-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpresentations.tex.bak
141 lines (120 loc) · 4.4 KB
/
presentations.tex.bak
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
%----------------------------------------------------------------------------------------
% SECTION TITLE
%----------------------------------------------------------------------------------------
\cvsection{Conference Talks and Workshops}
%----------------------------------------------------------------------------------------
% SECTION CONTENT
%----------------------------------------------------------------------------------------
\begin{cventries}
%------------------------------------------------
\cventry
{The osquery file carver} % Role
{OSDFcon} % Event
{Herndon, VA, USA} % Location
{Oct. 2018} % Date(s)
{ % Description(s)
\begin{displaySection}
\begin{cvitems}
\item {Introduced the osquery file "carving" capability, it's goals, and non-goals}
\end{cvitems}
\end{displaySection}
}
%------------------------------------------------
\cventry
{Docker Detection and Forensics, ‘Gotta catch them all’!} % Role
{OSDFcon} % Event
{Herndon, VA, USA} % Location
{Oct. 2018} % Date(s)
{
\begin{cvitems}
\begin{displaySection}
\item {Detection and response workshop focused on leveraging osquery to secure Docker containers}
\end{displaySection}
\end{cvitems}
}
%------------------------------------------------
\cventry
{Keynote - Evolving Our Open Source Community} % Role
{QueryCon} % Event
{San Francisco, CA, USA} % Location
{June 2018} % Date(s)
{ % Description(s)
\begin{cvitems}
\begin{displaySection}
\item {Addressed the challenges of scaling an Open Source project and community, https://www.youtube.com/watch?v=RVNEUqgwv5A}
\end{displaySection}
\end{cvitems}
}
%------------------------------------------------
\cventry
{Detecting compromise on Windows endpoints with osquery} % Role
{BlueHat} % Event
{Redmond, WA, USA} % Location
{Nov. 2018} % Date(s)
{ % Description(s)
\begin{cvitems}
\begin{displaySection}
\item {Discussed how to scale osquery to detect compromise at enterprise levels, as well as use-cases and success stories from the field. https://www.slideshare.net/MSbluehat/bluehat-v17-detecting-compromise-on-windows-endpoints-with-osquery-84024735}
\end{displaySection}
\end{cvitems}
}
%------------------------------------------------
\cventry
{Hunting Malware at Scale with osquery} % Role
{Brucon 0x8} % Event
{Ghent, Belgium} % Location
{Oct. 2016} % Date(s)
{ % Description(s)
\begin{cvitems}
\begin{displaySection}
\item {Same workshop as DEFCON 24}
\item {https://brucon0x082016.sched.com/event/8YCB/hunting-malware-with-osquery-at-scale}
\end{displaySection}
\end{cvitems}
}
%------------------------------------------------
\cventry
{Open Source Security Panel} % Role
{Structure Security} % Event
{San Francisco, CA, USA} % Location
{Sept. 2016} % Date(s)
{ % Description(s)
\begin{cvitems}
\begin{displaySection}
\item {Organized and took part in a panel discussion about open source security tooling}
\item {Fortune Article - http://fortune.com/2016/09/27/facebook-uber-slack-pandora-open-source-security}
\item {Guardian Article - https://www.theregister.co.uk/2016/09/28/oh\_all\_right\_says\_facebook\_well\_let\_windows\_admins\_run\_osquery}
\item {Facebook Graph Blog - https://www.facebook.com/notes/protect-the-graph/introducing-osquery-for-windows/1775110322729111/}
\end{displaySection}
\end{cvitems}
}
%------------------------------------------------
\cventry
{Hunting Malware at Scale with osquery} % Role
{DEFCON 24} % Event
{Las Vegas, Nevada, USA} % Location
{Aug. 2016} % Date(s)
{ % Description(s)
\begin{cvitems}
\begin{displaySection}
\item {4 hour workshop focused on using osquery to scale host based detections}
\item {Covered standing up a SIEM, configuring an endpoint EDR, and building detections around host based security telemetry}
\item {https://brucon0x082016.sched.com/event/8YCB/hunting-malware-with-osquery-at-scale}
\end{displaySection}
\end{cvitems}
}
%------------------------------------------------
\cventry
{Hardware and Trust Security: Explain it like I’m 5} % Role
{DEFCON 23} % Event
{Las Vegas, Nevada, USA} % Location
{Aug. 2015} % Date(s)
{ % Description(s)
\begin{cvitems}
\begin{displaySection}
\item {Covered basic concepts of Secure and Trusted boot technologies, https://www.youtube.com/watch?v=2gbooa3tO5o}
\end{displaySection}
\end{cvitems}
}
%------------------------------------------------
\end{cventries}