soni (UnitedHealth Group and SANS)

In this interactive, hands-on workshop, participants will be introduced to the fundamentals of Windows executable malware analysis, learning key techniques for dissecting and understanding malicious code. Through guided demonstrations and exercises, attendees will explore static and dynamic analysis methods, identify suspicious indicators, and recognize common malware behaviors.

Whether you’re new to reverse engineering or looking to sharpen your skills, this practical workshop will equip you with the foundational tools needed to triage and analyze Windows malware with confidence.

Learning Objectives:

• Understand the Malware Analysis Process
• Analyze the PE File Structure (EXEs and DLLs)
• Perform Basic Static and Dynamic Analysis

Participants should bring a computer with the following requirements to participate in the workshop with the following requirements:

System Requirements:

Back up your system before class. Better yet, use a system without any sensitive/critical data.

MANDATORY SYSTEM HARDWARE REQUIREMENTS:

• CPU: 64-bit Intel i5/i7 (8th generation or newer), or AMD equivalent. A x64 bit, 2.0+ GHz or newer processor is mandatory for this class.
• CRITICAL: Apple Silicon devices cannot perform the necessary virtualization and therefore cannot in any way be used for this course.
• BIOS settings must be set to enable virtualization technology, such as “Intel-VTx” or “AMD-V” extensions. Be absolutely certain you can access your BIOS if it is password protected, in case changes are necessary.
• 16GB of RAM or more is required.
• 200GB of free storage space or more is required.
• At least one available USB 3.0 Type-A port. A Type-C to Type-A adapter may be necessary for newer laptops. Some endpoint protection software prevents the use of USB devices, so test your system with a USB drive before class.
• Wireless networking (802.11 standard) is required. There is no wired Internet access in the classroom.

MANDATORY HOST CONFIGURATION AND SOFTWARE REQUIREMENTS

• Your host operating system must be the latest version of Windows 10, Windows 11, or macOS 10.15.x or newer.
• Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
• Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials and/or VMs.
• Local Administrator Access is required. (Yes, this is absolutely required. Don’t let your IT team tell you otherwise.) If your company will not permit this access for the duration of the course, then you should make arrangements to bring a different laptop.
• You should ensure that antivirus or endpoint protection software is disabled, fully removed, or that you have the administrative privileges to do so. Many of our courses require full administrative access to the operating system and these products can prevent you from accomplishing the labs.
• Any filtering of egress traffic may prevent accomplishing the labs in your course. Firewalls should be disabled or you must have the administrative privileges to disable it.
• Download VMware Workstation Pro 17.5.X+ for Windows hosts or VMWare Fusion Pro 13.5.X+ for macOS hosts prior to class beginning. If you do not own a licensed copy of VMware Workstation Pro or VMware Fusion Pro, you can download a free 30-day trial copy from VMware.
• VMware will send you a time-limited serial number if you register for the trial at their website. This course requires a “Pro” version of VMware software. The “Player” versions are not sufficient.
• On Windows hosts, VMware products might not coexist with the Hyper-V hypervisor. For the best experience, ensure VMware can boot a virtual machine. This may require disabling Hyper-V. Instructions for disabling Hyper-V, Device Guard, and Credential Guard are contained in the setup documentation that accompanies your course materials.
• Download and install 7-Zip (for Windows Hosts) or Keka (for macOS hosts). These tools are also included in your downloaded course materials.

Presented by SANS – Avoiding Data Disasters: Techniques to Identify and Address Cloud Storage Misconfigurations

Presenter: Shaun McCullough (SANS and GitHub)

It appears that every few months, there’s news of yet another cloud breach stemming from a carelessly configured cloud storage solution. While this isn’t the default for most cloud vendors, some users still manage to make their cloud data publicly accessible by going out of their way – sometimes to a significant extent. Whether it’s out of ignorance or convenience, it doesn’t matter – this practice must come to an end.

To address this issue, we’ve developed a workshop that equips attendees with various techniques and methods to identify and rectify cloud storage misconfigurations in their own cloud accounts. We’ll even demonstrate some ways to prevent these misconfigurations from happening in the first place. Although the chosen vendor for this workshop is AWS, due to its Simple Storage Service (S3) being the one making headlines, misconfigurations could occur in any cloud environment. Hence, the techniques discussed in this workshop will be applicable to all cloud vendor environments, including Azure, Google Cloud Platform, and Oracle.

Learning objectives for this session:

• Discover all-too-common cloud storage security deficiencies present as either insecure vendor defaults or careless mistakes
• Correct these issues using a variety of means (e.g., cloud management console, command line tools, and Infrastructure-as-Code)
• Learn how to leverage command-line tools to deploy, assess, and secure cloud solutions

System Requirements

Participants should bring a computer with the following requirements to participate in the workshop. It is critical that you back-up your system ahead of time. It is also strongly advised that you do not bring a system storing any sensitive data. Your system should meet these requirements:

• Laptop with a modern web browser
• AWS account with root access or an IAM user with Administrator Access permissions
• If you need an AWS account, you can create a free tier account with root access at https://aws.amazon.com/free/. The cost will be minimal (pennies) to complete the workshop

Christopher Crowley
SANS Senior Instructor @ SANS Institute

Christopher Crowley, a SANS Senior Instructor, has 25 years of industry experience managing and securing networks. He has authored numerous courses and is considered a leading expert in building an effective SOC. He currently works as an independent consultant in the Washington, DC area focusing on effective computer network defense. His work experience includes penetration testing, security operations, incident response, and forensic analysis.

Anuj Soni
Principal Malware Reverse Engineer @ UnitedHealth Group and SANS Certified Instructor

Anuj is a Principal Malware Reverse Engineer at UnitedHealth Group, where he specializes in malware research and reverse engineering. He is a SANS Certified Instructor, the author of FOR710: Advanced Code Analysis, and co-author of FOR610: Malware Analysis Tools and Techniques. He also creates educational malware analysis content on YouTube to inspire others to dive into the field. When Anuj is away from his computer, you’ll find him at the local gym, or with his kids – which is also a workout.

Shaun McCullough
Cloud Security Engineer @ GitHub and SANS Instructor

Shaun spent 20+ years at the National Security Agency working in all aspects of cyber operations. A software engineer, manager, researcher, and operations lead, including as the technical director of the Blue, Red, and Hunt teams. Today, Shaun is a staff level Cloud Security Engineer at GitHub focusing on cloud infrastructure. Shaun is also the lead author of SANS SEC541: Cloud Security Threat Detection, which focuses on how attackers target cloud infrastructure and what security analysts, SOC operators, and detection engineers can do to protect their organizations.

Venue Location

George Mason University (GMU) Arlington Campus
“Mason Square” 3351 Fairfax Drive,
Arlington, VA 22201

Parking

Visitor parking is available in the Van Metre Hall (formerly Founders) Garage, located directly beneath the school. To access the garage, use the entrance located off of Kirkwood Drive, in between Fairfax Drive and Washington Boulevard.  Please view the Mason Square parking map for additional information.

Parking is included in the registration fee for the event.

Metro

The nearest Metro station is the Ballston-MU station.

It is a 14-minute walk from the metro station to the GMU Campus

Platinum Sponsor

Gold Sponsor

Gold Sponsor

Silver Sponsor