Beginners Track

9:15AM | Tips from Silicon Valley (Keynote)
10:00 AM  |  5 W’s of CTF’s
11:00 AM  |  The Pentester Blueprint
12:30 PM  |  Women In Cyber
1:05 PM  |  WOW! How did we get here? (Panel)
2:05 PM  |  Fireside Chat with an Incident Responder
3:05 PM  |  Simple Malware Analysis Techniques
4:00 PM  |   Breaking into Cybersecurity
5:00 PM  |  Closing Ceremony

Intermediate Track

9:15AM | Tips from Silicon Valley (Keynote)
10:00 AM  |  Jamming into the World of IoT Botnets
11:00 AM  | Brown Bag Sessions
12:30 PM  |  The Art of Balancing
1:05 PM  |  Trade of the Tools
2:05 PM  |  Threat Hunting with Open Source Software
3:05 PM  |  Serverless Application Security
4:00 PM  |    Inside The Mind of a Threat Actor
5:00 PM  |  Closing Ceremony

9:15 AM

Tips from Silicon Valley,

Solve a Problem Everybody has Accepted

Nothing is more frustrating than accepting an inferior technology as acceptable. Working in Silicon Valley for two decades, I was able to learn how new companies became successful by not accepting the status quo.


This discussion will highlight why the cyber security industry is solving problems that those that came before you refused to fix or simply did not know how to fix, which means your options are endless as you embark on a new career!

Edward Contreras

Chief Information Security Officer / EVP at Frost Bank

10:00 AM

5 W’s of CTF’s

In this presentation Ell Marquez will go over the phenomena of Capture The Flag competitions and provide key tips and insights on how to participate and succeed in one of these popular events! Such insights will include:


  1. Who plays CTFs? This will detail the experience and knowledge needed to be part of a Capture The Flag competition.

  2. What is a CTF? This section will go over the different types of Capture The Flag compensations along with the different types of challenges within the game.

  3. When/ Where would one play CTFs? When and where can Capture The Flag games be found, the requirements of participating and an overview of building a team.

  4. Why would you spend the time to play CTFs? We will discuss the skills and knowledge that can be learned by participating.

  5. How would you play CTFs? Skill sets that are helpful in getting started as well as progressing to more difficult competitions along with where these skills can be learned with hands on experience.

  6. The secret sixth W, the write up! The importance of documentation and how it can help strengthen not only the community but yourself.

Ell Marquez

Linux and Security Advocate at Intezer

Ell Marquez -former sysadmin, cloud builder, podcaster and container advocate- has always been a security enthusiast. This enthusiasm and driven curiosity have helped her as she has become an active member of the InfoSec community, leading her to explore the exciting world of Genetic Software Mapping at Intezer.

10:00 AM

Jamming into the World of IoT Botnets: The Hacker’s Way

Attackers are targeting IoT devices and compromising them for nefarious operations such as malware infections and building botnets. In this talk, we discuss the threat model of command-and-control (C&C) panels of IoT devices and show how these are compromised and used for different sets of attacks, such as targeted and broad-based infections.


This talk is primarily structured to demonstrate attacks that are happening via IoT devices running in the wild.The demonstrations will highlight: detecting and compromising IoT C&C panels, and live attacks executing from the compromised IoT devices as launchpads.


We will dissect more than 10 C&C panels related to different IoT botnets to dissect infections. The demonstration will help the audience to understand the IoT threats occurring in real time.

Aditya K Sood, PhD.

Sr. Director - Threat Research and Security Strategy

Aditya K Sood (Ph.D) is a security practitioner, researcher and consultant. With the experience of more than 13 years, he provides strategic leadership in the field of information security covering products and infrastructure. Dr. Sood has authored several papers for various magazines and journals including IEEE, Elsevier, CrossTalk, ISACA, Virus Bulletin, and Usenix. His work has been featured in several media outlets . He has been an active speaker at industry conferences and presented at BlackHat, DEFCON, HackInTheBox, RSA, Virus Bulletin, OWASP, and many others. Dr. Sood obtained his Ph.D from Michigan State University in Computer Sciences. Dr. Sood is also an author of the "Targeted Cyber Attacks" book, published by Syngress.

11:00 AM

The Pentester Blueprint: A Guide to Becoming a Pentester

Pentesting or ethical hacking as it is more commonly known has become a much sought-after job by people in IT, InfoSec, or those just trying to get into the industry. In this presentation, Phillip Wylie shares the blueprint for becoming a pentester. The presentation combines Phillip’s experience as a pentester and ethical hacking instructor to give attendees a guide on how to pursue a career as a pentester. Phillip shares what has worked for his students and people that he has mentored over his years as a pentester.


This presentation covers the knowledge and skills needed to become a pentester as well as the steps to achieve them.

Phillip Wylie

Lead Curriculum Developer at Point3 Federal

Phillip Wylie is a Lead Curriculum Developer at Point3 Federal, Adjunct Instructor at Dallas College (formerly Richland College), and The Pwn School Project founder. Phillip has 23 years of experience with the last 8.5 years spent as a pentester. Phillip has a passion for mentoring and education. His passion motivated him to start teaching and founding The Pwn School Project. The Pwn School Project is a monthly educational meetup focusing on ethical hacking. Phillip teaches Ethical Hacking and Web Application Pentesting at Dallas College in Dallas, TX. Phillip holds the following certifications; CISSP, NSA-IAM, OSCP, GWAPT.

11:00 AM

Brown Bag Sessions with the Falcon Complete Team

Sit down with the Falcon Complete Team as they give informative talks centered around the threats of Malware via Phishing.

Learn how to analyze suspicious documents, observe incidents routinely seen by FC analysts, and gain a few tips on how to be a better blue teamer!

Tune in for these great talks: 

  •     Powershell Debfuscation for the lazy

  •     Word Macro Deobfuscation using LibreOffice Macro Debugger

  •     An Overview of Valek Malware

Crowdstrike’s Falcon Complete Team


The Falcon Complete Team at Crowdstrike are composed of experienced analysts who manage, respond, and remediate alerts and incidents 24/7, delivering endpoint protection as a service to a wide array of customers across the globe.

12:30 PM

Women in Cyber

Women are notoriously under-represented in the cybersecurity industry and this represents a real security risk to us all. But it also offers some opportunities. Women who want to work in the industry may find that they have enhanced opportunities and salary progression compared to other fields. Karla outlines the reasons why this is true, along with salary data and trends. She will also outline some of the ways to identify employers that care about diversity. Not just for women, Karla will give tips on how to plan your career and leverage the current gaps in the market. 

Karla Reffold

COO at Orpheus

12:30 PM

The Art of Balancing - A Burnout Talk

Have you ever felt like no matter how much sleep you get, you feel exhausted? Struggle to concentrate? Having trouble balancing work and personal life? Or perhaps feel your work is your life?

Burnout. We all go through it at one point. It feels like you are low on battery and it can cause emotional and physical issues.

Mental health is an ongoing issue within infosec before and during COVID-19. There's a fine balance between hacking and personal life. Majority of the time, they cross over. This talk shares an overview of the warning signs, symptoms, and practices to prevent burnout and how to deal with burnout to keep balanced.

Chloé Messdaghi

VP of Strategy at Point3 Security

Chloé Messdaghi is the VP of Strategy at Point3 Security. She is an InfoSec Advocate & Activist who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights as a Cofounder of Hacking is NOT a Crime. She is also the founder of WeAreHackerz (formerly known as WomenHackerz) & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club.

1:05 PM

WOW! How did We get Here?

How do I get into infosec?


This is the question we are asked the most. To be honest there is no one right answer.

Join us as we look back at our journeys at the things that worked and those that did not, as well as giving you honest and Frank answers to any questions you may have. 


Timmy Doomsday who started at a young age watching his dad run his own MSP and then deciding to pursue a degree in information security and digital forensics.


Ell Marquez, who began her journey by attending Bsides San Antonio. As a habitual volunteer she found herself learning information security directly from the infosec community, leading her to the world of genetic malware analysis at Intezer. 


And last but certainly not least Jayson E.Street,  who has worked his way up from help desk to well known infosec speaker, author and Defcons's global ambassador.

Ell Marquez, Jayson E Street, Timmy Doomsday (Panel)

1:05 PM

Trade of the Tools: Why Your Tradecraft Matters

Why are detection methods and mitigation failing in this age of unprecedented technology? What should I do when that exploit just won’t work? How do we handle a situation that technology hasn’t been designed to cover? In each of these situations, the development of each individual’s tradecraft will determine success or failure.


This talk will focus on the importance of developing your abilities to understand problems, create solutions, and arm yourself to be more efficient, effective, and valuable.

The focus is on not only being able to push the button, but also understanding the button and the workings behind it. This is not a rebuke of tools or their usage, but a discussion on the importance of honing your skills.

Logan Waldenville

Cyber Security Specialist at United States Air Force

Logan "WALL-E" Waldenville is a calibrator-turned-cyber security specialist for the US Air Force. His eclectic background includes Cyber Threat Emulation, Tactics Development, Tool Validation/Development, Defensive Cyber Operations, Threat Hunting, Operations Planning, and Operator Training. Sgt Waldenville has spent the better part of a decade developing new hires of all sorts into skilled technicians and analysts. Logan holds certifications in Exploit Development/Advanced Penetration Testing, Wireless Pentesting, Windows Forensics, and Cyber Security Operations. WALL-E enjoys dabbling in language learning, both of the spoken and programming varieties, as well as leveraging his knack for odds-and-ends acquisition into unique solutions.

2:05 PM

Fireside Chat with an Incident Responder

Sit down with Ricky, an experienced professional in the world of Incident Response, and learn about the various threats and headaches he sees in a typical day.


Uncover the headaches, moments of laughter, and teachable moments that are often experienced when responding to high stress situations in the world of Infosec. 

Ricky Banda

Incident Commander at Amazon

Ricky was born and raised in San Antonio, Texas. As a teenager was recruited by the United States Air Force to intern within their various cyber operations programs, from there continued on into government contracting and eventually the Managed Security Services Space. From defending government organizations to non-profits, he has had a colorful career in security engineering, operations, investigations, hunting and intelligence.He currently holds certifications such as GCIH, GCFA, GSEC, CCNP, CCNA-S , and over ten more. Ricky holds a Bachelor of  Science degree in CyberSecurity and is currently pursuing an M.S in Information Security Engineering from the SANS Technology Institute!

2:05 PM

Threat Hunting with Open Source Software

Threat hunting is an exciting and ever-changing field in cybersecurity. Potentially finding and removing an adversary on a network is seen on TV - and can even happen in real life! The question then becomes how do you get into the career field - especially as a university student.


Threat hunting is often not taught in typical classroom settings, and trying to teach yourself can quickly become overwhelming. Therefore, the goal of this talk is to set an interested student up for success!


This talk will go over briefly what is threat hunting, what it entails, and how it is different from similar career fields. However, hands-on experience is always needed to solidify the concepts learned and provide a better skillset on resumes. As a result, this presentation will end on open source or free tools that anyone can acquire to help your knowledge, improve your resume, and make you a better threat hunter.

Dr. Chelsea Hicks

Lecturer for the University of Texas at San Antonio

Dr. Chelsea Hicks is a Lecturer for the University of Texas at San Antonio. She enjoys researching and learning more about Linux, and how to improve her threat hunting skills. She also has previous experience with machine learning, scripting, and infrastructure building. You can find Chelsea in the infosec area as the social media coordinator for BSides San Antonio and presenting at events such as SANS Blue Team Summit, Blue Team Village and TGrayhat.

3:05 PM

When Less is More: Simple Malware Analysis Techniques

Analyzing malware code can quickly become complicated, however; certain preliminary steps can reveal key aspects of the binary. Critical information about malware samples can be found, without having to dive into any code, by utilizing various Linux commands and tools.


This presentation will provide information about tools which can be used to gain a substantial amount of information on a malware binary without the use of debugging, disassembling, or decompiling techniques.

Jake Munoz


Jake Munoz recently graduated from Illinois State University. His hobbies include music, martial arts, and hanging out with his cats. Jake has worked in infosec as a vulnerability management intern and now works as a consultant. Within the realm of Cybersecurity, Jake loves to engage in topics such as Reverse Engineering and Malware Analysis. 

3:05 PM

Serverless Application Security

It is predicted by 2021, 90% of companies using Infrastructure as a service (IaaS) will also use some form of serverless platform. According to a survey of over a thousand open-source repos by PureSec, over permissive roles and privileges are the number one issue creating vulnerabilities. Likewise, research by Protego identified over 90% of functions had over permissive IAM roles. According to SC Magazine, 21% of serverless applications contain critical vulnerabilities.


While the technology enabling serverless architectures grows at a rapid pace, security has not kept pace. The Cloud Security Alliance (CSA) and PureSec released the 12 Most Critical Risks for Serverless Applications. Join us as we identify key differences between traditional application architectures and serverless architectures, gaps related to traditional web application security solutions, and review the top 12 Most Critical Risks for Serverless Applications and recommended security strategies. 

Dr. Chris Sellards

Director of Security Architecture at Argo Group

Dr. Chris Sellards is the Director of Security Architecture for the Argo Group. He is also an Adjunct Professor at UTSA.

4:00 PM

Breaking into Cybersecurity

“What if there was a step-by-step formula for building, launching, or growing your cybersecurity career? There is! AccessCyber Founder, Gotham Sharma explains how students, professionals, and security enthusiasts can get paid to save the world.

Gotham Sharma

CISO at Exeltek Consulting Group

Award-winning educator, writer, and speaker Gotham Sharma is the Chief Information Security Officer (CISO) of the New York City based Exeltek Consulting Group - a cybersecurity & digital privacy advisory firm dedicated to helping organizations strengthen their security posture. Prior to joining the Exeltek Consulting Group, Gotham designed and deployed data security solutions for Fortune 500 financial organizations including Bank of America, JPMorgan Chase, and Morgan Stanley. His work has appeared in Cybercrime Magazine and the Cybersecurity Skills Journal. Gotham previously served the City of New York in his capacity as an Auxiliary Police Officer for the NYPD and held the rank of Specialist in the New York Guard, under the Division of Military and Naval Affairs.

4:00 PM

Inside The Mind of a Threat Actor: Beyond Pentesting

Red team is a commonly misunderstood offensive security discipline. Red team has been used as a general term for all areas of offensive security just as blue team for defensive security. True red teaming goes Beyond Pentesting and into more adversarial emulation. While there are overlapping skills, there are differences that will be discussed as Phillip shares his experience of going from a pentester to a red teamer.


In this talk, you will learn about the different areas that make up red team operations, common tools, and the path to becoming a red teamer. In this presentation, you will learn about resources helpful for a path into red teaming.

Phillip Wylie

Lead Curriculum Developer at Point3 Federal

Phillip Wylie is a Lead Curriculum Developer at Point3 Federal, Adjunct Instructor at Dallas College (formerly Richland College), and The Pwn School Project founder. Phillip has 23 years of experience with the last 8.5 years spent as a pentester. Phillip has a passion for mentoring and education. His passion motivated him to start teaching and founding The Pwn School Project. The Pwn School Project is a monthly educational meetup focusing on ethical hacking. Phillip teaches Ethical Hacking and Web Application Pentesting at Dallas College in Dallas, TX. Phillip holds the following certifications; CISSP, NSA-IAM, OSCP, GWAPT.

5:00 PM

Closing Ceremony

Don't leave just yet - we have a supr.....

Yeah, that's all we'll say.